peertube-plugin-livechat/conversejs/lib/auth.ts

// SPDX-FileCopyrightText: 2024 John Livingston <https://www.john-livingston.fr/>
//
// SPDX-License-Identifier: AGPL-3.0-only

import type { ProsodyAuthentInfos } from 'shared/lib/types'

interface AuthHeader { [key: string]: string }

async function getLocalAuthentInfos (
  authenticationUrl: string,
  tryExternalAuth: boolean,
  peertubeAuthHeader?: AuthHeader | null
): Promise<false | ProsodyAuthentInfos> {
  try {
    if (authenticationUrl === '') {
      console.error('Missing authenticationUrl')
      return false
    }
    if (!window.fetch) {
      console.error('Your browser has not the fetch api, we cant log you in')
      return false
    }

    if (peertubeAuthHeader === undefined) { // parameter not given.
      // We must be in a page without PeertubeHelpers, so we must get authent token manualy.
      if (!window.localStorage) {
        // FIXME: is the Peertube token always in localStorage?
        console.error('Your browser has no localStorage, we cant log you in')
        return false
      }
      const tokenType = window.localStorage.getItem('token_type') ?? ''
      const accessToken = window.localStorage.getItem('access_token') ?? ''
      const refreshToken = window.localStorage.getItem('refresh_token') ?? ''
      if (tokenType === '' && accessToken === '' && refreshToken === '') {
        console.info('User seems not to be logged in.')
        // We must continue, for External Auth workflow.
        peertubeAuthHeader = null
      } else {
        peertubeAuthHeader = {
          Authorization: tokenType + ' ' + accessToken
        }
      }
    }

    let externalAuthHeaders: any
    // When user has used the External Authentication mechanism to create an account, we got a token in sessionStorage.
    if (tryExternalAuth && !peertubeAuthHeader && window.sessionStorage) {
      const token = window.sessionStorage.getItem('peertube-plugin-livechat-external-auth-oidc-token')
      if (token && (typeof token === 'string')) {
        externalAuthHeaders = { 'X-Peertube-Plugin-Livechat-External-Auth-OIDC-Token': token }
      }
    }

    if (peertubeAuthHeader === null && externalAuthHeaders === undefined) {
      console.info('User is not logged in.')
      return false
    }

    const response = await window.fetch(authenticationUrl, {
      method: 'GET',
      headers: new Headers(
        Object.assign(
          {},
          peertubeAuthHeader ?? {},
          externalAuthHeaders ?? {},
          {
            'content-type': 'application/json;charset=UTF-8'
          }
        )
      )
    })

    if (!response.ok) {
      console.error('Failed fetching user informations')
      return false
    }
    const data = await response.json()
    if ((typeof data) !== 'object') {
      console.error('Failed reading user informations')
      return false
    }

    if (!data.jid || !data.password) {
      console.error('User informations does not contain required fields')
      return false
    }
    return {
      jid: data.jid,
      password: data.password,
      nickname: data.nickname,
      type: data.type ?? 'peertube'
    }
  } catch (error) {
    console.error(error)
    return false
  }
}

/**
 * Reads the livechat-token if relevant.
 * This token can be passed to the page by adding the following hash to the window.location:
 * `?j=the_xmpp_id&p=XXXXXXX&n=MyNickname`
 */
function getLivechatTokenAuthInfos (): ProsodyAuthentInfos | undefined {
  try {
    const hash = window.location.hash
    if (!hash || !hash.startsWith('#?')) { return undefined }
    // We try to read the hash as a queryString.
    const u = new URL('http://localhost' + hash.substring(1))
    const jid = u.searchParams.get('j')
    const password = u.searchParams.get('p')
    if (!jid || !password) { return undefined }

    const nickname = u.searchParams.get('n') ?? undefined

    return {
      type: 'livechat-token',
      jid,
      password,
      nickname
    }
  } catch (error) {
    console.error(error)
    return undefined
  }
}

export {
  ProsodyAuthentInfos,
  getLocalAuthentInfos,
  getLivechatTokenAuthInfos
}
Adding SPDX headers (WIP) 2024-05-23 09:42:14 +00:00			`// SPDX-FileCopyrightText: 2024 John Livingston <https://www.john-livingston.fr/>`
			`//`
			`// SPDX-License-Identifier: AGPL-3.0-only`

Authentication token generation WIP (#98) You can now generate links to join chatrooms with your current user. This can be used to create Docks in OBS for example. This could also be used to generate authentication token to join the chat from 3rd party tools. 2024-06-16 17:48:02 +00:00			`import type { ProsodyAuthentInfos } from 'shared/lib/types'`
New chat integration: * refactoring * cleaning * using peertubeHelpers to get authent info when available 2024-03-26 14:38:22 +00:00
			`interface AuthHeader { [key: string]: string }`

			`async function getLocalAuthentInfos (`
			`authenticationUrl: string,`
Refactoring: better naming, to prepare other external authent. 2024-04-19 07:53:23 +00:00			`tryExternalAuth: boolean,`
New chat integration: * refactoring * cleaning * using peertubeHelpers to get authent info when available 2024-03-26 14:38:22 +00:00			`peertubeAuthHeader?: AuthHeader \| null`
Authentication token generation WIP (#98) You can now generate links to join chatrooms with your current user. This can be used to create Docks in OBS for example. This could also be used to generate authentication token to join the chat from 3rd party tools. 2024-06-16 17:48:02 +00:00			`): Promise<false \| ProsodyAuthentInfos> {`
Chat Federation: using S2S if available. * if both local and remote instance have external XMPP connections enabled, the user joins the remote room with his local account * some code refactoring (builtin.ts) Note: documentation and settings descriptions are to do. Related to #112 2023-05-04 17:14:23 +00:00			`try {`
			`if (authenticationUrl === '') {`
			`console.error('Missing authenticationUrl')`
			`return false`
			`}`
			`if (!window.fetch) {`
			`console.error('Your browser has not the fetch api, we cant log you in')`
			`return false`
			`}`
New chat integration: * refactoring * cleaning * using peertubeHelpers to get authent info when available 2024-03-26 14:38:22 +00:00
			`if (peertubeAuthHeader === undefined) { // parameter not given.`
			`// We must be in a page without PeertubeHelpers, so we must get authent token manualy.`
			`if (!window.localStorage) {`
			`// FIXME: is the Peertube token always in localStorage?`
			`console.error('Your browser has no localStorage, we cant log you in')`
			`return false`
			`}`
			`const tokenType = window.localStorage.getItem('token_type') ?? ''`
			`const accessToken = window.localStorage.getItem('access_token') ?? ''`
			`const refreshToken = window.localStorage.getItem('refresh_token') ?? ''`
			`if (tokenType === '' && accessToken === '' && refreshToken === '') {`
			`console.info('User seems not to be logged in.')`
Refactoring: better naming, to prepare other external authent. 2024-04-19 07:53:23 +00:00			`// We must continue, for External Auth workflow.`
Fix. 2024-04-18 09:06:04 +00:00			`peertubeAuthHeader = null`
			`} else {`
			`peertubeAuthHeader = {`
			`Authorization: tokenType + ' ' + accessToken`
			`}`
New chat integration: * refactoring * cleaning * using peertubeHelpers to get authent info when available 2024-03-26 14:38:22 +00:00			`}`
Chat Federation: using S2S if available. * if both local and remote instance have external XMPP connections enabled, the user joins the remote room with his local account * some code refactoring (builtin.ts) Note: documentation and settings descriptions are to do. Related to #112 2023-05-04 17:14:23 +00:00			`}`

Refactoring: better naming, to prepare other external authent. 2024-04-19 07:53:23 +00:00			`let externalAuthHeaders: any`
			`// When user has used the External Authentication mechanism to create an account, we got a token in sessionStorage.`
			`if (tryExternalAuth && !peertubeAuthHeader && window.sessionStorage) {`
			`const token = window.sessionStorage.getItem('peertube-plugin-livechat-external-auth-oidc-token')`
Possibility to configure an OpenID Connect provider on the instance level WIP (#128). 2024-04-17 16:30:39 +00:00			`if (token && (typeof token === 'string')) {`
Refactoring: better naming, to prepare other external authent. 2024-04-19 07:53:23 +00:00			`externalAuthHeaders = { 'X-Peertube-Plugin-Livechat-External-Auth-OIDC-Token': token }`
Possibility to configure an OpenID Connect provider on the instance level WIP (#128). 2024-04-17 16:30:39 +00:00			`}`
			`}`

Refactoring: better naming, to prepare other external authent. 2024-04-19 07:53:23 +00:00			`if (peertubeAuthHeader === null && externalAuthHeaders === undefined) {`
Possibility to configure an OpenID Connect provider on the instance level WIP (#128). 2024-04-17 16:30:39 +00:00			`console.info('User is not logged in.')`
			`return false`
			`}`

Chat Federation: using S2S if available. * if both local and remote instance have external XMPP connections enabled, the user joins the remote room with his local account * some code refactoring (builtin.ts) Note: documentation and settings descriptions are to do. Related to #112 2023-05-04 17:14:23 +00:00			`const response = await window.fetch(authenticationUrl, {`
			`method: 'GET',`
New chat integration: * refactoring * cleaning * using peertubeHelpers to get authent info when available 2024-03-26 14:38:22 +00:00			`headers: new Headers(`
			`Object.assign(`
			`{},`
Possibility to configure an OpenID Connect provider on the instance level WIP (#128). 2024-04-17 16:30:39 +00:00			`peertubeAuthHeader ?? {},`
Refactoring: better naming, to prepare other external authent. 2024-04-19 07:53:23 +00:00			`externalAuthHeaders ?? {},`
New chat integration: * refactoring * cleaning * using peertubeHelpers to get authent info when available 2024-03-26 14:38:22 +00:00			`{`
			`'content-type': 'application/json;charset=UTF-8'`
			`}`
			`)`
			`)`
Chat Federation: using S2S if available. * if both local and remote instance have external XMPP connections enabled, the user joins the remote room with his local account * some code refactoring (builtin.ts) Note: documentation and settings descriptions are to do. Related to #112 2023-05-04 17:14:23 +00:00			`})`

			`if (!response.ok) {`
			`console.error('Failed fetching user informations')`
			`return false`
			`}`
			`const data = await response.json()`
			`if ((typeof data) !== 'object') {`
			`console.error('Failed reading user informations')`
			`return false`
			`}`

			`if (!data.jid \|\| !data.password) {`
			`console.error('User informations does not contain required fields')`
			`return false`
			`}`
			`return {`
			`jid: data.jid,`
			`password: data.password,`
Possibility to configure an OpenID Connect provider on the instance level WIP (#128). Sign out button for external accounts. 2024-04-18 14:24:09 +00:00			`nickname: data.nickname,`
			`type: data.type ?? 'peertube'`
Chat Federation: using S2S if available. * if both local and remote instance have external XMPP connections enabled, the user joins the remote room with his local account * some code refactoring (builtin.ts) Note: documentation and settings descriptions are to do. Related to #112 2023-05-04 17:14:23 +00:00			`}`
			`} catch (error) {`
			`console.error(error)`
			`return false`
			`}`
			`}`

Authentication token generation WIP (#98) You can now generate links to join chatrooms with your current user. This can be used to create Docks in OBS for example. This could also be used to generate authentication token to join the chat from 3rd party tools. 2024-06-16 17:48:02 +00:00			`/**`
			`* Reads the livechat-token if relevant.`
			`* This token can be passed to the page by adding the following hash to the window.location:`
			* `?j=the_xmpp_id&p=XXXXXXX&n=MyNickname`
			`*/`
			`function getLivechatTokenAuthInfos (): ProsodyAuthentInfos \| undefined {`
			`try {`
			`const hash = window.location.hash`
			`if (!hash \|\| !hash.startsWith('#?')) { return undefined }`
			`// We try to read the hash as a queryString.`
			`const u = new URL('http://localhost' + hash.substring(1))`
			`const jid = u.searchParams.get('j')`
			`const password = u.searchParams.get('p')`
			`if (!jid \|\| !password) { return undefined }`

			`const nickname = u.searchParams.get('n') ?? undefined`

			`return {`
			`type: 'livechat-token',`
			`jid,`
			`password,`
			`nickname`
			`}`
			`} catch (error) {`
			`console.error(error)`
			`return undefined`
			`}`
			`}`

Chat Federation: using S2S if available. * if both local and remote instance have external XMPP connections enabled, the user joins the remote room with his local account * some code refactoring (builtin.ts) Note: documentation and settings descriptions are to do. Related to #112 2023-05-04 17:14:23 +00:00			`export {`
Authentication token generation WIP (#98) You can now generate links to join chatrooms with your current user. This can be used to create Docks in OBS for example. This could also be used to generate authentication token to join the chat from 3rd party tools. 2024-06-16 17:48:02 +00:00			`ProsodyAuthentInfos,`
			`getLocalAuthentInfos,`
			`getLivechatTokenAuthInfos`
Chat Federation: using S2S if available. * if both local and remote instance have external XMPP connections enabled, the user joins the remote room with his local account * some code refactoring (builtin.ts) Note: documentation and settings descriptions are to do. Related to #112 2023-05-04 17:14:23 +00:00			`}`