feat: update strategies according to the latest auth changes from med…

…usa core (adrien2p#26)

* feat: update strategies according to the latest auth changes from medusa core

* chore: update deps

* chore: update deps

* chore: update scripts

* chore: update scripts

* chore: version bump

* chore: refactor strategy building

* chore: version

.eslintrc.js

@@ -45,6 +45,7 @@ module.exports = {
       }
     ],
     "@typescript-eslint/no-var-requires": "off",
-    "@typescript-eslint/ban-ts-comment": "off"
+    "@typescript-eslint/ban-ts-comment": "off",
+    "@typescript-eslint/no-explicit-any": "off"
   },
 };

.github/workflows/medusa-plugin-auth.yml

@@ -13,7 +13,6 @@ jobs:
     strategy:
       matrix:
         node-verion: [16.x]
-        medusajs-version: [1.5.x, 1.6.x]
     steps:
       - name: Cancel Previous Runs
         uses: styfle/[email protected]
@@ -36,6 +35,4 @@ jobs:
 
       - name: 'run unit tests'
         working-directory: ./packages/medusa-plugin-auth
-        run: yarn run test:ci
-        env:
-          MEDUSAJS_VERSION: ${{ matrix.medusajs-version }}
+        run: yarn run test

.github/workflows/medusa-plugin-prometheus.yml

@@ -13,7 +13,6 @@ jobs:
     strategy:
       matrix:
         node-verion: [16.x]
-        medusajs-version: [1.5.x, 1.6.x]
     steps:
       - name: Cancel Previous Runs
         uses: styfle/[email protected]
@@ -36,6 +35,4 @@ jobs:
 
       - name: 'run unit tests'
         working-directory: ./packages/medusa-plugin-prometheus
-        run: yarn run test:ci
-        env:
-          MEDUSAJS_VERSION: ${{ matrix.medusajs-version }}
+        run: yarn run test

.github/workflows/medusa-plugin-sentry.yml

@@ -13,7 +13,6 @@ jobs:
     strategy:
       matrix:
         node-verion: [16.x]
-        medusajs-version: [1.5.x, 1.6.x]
     steps:
       - name: Cancel Previous Runs
         uses: styfle/[email protected]
@@ -36,6 +35,4 @@ jobs:
 
       - name: 'run unit tests'
         working-directory: ./packages/medusa-plugin-sentry
-        run: yarn run test:ci
-        env:
-          MEDUSAJS_VERSION: ${{ matrix.medusajs-version }}
+        run: yarn run test

packages/medusa-plugin-auth/.gitignore

@@ -1,6 +1,7 @@
 .idea
 
 /api
+/core
 /handlers
 /utils
 /types

packages/medusa-plugin-auth/README.md

@@ -27,8 +27,9 @@ First of all, you need to install the plugin as follow `yarn add medusa-plugin-a
 
 - [Google](#google)
 - [Facebook](#facebook)
-- [Twitter](#twitter)
 - [Linkedin](#linkedin)
+- [Auth0](#auth0)
+- [Twitter](#twitter)
 - [Github](#github)
 - [Microsoft](#microsoft)
 
@@ -52,19 +53,13 @@ Then, in your medusa config plugins collection you can add the following configu
                 callbackUrl:`${process.env.BACKEND_URL}/admin/auth/google/cb`, 
                 failureRedirect: `${process.env.ADMIN_URL}/login`,
                 successRedirect: `${process.env.ADMIN_URL}/`,
-                authPath: "/admin/auth/google",
-                authCallbackPath: "/admin/auth/google/cb",
-
                 expiresIn: 24 * 60 * 60 * 1000
             },
             // Enable google OAuth 2 for the store domain
             store: {
                 callbackUrl:`${process.env.BACKEND_URL}/store/auth/google/cb`, 
                 failureRedirect: `${process.env.STORE_URL}/login`,
                 successRedirect: `${process.env.STORE_URL}/`,
-                authPath: "/store/auth/google",
-                authCallbackPath: "/store/auth/google/cb",
-
                 expiresIn: 24 * 60 * 60 * 1000
             }
         }
@@ -78,9 +73,9 @@ Then, in your medusa config plugins collection you can add the following configu
 Now you can add your Google sign in button in your client with something along the line of the code bellow
 
 ```html
-<a href="${medusa_url}/${google_authPath}" type="button" class="text-white bg-[#3b5998] hover:bg-[#3b5998]/90 focus:ring-4 focus:outline-none focus:ring-[#3b5998]/50 font-medium rounded-lg text-sm px-5 py-2.5 text-center inline-flex items-center dark:focus:ring-[#3b5998]/55 mr-2 mb-2">
-  <svg class="mr-2 -ml-1 w-4 h-4" aria-hidden="true" focusable="false" data-prefix="fab" data-icon="facebook-f" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 320 512"><path fill="currentColor" d="M279.1 288l14.22-92.66h-88.91v-60.13c0-25.35 12.42-50.06 52.24-50.06h40.42V6.26S260.4 0 225.4 0c-73.22 0-121.1 44.38-121.1 124.7v70.62H22.89V288h81.39v224h100.2V288z"></path></svg>
-  Sign in with Facebook
+<a type="button" href=${medusa_url}/${google_authPath} className="text-white bg-[#4285F4] hover:bg-[#4285F4]/90 focus:ring-4 focus:outline-none focus:ring-[#4285F4]/50 font-medium rounded-lg text-sm px-5 py-2.5 text-center inline-flex items-center dark:focus:ring-[#4285F4]/55 mr-2 mb-2">
+  <svg className="mr-2 -ml-1 w-4 h-4" aria-hidden="true" focusable="false" data-prefix="fab" data-icon="google" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 488 512"><path fill="currentColor" d="M488 261.8C488 403.3 391.1 504 248 504 110.8 504 0 393.2 0 256S110.8 8 248 8c66.8 0 123 24.5 166.3 64.9l-67.5 64.9C258.5 52.6 94.3 116.6 94.3 256c0 86.5 69.1 156.6 153.7 156.6 98.2 0 135-70.4 140.8-106.9H248v-85.3h236.1c2.3 12.7 3.9 24.9 3.9 41.4z"></path></svg>
+  Sign in with Google
 </a>
 ```
 
@@ -104,19 +99,13 @@ Then, in your medusa config plugins collection you can add the following configu
                 callbackUrl:`${process.env.BACKEND_URL}/admin/auth/facebook/cb`, 
                 failureRedirect: `${process.env.ADMIN_URL}/login`,
                 successRedirect: `${process.env.ADMIN_URL}/`,
-                authPath: "/admin/auth/facebook",
-                authCallbackPath: "/admin/auth/facebook/cb",
-
                 expiresIn: 24 * 60 * 60 * 1000
             },
             // Enable facebook OAuth 2 for the store domain
             store: {
                 callbackUrl:`${process.env.BACKEND_URL}/store/auth/facebook/cb`, 
                 failureRedirect: `${process.env.STORE_URL}/login`,
                 successRedirect: `${process.env.STORE_URL}/`,
-                authPath: "/store/auth/facebook",
-                authCallbackPath: "/store/auth/facebook/cb",
-
                 expiresIn: 24 * 60 * 60 * 1000
             }
         }
@@ -138,59 +127,7 @@ Now you can add your Facebook sign in button in your client with something along
 
 ### Twitter
 
-> Thw Twitter strategy can't be used for the moment and require to wait for twitter to implement the necessary
-> scopes to retrieve a user email in order to complete the authentication flow.
-> In any case, you still can use this strategy and provide a custom `verifyCallback` if you know what you are doing.
-
-> By default, the admin only allow to authenticate while the store create a new user of it does not exist yet.
-> This behaviour can be changed and customised by specifying a custom `verifyCallback` in the configuration.
-
-Then, in your medusa config plugins collection you can add the following configuration and update it according to your requirements ([full configuration here](https://github.com/adrien2p/medusa-plugins/tree/main/packages/medusa-plugin-auth/src/auth-strategies/twitter/types.ts))
-
-```ts
-{
-    resolve: "medusa-plugin-auth",
-    options: {
-        // Enable twitter OAuth
-        twitter: {
-            clientID: "__YOUR_CLIENT_ID__",
-            clientSecret: "__YOUR_CLIENT_SECRET__",
-            // Enable twitter OAuth for the admin domain
-            admin: {
-                callbackUrl:`${process.env.BACKEND_URL}/admin/auth/twitter/cb`, 
-                failureRedirect: `${process.env.ADMIN_URL}/login`,
-                successRedirect: `${process.env.ADMIN_URL}/`,
-                authPath: "/admin/auth/twitter",
-                authCallbackPath: "/admin/auth/twitter/cb",
-
-                expiresIn: 24 * 60 * 60 * 1000
-            },
-            // Enable twitter OAuth for the store domain
-            store: {
-                callbackUrl:`${process.env.BACKEND_URL}/store/auth/twitter/cb`, 
-                failureRedirect: `${process.env.STORE_URL}/login`,
-                successRedirect: `${process.env.STORE_URL}/`,
-                authPath: "/store/auth/twitter",
-                authCallbackPath: "/store/auth/twitter/cb",
-
-                expiresIn: 24 * 60 * 60 * 1000
-            }
-        }
-        // ...
-        // ... Other authentication provider options
-        // ...
-    }
-}
-```
-
-Now you can add your Twitter sign in button in your client with something along the line of the code bellow
-
-```html
-<a href="${medusa_url}/${twitter_authPath}" type="button" class="text-white bg-[#1da1f2] hover:bg-[#1da1f2]/90 focus:ring-4 focus:outline-none focus:ring-[#1da1f2]/50 font-medium rounded-lg text-sm px-5 py-2.5 text-center inline-flex items-center dark:focus:ring-[#1da1f2]/55 mr-2 mb-2">
-  <svg class="mr-2 -ml-1 w-4 h-4" aria-hidden="true" focusable="false" data-prefix="fab" data-icon="twitter" role="img" xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512"><path fill="currentColor" d="M459.4 151.7c.325 4.548 .325 9.097 .325 13.65 0 138.7-105.6 298.6-298.6 298.6-59.45 0-114.7-17.22-161.1-47.11 8.447 .974 16.57 1.299 25.34 1.299 49.06 0 94.21-16.57 130.3-44.83-46.13-.975-84.79-31.19-98.11-72.77 6.498 .974 12.99 1.624 19.82 1.624 9.421 0 18.84-1.3 27.61-3.573-48.08-9.747-84.14-51.98-84.14-102.1v-1.299c13.97 7.797 30.21 12.67 47.43 13.32-28.26-18.84-46.78-51.01-46.78-87.39 0-19.49 5.197-37.36 14.29-52.95 51.65 63.67 129.3 105.3 216.4 109.8-1.624-7.797-2.599-15.92-2.599-24.04 0-57.83 46.78-104.9 104.9-104.9 30.21 0 57.5 12.67 76.67 33.14 23.72-4.548 46.46-13.32 66.6-25.34-7.798 24.37-24.37 44.83-46.13 57.83 21.12-2.273 41.58-8.122 60.43-16.24-14.29 20.79-32.16 39.31-52.63 54.25z"></path></svg>
-  Sign in with Twitter
-</a>
-```
+// Waiting the OAuth 2 from twitter to be completely finalised
 
 ### Linkedin
 
@@ -212,19 +149,13 @@ Then, in your medusa config plugins collection you can add the following configu
                 callbackUrl:`${process.env.BACKEND_URL}/admin/auth/linkedin/cb`, 
                 failureRedirect: `${process.env.ADMIN_URL}/login`,
                 successRedirect: `${process.env.ADMIN_URL}/`,
-                authPath: "/admin/auth/linkedin",
-                authCallbackPath: "/admin/auth/linkedin/cb",
-
                 expiresIn: 24 * 60 * 60 * 1000
             },
             // Enable linkedin OAuth 2 for the store domain
             store: {
                 callbackUrl:`${process.env.BACKEND_URL}/store/auth/linkedin/cb`, 
                 failureRedirect: `${process.env.STORE_URL}/login`,
                 successRedirect: `${process.env.STORE_URL}/`,
-                authPath: "/store/auth/linkedin",
-                authCallbackPath: "/store/auth/linkedin/cb",
-
                 expiresIn: 24 * 60 * 60 * 1000
             }
         }
@@ -244,6 +175,10 @@ Now you can add your Linkedin sign in button in your client with something along
 </a>
 ```
 
+### Auth0
+
+Coming soon
+
 ### Github
 
 Coming soon

packages/medusa-plugin-auth/package.json

@@ -41,21 +41,21 @@
     "build:tsc": "tsc -b",
     "clean": "rimraf api services utils types loaders auth-strategies coverage tsconfig.tsbuildinfo",
     "test": "jest",
-    "test:ci": "yarn add @medusajs/medusa@${MEDUSAJS_VERSION} && yarn run test"
+    "test:ci": "yarn add -D @medusajs/medusa@${MEDUSAJS_VERSION} && yarn run test"
   },
   "peerDependencies": {
-    "@medusajs/medusa": "^1.4.1",
-    "medusa-core-utils": "^1.1.31",
-    "medusa-interfaces": "^1.3.3",
+    "@medusajs/medusa": "^1.6.4",
+    "medusa-core-utils": "^1.x.x",
+    "medusa-interfaces": "^1.x.x",
     "typeorm": "^0.2.45"
   },
   "devDependencies": {
-    "@medusajs/medusa": "^1.4.1",
+    "@medusajs/medusa": "^1.6.4",
     "@types/express": "^4.17.14",
     "@types/jest": "^29.1.2",
     "jest": "^29.1.2",
-    "medusa-core-utils": "^1.1.31",
-    "medusa-interfaces": "^1.3.3",
+    "medusa-core-utils": "^1.x.x",
+    "medusa-interfaces": "^1.x.x",
     "medusa-test-utils": "^1.1.37",
     "passport": "0.4.1",
     "ts-jest": "^29.0.3",

packages/medusa-plugin-auth/src/api/index.ts

@@ -3,29 +3,23 @@ import { ConfigModule } from '@medusajs/medusa/dist/types/global';
 import wrapHandler from '@medusajs/medusa/dist/api/middlewares/await-middleware';
 import loadConfig from '@medusajs/medusa/dist/loaders/config';
 import cors from 'cors';
+import GoogleStrategy from '../auth-strategies/google';
+import FacebookStrategy from '../auth-strategies/facebook';
+import LinkedinStrategy from '../auth-strategies/linkedin';
 
 import { ADMIN_AUTH_TOKEN_COOKIE_NAME, AuthOptions, STORE_AUTH_TOKEN_COOKIE_NAME } from '../types';
-import { loadJwtOverrideStrategy } from '../auth-strategies/jwt-override';
-import { getGoogleRoutes } from '../auth-strategies/google';
-import { getFacebookRoutes } from '../auth-strategies/facebook';
-import { getTwitterRoutes } from '../auth-strategies/twitter';
-import { getLinkedinRoutes } from "../auth-strategies/linkedin";
 
 export default function (rootDirectory, pluginOptions: AuthOptions): Router[] {
 	const configModule = loadConfig(rootDirectory) as ConfigModule;
-
-	loadJwtOverrideStrategy(configModule);
-
 	return loadRouters(configModule, pluginOptions);
 }
 
 function loadRouters(configModule: ConfigModule, options: AuthOptions): Router[] {
 	const routers: Router[] = [];
 
-	routers.push(...getGoogleRoutes(configModule, options));
-	routers.push(...getFacebookRoutes(configModule, options));
-	routers.push(...getTwitterRoutes(configModule, options));
-	routers.push(...getLinkedinRoutes(configModule, options));
+	routers.push(...GoogleStrategy.getRouter(configModule, options));
+	routers.push(...FacebookStrategy.getRouter(configModule, options));
+	routers.push(...LinkedinStrategy.getRouter(configModule, options));
 	routers.push(getLogoutRouter(configModule));
 
 	return routers;
@@ -40,35 +34,39 @@ function getLogoutRouter(configModule: ConfigModule): Router {
 	};
 
 	router.use('/admin/auth', cors(adminCorsOptions));
-	router.delete('/admin/auth', wrapHandler(async (req, res) => {
-		if ((req as unknown as Request & { session: any }).session) {
-			(req as unknown as Request & { session: any }).session.jwt = {};
-			(req as unknown as Request & { session: any }).session.destroy();
-		}
+	router.delete(
+		'/admin/auth',
+		wrapHandler(async (req, res) => {
+			if ((req as unknown as Request & { session: unknown }).session) {
+				(req as unknown as Request & { session: { jwt: string } }).session.jwt = null;
+				(req as unknown as Request & { session: { destroy: () => void } }).session.destroy();
+			}
 
-		res.clearCookie(ADMIN_AUTH_TOKEN_COOKIE_NAME);
+			res.clearCookie(ADMIN_AUTH_TOKEN_COOKIE_NAME);
 
-		res.status(200).json({});
-	}));
+			res.status(200).json({});
+		})
+	);
 
 	const storeCorsOptions = {
 		origin: configModule.projectConfig.store_cors.split(','),
 		credentials: true,
 	};
 
 	router.use('/store/auth', cors(storeCorsOptions));
-	router.delete('/store/auth', wrapHandler(async (req, res) => {
-		if ((req as unknown as Request & { session: any }).session) {
-			(req as unknown as Request & { session: any }).session.jwt = {};
-			// The bellow line will be available in the next version of medusa core
-			/*(req as unknown as Request & { session: any }).session.jwt_store = {};*/
-			(req as unknown as Request & { session: any }).session.destroy();
-		}
-
-		res.clearCookie(STORE_AUTH_TOKEN_COOKIE_NAME);
-
-		res.status(200).json({});
-	}));
+	router.delete(
+		'/store/auth',
+		wrapHandler(async (req, res) => {
+			if ((req as unknown as Request & { session: unknown }).session) {
+				(req as unknown as Request & { session: { jwt_store: string } }).session.jwt_store = null;
+				(req as unknown as Request & { session: { destroy: () => void } }).session.destroy();
+			}
+
+			res.clearCookie(STORE_AUTH_TOKEN_COOKIE_NAME);
+
+			res.status(200).json({});
+		})
+	);
 
 	return router;
 }