implement google oauth

2022-03-01 23:12:29 -05:00 · 2022-03-01 23:12:29 -05:00 · ebbe1c2fa0
parent 45bd5ba81a
commit ebbe1c2fa0
8 changed files with 54 additions and 11 deletions
--- a/assets/js/pages/AuthPage.tsx
+++ b/assets/js/pages/AuthPage.tsx
@ -35,6 +35,11 @@ interface LinkFiles {
  filetype: string | null;
 }

+interface GithubEmail {
+  email: string;
+  verified: boolean;
+}
+
 const AuthPage = (props: AuthPageProps) => {
  const { service, recipient, user } = props;

@ -61,13 +66,26 @@ const AuthPage = (props: AuthPageProps) => {
  };

  const userEmails = (): string[] => {
+    if (!user?.emails) return [];
+    if (user.emails.length <= 0) return [];
    return user
      ? user.emails
-          .filter((email) => email.verified)
-          .map((email) => email.email)
+          .filter(verifiedUserEmails)
+          .map((email) => (typeof email == "string" ? email : email.email))
      : [];
  };

+  const isGithubEmail = (email: string | GithubEmail): email is GithubEmail =>
+    (email as GithubEmail).verified !== undefined;
+
+  const verifiedUserEmails = (email: string | GithubEmail) => {
+    if (isGithubEmail(email)) {
+      return (email as GithubEmail).verified;
+    } else {
+      return true;
+    }
+  };
+
  const retrieveLink = async (): Promise<LinkFiles | null> => {
    const urlSegments = new URL(document.URL).pathname.split("/");
    const linkId = urlSegments.pop() || urlSegments.pop();
@ -194,10 +212,13 @@ const AuthPage = (props: AuthPageProps) => {
        small
        style={{ color: "#CCCCCC", fontSize: "1.4rem", textAlign: "left" }}
      >
-        Hello {user.name}, you are logged in to{" "}
-        <span style={{ color: "#A849CF" }}>{capitalize(service)}</span> as{" "}
-        <span style={{ color: "#32EFE7" }}>{user.username}</span>. This account
-        has the following emails associated with it:
+        Hello{user.name ? ` ${user.name}` : ""}! You are logged in to{" "}
+        <span style={{ color: "#A849CF" }}>{capitalize(service)}</span>
+        {user.username ? " as " : ""}
+        <span style={{ color: "#32EFE7" }}>
+          {user.username ? `${user.username}` : ""}
+        </span>
+        . This account has the following emails associated with it:
        <br />
        <br />
        <span style={{ color: "#32EFE7" }}>{userEmails().join(", ")}</span>
--- a/config/config.exs
+++ b/config/config.exs
@ -30,7 +30,9 @@ config :phoenix, :json_library, Jason

 config :ueberauth, Ueberauth,
  providers: [
-    github: {Ueberauth.Strategy.Github, [default_scope: "user:email", allow_private_emails: true]}
+    github:
+      {Ueberauth.Strategy.Github, [default_scope: "user:email", allow_private_emails: true]},
+    google: {Ueberauth.Strategy.Google, [default_scope: "email"]}
  ]

 config :waffle,
--- a/config/prod.secret.exs
+++ b/config/prod.secret.exs
@ -34,6 +34,10 @@ config :ueberauth, Ueberauth.Strategy.Github.OAuth,
  client_id: System.get_env("GH_OAUTH_ID"),
  client_secret: System.get_env("GH_OAUTH_SECRET")

+config :ueberauth, Ueberauth.Strategy.Google.OAuth,
+  client_id: System.get_env("GOOGLE_OAUTH_ID"),
+  client_secret: System.get_env("GOOGLE_OAUTH_SECRET")
+
 # ## Using releases (Elixir v1.9+)
 #
 # If you are doing OTP releases, you need to instruct Phoenix
--- a/lib/entendu/user_from_auth.ex
+++ b/lib/entendu/user_from_auth.ex
@ -66,11 +66,26 @@ defmodule Entendu.UserFromAuth do
    end
  end

-  def can_access?(recipient, %{emails: emails, username: username}),
+  def can_access?(recipient, %{emails: emails, username: username} = stuff),
    do: email_matches?(recipient, emails) || username_matches?(recipient, username)

  defp email_matches?(recipient, emails),
-    do: emails |> Enum.any?(&(&1["verified"] == true and &1["email"] == recipient))
+    do:
+      emails
+      |> Enum.filter(&only_verified_emails/1)
+      |> Enum.map(&retrieve_email/1)
+      |> Enum.any?(&(&1 == recipient))
+
+  # Github lists unverified emails and need to be filtered out
+  defp only_verified_emails(%{"verified" => is_verified}), do: is_verified
+
+  defp only_verified_emails(_), do: true
+
+  defp retrieve_email(%{"email" => email}), do: email
+
+  defp retrieve_email(email), do: email
+
+  defp username_matches?(_recipient, nil), do: false

  defp username_matches?(recipient, username), do: String.trim(username) === recipient
 end
--- a/lib/entendu_web/controllers/auth_controller.ex
+++ b/lib/entendu_web/controllers/auth_controller.ex
@ -27,8 +27,6 @@ defmodule EntenduWeb.AuthController do

    with %{id: link_id} <- link,
         {:ok, user} <- UserFromAuth.find_or_create(auth) do
-      # TODO: send over encrypted data that the frontend can decrypt
-
      conn
      |> put_session(:current_user, user)
      |> configure_session(renew: true)
--- a/lib/entendu_web/controllers/page_controller.ex
+++ b/lib/entendu_web/controllers/page_controller.ex
@ -7,6 +7,7 @@ defmodule EntenduWeb.PageController do

  def index(conn, _params) do
    conn
+    |> clear_session()
    |> render("index.html")
  end

--- a/mix.exs
+++ b/mix.exs
@ -50,6 +50,7 @@ defmodule Entendu.MixProject do
      {:libcluster, "~> 3.2"},
      {:ueberauth, "~> 0.7.0"},
      {:ueberauth_github, "~> 0.8.1"},
+      {:ueberauth_google, "~> 0.10.1"},
      {:react_phoenix, "~> 1.3"},
      {:params, "~> 2.2"},
      {:waffle, "~> 1.1"},
--- a/mix.lock
+++ b/mix.lock
@ -41,6 +41,7 @@
  "telemetry_poller": {:hex, :telemetry_poller, "0.5.1", "21071cc2e536810bac5628b935521ff3e28f0303e770951158c73eaaa01e962a", [:rebar3], [{:telemetry, "~> 0.4", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "4cab72069210bc6e7a080cec9afffad1b33370149ed5d379b81c7c5f0c663fd4"},
  "ueberauth": {:hex, :ueberauth, "0.7.0", "9c44f41798b5fa27f872561b6f7d2bb0f10f03fdd22b90f454232d7b087f4b75", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "2efad9022e949834f16cc52cd935165049d81fa9e925690f91035c2e4b58d905"},
  "ueberauth_github": {:hex, :ueberauth_github, "0.8.1", "0be487b5afc29bc805fa5e31636f37c8f09d5159ef73fc08c4c7a98c9cfe2c18", [:mix], [{:oauth2, "~> 1.0 or ~> 2.0", [hex: :oauth2, repo: "hexpm", optional: false]}, {:ueberauth, "~> 0.7.0", [hex: :ueberauth, repo: "hexpm", optional: false]}], "hexpm", "143d6130b945ea9bdbd0ef94987f40788f1d7e8090decbfc0722773155e7a74a"},
+  "ueberauth_google": {:hex, :ueberauth_google, "0.10.1", "db7bd2d99d2ff38e7449042a08d9560741b0dcaf1c31191729b97188b025465e", [:mix], [{:oauth2, "~> 1.0 or ~> 2.0", [hex: :oauth2, repo: "hexpm", optional: false]}, {:ueberauth, "~> 0.7.0", [hex: :ueberauth, repo: "hexpm", optional: false]}], "hexpm", "b799f547d279bb836e1f7039fc9fbb3a9d008a695e2a25bd06bffe591a168ba1"},
  "unicode_util_compat": {:hex, :unicode_util_compat, "0.7.0", "bc84380c9ab48177092f43ac89e4dfa2c6d62b40b8bd132b1059ecc7232f9a78", [:rebar3], [], "hexpm", "25eee6d67df61960cf6a794239566599b09e17e668d3700247bc498638152521"},
  "waffle": {:hex, :waffle, "1.1.5", "11b8b41c9dc46a21c8e1e619e1e9048d18d166b57b33d1fada8e11fcd4e678b3", [:mix], [{:ex_aws, "~> 2.1", [hex: :ex_aws, repo: "hexpm", optional: true]}, {:ex_aws_s3, "~> 2.1", [hex: :ex_aws_s3, repo: "hexpm", optional: true]}, {:hackney, "~> 1.9", [hex: :hackney, repo: "hexpm", optional: false]}, {:sweet_xml, "~> 0.6", [hex: :sweet_xml, repo: "hexpm", optional: true]}], "hexpm", "68e6f92b457b13c71e33cc23f7abb60446a01515dc6618b7d493d8cd466b1f39"},
  "waffle_ecto": {:hex, :waffle_ecto, "0.0.11", "3d9581b3dfc83964ad968ef6bbf31132b5e6959c542a74c49e2a2245a9521048", [:mix], [{:ecto, "~> 3.0", [hex: :ecto, repo: "hexpm", optional: false]}, {:waffle, "~> 1.0", [hex: :waffle, repo: "hexpm", optional: false]}], "hexpm", "626c2832ba94e20840532e609d3af70526d18ff9dfe1b352afb3fbabedb31a7e"},