Merge branch 'release/v1.1.0'

Jaxolotl · Oct 16, 2018 · dd606b3 · dd606b3
2 parents 4a1d36e + 9a0bac6
commit dd606b3
Show file tree

Hide file tree

Showing 23 changed files with 1,178 additions and 1,460 deletions.
diff --git a/.env.TEMPLATE b/.env.TEMPLATE
@@ -0,0 +1,15 @@
+DEV_MODE=1
+DEV_HOST_PATH='http://localhost'
+DEV_PORT=8081
+DEV_CONNECTOR_HOST='http://localhost'
+
+
+## OAUTH 2 secrets
+# @see http://tableau.github.io/webdataconnector/docs/api_ref.html#webdataconnectorapi.authpurposeenum
+# DESKTOP
+EPHEMERAL_CLIENT_ID=
+EPHEMERAL_CLIENT_SECRET=
+
+# SERVER
+ENDURING_CLIENT_ID=
+ENDURING_CLIENT_SECRET=
diff --git a/.eslintrc.json b/.eslintrc.json
@@ -1,38 +1,7 @@
 {
-    "env": {
-        "browser": true,
-        "node": false,
-        "es6": true
-    },
-    "parser": "babel-eslint",
-    "extends": [
-        "eslint:recommended",
-        "standard"
-    ],
+    "extends": ["@jaxolotl/eslint-config-wdc-es6"],
     "rules": {
-        "no-trailing-spaces": [ "error", { "ignoreComments": true } ],
-        "no-unused-vars": [ "error", { "args": "after-used" } ],
-        "no-useless-call": 0,
-        "indent": [ "error",  4, { "SwitchCase": 1 } ],
-        "semi": [ "error", "always" ],
-        "padded-blocks": 0,
-        "valid-jsdoc": [
-            "error",
-            {
-                "requireParamDescription": false,
-                "requireReturnDescription": false
-            }
-        ],
-        "require-jsdoc": [
-            "error",
-            {
-                "require": {
-                    "FunctionDeclaration": true,
-                    "MethodDefinition": true,
-                    "ClassDeclaration": true,
-                    "ArrowFunctionExpression": false
-                }
-            }
-        ]
+        "camelcase": 1,
+        "no-useless-call": 1
     }
 }
diff --git a/README.md b/README.md
@@ -2,6 +2,21 @@
 
 To use, do the following:
 
-* npm install
-* Create an app on spotify developer platform: https://developer.spotify.com/my-applications/#!/applications
-* Copy config.js to a file called secret_config.js file, replace YOUR_CLIENT_ID and YOUR_CLIENT_SECRET with the appropriate values from your new spotify app.
+- run `npm install`
+- Create an app on spotify developer platform: https://developer.spotify.com/my-applications/#!/applications
+
+
+## Local development:
+- Create a .env files from .env.TEMPLATE
+- Set `EPHEMERAL_CLIENT_ID` and `ENDURING_CLIENT_ID` with the `CLIENT_ID` provided by Spotify app
+- Set `EPHEMERAL_CLIENT_SECRET` and `ENDURING_CLIENT_SECRET` with the `CLIENT_SECRET` provided by Spotify app
+- run `npm start` to make a build and start the local server
+- For more script options check the package.json scripts section
+
+
+## Publishing to a server
+- Do not publish your .env file, instead
+    - Set `EPHEMERAL_CLIENT_ID` and `ENDURING_CLIENT_ID` environment variables with the `CLIENT_ID` provided by Spotify app
+    - Set `EPHEMERAL_CLIENT_SECRET` and `ENDURING_CLIENT_SECRET` environment variables with the `CLIENT_SECRET` provided by Spotify app
+- Make sure the server settings ( on the `./auth_proxy` section ) are correct for your needs.
+- Make sure the `output` section of the webpack.config file are correct for your needs. ( see https://webpack.js.org/configuration/output/#output-publicpath )
diff --git a/auth_proxy/app.js b/auth_proxy/app.js
@@ -19,15 +19,54 @@ import cookieParser from 'cookie-parser';
 import path from 'path';
 import buffer from 'buffer';
 import { cwd, pid, memoryUsage, uptime } from 'process';
+import _ from 'lodash';
 
 dotenv.config();
 
 let app = express();
 let { Buffer } = buffer;
 
 const LOG = console.log; // eslint-disable-line no-console
-const SIGNATURE = `${CONFIG.CLIENT_ID}:${CONFIG.CLIENT_SECRET}`;
-const ENCODED_SIGNATURE = Buffer.alloc(SIGNATURE.length, SIGNATURE).toString('base64');
+const DEFAULT_AUTH_PURPOSE = 'EPHEMERAL';
+
+/**
+ * 
+ * @param {String} authPurpose enduring|ephemeral
+ * @returns {String }
+ */
+function getAuthPurpose (authPurpose = DEFAULT_AUTH_PURPOSE) {
+    const purposes = ['ENDURING', DEFAULT_AUTH_PURPOSE];
+
+    if (purposes.indexOf(authPurpose.toUpperCase()) < 0) {
+        authPurpose = DEFAULT_AUTH_PURPOSE;
+    }
+
+    return authPurpose.toUpperCase();
+}
+
+/**
+ * 
+ * @param {String} authPurpose enduring|ephemeral
+ * @returns {Object}
+ */
+function getSecrets (authPurpose) {
+
+    const AUTH_PURPOSE = getAuthPurpose(authPurpose);
+
+    const CLIENT_ID = CONFIG[AUTH_PURPOSE].CLIENT_ID;
+    const CLIENT_SECRET = CONFIG[AUTH_PURPOSE].CLIENT_SECRET;
+
+    const SIGNATURE = `${CLIENT_ID}:${CLIENT_SECRET}`;
+    const ENCODED_SIGNATURE = Buffer.alloc(SIGNATURE.length, SIGNATURE).toString('base64');
+
+    return {
+        CLIENT_ID,
+        CLIENT_SECRET,
+        SIGNATURE,
+        ENCODED_SIGNATURE,
+        AUTH_PURPOSE
+    };
+}
 
 // --------------------------------------------------------------------------------
 // Express set-up 
@@ -60,11 +99,14 @@ app.get('/schema', function (req, res) {
  */
 app.get('/login', function (req, res) {
 
+    const SECRETS = getSecrets(_.get(req, 'query.authPurpose'));
+
     const PARAMS = querystring.stringify({
         response_type: 'code',
-        client_id: CONFIG.CLIENT_ID,
+        client_id: SECRETS.CLIENT_ID,
         scope: CONFIG.APP_SCOPE,
-        redirect_uri: CONFIG.REDIRECT_URI
+        redirect_uri: CONFIG.REDIRECT_URI,
+        state: SECRETS.AUTH_PURPOSE
     });
 
     res.redirect(`${CONFIG.AUTHORIZE_URI}?${PARAMS}`);
@@ -80,6 +122,8 @@ app.get('/callback', function (req, res) {
 
     const CODE = req.query.code || null;
 
+    const SECRETS = getSecrets(_.get(req, 'query.state'));
+
     let authOptions = {
         url: CONFIG.TOKENS_URI,
         form: {
@@ -88,7 +132,7 @@ app.get('/callback', function (req, res) {
             grant_type: 'authorization_code'
         },
         headers: {
-            'Authorization': `Basic ${ENCODED_SIGNATURE}`
+            'Authorization': `Basic ${SECRETS.ENCODED_SIGNATURE}`
         },
         json: true
     };
@@ -135,9 +179,11 @@ app.get('/refresh_token', function (req, res) {
 
     const REFRESH_TOKEN = req.query.refresh_token;
 
+    const SECRETS = getSecrets(_.get(req, 'query.authPurpose'));
+
     let authOptions = {
         url: CONFIG.TOKENS_URI,
-        headers: { 'Authorization': `Basic ${ENCODED_SIGNATURE}` },
+        headers: { 'Authorization': `Basic ${SECRETS.ENCODED_SIGNATURE}` },
         form: {
             grant_type: 'refresh_token',
             refresh_token: REFRESH_TOKEN

diff --git a/auth_proxy/config.js b/auth_proxy/config.js
@@ -19,8 +19,7 @@ dotenv.config();
 
 export default {
     'PORT': PORT,
-    'CLIENT_ID': env.EPHEMERAL_CLIENT_ID,
-    'CLIENT_SECRET': env.EPHEMERAL_CLIENT_SECRET,
+    // @see http://tableau.github.io/webdataconnector/docs/api_ref.html#webdataconnectorapi.authpurposeenum
     // DESKTOP SECRETS
     'EPHEMERAL': {
         'CLIENT_ID': env.EPHEMERAL_CLIENT_ID,