Merge pull request #347 from automatisch/refactor/use-http-client-for-github-auth

refactor: Use http client to authenticate github
2022-07-18 01:34:41 +03:00
parent c85aadf006 95d03e00da
commit 2cf79e27de
4 changed files with 37 additions and 41 deletions
--- a/packages/backend/package.json
+++ b/packages/backend/package.json
@@ -24,7 +24,6 @@
    "@gitbeaker/node": "^35.6.0",
    "@graphql-tools/graphql-file-loader": "^7.3.4",
    "@graphql-tools/load": "^7.5.2",
-    "@octokit/oauth-methods": "^1.2.6",
    "@rudderstack/rudder-sdk-node": "^1.1.2",
    "@slack/bolt": "3.10.0",
    "@types/luxon": "^2.3.1",
--- a/packages/backend/src/apps/github/authentication.ts
+++ b/packages/backend/src/apps/github/authentication.ts
@@ -4,35 +4,19 @@ import type {
  IField,
  IJSONObject,
 } from '@automatisch/types';
-import {
-  getWebFlowAuthorizationUrl,
-  exchangeWebFlowCode,
-  checkToken,
-} from '@octokit/oauth-methods';
+import HttpClient from '../../helpers/http-client';
+import { URLSearchParams } from 'url';

 export default class Authentication implements IAuthentication {
  appData: IApp;
  connectionData: IJSONObject;
-  scopes: string[] = [
-    'read:org',
-    'repo',
-    'user',
-  ];
-  client: {
-    getWebFlowAuthorizationUrl: typeof getWebFlowAuthorizationUrl;
-    exchangeWebFlowCode: typeof exchangeWebFlowCode;
-    checkToken: typeof checkToken;
-  };
+  scopes: string[] = ['read:org', 'repo', 'user'];
+  client: HttpClient;

  constructor(appData: IApp, connectionData: IJSONObject) {
    this.connectionData = connectionData;
    this.appData = appData;
-
-    this.client = {
-      getWebFlowAuthorizationUrl,
-      exchangeWebFlowCode,
-      checkToken,
-    };
+    this.client = new HttpClient({ baseURL: 'https://github.com' });
  }

  get oauthRedirectUrl(): string {
@@ -42,26 +26,28 @@ export default class Authentication implements IAuthentication {
  }

  async createAuthData(): Promise<{ url: string }> {
-    const { url } = await this.client.getWebFlowAuthorizationUrl({
-      clientType: 'oauth-app',
-      clientId: this.connectionData.consumerKey as string,
-      redirectUrl: this.oauthRedirectUrl,
-      scopes: this.scopes,
+    const searchParams = new URLSearchParams({
+      client_id: this.connectionData.consumerKey as string,
+      redirect_uri: this.oauthRedirectUrl,
+      scope: this.scopes.join(','),
    });

+    const url = `https://github.com/login/oauth/authorize?${searchParams.toString()}`;
+
    return {
-      url: url,
+      url,
    };
  }

  async verifyCredentials() {
-    const { data } = await this.client.exchangeWebFlowCode({
-      clientType: 'oauth-app',
-      clientId: this.connectionData.consumerKey as string,
-      clientSecret: this.connectionData.consumerSecret as string,
-      code: this.connectionData.oauthVerifier as string,
+    const response = await this.client.post('/login/oauth/access_token', {
+      client_id: this.connectionData.consumerKey,
+      client_secret: this.connectionData.consumerSecret,
+      code: this.connectionData.oauthVerifier,
    });

+    const data = Object.fromEntries(new URLSearchParams(response.data));
+
    this.connectionData.accessToken = data.access_token;

    const tokenInfo = await this.getTokenInfo();
@@ -78,12 +64,23 @@ export default class Authentication implements IAuthentication {
  }

  async getTokenInfo() {
-    return this.client.checkToken({
-      clientType: 'oauth-app',
-      clientId: this.connectionData.consumerKey as string,
-      clientSecret: this.connectionData.consumerSecret as string,
-      token: this.connectionData.accessToken as string,
-    });
+    const basicAuthToken = Buffer.from(
+      this.connectionData.consumerKey + ':' + this.connectionData.consumerSecret
+    ).toString('base64');
+
+    const headers = {
+      Authorization: `Basic ${basicAuthToken}`,
+    };
+
+    const body = {
+      access_token: this.connectionData.accessToken,
+    };
+
+    return await this.client.post(
+      `https://api.github.com/applications/${this.connectionData.consumerKey}/token`,
+      body,
+      { headers }
+    );
  }

  async isStillVerified() {
--- a/packages/types/index.d.ts
+++ b/packages/types/index.d.ts
@@ -177,5 +177,5 @@ export interface ISubstep {
 }

 export type IHttpClientParams = {
-  baseURL: string;
+  baseURL?: string;
 }
--- a/yarn.lock
+++ b/yarn.lock
@@ -3744,7 +3744,7 @@
  resolved "https://registry.yarnpkg.com/@octokit/oauth-authorization-url/-/oauth-authorization-url-4.3.3.tgz#6a6ef38f243086fec882b62744f39b517528dfb9"
  integrity sha512-lhP/t0i8EwTmayHG4dqLXgU+uPVys4WD/qUNvC+HfB1S1dyqULm5Yx9uKc1x79aP66U1Cb4OZeW8QU/RA9A4XA==

-"@octokit/oauth-methods@^1.1.0", "@octokit/oauth-methods@^1.2.2", "@octokit/oauth-methods@^1.2.6":
+"@octokit/oauth-methods@^1.1.0", "@octokit/oauth-methods@^1.2.2":
  version "1.2.6"
  resolved "https://registry.yarnpkg.com/@octokit/oauth-methods/-/oauth-methods-1.2.6.tgz#b9ac65e374b2cc55ee9dd8dcdd16558550438ea7"
  integrity sha512-nImHQoOtKnSNn05uk2o76om1tJWiAo4lOu2xMAHYsNr0fwopP+Dv+2MlGvaMMlFjoqVd3fF3X5ZDTKCsqgmUaQ==