diff --git a/src/addons.js b/src/addons.js index a6f704a63..8671f6d33 100644 --- a/src/addons.js +++ b/src/addons.js @@ -19,7 +19,6 @@ exports = module.exports = { var appdb = require('./appdb.js'), assert = require('assert'), async = require('async'), - clientdb = require('./clientdb.js'), clients = require('./clients.js'), config = require('./config.js'), DatabaseError = require('./databaseerror.js'), @@ -288,10 +287,10 @@ function setupOauth(app, options, callback) { var redirectURI = 'https://' + config.appFqdn(app.location); var scope = 'profile'; - clients.delByAppIdAndType(appId, clientdb.TYPE_OAUTH, function (error) { // remove existing creds + clients.delByAppIdAndType(appId, clients.TYPE_OAUTH, function (error) { // remove existing creds if (error && error.reason !== DatabaseError.NOT_FOUND) return callback(error); - clients.add(appId, clientdb.TYPE_OAUTH, clientSecret, redirectURI, scope, function (error, result) { + clients.add(appId, clients.TYPE_OAUTH, clientSecret, redirectURI, scope, function (error, result) { if (error) return callback(error); var env = [ @@ -314,7 +313,7 @@ function teardownOauth(app, options, callback) { debugApp(app, 'teardownOauth'); - clients.delByAppIdAndType(app.id, clientdb.TYPE_OAUTH, function (error) { + clients.delByAppIdAndType(app.id, clients.TYPE_OAUTH, function (error) { if (error && error.reason !== DatabaseError.NOT_FOUND) console.error(error); appdb.unsetAddonConfig(app.id, 'oauth', callback); @@ -329,10 +328,10 @@ function setupSimpleAuth(app, options, callback) { var appId = app.id; var scope = 'profile'; - clients.delByAppIdAndType(app.id, clientdb.TYPE_SIMPLE_AUTH, function (error) { // remove existing creds + clients.delByAppIdAndType(app.id, clients.TYPE_SIMPLE_AUTH, function (error) { // remove existing creds if (error && error.reason !== DatabaseError.NOT_FOUND) return callback(error); - clients.add(appId, clientdb.TYPE_SIMPLE_AUTH, '', '', scope, function (error, result) { + clients.add(appId, clients.TYPE_SIMPLE_AUTH, '', '', scope, function (error, result) { if (error) return callback(error); var env = [ @@ -357,7 +356,7 @@ function teardownSimpleAuth(app, options, callback) { debugApp(app, 'teardownSimpleAuth'); - clients.delByAppIdAndType(app.id, clientdb.TYPE_SIMPLE_AUTH, function (error) { + clients.delByAppIdAndType(app.id, clients.TYPE_SIMPLE_AUTH, function (error) { if (error && error.reason !== DatabaseError.NOT_FOUND) console.error(error); appdb.unsetAddonConfig(app.id, 'simpleauth', callback); diff --git a/src/apptask.js b/src/apptask.js index dd1763d7a..53e91b74e 100644 --- a/src/apptask.js +++ b/src/apptask.js @@ -36,7 +36,6 @@ var addons = require('./addons.js'), async = require('async'), backups = require('./backups.js'), certificates = require('./certificates.js'), - clientdb = require('./clientdb.js'), clients = require('./clients.js'), config = require('./config.js'), database = require('./database.js'), @@ -167,14 +166,14 @@ function allocateOAuthProxyCredentials(app, callback) { var redirectURI = 'https://' + config.appFqdn(app.location); var scope = 'profile'; - clients.add(app.id, clientdb.TYPE_PROXY, clientSecret, redirectURI, scope, callback); + clients.add(app.id, clients.TYPE_PROXY, clientSecret, redirectURI, scope, callback); } function removeOAuthProxyCredentials(app, callback) { assert.strictEqual(typeof app, 'object'); assert.strictEqual(typeof callback, 'function'); - clients.delByAppIdAndType(app.id, clientdb.TYPE_PROXY, function (error) { + clients.delByAppIdAndType(app.id, clients.TYPE_PROXY, function (error) { if (error && error.reason !== DatabaseError.NOT_FOUND) { debugApp(app, 'Error removing OAuth client id', error); return callback(error); diff --git a/src/clientdb.js b/src/clientdb.js index 0d9a8a00d..71f1863fa 100644 --- a/src/clientdb.js +++ b/src/clientdb.js @@ -14,13 +14,7 @@ exports = module.exports = { delByAppId: delByAppId, delByAppIdAndType: delByAppIdAndType, - _clear: clear, - - TYPE_EXTERNAL: 'external', - TYPE_OAUTH: 'addon-oauth', - TYPE_SIMPLE_AUTH: 'addon-simpleauth', - TYPE_PROXY: 'addon-proxy', - TYPE_ADMIN: 'admin' + _clear: clear }; var assert = require('assert'), diff --git a/src/clients.js b/src/clients.js index 27cb76434..b8be0839e 100644 --- a/src/clients.js +++ b/src/clients.js @@ -22,7 +22,14 @@ exports = module.exports = { // roles are handled just like the above scopes, they are parallel to scopes // scopes enclose API groups, roles specify the usage role - SCOPE_ROLE_SDK: 'roleSdk' + SCOPE_ROLE_SDK: 'roleSdk', + + // client type enums + TYPE_EXTERNAL: 'external', + TYPE_OAUTH: 'addon-oauth', + TYPE_SIMPLE_AUTH: 'addon-simpleauth', + TYPE_PROXY: 'addon-proxy', + TYPE_ADMIN: 'admin' }; var assert = require('assert'), diff --git a/src/cloudron.js b/src/cloudron.js index 77b376255..b3730d6e0 100644 --- a/src/cloudron.js +++ b/src/cloudron.js @@ -30,7 +30,6 @@ var apps = require('./apps.js'), assert = require('assert'), async = require('async'), backups = require('./backups.js'), - clientdb = require('./clientdb.js'), clients = require('./clients.js'), config = require('./config.js'), constants = require('./constants.js'), @@ -231,7 +230,7 @@ function activate(username, password, email, displayName, ip, auditSource, callb if (error && error.reason === UserError.BAD_FIELD) return callback(new CloudronError(CloudronError.BAD_FIELD, error.message)); if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error)); - clients.getByAppIdAndType('webadmin', clientdb.TYPE_ADMIN, function (error, result) { + clients.getByAppIdAndType('webadmin', clients.TYPE_ADMIN, function (error, result) { if (error) return callback(new CloudronError(CloudronError.INTERNAL_ERROR, error)); // Also generate a token so the admin creation can also act as a login diff --git a/src/oauthproxy.js b/src/oauthproxy.js index 3ef189036..ad1f45e60 100644 --- a/src/oauthproxy.js +++ b/src/oauthproxy.js @@ -7,7 +7,6 @@ exports = module.exports = { var appdb = require('./appdb.js'), assert = require('assert'), - clientdb = require('./clientdb.js'), clients = require('./clients.js'), config = require('./config.js'), DatabaseError = require('./databaseerror.js'), @@ -125,7 +124,7 @@ function authenticate(req, res, next) { return res.send(500, 'Unknown app.'); } - clients.getByAppIdAndType(result.id, clientdb.TYPE_PROXY, function (error, result) { + clients.getByAppIdAndType(result.id, clients.TYPE_PROXY, function (error, result) { if (error) { console.error('Unknown OAuth client.', error); return res.send(500, 'Unknown OAuth client.'); diff --git a/src/routes/clients.js b/src/routes/clients.js index 0d1fb28c4..29b953650 100644 --- a/src/routes/clients.js +++ b/src/routes/clients.js @@ -10,7 +10,6 @@ exports = module.exports = { }; var assert = require('assert'), - clientdb = require('../clientdb.js'), clients = require('../clients.js'), ClientsError = clients.ClientsError, DatabaseError = require('../databaseerror.js'), @@ -27,7 +26,7 @@ function add(req, res, next) { if (typeof data.scope !== 'string' || !data.scope) return next(new HttpError(400, 'scope is required')); if (!validUrl.isWebUri(data.redirectURI)) return next(new HttpError(400, 'redirectURI must be a valid uri')); - clients.add(data.appId, clientdb.TYPE_EXTERNAL, data.redirectURI, data.scope, function (error, result) { + clients.add(data.appId, clients.TYPE_EXTERNAL, data.redirectURI, data.scope, function (error, result) { if (error && error.reason === ClientsError.INVALID_SCOPE) return next(new HttpError(400, error.message)); if (error) return next(new HttpError(500, error)); next(new HttpSuccess(201, result)); diff --git a/src/routes/oauth2.js b/src/routes/oauth2.js index 3055def37..a60ce96c3 100644 --- a/src/routes/oauth2.js +++ b/src/routes/oauth2.js @@ -4,7 +4,6 @@ var appdb = require('../appdb'), apps = require('../apps'), assert = require('assert'), authcodedb = require('../authcodedb'), - clientdb = require('../clientdb'), clients = require('../clients'), config = require('../config.js'), constants = require('../constants.js'), @@ -207,9 +206,9 @@ function loginForm(req, res) { if (error) return sendError(req, res, 'Unknown OAuth client'); switch (result.type) { - case clientdb.TYPE_ADMIN: return render(constants.ADMIN_NAME, '/api/v1/cloudron/avatar'); - case clientdb.TYPE_EXTERNAL: return render('External Application', '/api/v1/cloudron/avatar'); - case clientdb.TYPE_SIMPLE_AUTH: return sendError(req, res, 'Unknown OAuth client'); + case clients.TYPE_ADMIN: return render(constants.ADMIN_NAME, '/api/v1/cloudron/avatar'); + case clients.TYPE_EXTERNAL: return render('External Application', '/api/v1/cloudron/avatar'); + case clients.TYPE_SIMPLE_AUTH: return sendError(req, res, 'Unknown OAuth client'); default: break; } @@ -420,12 +419,12 @@ var authorization = [ // Handle our different types of oauth clients var type = req.oauth2.client.type; - if (type === clientdb.TYPE_ADMIN) { + if (type === clients.TYPE_ADMIN) { eventlog.add(eventlog.ACTION_USER_LOGIN, auditSource(req, 'admin'), { userId: req.oauth2.user.id }); return next(); } - if (type === clientdb.TYPE_EXTERNAL) return next(); - if (type === clientdb.TYPE_SIMPLE_AUTH) return sendError(req, res, 'Unknown OAuth client.'); + if (type === clients.TYPE_EXTERNAL) return next(); + if (type === clients.TYPE_SIMPLE_AUTH) return sendError(req, res, 'Unknown OAuth client.'); appdb.get(req.oauth2.client.appId, function (error, appObject) { if (error) return sendErrorPageOrRedirect(req, res, 'Invalid request. Unknown app for this client_id.'); diff --git a/src/simpleauth.js b/src/simpleauth.js index 12db4db41..a1b92c7f6 100644 --- a/src/simpleauth.js +++ b/src/simpleauth.js @@ -8,7 +8,6 @@ exports = module.exports = { var apps = require('./apps.js'), AppsError = apps.AppsError, assert = require('assert'), - clientdb = require('./clientdb.js'), clients = require('./clients.js'), ClientsError = clients.ClientsError, config = require('./config.js'), @@ -38,7 +37,7 @@ function loginLogic(clientId, username, password, callback) { if (error) return callback(error); // only allow simple auth clients - if (clientObject.type !== clientdb.TYPE_SIMPLE_AUTH) return callback(new ClientsError(ClientsError.INVALID_CLIENT)); + if (clientObject.type !== clients.TYPE_SIMPLE_AUTH) return callback(new ClientsError(ClientsError.INVALID_CLIENT)); var authFunction = (username.indexOf('@') === -1) ? user.verifyWithUsername : user.verifyWithEmail; authFunction(username, password, function (error, userObject) { diff --git a/src/user.js b/src/user.js index 1feee67aa..9c4be4ced 100644 --- a/src/user.js +++ b/src/user.js @@ -23,7 +23,6 @@ exports = module.exports = { }; var assert = require('assert'), - clientdb = require('./clientdb.js'), clients = require('./clients.js'), crypto = require('crypto'), debug = require('debug')('box:user'), @@ -445,7 +444,7 @@ function setPassword(userId, newPassword, callback) { if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error)); // Also generate a token so the new user can get logged in immediately - clients.getByAppIdAndType('webadmin', clientdb.TYPE_ADMIN, function (error, result) { + clients.getByAppIdAndType('webadmin', clients.TYPE_ADMIN, function (error, result) { if (error) return callback(new UserError(UserError.INTERNAL_ERROR, error)); var token = tokendb.generateToken();