0
Fork 0
mirror of https://github.com/logto-io/logto.git synced 2025-01-06 20:40:08 -05:00

feat(core,schemas): add application secret (#1715)

This commit is contained in:
Wang Sijie 2022-08-02 16:18:50 +08:00 committed by GitHub
parent 3af5b1b425
commit 543ee04f53
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
9 changed files with 24 additions and 4 deletions

View file

@ -14,6 +14,7 @@ export * from './user';
export const mockApplication: Application = { export const mockApplication: Application = {
id: 'foo', id: 'foo',
secret: 'randomId',
name: 'foo', name: 'foo',
type: ApplicationType.SPA, type: ApplicationType.SPA,
description: null, description: null,

View file

@ -8,6 +8,8 @@ import { createPool, parseDsn, sql, stringifyDsn } from 'slonik';
import { createInterceptors } from 'slonik-interceptor-preset'; import { createInterceptors } from 'slonik-interceptor-preset';
import { raw } from 'slonik-sql-tag-raw'; import { raw } from 'slonik-sql-tag-raw';
import { buildApplicationSecret } from '@/utils/id';
import { convertToPrimitiveOrSql } from './utils'; import { convertToPrimitiveOrSql } from './utils';
const { const {
@ -84,7 +86,7 @@ export const createDatabaseCli = (dsn: string) => {
pool.query(insertInto(managementResource, 'resources')), pool.query(insertInto(managementResource, 'resources')),
pool.query(insertInto(createDefaultSetting(), 'settings')), pool.query(insertInto(createDefaultSetting(), 'settings')),
pool.query(insertInto(defaultSignInExperience, 'sign_in_experiences')), pool.query(insertInto(defaultSignInExperience, 'sign_in_experiences')),
pool.query(insertInto(createDemoAppApplication(), 'applications')), pool.query(insertInto(createDemoAppApplication(buildApplicationSecret()), 'applications')),
pool.query(insertInto(defaultRole, 'roles')), pool.query(insertInto(defaultRole, 'roles')),
]); ]);
console.log(`${chalk.blue('[seed-tables]')} Seed tables succeeded.`); console.log(`${chalk.blue('[seed-tables]')} Seed tables succeeded.`);

View file

@ -27,6 +27,11 @@ jest.mock('@/queries/oidc-model-instance', () => ({
revokeInstanceByGrantId: jest.fn(), revokeInstanceByGrantId: jest.fn(),
})); }));
jest.mock('@/utils/id', () => ({
// eslint-disable-next-line unicorn/consistent-function-scoping
buildIdGenerator: jest.fn(() => () => 'randomId'),
}));
const now = Date.now(); const now = Date.now();
jest.mock( jest.mock(
@ -54,6 +59,7 @@ describe('postgres Adapter', () => {
const { const {
id: client_id, id: client_id,
name: client_name, name: client_name,
secret: client_secret,
type, type,
oidcClientMetadata, oidcClientMetadata,
customClientMetadata, customClientMetadata,
@ -62,6 +68,7 @@ describe('postgres Adapter', () => {
expect(application).toEqual({ expect(application).toEqual({
client_id, client_id,
client_name, client_name,
client_secret,
application_type: getApplicationTypeString(type), application_type: getApplicationTypeString(type),
grant_types: ['authorization_code', 'refresh_token'], grant_types: ['authorization_code', 'refresh_token'],
token_endpoint_auth_method: 'none', token_endpoint_auth_method: 'none',

View file

@ -57,16 +57,19 @@ export default function postgresAdapter(modelName: string): ReturnType<AdapterFa
const reject = async () => Promise.reject(new Error('Not implemented')); const reject = async () => Promise.reject(new Error('Not implemented'));
const transpileClient = ({ const transpileClient = ({
id: client_id, id: client_id,
secret: client_secret,
name: client_name, name: client_name,
type, type,
oidcClientMetadata, oidcClientMetadata,
customClientMetadata, customClientMetadata,
}: CreateApplication): AllClientMetadata => ({ }: CreateApplication): AllClientMetadata => ({
client_id, client_id,
client_secret,
client_name, client_name,
application_type: getApplicationTypeString(type), application_type: getApplicationTypeString(type),
grant_types: Object.values(GrantType), grant_types: Object.values(GrantType),
token_endpoint_auth_method: 'none', token_endpoint_auth_method:
type === ApplicationType.Traditional ? 'client_secret_basic' : 'none',
...snakecaseKeys(oidcClientMetadata), ...snakecaseKeys(oidcClientMetadata),
...(client_id === demoAppApplicationId && ...(client_id === demoAppApplicationId &&
snakecaseKeys(buildDemoAppUris(oidcClientMetadata))), snakecaseKeys(buildDemoAppUris(oidcClientMetadata))),

View file

@ -32,6 +32,7 @@ jest.mock('@/queries/application', () => ({
jest.mock('@/utils/id', () => ({ jest.mock('@/utils/id', () => ({
// eslint-disable-next-line unicorn/consistent-function-scoping // eslint-disable-next-line unicorn/consistent-function-scoping
buildIdGenerator: jest.fn(() => () => 'randomId'), buildIdGenerator: jest.fn(() => () => 'randomId'),
buildApplicationSecret: jest.fn(() => 'randomId'),
})); }));
const customClientMetadata = { const customClientMetadata = {
@ -62,6 +63,7 @@ describe('application route', () => {
expect(response.body).toEqual({ expect(response.body).toEqual({
...mockApplication, ...mockApplication,
id: 'randomId', id: 'randomId',
secret: 'randomId',
name, name,
description, description,
type, type,

View file

@ -12,7 +12,7 @@ import {
updateApplicationById, updateApplicationById,
findTotalNumberOfApplications, findTotalNumberOfApplications,
} from '@/queries/application'; } from '@/queries/application';
import { buildIdGenerator } from '@/utils/id'; import { buildApplicationSecret, buildIdGenerator } from '@/utils/id';
import { AuthedRouter } from './types'; import { AuthedRouter } from './types';
@ -47,6 +47,7 @@ export default function applicationRoutes<T extends AuthedRouter>(router: T) {
ctx.body = await insertApplication({ ctx.body = await insertApplication({
id: applicationId(), id: applicationId(),
secret: buildApplicationSecret(),
oidcClientMetadata: buildOidcClientMetadata(oidcClientMetadata), oidcClientMetadata: buildOidcClientMetadata(oidcClientMetadata),
...rest, ...rest,
}); });

View file

@ -3,3 +3,5 @@ import { customAlphabet } from 'nanoid';
export const alphabet = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; export const alphabet = '0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz';
export const buildIdGenerator = (size: number) => customAlphabet(alphabet, size); export const buildIdGenerator = (size: number) => customAlphabet(alphabet, size);
export const buildApplicationSecret = buildIdGenerator(64);

View file

@ -9,8 +9,9 @@ export const adminConsoleApplicationId = 'admin-console';
export const demoAppApplicationId = 'demo-app'; export const demoAppApplicationId = 'demo-app';
export const createDemoAppApplication = (): Readonly<CreateApplication> => ({ export const createDemoAppApplication = (secret: string): Readonly<CreateApplication> => ({
id: demoAppApplicationId, id: demoAppApplicationId,
secret,
name: 'Demo App', name: 'Demo App',
description: 'Logto demo app.', description: 'Logto demo app.',
type: ApplicationType.SPA, type: ApplicationType.SPA,

View file

@ -3,6 +3,7 @@ create type application_type as enum ('Native', 'SPA', 'Traditional');
create table applications ( create table applications (
id varchar(21) not null, id varchar(21) not null,
name varchar(256) not null, name varchar(256) not null,
secret varchar(64) not null,
description text, description text,
type application_type not null, type application_type not null,
oidc_client_metadata jsonb /* @use OidcClientMetadata */ not null, oidc_client_metadata jsonb /* @use OidcClientMetadata */ not null,