ComputerSurge/shields
3
0
Fork 0
Code Pull Requests 1 Activity
Files
4690cd25b0c484b775f53ed66b143a88eb57afef
shields/services/github/github-constellation.js
chris48s d8831729cb Check request origin before sending credentials (#4729) 
Co-authored-by: Caleb Cartwright <calebcartwright@users.noreply.github.com>
Co-authored-by: Paul Melnikow <github@paulmelnikow.com>
Co-authored-by: chris48s <chris48s@users.noreply.github.com>

Co-authored-by: Caleb Cartwright <calebcartwright@users.noreply.github.com>
Co-authored-by: Paul Melnikow <github@paulmelnikow.com>
Co-authored-by: chris48s <chris48s@users.noreply.github.com>
2020-03-04 20:42:27 +00:00

134 lines
3.5 KiB
JavaScript
Raw Blame History

'use strict'
const path = require('path')
const { AuthHelper } = require('../../core/base-service/auth-helper')
const RedisTokenPersistence = require('../../core/token-pooling/redis-token-persistence')
const FsTokenPersistence = require('../../core/token-pooling/fs-token-persistence')
const serverSecrets = require('../../lib/server-secrets')
const log = require('../../core/server/log')
const GithubApiProvider = require('./github-api-provider')
const { setRoutes: setAdminRoutes } = require('./auth/admin')
const { setRoutes: setAcceptorRoutes } = require('./auth/acceptor')
// Convenience class with all the stuff related to the Github API and its
// authorization tokens, to simplify server initialization.
class GithubConstellation {
static _createOauthHelper(config) {
return new AuthHelper(
{
userKey: 'gh_client_id',
passKey: 'gh_client_secret',
authorizedOrigins: ['https://api.github.com'],
isRequired: true,
},
config
)
}
constructor(config) {
this._debugEnabled = config.service.debug.enabled
this._debugIntervalSeconds = config.service.debug.intervalSeconds
const { redis_url: redisUrl } = config.private
const { dir: persistenceDir } = config.persistence
if (redisUrl) {
log('RedisTokenPersistence configured with redisUrl')
this.persistence = new RedisTokenPersistence({
url: redisUrl,
key: 'githubUserTokens',
})
} else {
const userTokensPath = path.resolve(
persistenceDir,
'github-user-tokens.json'
)
log(`FsTokenPersistence configured with ${userTokensPath}`)
this.persistence = new FsTokenPersistence({ path: userTokensPath })
}
const globalToken = serverSecrets.gh_token
const baseUrl = process.env.GITHUB_URL || 'https://api.github.com'
this.apiProvider = new GithubApiProvider({
baseUrl,
globalToken,
withPooling: !globalToken,
onTokenInvalidated: tokenString => this.onTokenInvalidated(tokenString),
})
this.oauthHelper = this.constructor._createOauthHelper(config)
}
scheduleDebugLogging() {
if (this._debugEnabled) {
this.debugInterval = setInterval(() => {
log(this.apiProvider.getTokenDebugInfo())
}, 1000 * this._debugIntervalSeconds)
}
}
async initialize(server) {
if (!this.apiProvider.withPooling) {
return
}
this.scheduleDebugLogging()
let tokens = []
try {
tokens = await this.persistence.initialize()
} catch (e) {
log.error(e)
}
tokens.forEach(tokenString => {
this.apiProvider.addToken(tokenString)
})
setAdminRoutes(this.apiProvider, server)
if (this.oauthHelper.isConfigured) {
setAcceptorRoutes({
server,
authHelper: this.oauthHelper,
onTokenAccepted: tokenString => this.onTokenAdded(tokenString),
})
}
}
onTokenAdded(tokenString) {
this.apiProvider.addToken(tokenString)
process.nextTick(async () => {
try {
await this.persistence.noteTokenAdded(tokenString)
} catch (e) {
log.error(e)
}
})
}
onTokenInvalidated(tokenString) {
process.nextTick(async () => {
try {
await this.persistence.noteTokenRemoved(tokenString)
} catch (e) {
log.error(e)
}
})
}
async stop() {
if (this.debugInterval) {
clearInterval(this.debugInterval)
this.debugInterval = undefined
}
try {
await this.persistence.stop()
} catch (e) {
log.error(e)
}
}
}
module.exports = GithubConstellation
View Git Blame Copy Permalink