mirror of
https://github.com/logto-io/logto.git
synced 2025-01-06 20:40:08 -05:00
feat(core,schemas): add application secret (#1715)
This commit is contained in:
parent
3af5b1b425
commit
543ee04f53
9 changed files with 24 additions and 4 deletions
|
@ -14,6 +14,7 @@ export * from './user';
|
||||||
|
|
||||||
export const mockApplication: Application = {
|
export const mockApplication: Application = {
|
||||||
id: 'foo',
|
id: 'foo',
|
||||||
|
secret: 'randomId',
|
||||||
name: 'foo',
|
name: 'foo',
|
||||||
type: ApplicationType.SPA,
|
type: ApplicationType.SPA,
|
||||||
description: null,
|
description: null,
|
||||||
|
|
|
@ -8,6 +8,8 @@ import { createPool, parseDsn, sql, stringifyDsn } from 'slonik';
|
||||||
import { createInterceptors } from 'slonik-interceptor-preset';
|
import { createInterceptors } from 'slonik-interceptor-preset';
|
||||||
import { raw } from 'slonik-sql-tag-raw';
|
import { raw } from 'slonik-sql-tag-raw';
|
||||||
|
|
||||||
|
import { buildApplicationSecret } from '@/utils/id';
|
||||||
|
|
||||||
import { convertToPrimitiveOrSql } from './utils';
|
import { convertToPrimitiveOrSql } from './utils';
|
||||||
|
|
||||||
const {
|
const {
|
||||||
|
@ -84,7 +86,7 @@ export const createDatabaseCli = (dsn: string) => {
|
||||||
pool.query(insertInto(managementResource, 'resources')),
|
pool.query(insertInto(managementResource, 'resources')),
|
||||||
pool.query(insertInto(createDefaultSetting(), 'settings')),
|
pool.query(insertInto(createDefaultSetting(), 'settings')),
|
||||||
pool.query(insertInto(defaultSignInExperience, 'sign_in_experiences')),
|
pool.query(insertInto(defaultSignInExperience, 'sign_in_experiences')),
|
||||||
pool.query(insertInto(createDemoAppApplication(), 'applications')),
|
pool.query(insertInto(createDemoAppApplication(buildApplicationSecret()), 'applications')),
|
||||||
pool.query(insertInto(defaultRole, 'roles')),
|
pool.query(insertInto(defaultRole, 'roles')),
|
||||||
]);
|
]);
|
||||||
console.log(`${chalk.blue('[seed-tables]')} Seed tables succeeded.`);
|
console.log(`${chalk.blue('[seed-tables]')} Seed tables succeeded.`);
|
||||||
|
|
|
@ -27,6 +27,11 @@ jest.mock('@/queries/oidc-model-instance', () => ({
|
||||||
revokeInstanceByGrantId: jest.fn(),
|
revokeInstanceByGrantId: jest.fn(),
|
||||||
}));
|
}));
|
||||||
|
|
||||||
|
jest.mock('@/utils/id', () => ({
|
||||||
|
// eslint-disable-next-line unicorn/consistent-function-scoping
|
||||||
|
buildIdGenerator: jest.fn(() => () => 'randomId'),
|
||||||
|
}));
|
||||||
|
|
||||||
const now = Date.now();
|
const now = Date.now();
|
||||||
|
|
||||||
jest.mock(
|
jest.mock(
|
||||||
|
@ -54,6 +59,7 @@ describe('postgres Adapter', () => {
|
||||||
const {
|
const {
|
||||||
id: client_id,
|
id: client_id,
|
||||||
name: client_name,
|
name: client_name,
|
||||||
|
secret: client_secret,
|
||||||
type,
|
type,
|
||||||
oidcClientMetadata,
|
oidcClientMetadata,
|
||||||
customClientMetadata,
|
customClientMetadata,
|
||||||
|
@ -62,6 +68,7 @@ describe('postgres Adapter', () => {
|
||||||
expect(application).toEqual({
|
expect(application).toEqual({
|
||||||
client_id,
|
client_id,
|
||||||
client_name,
|
client_name,
|
||||||
|
client_secret,
|
||||||
application_type: getApplicationTypeString(type),
|
application_type: getApplicationTypeString(type),
|
||||||
grant_types: ['authorization_code', 'refresh_token'],
|
grant_types: ['authorization_code', 'refresh_token'],
|
||||||
token_endpoint_auth_method: 'none',
|
token_endpoint_auth_method: 'none',
|
||||||
|
|
|
@ -57,16 +57,19 @@ export default function postgresAdapter(modelName: string): ReturnType<AdapterFa
|
||||||
const reject = async () => Promise.reject(new Error('Not implemented'));
|
const reject = async () => Promise.reject(new Error('Not implemented'));
|
||||||
const transpileClient = ({
|
const transpileClient = ({
|
||||||
id: client_id,
|
id: client_id,
|
||||||
|
secret: client_secret,
|
||||||
name: client_name,
|
name: client_name,
|
||||||
type,
|
type,
|
||||||
oidcClientMetadata,
|
oidcClientMetadata,
|
||||||
customClientMetadata,
|
customClientMetadata,
|
||||||
}: CreateApplication): AllClientMetadata => ({
|
}: CreateApplication): AllClientMetadata => ({
|
||||||
client_id,
|
client_id,
|
||||||
|
client_secret,
|
||||||
client_name,
|
client_name,
|
||||||
application_type: getApplicationTypeString(type),
|
application_type: getApplicationTypeString(type),
|
||||||
grant_types: Object.values(GrantType),
|
grant_types: Object.values(GrantType),
|
||||||
token_endpoint_auth_method: 'none',
|
token_endpoint_auth_method:
|
||||||
|
type === ApplicationType.Traditional ? 'client_secret_basic' : 'none',
|
||||||
...snakecaseKeys(oidcClientMetadata),
|
...snakecaseKeys(oidcClientMetadata),
|
||||||
...(client_id === demoAppApplicationId &&
|
...(client_id === demoAppApplicationId &&
|
||||||
snakecaseKeys(buildDemoAppUris(oidcClientMetadata))),
|
snakecaseKeys(buildDemoAppUris(oidcClientMetadata))),
|
||||||
|
|
|
@ -32,6 +32,7 @@ jest.mock('@/queries/application', () => ({
|
||||||
jest.mock('@/utils/id', () => ({
|
jest.mock('@/utils/id', () => ({
|
||||||
// eslint-disable-next-line unicorn/consistent-function-scoping
|
// eslint-disable-next-line unicorn/consistent-function-scoping
|
||||||
buildIdGenerator: jest.fn(() => () => 'randomId'),
|
buildIdGenerator: jest.fn(() => () => 'randomId'),
|
||||||
|
buildApplicationSecret: jest.fn(() => 'randomId'),
|
||||||
}));
|
}));
|
||||||
|
|
||||||
const customClientMetadata = {
|
const customClientMetadata = {
|
||||||
|
@ -62,6 +63,7 @@ describe('application route', () => {
|
||||||
expect(response.body).toEqual({
|
expect(response.body).toEqual({
|
||||||
...mockApplication,
|
...mockApplication,
|
||||||
id: 'randomId',
|
id: 'randomId',
|
||||||
|
secret: 'randomId',
|
||||||
name,
|
name,
|
||||||
description,
|
description,
|
||||||
type,
|
type,
|
||||||
|
|
|
@ -12,7 +12,7 @@ import {
|
||||||
updateApplicationById,
|
updateApplicationById,
|
||||||
findTotalNumberOfApplications,
|
findTotalNumberOfApplications,
|
||||||
} from '@/queries/application';
|
} from '@/queries/application';
|
||||||
import { buildIdGenerator } from '@/utils/id';
|
import { buildApplicationSecret, buildIdGenerator } from '@/utils/id';
|
||||||
|
|
||||||
import { AuthedRouter } from './types';
|
import { AuthedRouter } from './types';
|
||||||
|
|
||||||
|
@ -47,6 +47,7 @@ export default function applicationRoutes<T extends AuthedRouter>(router: T) {
|
||||||
|
|
||||||
ctx.body = await insertApplication({
|
ctx.body = await insertApplication({
|
||||||
id: applicationId(),
|
id: applicationId(),
|
||||||
|
secret: buildApplicationSecret(),
|
||||||
oidcClientMetadata: buildOidcClientMetadata(oidcClientMetadata),
|
oidcClientMetadata: buildOidcClientMetadata(oidcClientMetadata),
|
||||||
...rest,
|
...rest,
|
||||||
});
|
});
|
||||||
|
|
|
@ -3,3 +3,5 @@ import { customAlphabet } from 'nanoid';
|
||||||
export const alphabet = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
|
export const alphabet = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
|
||||||
|
|
||||||
export const buildIdGenerator = (size: number) => customAlphabet(alphabet, size);
|
export const buildIdGenerator = (size: number) => customAlphabet(alphabet, size);
|
||||||
|
|
||||||
|
export const buildApplicationSecret = buildIdGenerator(64);
|
||||||
|
|
|
@ -9,8 +9,9 @@ export const adminConsoleApplicationId = 'admin-console';
|
||||||
|
|
||||||
export const demoAppApplicationId = 'demo-app';
|
export const demoAppApplicationId = 'demo-app';
|
||||||
|
|
||||||
export const createDemoAppApplication = (): Readonly<CreateApplication> => ({
|
export const createDemoAppApplication = (secret: string): Readonly<CreateApplication> => ({
|
||||||
id: demoAppApplicationId,
|
id: demoAppApplicationId,
|
||||||
|
secret,
|
||||||
name: 'Demo App',
|
name: 'Demo App',
|
||||||
description: 'Logto demo app.',
|
description: 'Logto demo app.',
|
||||||
type: ApplicationType.SPA,
|
type: ApplicationType.SPA,
|
||||||
|
|
|
@ -3,6 +3,7 @@ create type application_type as enum ('Native', 'SPA', 'Traditional');
|
||||||
create table applications (
|
create table applications (
|
||||||
id varchar(21) not null,
|
id varchar(21) not null,
|
||||||
name varchar(256) not null,
|
name varchar(256) not null,
|
||||||
|
secret varchar(64) not null,
|
||||||
description text,
|
description text,
|
||||||
type application_type not null,
|
type application_type not null,
|
||||||
oidc_client_metadata jsonb /* @use OidcClientMetadata */ not null,
|
oidc_client_metadata jsonb /* @use OidcClientMetadata */ not null,
|
||||||
|
|
Loading…
Reference in a new issue