dergeorg/SmartShopper
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

GoogleOauth2.0 First implementation

Browse Source 
First try for GoogleOauth2.0
This commit is contained in:
Georg Reisinger
2018-10-26 14:02:15 +02:00
parent 216a04e233
commit b171f1646c
1880 changed files with 912953 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
express-server/node_modules/passport-google-oauth20/.npmignore generated vendored Normal file
View File

@ -0,0 +1,8 @@
Makefile
docs/
examples/
reports/
test/
.jshintrc
.travis.yml

20
express-server/node_modules/passport-google-oauth20/LICENSE generated vendored Normal file
View File

@ -0,0 +1,20 @@
The MIT License (MIT)
Copyright (c) 2012-2016 Jared Hanson
Permission is hereby granted, free of charge, to any person obtaining a copy of
this software and associated documentation files (the "Software"), to deal in
the Software without restriction, including without limitation the rights to
use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of
the Software, and to permit persons to whom the Software is furnished to do so,
subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS
FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR
COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER
IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

123
express-server/node_modules/passport-google-oauth20/README.md generated vendored Normal file
View File

@ -0,0 +1,123 @@
# passport-google-oauth20
[![Build](https://img.shields.io/travis/jaredhanson/passport-google-oauth2.svg)](https://travis-ci.org/jaredhanson/passport-google-oauth2)
[![Coverage](https://img.shields.io/coveralls/jaredhanson/passport-google-oauth2.svg)](https://coveralls.io/r/jaredhanson/passport-google-oauth2)
[![Quality](https://img.shields.io/codeclimate/github/jaredhanson/passport-google-oauth2.svg?label=quality)](https://codeclimate.com/github/jaredhanson/passport-google-oauth2)
[![Dependencies](https://img.shields.io/david/jaredhanson/passport-google-oauth2.svg)](https://david-dm.org/jaredhanson/passport-google-oauth2)
[Passport](http://passportjs.org/) strategy for authenticating with [Google](http://www.google.com/)
using the OAuth 2.0 API.
This module lets you authenticate using Google in your Node.js applications.
By plugging into Passport, Google authentication can be easily and
unobtrusively integrated into any application or framework that supports
[Connect](http://www.senchalabs.org/connect/)-style middleware, including
[Express](http://expressjs.com/).
## Install
$ npm install passport-google-oauth20
## Usage
#### Create an Application
Before using `passport-google-oauth20`, you must register an application with
Google. If you have not already done so, a new project can be created in the
[Google Developers Console](https://console.developers.google.com/).
Your application will be issued a client ID and client secret, which need to be
provided to the strategy. You will also need to configure a redirect URI which
matches the route in your application.
#### Configure Strategy
The Google authentication strategy authenticates users using a Google account
and OAuth 2.0 tokens. The client ID and secret obtained when creating an
application are supplied as options when creating the strategy. The strategy
also requires a `verify` callback, which receives the access token and optional
refresh token, as well as `profile` which contains the authenticated user's
Google profile. The `verify` callback must call `cb` providing a user to
complete authentication.
var GoogleStrategy = require('passport-google-oauth20').Strategy;
passport.use(new GoogleStrategy({
clientID: GOOGLE_CLIENT_ID,
clientSecret: GOOGLE_CLIENT_SECRET,
callbackURL: "http://www.example.com/auth/google/callback"
},
function(accessToken, refreshToken, profile, cb) {
User.findOrCreate({ googleId: profile.id }, function (err, user) {
return cb(err, user);
});
}
));
#### Authenticate Requests
Use `passport.authenticate()`, specifying the `'google'` strategy, to
authenticate requests.
For example, as route middleware in an [Express](http://expressjs.com/)
application:
app.get('/auth/google',
passport.authenticate('google', { scope: ['profile'] }));
app.get('/auth/google/callback',
passport.authenticate('google', { failureRedirect: '/login' }),
function(req, res) {
// Successful authentication, redirect home.
res.redirect('/');
});
## Examples
Developers using the popular [Express](http://expressjs.com/) web framework can
refer to an [example](https://github.com/passport/express-4.x-facebook-example)
as a starting point for their own web applications. The example shows how to
authenticate users using Facebook. However, because both Facebook and Google
use OAuth 2.0, the code is similar. Simply replace references to Facebook with
corresponding references to Google.
## Contributing
#### Tests
The test suite is located in the `test/` directory. All new features are
expected to have corresponding test cases. Ensure that the complete test suite
passes by executing:
```bash
$ make test
```
#### Coverage
The test suite covers 100% of the code base. All new feature development is
expected to maintain that level. Coverage reports can be viewed by executing:
```bash
$ make test-cov
$ make view-cov
```
## Support
#### Funding
This software is provided to you as open source, free of charge. The time and
effort to develop and maintain this project is dedicated by [@jaredhanson](https://github.com/jaredhanson).
If you (or your employer) benefit from this project, please consider a financial
contribution. Your contribution helps continue the efforts that produce this
and other open source software.
Funds are accepted via [PayPal](https://paypal.me/jaredhanson), [Venmo](https://venmo.com/jaredhanson),
and [other](http://jaredhanson.net/pay) methods. Any amount is appreciated.
## License
[The MIT License](http://opensource.org/licenses/MIT)
Copyright (c) 2012-2016 Jared Hanson <[http://jaredhanson.net/](http://jaredhanson.net/)>

25
express-server/node_modules/passport-google-oauth20/lib/errors/googleplusapierror.js generated vendored Normal file
View File

@ -0,0 +1,25 @@
/**
* `GooglePlusAPIError` error.
*
* References:
* - https://developers.google.com/+/web/api/rest/
*
* @constructor
* @param {string} [message]
* @param {number} [code]
* @access public
*/
function GooglePlusAPIError(message, code) {
Error.call(this);
Error.captureStackTrace(this, arguments.callee);
this.name = 'GooglePlusAPIError';
this.message = message;
this.code = code;
}
// Inherit from `Error`.
GooglePlusAPIError.prototype.__proto__ = Error.prototype;
// Expose constructor.
module.exports = GooglePlusAPIError;

22
express-server/node_modules/passport-google-oauth20/lib/errors/userinfoerror.js generated vendored Normal file
View File

@ -0,0 +1,22 @@
/**
* `UserInfoError` error.
*
* @constructor
* @param {string} [message]
* @param {string} [code]
* @access public
*/
function UserInfoError(message, code) {
Error.call(this);
Error.captureStackTrace(this, arguments.callee);
this.name = 'UserInfoError';
this.message = message;
this.code = code;
}
// Inherit from `Error`.
UserInfoError.prototype.__proto__ = Error.prototype;
// Expose constructor.
module.exports = UserInfoError;

9
express-server/node_modules/passport-google-oauth20/lib/index.js generated vendored Normal file
View File

@ -0,0 +1,9 @@
// Load modules.
var Strategy = require('./strategy');
// Expose Strategy.
exports = module.exports = Strategy;
// Exports.
exports.Strategy = Strategy;

47
express-server/node_modules/passport-google-oauth20/lib/profile/googleplus.js generated vendored Normal file
View File

@ -0,0 +1,47 @@
/**
* Parse profile.
*
* Parses user profiles as fetched from Google's Google+ API.
*
* The amount of detail in the profile varies based on the scopes granted by the
* user. The following scope values add additional data:
*
* `https://www.googleapis.com/auth/plus.login` - recommended login scope
* `profile` - basic profile information
* `email` - email address
*
* References:
* - https://developers.google.com/+/web/api/rest/latest/people/get
* - https://developers.google.com/+/web/api/rest/
* - https://developers.google.com/+/web/api/rest/oauth
*
* @param {object|string} json
* @return {object}
* @access public
*/
exports.parse = function(json) {
if ('string' == typeof json) {
json = JSON.parse(json);
}
var profile = {}
, i, len;
profile.id = json.id;
profile.displayName = json.displayName;
if (json.name) {
profile.name = { familyName: json.name.familyName,
givenName: json.name.givenName };
}
if (json.emails) {
profile.emails = [];
for (i = 0, len = json.emails.length; i < len; ++i) {
profile.emails.push({ value: json.emails[i].value, type: json.emails[i].type })
}
}
if (json.image) {
profile.photos = [{ value: json.image.url }];
}
profile.gender = json.gender;
return profile;
};

40
express-server/node_modules/passport-google-oauth20/lib/profile/openid.js generated vendored Normal file
View File

@ -0,0 +1,40 @@
/**
* Parse profile.
*
* Parses user profiles as fetched from Google's OpenID Connect-compatible user
* info endpoint.
*
* The amount of detail in the profile varies based on the scopes granted by the
* user. The following scope values add additional data:
*
* `profile` - basic profile information
* `email` - email address
*
* References:
* - https://developers.google.com/identity/protocols/OpenIDConnect
*
* @param {object|string} json
* @return {object}
* @access public
*/
exports.parse = function(json) {
if ('string' == typeof json) {
json = JSON.parse(json);
}
var profile = {};
profile.id = json.sub;
profile.displayName = json.name;
if (json.family_name || json.given_name) {
profile.name = { familyName: json.family_name,
givenName: json.given_name };
}
if (json.email) {
profile.emails = [ { value: json.email, verified: json.email_verified } ];
}
if (json.picture) {
profile.photos = [{ value: json.picture }];
}
return profile;
};

199
express-server/node_modules/passport-google-oauth20/lib/strategy.js generated vendored Normal file
View File

@ -0,0 +1,199 @@
// Load modules.
var OAuth2Strategy = require('passport-oauth2')
, util = require('util')
, uri = require('url')
, GooglePlusProfile = require('./profile/googleplus')
, OpenIDProfile = require('./profile/openid')
, InternalOAuthError = require('passport-oauth2').InternalOAuthError
, GooglePlusAPIError = require('./errors/googleplusapierror')
, UserInfoError = require('./errors/userinfoerror');
/**
* `Strategy` constructor.
*
* The Google authentication strategy authenticates requests by delegating to
* Google using the OAuth 2.0 protocol.
*
* Applications must supply a `verify` callback which accepts an `accessToken`,
* `refreshToken` and service-specific `profile`, and then calls the `cb`
* callback supplying a `user`, which should be set to `false` if the
* credentials are not valid. If an exception occured, `err` should be set.
*
* Options:
* - `clientID` your Google application's client id
* - `clientSecret` your Google application's client secret
* - `callbackURL` URL to which Google will redirect the user after granting authorization
*
* Examples:
*
* passport.use(new GoogleStrategy({
* clientID: '123-456-789',
* clientSecret: 'shhh-its-a-secret'
* callbackURL: 'https://www.example.net/auth/google/callback'
* },
* function(accessToken, refreshToken, profile, cb) {
* User.findOrCreate(..., function (err, user) {
* cb(err, user);
* });
* }
* ));
*
* @constructor
* @param {object} options
* @param {function} verify
* @access public
*/
function Strategy(options, verify) {
options = options || {};
options.authorizationURL = options.authorizationURL || 'https://accounts.google.com/o/oauth2/v2/auth';
options.tokenURL = options.tokenURL || 'https://www.googleapis.com/oauth2/v4/token';
OAuth2Strategy.call(this, options, verify);
this.name = 'google';
this._userProfileURL = options.userProfileURL || 'https://www.googleapis.com/plus/v1/people/me';
var url = uri.parse(this._userProfileURL);
if (url.pathname.indexOf('/userinfo') == (url.pathname.length - '/userinfo'.length)) {
this._userProfileFormat = 'openid';
} else {
this._userProfileFormat = 'google+'; // Google Sign-In
}
}
// Inherit from `OAuth2Strategy`.
util.inherits(Strategy, OAuth2Strategy);
/**
* Retrieve user profile from Google.
*
* This function constructs a normalized profile, with the following properties:
*
* - `provider` always set to `google`
* - `id`
* - `username`
* - `displayName`
*
* @param {string} accessToken
* @param {function} done
* @access protected
*/
Strategy.prototype.userProfile = function(accessToken, done) {
var self = this;
this._oauth2.get(this._userProfileURL, accessToken, function (err, body, res) {
var json;
if (err) {
if (err.data) {
try {
json = JSON.parse(err.data);
} catch (_) {}
}
if (json && json.error && json.error.message) {
return done(new GooglePlusAPIError(json.error.message, json.error.code));
} else if (json && json.error && json.error_description) {
return done(new UserInfoError(json.error_description, json.error));
}
return done(new InternalOAuthError('Failed to fetch user profile', err));
}
try {
json = JSON.parse(body);
} catch (ex) {
return done(new Error('Failed to parse user profile'));
}
var profile;
switch (self._userProfileFormat) {
case 'openid':
profile = OpenIDProfile.parse(json);
break;
default: // Google Sign-In
profile = GooglePlusProfile.parse(json);
break;
}
profile.provider = 'google';
profile._raw = body;
profile._json = json;
done(null, profile);
});
}
/**
* Return extra Google-specific parameters to be included in the authorization
* request.
*
* @param {object} options
* @return {object}
* @access protected
*/
Strategy.prototype.authorizationParams = function(options) {
var params = {};
// https://developers.google.com/identity/protocols/OAuth2WebServer
if (options.accessType) {
params['access_type'] = options.accessType;
}
if (options.prompt) {
params['prompt'] = options.prompt;
}
if (options.loginHint) {
params['login_hint'] = options.loginHint;
}
if (options.includeGrantedScopes) {
params['include_granted_scopes'] = true;
}
// https://developers.google.com/identity/protocols/OpenIDConnect
if (options.display) {
// Specify what kind of display consent screen to display to users.
// https://developers.google.com/accounts/docs/OpenIDConnect#authenticationuriparameters
params['display'] = options.display;
}
// Google Apps for Work
if (options.hostedDomain || options.hd) {
// This parameter is derived from Google's OAuth 1.0 endpoint, and (although
// undocumented) is supported by Google's OAuth 2.0 endpoint was well.
// https://developers.google.com/accounts/docs/OAuth_ref
params['hd'] = options.hostedDomain || options.hd;
}
// Google+
if (options.requestVisibleActions) {
// Space separated list of allowed app actions
// as documented at:
// https://developers.google.com/+/web/app-activities/#writing_an_app_activity_using_the_google_apis_client_libraries
// https://developers.google.com/+/api/moment-types/
params['request_visible_actions'] = options.requestVisibleActions;
}
// OpenID 2.0 migration
if (options.openIDRealm) {
// This parameter is needed when migrating users from Google's OpenID 2.0 to OAuth 2.0
// https://developers.google.com/accounts/docs/OpenID?hl=ja#adjust-uri
params['openid.realm'] = options.openIDRealm;
}
// Undocumented
if (options.approvalPrompt) {
params['approval_prompt'] = options.approvalPrompt;
}
if (options.userID) {
// Undocumented, but supported by Google's OAuth 2.0 endpoint. Appears to
// be equivalent to `login_hint`.
params['user_id'] = options.userID;
}
return params;
}
/**
* Expose `Strategy`.
*/
module.exports = Strategy;

74
express-server/node_modules/passport-google-oauth20/package.json generated vendored Normal file
View File

@ -0,0 +1,74 @@
{
"_from": "passport-google-oauth20@1.x.x",
"_id": "passport-google-oauth20@1.0.0",
"_inBundle": false,
"_integrity": "sha1-O5YOih1w0dvnlGFcgnxoxAOSpdA=",
"_location": "/passport-google-oauth20",
"_phantomChildren": {},
"_requested": {
"type": "range",
"registry": true,
"raw": "passport-google-oauth20@1.x.x",
"name": "passport-google-oauth20",
"escapedName": "passport-google-oauth20",
"rawSpec": "1.x.x",
"saveSpec": null,
"fetchSpec": "1.x.x"
},
"_requiredBy": [
"/passport-google-oauth"
],
"_resolved": "https://registry.npmjs.org/passport-google-oauth20/-/passport-google-oauth20-1.0.0.tgz",
"_shasum": "3b960e8a1d70d1dbe794615c827c68c40392a5d0",
"_spec": "passport-google-oauth20@1.x.x",
"_where": "C:\\Users\\Georg\\GitHub\\SmartShopper\\express-server\\node_modules\\passport-google-oauth",
"author": {
"name": "Jared Hanson",
"email": "jaredhanson@gmail.com",
"url": "http://www.jaredhanson.net/"
},
"bugs": {
"url": "http://github.com/jaredhanson/passport-google-oauth2/issues"
},
"bundleDependencies": false,
"dependencies": {
"passport-oauth2": "1.x.x"
},
"deprecated": false,
"description": "Google (OAuth 2.0) authentication strategy for Passport.",
"devDependencies": {
"chai": "2.x.x",
"chai-passport-strategy": "1.x.x",
"make-node": "0.3.x",
"mocha": "1.x.x"
},
"engines": {
"node": ">= 0.4.0"
},
"homepage": "https://github.com/jaredhanson/passport-google-oauth2#readme",
"keywords": [
"passport",
"google",
"auth",
"authn",
"authentication",
"identity"
],
"license": "MIT",
"licenses": [
{
"type": "MIT",
"url": "http://opensource.org/licenses/MIT"
}
],
"main": "./lib",
"name": "passport-google-oauth20",
"repository": {
"type": "git",
"url": "git://github.com/jaredhanson/passport-google-oauth2.git"
},
"scripts": {
"test": "mocha --require test/bootstrap/node test/*.test.js test/**/*.test.js"
},
"version": "1.0.0"
}