|
|
|
import 'hydrooj';
|
|
|
|
|
|
|
|
import * as superagent from 'superagent';
|
|
|
|
|
|
|
|
declare module 'hydrooj' {
|
|
|
|
interface SystemKeys {
|
|
|
|
'login-with-google.id': string,
|
|
|
|
'login-with-google.secret': string,
|
|
|
|
}
|
|
|
|
interface Lib {
|
|
|
|
oauth_google: typeof import('./lib'),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
async function get() {
|
|
|
|
const { system, token } = global.Hydro.model;
|
|
|
|
const [appid, url, [state]] = await Promise.all([
|
|
|
|
system.get('login-with-google.id'),
|
|
|
|
system.get('server.url'),
|
|
|
|
token.add(token.TYPE_OAUTH, 600, { redirect: this.request.referer }),
|
|
|
|
]);
|
|
|
|
// eslint-disable-next-line max-len
|
|
|
|
this.response.redirect = `https://accounts.google.com/o/oauth2/v2/auth?client_id=${appid}&response_type=code&redirect_uri=${url}oauth/google/callback&scope=https://www.googleapis.com/auth/userinfo.email https://www.googleapis.com/auth/userinfo.profile&state=${state}`;
|
|
|
|
}
|
|
|
|
|
|
|
|
async function callback({
|
|
|
|
state, code, error,
|
|
|
|
}) {
|
|
|
|
const { system, token } = global.Hydro.model;
|
|
|
|
const { UserFacingError } = global.Hydro.error;
|
|
|
|
if (error) throw new UserFacingError(error);
|
|
|
|
const [
|
|
|
|
[appid, secret, url],
|
|
|
|
s,
|
|
|
|
] = await Promise.all([
|
|
|
|
system.getMany([
|
|
|
|
'login-with-google.id', 'login-with-google.secret', 'server.url',
|
|
|
|
]),
|
|
|
|
token.get(state, token.TYPE_OAUTH),
|
|
|
|
]);
|
|
|
|
const res = await superagent.post('https://oauth2.googleapis.com/token')
|
|
|
|
.send({
|
|
|
|
client_id: appid,
|
|
|
|
client_secret: secret,
|
|
|
|
code,
|
|
|
|
grant_type: 'authorization_code',
|
|
|
|
redirect_uri: `${url}oauth/google/callback`,
|
|
|
|
});
|
|
|
|
const payload = global.Hydro.lib.jwt.decode(res.body.id_token);
|
|
|
|
await token.del(state, token.TYPE_OAUTH);
|
|
|
|
this.response.redirect = s.redirect;
|
|
|
|
return {
|
|
|
|
// TODO use openid
|
|
|
|
_id: payload.email,
|
|
|
|
email: payload.email,
|
|
|
|
uname: [payload.given_name, payload.name, payload.family_name],
|
|
|
|
viewLang: payload.locale.replace('-', '_'),
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
|
|
|
global.Hydro.lib.oauth_google = {
|
|
|
|
text: 'Login with Google',
|
|
|
|
callback,
|
|
|
|
get,
|
|
|
|
};
|