Skip to content

Commit

Permalink
feat(passport): connect oauth proxy
Browse files Browse the repository at this point in the history
  • Loading branch information
szkl committed Jun 6, 2023
1 parent e764809 commit c183699
Show file tree
Hide file tree
Showing 14 changed files with 227 additions and 31 deletions.
12 changes: 12 additions & 0 deletions apps/passport/app/auth.server.ts
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,18 @@ export const createAuthenticatorSessionStorage = (
}

export const AUTHN_PARAMS_SESSION_KEY = 'authnParams'

export const getAuthnParams = async (
request: Request,
env: Env
): Promise<URLSearchParams> => {
const authenticatorStorage = createAuthenticatorSessionStorage(request, env)
const session = await authenticatorStorage.getSession(
request.headers.get('Cookie')
)
return new URLSearchParams(session.get(AUTHN_PARAMS_SESSION_KEY))
}

/**
* Returns a custom Request and authenticator SessionStorage. Needed to hook into response
* lifecycle that authenticator fully controls, to set custom data needed after external
Expand Down
3 changes: 3 additions & 0 deletions apps/passport/app/routes/connect/apple/callback.ts
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,8 @@ import {
authenticateAddress,
checkOAuthError,
} from '~/utils/authenticate.server'
import { redirectToCustomDomainHost } from '~/utils/connect-proxy'

import { getAuthzCookieParams, getUserSession } from '~/session.server'
import { Authenticator } from 'remix-auth'
import { InternalServerError } from '@proofzero/errors'
Expand Down Expand Up @@ -51,6 +53,7 @@ export const action: ActionFunction = getRollupReqFunctionErrorWrapper(
export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }) => {
await checkOAuthError(request, context.env)
await redirectToCustomDomainHost(request, context)

const appData = await getAuthzCookieParams(request, context.env)

Expand Down
29 changes: 24 additions & 5 deletions apps/passport/app/routes/connect/apple/index.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -5,21 +5,40 @@ import { getRollupReqFunctionErrorWrapper } from '@proofzero/utils/errors'

import { getAppleStrategy, injectAuthnParamsIntoSession } from '~/auth.server'
import { AppleStrategyDefaultName } from '~/utils/applestrategy.server'
import {
redirectToDefaultHost,
setCustomDomainOrigin,
} from '~/utils/connect-proxy'

export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }) => {
const authnParams = new URL(request.url).searchParams
setCustomDomainOrigin(request, context, authnParams)

const authenticatorInputs = await injectAuthnParamsIntoSession(
authnParams.toString(),
request,
context.env
)
const authenticator = new Authenticator(authenticatorInputs.sessionStorage)

authenticator.use(getAppleStrategy(context.env))
return authenticator.authenticate(
AppleStrategyDefaultName,
authenticatorInputs.newRequest
)
const strategy = getAppleStrategy(context.env)
if (authnParams.get('state'))
// @ts-ignore
strategy.generateState = () => authnParams.get('state')

authenticator.use(strategy)

try {
const response = await authenticator.authenticate(
AppleStrategyDefaultName,
authenticatorInputs.newRequest
)
return response
} catch (error) {
if (!(error instanceof Response)) throw error
const response = error
redirectToDefaultHost(request, response, context)
}
}
)
3 changes: 3 additions & 0 deletions apps/passport/app/routes/connect/discord/callback.ts
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,16 @@ import {
authenticateAddress,
checkOAuthError,
} from '~/utils/authenticate.server'
import { redirectToCustomDomainHost } from '~/utils/connect-proxy'

import { Authenticator } from 'remix-auth'
import { InternalServerError } from '@proofzero/errors'
import { getRollupReqFunctionErrorWrapper } from '@proofzero/utils/errors'

export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }) => {
await checkOAuthError(request, context.env)
await redirectToCustomDomainHost(request, context)

const appData = await getAuthzCookieParams(request, context.env)

Expand Down
29 changes: 24 additions & 5 deletions apps/passport/app/routes/connect/discord/index.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,16 @@ import { DiscordStrategyDefaultName } from 'remix-auth-discord'
import { getRollupReqFunctionErrorWrapper } from '@proofzero/utils/errors'

import { getDiscordStrategy, injectAuthnParamsIntoSession } from '~/auth.server'
import {
redirectToDefaultHost,
setCustomDomainOrigin,
} from '~/utils/connect-proxy'

export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }) => {
const authnParams = new URL(request.url).searchParams
setCustomDomainOrigin(request, context, authnParams)

const authenticatorInputs = await injectAuthnParamsIntoSession(
authnParams.toString(),
request,
Expand All @@ -18,11 +24,24 @@ export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
const prompt =
rollup_action && rollup_action === 'reconnect' ? 'consent' : undefined

const strategy = getDiscordStrategy(context.env, prompt)
if (authnParams.get('state'))
// @ts-ignore
strategy.generateState = () => authnParams.get('state')

const authenticator = new Authenticator(authenticatorInputs.sessionStorage)
authenticator.use(getDiscordStrategy(context.env, prompt))
return authenticator.authenticate(
DiscordStrategyDefaultName,
authenticatorInputs.newRequest
)
authenticator.use(strategy)

try {
const response = await authenticator.authenticate(
DiscordStrategyDefaultName,
authenticatorInputs.newRequest
)
return response
} catch (error) {
if (!(error instanceof Response)) throw error
const response = error
redirectToDefaultHost(request, response, context)
}
}
)
3 changes: 3 additions & 0 deletions apps/passport/app/routes/connect/github/callback.ts
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
import { redirect } from '@remix-run/cloudflare'
import type { LoaderArgs, LoaderFunction } from '@remix-run/cloudflare'

import { generateHashedIDRef } from '@proofzero/urns/idref'
Expand All @@ -11,6 +12,7 @@ import {
authenticateAddress,
checkOAuthError,
} from '~/utils/authenticate.server'
import { redirectToCustomDomainHost } from '~/utils/connect-proxy'

import { getAddressClient } from '~/platform.server'
import { GitHubStrategyDefaultName } from 'remix-auth-github'
Expand All @@ -24,6 +26,7 @@ import { getRollupReqFunctionErrorWrapper } from '@proofzero/utils/errors'
export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }: LoaderArgs) => {
await checkOAuthError(request, context.env)
await redirectToCustomDomainHost(request, context)

const appData = await getAuthzCookieParams(request, context.env)

Expand Down
30 changes: 25 additions & 5 deletions apps/passport/app/routes/connect/github/index.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -9,20 +9,40 @@ import {
injectAuthnParamsIntoSession,
} from '~/auth.server'

import {
redirectToDefaultHost,
setCustomDomainOrigin,
} from '~/utils/connect-proxy'

export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }) => {
const authnParams = new URL(request.url).searchParams
setCustomDomainOrigin(request, context, authnParams)

const authenticatorInputs = await injectAuthnParamsIntoSession(
authnParams.toString(),
request,
context.env
)

const strategy = getGithubAuthenticator(context.env)
if (authnParams.get('state'))
// @ts-ignore
strategy.generateState = () => authnParams.get('state')

const authenticator = new Authenticator(authenticatorInputs.sessionStorage)
authenticator.use(getGithubAuthenticator(context.env))
authenticator.use(strategy)

return authenticator.authenticate(
GitHubStrategyDefaultName,
authenticatorInputs.newRequest
)
try {
const response = await authenticator.authenticate(
GitHubStrategyDefaultName,
authenticatorInputs.newRequest
)
return response
} catch (error) {
if (!(error instanceof Response)) throw error
const response = error
redirectToDefaultHost(request, response, context)
}
}
)
3 changes: 3 additions & 0 deletions apps/passport/app/routes/connect/google/callback.ts
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,8 @@ import {
authenticateAddress,
checkOAuthError,
} from '~/utils/authenticate.server'
import { redirectToCustomDomainHost } from '~/utils/connect-proxy'

import type { OAuthData } from '@proofzero/platform.address/src/types'
import { NodeType, OAuthAddressType } from '@proofzero/types/address'
import { getAuthzCookieParams, getUserSession } from '~/session.server'
Expand All @@ -21,6 +23,7 @@ import { getRollupReqFunctionErrorWrapper } from '@proofzero/utils/errors'
export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }: LoaderArgs) => {
await checkOAuthError(request, context.env)
await redirectToCustomDomainHost(request, context)

const appData = await getAuthzCookieParams(request, context.env)

Expand Down
29 changes: 24 additions & 5 deletions apps/passport/app/routes/connect/google/index.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,16 @@ import {
getGoogleAuthenticator,
injectAuthnParamsIntoSession,
} from '~/auth.server'
import {
redirectToDefaultHost,
setCustomDomainOrigin,
} from '~/utils/connect-proxy'

export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }) => {
const authnParams = new URL(request.url).searchParams
setCustomDomainOrigin(request, context, authnParams)

const authenticatorInputs = await injectAuthnParamsIntoSession(
authnParams.toString(),
request,
Expand All @@ -21,11 +27,24 @@ export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
const prompt =
rollup_action && rollup_action === 'reconnect' ? 'consent' : undefined

const strategy = getGoogleAuthenticator(context.env, prompt)
if (authnParams.get('state'))
// @ts-ignore
strategy.generateState = () => authnParams.get('state')

const authenticator = new Authenticator(authenticatorInputs.sessionStorage)
authenticator.use(getGoogleAuthenticator(context.env, prompt))
return authenticator.authenticate(
GoogleStrategyDefaultName,
authenticatorInputs.newRequest
)
authenticator.use(strategy)

try {
const response = await authenticator.authenticate(
GoogleStrategyDefaultName,
authenticatorInputs.newRequest
)
return response
} catch (error) {
if (!(error instanceof Response)) throw error
const response = error
redirectToDefaultHost(request, response, context)
}
}
)
3 changes: 3 additions & 0 deletions apps/passport/app/routes/connect/microsoft/callback.ts
Original file line number Diff line number Diff line change
Expand Up @@ -15,13 +15,16 @@ import {
checkOAuthError,
} from '~/utils/authenticate.server'
import { getAuthzCookieParams, getUserSession } from '~/session.server'
import { redirectToCustomDomainHost } from '~/utils/connect-proxy'

import { Authenticator } from 'remix-auth'
import { InternalServerError } from '@proofzero/errors'
import { getRollupReqFunctionErrorWrapper } from '@proofzero/utils/errors'

export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }: LoaderArgs) => {
await checkOAuthError(request, context.env)
await redirectToCustomDomainHost(request, context)

const appData = await getAuthzCookieParams(request, context.env)

Expand Down
29 changes: 24 additions & 5 deletions apps/passport/app/routes/connect/microsoft/index.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,16 @@ import {
getMicrosoftStrategy,
injectAuthnParamsIntoSession,
} from '~/auth.server'
import {
redirectToDefaultHost,
setCustomDomainOrigin,
} from '~/utils/connect-proxy'

export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }) => {
const authnParams = new URL(request.url).searchParams
setCustomDomainOrigin(request, context, authnParams)

const authenticatorInputs = await injectAuthnParamsIntoSession(
authnParams.toString(),
request,
Expand All @@ -24,11 +30,24 @@ export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
const prompt =
rollup_action && rollup_action === 'reconnect' ? 'consent' : ' '

const strategy = getMicrosoftStrategy(context.env, prompt)
if (authnParams.get('state'))
// @ts-ignore
strategy.generateState = () => authnParams.get('state')

const authenticator = new Authenticator(authenticatorInputs.sessionStorage)
authenticator.use(getMicrosoftStrategy(context.env, prompt))
return authenticator.authenticate(
MicrosoftStrategyDefaultName,
authenticatorInputs.newRequest
)
authenticator.use(strategy)

try {
const response = await authenticator.authenticate(
MicrosoftStrategyDefaultName,
authenticatorInputs.newRequest
)
return response
} catch (error) {
if (!(error instanceof Response)) throw error
const response = error
redirectToDefaultHost(request, response, context)
}
}
)
5 changes: 4 additions & 1 deletion apps/passport/app/routes/connect/twitter/callback.ts
Original file line number Diff line number Diff line change
Expand Up @@ -18,12 +18,15 @@ import {
checkOAuthError,
} from '~/utils/authenticate.server'
import { getAuthzCookieParams, getUserSession } from '~/session.server'
import { redirectToCustomDomainHost } from '~/utils/connect-proxy'

import { Authenticator } from 'remix-auth'
import { getRollupReqFunctionErrorWrapper } from '@proofzero/utils/errors'

export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
async ({ request, context }: LoaderArgs) => {
await checkOAuthError(request, context.env)
await redirectToCustomDomainHost(request, context)

const appData = await getAuthzCookieParams(request, context.env)

Expand All @@ -32,7 +35,7 @@ export const loader: LoaderFunction = getRollupReqFunctionErrorWrapper(
context.env
)
const authenticator = new Authenticator(authenticatorStorage)
authenticator.use(getTwitterStrategy(context.env))
authenticator.use(getTwitterStrategy(null, context.env))

const { accessToken, accessTokenSecret, profile } =
(await authenticator.authenticate(
Expand Down
Loading

0 comments on commit c183699

Please sign in to comment.