forked from Malpp/zapier
-
Notifications
You must be signed in to change notification settings - Fork 2
/
authentication.js
90 lines (79 loc) · 3.14 KB
/
authentication.js
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
'use strict';
const config = require('./config');
const OAUTH_URL = `https://${config.PLATFORM}/oauth`;
// Basic oauth2 used to get access/refresh tokens
let basicToken = Buffer.from(process.env.CLIENT_ID + ':' + process.env.CLIENT_SECRET).toString('base64');
const testAuth = (z, bundle) => {
let token = bundle.authData.access_token;
const promise = z.request({
method: 'POST',
url: `https://${config.PLATFORM}/oauth/check_token?token=${token}`,
});
// This method can return any truthy value to indicate the credentials are valid.
// Raise an error to show
return promise.then(response => {
if (response.status === 401) {
throw new z.errors.RefreshAuthError();
} else if (response.status >= 400) {
throw new Error('The access token you supplied is not valid');
}
return z.JSON.parse(response.content).authentication;
});
};
module.exports = {
type: 'oauth2',
connectionLabel: '{{email}}',
// oauth2Config data structure is how Zapier determines what to call when managing the oauth. The authorization url construction is
// called when needed in authorizeUrl, whenever a access/refresh token is needed it calls getAccessToken, and whenever a 401 error occurs
// it knows to call autoRefresh (which calls refreshAccessToken).
// See the following:
// https://zapier.com/developer/documentation/v2/oauth-v2/
// https://zapier.github.io/zapier-platform-cli/?utm_source=zapier.com&utm_medium=referral&utm_campaign=zapier#oauth2
oauth2Config: {
// Construct the authorization url that Coveo uses in order to grant access/refresh tokens.
// The individual's redirect_uri must be found before this.
authorizeUrl: {
method: 'GET',
url: `${OAUTH_URL}/authorize`,
params: {
client_id: process.env.CLIENT_ID,
redirect_uri: config.REDIRECT_URI,
response_type: 'code id_token',
scope: 'full',
},
},
// Get the access token from the authorization url and store it for later to use as the authorization header for any request made to Coveo.
getAccessToken: {
method: 'POST',
url: `${OAUTH_URL}/token`,
body: {
code: '{{bundle.inputData.code}}',
client_id: process.env.CLIENT_ID,
client_secret: process.env.CLIENT_SECRET,
redirect_uri: config.REDIRECT_URI,
grant_type: 'authorization_code',
},
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
Authorization: `Basic ${basicToken}`,
},
},
// Get the refresh token from the authorization url and store it for later to use if any authorization runs into a 401 error.
refreshAccessToken: {
method: 'POST',
url: `${OAUTH_URL}/token`,
body: {
refresh_token: '{{bundle.authData.refresh_token}}',
grant_type: 'refresh_token',
},
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
Authorization: `Basic ${basicToken}`,
},
},
// Set so Zapier automatically checks for 401s and calls refreshAccessToken
autoRefresh: true,
},
// The test call Zapier makes to ensure an access token is valid
test: testAuth,
};