50ea7068a8
* delete loads of really important stuff that we definitely need
* v basic MVP smoosh docusaurus PoC into repo
* TODO
* delete more really important stuff
* TODO
* tidyup: use run-s
* don't redirect images used in frontend to raster proxy
* fix routing
* preserve the /endpoint link
* delete the blog (for now)
I would quite like to re-add this at some point
but its not really the top priority thing right now
* content edits
* appease the lint gods
* update danger rules
* remove placeholder
* cypress tests
* dockerhub --> ghcr
* Revert "dockerhub --> ghcr"
This reverts commit ef74cbb26b.
* downgrade lockfile format
* implement defs/BASE_URL
* fix e2e build
* actually fix cypress tests
* always run cypress tests on build
* this never worked
* add command for docusaurus:clear
* delete more code we don't need any more
* update ESLint/prettier config
* delete unsused exports
* documentation updates
* delete a fairly large chunk of our dependency tree
* allow base_url as build arg to Dockerfile
* fixup dockerfile
* work out base url at runtime if not set
doing this at image build time is not the right approach
* remove gatsby monorepo from closebot
* rename HomepageFeatures to homepage-features
84 lines
2.7 KiB
JavaScript
84 lines
2.7 KiB
JavaScript
import queryString from 'query-string'
|
|
import { fetch } from '../../../core/base-service/got.js'
|
|
import log from '../../../core/server/log.js'
|
|
|
|
function setRoutes({ server, authHelper, onTokenAccepted }) {
|
|
const baseUrl = 'https://img.shields.io'
|
|
|
|
server.route(/^\/github-auth$/, (data, match, end, ask) => {
|
|
ask.res.statusCode = 302 // Found.
|
|
const query = queryString.stringify({
|
|
// TODO The `_user` property bypasses security checks in AuthHelper.
|
|
// (e.g: enforceStrictSsl and shouldAuthenticateRequest).
|
|
// Do not use it elsewhere. It would be better to clean this up so
|
|
// it's not setting a bad example.
|
|
client_id: authHelper._user,
|
|
redirect_uri: `${baseUrl}/github-auth/done`,
|
|
})
|
|
ask.res.setHeader(
|
|
'Location',
|
|
`https://github.com/login/oauth/authorize?${query}`
|
|
)
|
|
end('')
|
|
})
|
|
|
|
server.route(/^\/github-auth\/done$/, async (data, match, end, ask) => {
|
|
if (!data.code) {
|
|
log.log(`GitHub OAuth data: ${JSON.stringify(data)}`)
|
|
return end('GitHub OAuth authentication failed to provide a code.')
|
|
}
|
|
|
|
const options = {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-type': 'application/x-www-form-urlencoded;charset=UTF-8',
|
|
},
|
|
form: {
|
|
// TODO The `_user` and `_pass` properties bypass security checks in
|
|
// AuthHelper (e.g: enforceStrictSsl and shouldAuthenticateRequest).
|
|
// Do not use them elsewhere. It would be better to clean
|
|
// this up so it's not setting a bad example.
|
|
client_id: authHelper._user,
|
|
client_secret: authHelper._pass,
|
|
code: data.code,
|
|
},
|
|
}
|
|
|
|
let resp
|
|
try {
|
|
resp = await fetch('https://github.com/login/oauth/access_token', options)
|
|
} catch (e) {
|
|
return end('The connection to GitHub failed.')
|
|
}
|
|
|
|
let content
|
|
try {
|
|
content = queryString.parse(resp.buffer)
|
|
} catch (e) {
|
|
return end('The GitHub OAuth token could not be parsed.')
|
|
}
|
|
|
|
const { access_token: token } = content
|
|
if (!token) {
|
|
return end('The GitHub OAuth process did not return a user token.')
|
|
}
|
|
|
|
ask.res.setHeader('Content-Type', 'text/html')
|
|
end(
|
|
'<p>Shields.io has received your app-specific GitHub user token. ' +
|
|
'You can revoke it by going to ' +
|
|
'<a href="https://github.com/settings/applications">GitHub</a>.</p>' +
|
|
'<p>Until you do, you have now increased the rate limit for GitHub ' +
|
|
'requests going through Shields.io. GitHub-related badges are ' +
|
|
'therefore more robust.</p>' +
|
|
'<p>Thanks for contributing to a smoother experience for ' +
|
|
'everyone!</p>' +
|
|
'<p><a href="/">Back to the website</a></p>'
|
|
)
|
|
|
|
onTokenAccepted(token)
|
|
})
|
|
}
|
|
|
|
export { setRoutes }
|