feat: sso callback url and scope added in infra-config
This commit is contained in:
Mir Arif Hasan
committed by
Andrew Bastin
Andrew Bastin
parent
919579b1da
commit
9c00d6238e
@@ -14,14 +14,20 @@ const AuthProviderConfigurations = {
|
|||||||
[AuthProvider.GOOGLE]: [
|
[AuthProvider.GOOGLE]: [
|
||||||
InfraConfigEnum.GOOGLE_CLIENT_ID,
|
InfraConfigEnum.GOOGLE_CLIENT_ID,
|
||||||
InfraConfigEnum.GOOGLE_CLIENT_SECRET,
|
InfraConfigEnum.GOOGLE_CLIENT_SECRET,
|
||||||
|
InfraConfigEnum.GOOGLE_CALLBACK_URL,
|
||||||
|
InfraConfigEnum.GOOGLE_SCOPE,
|
||||||
],
|
],
|
||||||
[AuthProvider.GITHUB]: [
|
[AuthProvider.GITHUB]: [
|
||||||
InfraConfigEnum.GITHUB_CLIENT_ID,
|
InfraConfigEnum.GITHUB_CLIENT_ID,
|
||||||
InfraConfigEnum.GITHUB_CLIENT_SECRET,
|
InfraConfigEnum.GITHUB_CLIENT_SECRET,
|
||||||
|
InfraConfigEnum.GITHUB_CALLBACK_URL,
|
||||||
|
InfraConfigEnum.GITHUB_SCOPE,
|
||||||
],
|
],
|
||||||
[AuthProvider.MICROSOFT]: [
|
[AuthProvider.MICROSOFT]: [
|
||||||
InfraConfigEnum.MICROSOFT_CLIENT_ID,
|
InfraConfigEnum.MICROSOFT_CLIENT_ID,
|
||||||
InfraConfigEnum.MICROSOFT_CLIENT_SECRET,
|
InfraConfigEnum.MICROSOFT_CLIENT_SECRET,
|
||||||
|
InfraConfigEnum.MICROSOFT_CALLBACK_URL,
|
||||||
|
InfraConfigEnum.MICROSOFT_SCOPE,
|
||||||
],
|
],
|
||||||
[AuthProvider.EMAIL]: [
|
[AuthProvider.EMAIL]: [
|
||||||
InfraConfigEnum.MAILER_SMTP_URL,
|
InfraConfigEnum.MAILER_SMTP_URL,
|
||||||
|
|||||||
@@ -17,7 +17,13 @@ import {
|
|||||||
INFRA_CONFIG_UPDATE_FAILED,
|
INFRA_CONFIG_UPDATE_FAILED,
|
||||||
INFRA_CONFIG_SERVICE_NOT_CONFIGURED,
|
INFRA_CONFIG_SERVICE_NOT_CONFIGURED,
|
||||||
} from 'src/errors';
|
} from 'src/errors';
|
||||||
import { throwErr, validateSMTPEmail, validateSMTPUrl } from 'src/utils';
|
import {
|
||||||
|
throwErr,
|
||||||
|
validateSMTPEmail,
|
||||||
|
validateSMTPUrl,
|
||||||
|
validateSSOScope,
|
||||||
|
validateUrl,
|
||||||
|
} from 'src/utils';
|
||||||
import { ConfigService } from '@nestjs/config';
|
import { ConfigService } from '@nestjs/config';
|
||||||
import {
|
import {
|
||||||
ServiceStatus,
|
ServiceStatus,
|
||||||
@@ -60,6 +66,14 @@ export class InfraConfigService implements OnModuleInit {
|
|||||||
name: InfraConfigEnum.GOOGLE_CLIENT_SECRET,
|
name: InfraConfigEnum.GOOGLE_CLIENT_SECRET,
|
||||||
value: process.env.GOOGLE_CLIENT_SECRET,
|
value: process.env.GOOGLE_CLIENT_SECRET,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: InfraConfigEnum.GOOGLE_CALLBACK_URL,
|
||||||
|
value: process.env.GOOGLE_CALLBACK_URL,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: InfraConfigEnum.GOOGLE_SCOPE,
|
||||||
|
value: process.env.GOOGLE_SCOPE,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: InfraConfigEnum.GITHUB_CLIENT_ID,
|
name: InfraConfigEnum.GITHUB_CLIENT_ID,
|
||||||
value: process.env.GITHUB_CLIENT_ID,
|
value: process.env.GITHUB_CLIENT_ID,
|
||||||
@@ -68,6 +82,14 @@ export class InfraConfigService implements OnModuleInit {
|
|||||||
name: InfraConfigEnum.GITHUB_CLIENT_SECRET,
|
name: InfraConfigEnum.GITHUB_CLIENT_SECRET,
|
||||||
value: process.env.GITHUB_CLIENT_SECRET,
|
value: process.env.GITHUB_CLIENT_SECRET,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: InfraConfigEnum.GITHUB_CALLBACK_URL,
|
||||||
|
value: process.env.GITHUB_CALLBACK_URL,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: InfraConfigEnum.GITHUB_SCOPE,
|
||||||
|
value: process.env.GITHUB_SCOPE,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: InfraConfigEnum.MICROSOFT_CLIENT_ID,
|
name: InfraConfigEnum.MICROSOFT_CLIENT_ID,
|
||||||
value: process.env.MICROSOFT_CLIENT_ID,
|
value: process.env.MICROSOFT_CLIENT_ID,
|
||||||
@@ -76,6 +98,14 @@ export class InfraConfigService implements OnModuleInit {
|
|||||||
name: InfraConfigEnum.MICROSOFT_CLIENT_SECRET,
|
name: InfraConfigEnum.MICROSOFT_CLIENT_SECRET,
|
||||||
value: process.env.MICROSOFT_CLIENT_SECRET,
|
value: process.env.MICROSOFT_CLIENT_SECRET,
|
||||||
},
|
},
|
||||||
|
{
|
||||||
|
name: InfraConfigEnum.MICROSOFT_CALLBACK_URL,
|
||||||
|
value: process.env.MICROSOFT_CALLBACK_URL,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: InfraConfigEnum.MICROSOFT_SCOPE,
|
||||||
|
value: process.env.MICROSOFT_SCOPE,
|
||||||
|
},
|
||||||
{
|
{
|
||||||
name: InfraConfigEnum.VITE_ALLOWED_AUTH_PROVIDERS,
|
name: InfraConfigEnum.VITE_ALLOWED_AUTH_PROVIDERS,
|
||||||
value: getConfiguredSSOProviders(),
|
value: getConfiguredSSOProviders(),
|
||||||
@@ -230,12 +260,25 @@ export class InfraConfigService implements OnModuleInit {
|
|||||||
) {
|
) {
|
||||||
switch (service) {
|
switch (service) {
|
||||||
case AuthProvider.GOOGLE:
|
case AuthProvider.GOOGLE:
|
||||||
return configMap.GOOGLE_CLIENT_ID && configMap.GOOGLE_CLIENT_SECRET;
|
return (
|
||||||
|
configMap.GOOGLE_CLIENT_ID &&
|
||||||
|
configMap.GOOGLE_CLIENT_SECRET &&
|
||||||
|
configMap.GOOGLE_CALLBACK_URL &&
|
||||||
|
configMap.GOOGLE_SCOPE
|
||||||
|
);
|
||||||
case AuthProvider.GITHUB:
|
case AuthProvider.GITHUB:
|
||||||
return configMap.GITHUB_CLIENT_ID && configMap.GITHUB_CLIENT_SECRET;
|
return (
|
||||||
|
configMap.GITHUB_CLIENT_ID &&
|
||||||
|
configMap.GITHUB_CLIENT_SECRET &&
|
||||||
|
configMap.GITHUB_CALLBACK_URL &&
|
||||||
|
configMap.GITHUB_SCOPE
|
||||||
|
);
|
||||||
case AuthProvider.MICROSOFT:
|
case AuthProvider.MICROSOFT:
|
||||||
return (
|
return (
|
||||||
configMap.MICROSOFT_CLIENT_ID && configMap.MICROSOFT_CLIENT_SECRET
|
configMap.MICROSOFT_CLIENT_ID &&
|
||||||
|
configMap.MICROSOFT_CLIENT_SECRET &&
|
||||||
|
configMap.MICROSOFT_CALLBACK_URL &&
|
||||||
|
configMap.MICROSOFT_SCOPE
|
||||||
);
|
);
|
||||||
case AuthProvider.EMAIL:
|
case AuthProvider.EMAIL:
|
||||||
return configMap.MAILER_SMTP_URL && configMap.MAILER_ADDRESS_FROM;
|
return configMap.MAILER_SMTP_URL && configMap.MAILER_ADDRESS_FROM;
|
||||||
@@ -407,18 +450,42 @@ export class InfraConfigService implements OnModuleInit {
|
|||||||
case InfraConfigEnumForClient.GOOGLE_CLIENT_SECRET:
|
case InfraConfigEnumForClient.GOOGLE_CLIENT_SECRET:
|
||||||
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
break;
|
break;
|
||||||
|
case InfraConfigEnumForClient.GOOGLE_CALLBACK_URL:
|
||||||
|
if (!validateUrl(infraConfigs[i].value))
|
||||||
|
return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
|
break;
|
||||||
|
case InfraConfigEnumForClient.GOOGLE_SCOPE:
|
||||||
|
if (!validateSSOScope(infraConfigs[i].value))
|
||||||
|
return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
|
break;
|
||||||
case InfraConfigEnumForClient.GITHUB_CLIENT_ID:
|
case InfraConfigEnumForClient.GITHUB_CLIENT_ID:
|
||||||
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
break;
|
break;
|
||||||
case InfraConfigEnumForClient.GITHUB_CLIENT_SECRET:
|
case InfraConfigEnumForClient.GITHUB_CLIENT_SECRET:
|
||||||
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
break;
|
break;
|
||||||
|
case InfraConfigEnumForClient.GITHUB_CALLBACK_URL:
|
||||||
|
if (!validateUrl(infraConfigs[i].value))
|
||||||
|
return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
|
break;
|
||||||
|
case InfraConfigEnumForClient.GITHUB_SCOPE:
|
||||||
|
if (!validateSSOScope(infraConfigs[i].value))
|
||||||
|
return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
|
break;
|
||||||
case InfraConfigEnumForClient.MICROSOFT_CLIENT_ID:
|
case InfraConfigEnumForClient.MICROSOFT_CLIENT_ID:
|
||||||
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
break;
|
break;
|
||||||
case InfraConfigEnumForClient.MICROSOFT_CLIENT_SECRET:
|
case InfraConfigEnumForClient.MICROSOFT_CLIENT_SECRET:
|
||||||
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
if (!infraConfigs[i].value) return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
break;
|
break;
|
||||||
|
case InfraConfigEnumForClient.MICROSOFT_CALLBACK_URL:
|
||||||
|
if (!validateUrl(infraConfigs[i].value))
|
||||||
|
return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
|
break;
|
||||||
|
case InfraConfigEnumForClient.MICROSOFT_SCOPE:
|
||||||
|
if (!validateSSOScope(infraConfigs[i].value))
|
||||||
|
return E.left(INFRA_CONFIG_INVALID_INPUT);
|
||||||
|
break;
|
||||||
default:
|
default:
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -4,12 +4,18 @@ export enum InfraConfigEnum {
|
|||||||
|
|
||||||
GOOGLE_CLIENT_ID = 'GOOGLE_CLIENT_ID',
|
GOOGLE_CLIENT_ID = 'GOOGLE_CLIENT_ID',
|
||||||
GOOGLE_CLIENT_SECRET = 'GOOGLE_CLIENT_SECRET',
|
GOOGLE_CLIENT_SECRET = 'GOOGLE_CLIENT_SECRET',
|
||||||
|
GOOGLE_CALLBACK_URL = 'GOOGLE_CALLBACK_URL',
|
||||||
|
GOOGLE_SCOPE = 'GOOGLE_SCOPE',
|
||||||
|
|
||||||
GITHUB_CLIENT_ID = 'GITHUB_CLIENT_ID',
|
GITHUB_CLIENT_ID = 'GITHUB_CLIENT_ID',
|
||||||
GITHUB_CLIENT_SECRET = 'GITHUB_CLIENT_SECRET',
|
GITHUB_CLIENT_SECRET = 'GITHUB_CLIENT_SECRET',
|
||||||
|
GITHUB_CALLBACK_URL = 'GITHUB_CALLBACK_URL',
|
||||||
|
GITHUB_SCOPE = 'GITHUB_SCOPE',
|
||||||
|
|
||||||
MICROSOFT_CLIENT_ID = 'MICROSOFT_CLIENT_ID',
|
MICROSOFT_CLIENT_ID = 'MICROSOFT_CLIENT_ID',
|
||||||
MICROSOFT_CLIENT_SECRET = 'MICROSOFT_CLIENT_SECRET',
|
MICROSOFT_CLIENT_SECRET = 'MICROSOFT_CLIENT_SECRET',
|
||||||
|
MICROSOFT_CALLBACK_URL = 'MICROSOFT_CALLBACK_URL',
|
||||||
|
MICROSOFT_SCOPE = 'MICROSOFT_SCOPE',
|
||||||
|
|
||||||
VITE_ALLOWED_AUTH_PROVIDERS = 'VITE_ALLOWED_AUTH_PROVIDERS',
|
VITE_ALLOWED_AUTH_PROVIDERS = 'VITE_ALLOWED_AUTH_PROVIDERS',
|
||||||
|
|
||||||
@@ -24,12 +30,18 @@ export enum InfraConfigEnumForClient {
|
|||||||
|
|
||||||
GOOGLE_CLIENT_ID = 'GOOGLE_CLIENT_ID',
|
GOOGLE_CLIENT_ID = 'GOOGLE_CLIENT_ID',
|
||||||
GOOGLE_CLIENT_SECRET = 'GOOGLE_CLIENT_SECRET',
|
GOOGLE_CLIENT_SECRET = 'GOOGLE_CLIENT_SECRET',
|
||||||
|
GOOGLE_CALLBACK_URL = 'GOOGLE_CALLBACK_URL',
|
||||||
|
GOOGLE_SCOPE = 'GOOGLE_SCOPE',
|
||||||
|
|
||||||
GITHUB_CLIENT_ID = 'GITHUB_CLIENT_ID',
|
GITHUB_CLIENT_ID = 'GITHUB_CLIENT_ID',
|
||||||
GITHUB_CLIENT_SECRET = 'GITHUB_CLIENT_SECRET',
|
GITHUB_CLIENT_SECRET = 'GITHUB_CLIENT_SECRET',
|
||||||
|
GITHUB_CALLBACK_URL = 'GITHUB_CALLBACK_URL',
|
||||||
|
GITHUB_SCOPE = 'GITHUB_SCOPE',
|
||||||
|
|
||||||
MICROSOFT_CLIENT_ID = 'MICROSOFT_CLIENT_ID',
|
MICROSOFT_CLIENT_ID = 'MICROSOFT_CLIENT_ID',
|
||||||
MICROSOFT_CLIENT_SECRET = 'MICROSOFT_CLIENT_SECRET',
|
MICROSOFT_CLIENT_SECRET = 'MICROSOFT_CLIENT_SECRET',
|
||||||
|
MICROSOFT_CALLBACK_URL = 'MICROSOFT_CALLBACK_URL',
|
||||||
|
MICROSOFT_SCOPE = 'MICROSOFT_SCOPE',
|
||||||
|
|
||||||
ALLOW_ANALYTICS_COLLECTION = 'ALLOW_ANALYTICS_COLLECTION',
|
ALLOW_ANALYTICS_COLLECTION = 'ALLOW_ANALYTICS_COLLECTION',
|
||||||
IS_FIRST_TIME_INFRA_SETUP = 'IS_FIRST_TIME_INFRA_SETUP',
|
IS_FIRST_TIME_INFRA_SETUP = 'IS_FIRST_TIME_INFRA_SETUP',
|
||||||
|
|||||||
@@ -183,6 +183,32 @@ export const validateSMTPUrl = (url: string) => {
|
|||||||
return false;
|
return false;
|
||||||
};
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Checks to see if the URL is valid or not
|
||||||
|
* @param url The URL to validate
|
||||||
|
* @returns boolean
|
||||||
|
*/
|
||||||
|
export const validateUrl = (url: string) => {
|
||||||
|
const urlRegex = /^(https?|ftp):\/\/(-\.)?([^\s\/?\.#-]+\.?)+(\/[^\s]*)?$/i;
|
||||||
|
return urlRegex.test(url);
|
||||||
|
};
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Validate SSO (Google, Github, Microsoft) Scope
|
||||||
|
* @param scope The scope to validate
|
||||||
|
* @returns boolean
|
||||||
|
*/
|
||||||
|
export const validateSSOScope = (scope: string) => {
|
||||||
|
if (!scope || scope.length === 0) return false;
|
||||||
|
|
||||||
|
const scopes = scope.split(',');
|
||||||
|
scopes.forEach((aScope) => {
|
||||||
|
if (aScope.length === 0) return false;
|
||||||
|
});
|
||||||
|
|
||||||
|
return true;
|
||||||
|
};
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* String to JSON parser
|
* String to JSON parser
|
||||||
* @param {str} str The string to parse
|
* @param {str} str The string to parse
|
||||||
|
|||||||
Reference in New Issue
Block a user