fix: typing/dependecy/validation fixes, installed ts-reset & zod, fixed responses never being sent on invalid query params
This commit is contained in:
Benjamin Singleton
Sheldon Cooper
parent
ece6deface
commit
cc4bef8ec4
4 changed files with 211 additions and 203 deletions
|
|
@ -1,62 +1,114 @@
|
|||
|
||||
import { promises as fs } from "fs";
|
||||
import fetch from 'node-fetch';
|
||||
import * as path from "path";
|
||||
import { authenticate } from "@google-cloud/local-auth";
|
||||
import { google } from "googleapis";
|
||||
import { OAuth2Client } from 'google-auth-library';
|
||||
|
||||
import { JWTInput, OAuth2Client } from "google-auth-library";
|
||||
import {
|
||||
GoogleAuth,
|
||||
JSONClient,
|
||||
} from "google-auth-library/build/src/auth/googleauth.js";
|
||||
import z from "zod";
|
||||
|
||||
//setup google auth
|
||||
const SCOPES = ["https://www.googleapis.com/auth/spreadsheets.readonly"];
|
||||
const TOKEN_PATH = path.join(process.cwd(), "res/token.secret.json");
|
||||
const CREDENTIALS_PATH = path.join(process.cwd(), "res/credentials.secret.json");
|
||||
|
||||
const CREDENTIALS_PATH = path.join(
|
||||
process.cwd(),
|
||||
"res/credentials.secret.json",
|
||||
);
|
||||
|
||||
/**
|
||||
* Load or request or authorization to call APIs.
|
||||
*/
|
||||
*/
|
||||
export async function authorize(): Promise<
|
||||
GoogleAuth<JSONClient> | OAuth2Client
|
||||
> {
|
||||
const savedClient = await loadSavedCredentialsIfExist();
|
||||
if (savedClient) {
|
||||
return savedClient;
|
||||
}
|
||||
|
||||
export async function authorize() {
|
||||
let client: any = await loadSavedCredentialsIfExist();
|
||||
if (client) {
|
||||
return client;
|
||||
}
|
||||
client = await authenticate({
|
||||
scopes: SCOPES,
|
||||
keyfilePath: CREDENTIALS_PATH,
|
||||
});
|
||||
if (client.credentials) {
|
||||
await saveCredentials(client);
|
||||
}
|
||||
return client;
|
||||
const oauthClient = await authenticate({
|
||||
scopes: SCOPES,
|
||||
keyfilePath: CREDENTIALS_PATH,
|
||||
});
|
||||
|
||||
if (oauthClient.credentials) {
|
||||
await saveCredentials(oauthClient);
|
||||
}
|
||||
|
||||
return oauthClient;
|
||||
}
|
||||
|
||||
async function loadSavedCredentialsIfExist() {
|
||||
try {
|
||||
const content = await fs.readFile(TOKEN_PATH);
|
||||
const credentials = JSON.parse(content.toString());
|
||||
return google.auth.fromJSON(credentials);
|
||||
} catch (err) {
|
||||
return null;
|
||||
}
|
||||
const jwtInputZod = z.object({
|
||||
type: z.string(),
|
||||
client_id: z.string(),
|
||||
client_secret: z.string(),
|
||||
refresh_token: z.string(),
|
||||
}) satisfies z.ZodType<JWTInput>;
|
||||
|
||||
async function loadSavedCredentialsIfExist(): Promise<GoogleAuth<JSONClient> | null> {
|
||||
try {
|
||||
const content = await fs.readFile(TOKEN_PATH);
|
||||
const jwtInputRaw = JSON.parse(content.toString());
|
||||
|
||||
const jwtInputRes = jwtInputZod.safeParse(jwtInputRaw);
|
||||
if (!jwtInputRes.success) {
|
||||
throw new Error("Malformed JWT/token credentials");
|
||||
}
|
||||
|
||||
const jwtInput = jwtInputRes.data;
|
||||
const jsonClient = google.auth.fromJSON(jwtInput);
|
||||
const auth = new GoogleAuth({ authClient: jsonClient });
|
||||
return auth;
|
||||
} catch (err) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
const credentialsZod = z.object({
|
||||
installed: z.object({
|
||||
client_id: z.string(),
|
||||
project_id: z.string(),
|
||||
auth_uri: z.string(),
|
||||
token_uri: z.string(),
|
||||
auth_provider_x509_cert_url: z.string(),
|
||||
client_secret: z.string(),
|
||||
redirect_uris: z.array(z.string()),
|
||||
}),
|
||||
web: z.optional(
|
||||
z.object({
|
||||
client_id: z.string(),
|
||||
project_id: z.string(),
|
||||
auth_uri: z.string(),
|
||||
token_uri: z.string(),
|
||||
auth_provider_x509_cert_url: z.string(),
|
||||
client_secret: z.string(),
|
||||
redirect_uris: z.array(z.string()),
|
||||
}),
|
||||
),
|
||||
});
|
||||
|
||||
/**
|
||||
* Serializes credentials to a file compatible with GoogleAuth.fromJSON.
|
||||
*
|
||||
* @param {OAuth2Client} client
|
||||
* @return {Promise<void>}
|
||||
*/
|
||||
async function saveCredentials(client: OAuth2Client) {
|
||||
const content = await fs.readFile(CREDENTIALS_PATH);
|
||||
const keys = JSON.parse(content.toString());
|
||||
const key = keys.installed || keys.web;
|
||||
const payload = JSON.stringify({
|
||||
type: "authorized_user",
|
||||
client_id: key.client_id,
|
||||
client_secret: key.client_secret,
|
||||
refresh_token: client.credentials.refresh_token,
|
||||
});
|
||||
await fs.writeFile(TOKEN_PATH, payload);
|
||||
}
|
||||
async function saveCredentials(client: OAuth2Client): Promise<void> {
|
||||
const content = await fs.readFile(CREDENTIALS_PATH);
|
||||
const keysRaw = JSON.parse(content.toString());
|
||||
|
||||
const keysRes = credentialsZod.safeParse(keysRaw);
|
||||
if (!keysRes.success) {
|
||||
throw new Error("Malformed credentials/keys");
|
||||
}
|
||||
|
||||
const keys = keysRes.data;
|
||||
const key = keys.installed ?? keys.web;
|
||||
const payload = JSON.stringify({
|
||||
type: "authorized_user",
|
||||
client_id: key.client_id,
|
||||
client_secret: key.client_secret,
|
||||
refresh_token: client.credentials.refresh_token,
|
||||
});
|
||||
|
||||
await fs.writeFile(TOKEN_PATH, payload);
|
||||
}
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue