TheCloud/PronounsPage
1
0
Fork 0
mirror of https://gitlab.com/PronounsPage/PronounsPage.git synced 2025-09-25 22:19:28 -04:00
Code Issues Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'origin/main'

Browse Source
This commit is contained in:
Andrea Vos 2023-04-29 19:33:17 +02:00
commit 3453ba9b09
6 changed files with 56 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
nuxt.config.js
View File

@ -25,6 +25,9 @@ if (process.env.ENV) {
process.env.NODE_ENV = process.env.ENV; process.env.NODE_ENV = process.env.ENV;
} }
const applePrivateKeyFile = `${__dirname}/keys/AuthKey_${process.env.APLLE_KEY_ID}.p8`;
process.env.APPLE_PRIVATE_KEY = fs.existsSync(applePrivateKeyFile) ? fs.readFileSync(applePrivateKeyFile).toString('utf-8') : null;
const allVersionsUrls = buildList(function*() { const allVersionsUrls = buildList(function*() {
if (process.env.NODE_ENV === 'development') { if (process.env.NODE_ENV === 'development') {
yield 'http://pronouns.test:3000'; yield 'http://pronouns.test:3000';

2
package.json
View File

@ -29,7 +29,7 @@
"express": "^4.17.1", "express": "^4.17.1",
"express-session": "^1.17.1", "express-session": "^1.17.1",
"generic-diff": "^1.0.1", "generic-diff": "^1.0.1",
"grant": "^5.4.20", "grant": "^5.4.21",
"he-date": "^1.2.2", "he-date": "^1.2.2",
"html-loader": "^1.3.2", "html-loader": "^1.3.2",
"html2canvas": "^1.4.1", "html2canvas": "^1.4.1",

4
server/routes/user.js
View File

@ -537,7 +537,9 @@ router.get('/user/social-redirect/:provider/:locale', handleErrorAsync(async (re
// happens on home // happens on home
router.get('/user/social/:provider', handleErrorAsync(async (req, res) => { router.get('/user/social/:provider', handleErrorAsync(async (req, res) => {
if (!req.session.grant || !req.session.grant.response || !req.session.grant.response.access_token || !socialLoginHandlers[req.params.provider]) { if (!req.session.grant || !req.session.grant.response
|| (!req.session.grant.response.access_token && !req.session.grant.response.jwt)
|| !socialLoginHandlers[req.params.provider]) {
console.error('Social login failed, session incomplete.', req.params.provider, req.session, req.session.grant.response); console.error('Social login failed, session incomplete.', req.params.provider, req.session, req.session.grant.response);
return res.status(400).json({error: 'Something went wrong… Please try again.'}) return res.status(400).json({error: 'Something went wrong… Please try again.'})
} }

40
server/social.js
View File

@ -1,3 +1,22 @@
const jwt = require('jsonwebtoken');
const getAppleClientSecret = () => {
const headers = {
kid: process.env.APPLE_KEY_ID,
typ: undefined
}
const claims = {
'iss': process.env.APPLE_TEAM_ID,
'aud': 'https://appleid.apple.com',
'sub': process.env.APPLE_CLIENT_ID,
}
return jwt.sign(claims, process.env.APPLE_PRIVATE_KEY, {
algorithm: 'ES256',
header: headers,
expiresIn: '180d'
});
}
module.exports.config = { module.exports.config = {
defaults: { defaults: {
origin: process.env.BASE_URL, origin: process.env.BASE_URL,
@ -30,6 +49,19 @@ module.exports.config = {
callback: '/api/user/social/discord', callback: '/api/user/social/discord',
scope: ['identify', 'email'], scope: ['identify', 'email'],
}, },
apple: {
key: process.env.APPLE_CLIENT_ID,
secret: getAppleClientSecret(),
callback: '/api/user/social/apple',
scope: ['openid', 'name', 'email'],
response: ['raw', 'jwt'],
nonce: true,
custom_params: {
response_type: 'code id_token',
response_mode: 'form_post',
},
},
// non-grant, but things break if it's not there // non-grant, but things break if it's not there
mastodon: {}, mastodon: {},
indieauth: {}, indieauth: {},
@ -97,4 +129,12 @@ module.exports.handlers = {
instance: r.instance, instance: r.instance,
} }
}, },
apple(r) {
const payload = r.jwt.id_token.payload
return {
id: payload.email,
email: payload.email_verified ? payload.email : null,
name: payload.email,
};
}
}; };

5
src/socialProviders.js
View File

@ -19,6 +19,11 @@ export const socialProviders = {
redirectViaHome: true, redirectViaHome: true,
avatars: true, avatars: true,
}, },
apple: {
name: 'Apple',
redirectViaHome: true,
avatars: true,
},
google: { google: {
name: 'Google', name: 'Google',
redirectViaHome: true, redirectViaHome: true,

8
yarn.lock
View File

@ -5522,10 +5522,10 @@ graceful-fs@^4.2.6:
resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c" resolved "https://registry.yarnpkg.com/graceful-fs/-/graceful-fs-4.2.10.tgz#147d3a006da4ca3ce14728c7aefc287c367d7a6c"
integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA== integrity sha512-9ByhssR2fPVsNZj478qUUbKfmL0+t5BDVyjShtyZZLiK7ZDAArFFfopyOTj0M05wE2tJPisA4iTnnXl2YoPvOA==
grant@^5.4.20: grant@^5.4.21:
version "5.4.20" version "5.4.21"
resolved "https://registry.yarnpkg.com/grant/-/grant-5.4.20.tgz#01ad40559057920e2297aa1d74043edee1056548" resolved "https://registry.yarnpkg.com/grant/-/grant-5.4.21.tgz#3306942f4a19e40d008e247d071104b19173c0c6"
integrity sha512-VwoKfA8IgMIbFDBVybb6iTqkSEyy+uZYeXRnaF6L/Dc9X2eq73ciEXQ71atCoVDy6yOD2YGszs+cGAACNK6NqQ== integrity sha512-QaoZudI9Gmh2W415gd71Iul6gpVH9sG1SkjfnGHtqYZopQDQ5PUVxRol5zFCrwGi9S0EbExbelHlZScgdChg2w==
dependencies: dependencies:
qs "^6.10.2" qs "^6.10.2"
request-compose "^2.1.4" request-compose "^2.1.4"