Compare commits

..

2 commits

Author SHA1 Message Date
thomashii
91cd22f280 Moved vscode to own repo 2021-06-26 19:15:17 +08:00
thomashii
566598a384 Updated oauth2 package 2021-05-30 07:57:48 +08:00
1675 changed files with 50495 additions and 51288 deletions

View file

@ -1,224 +0,0 @@
The name of our company is Protevus
The name of our project is Platform
Protevus = Laravel and Platform = Illuminate
Our Development Langauge is Dart
Our cross-platform UI Kit is Flutter
Our Implementation is based on Angel3
Our Inspiration is based on Laravel
Our Deployment Target are Windows, MacOS, Linux, iOS, Android, Web, IoT and Edge Devices
Protevus Aims to bring a complete Laravel experience to Dart, and Flutter with a truely Unified Full Stack Experience. We aim to mature the platform to support cross-platform development of complex government, military, financial, medical, supply-chain, enterprise and idustrial applications.
Our 10 Step Development Lifecycle is as follows: We use a hybrid mix of Interface Driven Development, Test Driven Development and AI Software Engineer Agents to assist in generating efficient and reliable code while also providing help with other task like code reviews, documentation, and testing. We call this approach IDD-AI or Individual Driven Developemt AI.
1. Research - Research the requirements and specifications of the project.
2. Identify - Identify the key components and technologies that are needed to build the project. (use opensource)
3. Transform - Transform the requirements and specifications from the code to a langauge agnostic abstract contract (YAML)
4. Inform - Use the abstract contracts to inform the design of the system and the components.
5. Generate - Use AI to generate the initial code based on the abstract contracts.
6. Implement - Implement the code in the codebase.
7. Test - Test the code to ensure it meets the requirements and specifications.
8. Iterate - Iterate the code to improve the design and implementation.
9. Review - Review the code to ensure it meets the requirements and specifications.
10. Release - Release the code to the public.
Or RITIGITIRR pronounced Rih-tih-gih-tirr
The we wash rinse and repeat for each project. When we are done we have a fully functional and robust implementation of the requirements and specifications we will still follow this pattern for enhancements, bug fixes, and new features.
The API Specifications are in inbox/spec_packagename
The Concrete Implementations are in inbox/src_packagename
The directory structure for the project is as follows:
config/ = configuration files
devops/ = docker and kubernetes configuration
docs/ = documentation
examples/ = example applications demonstrating using the Platform API
packages/ = platform packages
resources = images, icons, and other resources
scripts/ = utility scripts
templates/ = starter templates
tests/ = repository wide integration tests
tools/ = project wide tools
utils/ = cli, console, and other utilities
Protevus Platform is a hard-fork of Angel3 that is being refactored and rebranded to be Protevus Platform
For now all references to Angel3 remain the same, but in the future we will be changing them to Protevus or Platform
You must always refer to the project as Platform, not Protevus or Angel3
You must always prefer leveraging existing sanctioned angel3 packages as dependencies where possible as most of them will be replace and can't be relied on initially.
You must always prefer leveraging existing standard dart packages as dependencies where possible
You will always prefer leveraging any packages that we can from pub.dev or github.com dart/flutter ecosystem
Our goal is to reimplement the laravel illuminate packages as angel3 packages in short bringing Laravel to Dart
Our goal is to reach feature parity with the illuminate api so we must adhere to the specifications of laravel's api as we reimplement the illuminate packages
We will not reimplement any packages that are not part of laravel, such as symfony packages, or any other packages that are not part of the laravel framework as our goal is to have pure dart implementations so we must find packages in the dart ecosystem where possible or create the feature in dart.
We will not be re-implementing some features of laravel that would require reinventing wheels, for example angel3's server system is more then sufficiant and consist of the following angel3 packages which we will be initally keeping. Container, Framework, Route Http_Exception, Mock_Request, Modal. All other Illuminate packages will be reimplemented in dart. This list of keepers may change as we begin our phases of development.
You must always take the following points into consderation when planning and executing your task.
1. Dart and Flutter ecosystem awareness:
- Stay updated with the latest Dart language features and best practices.
- Consider Flutter compatibility for components that might be used in mobile/web applications.
- Utilize popular Dart packages when appropriate, but be mindful of adding unnecessary dependencies.
2. Performance considerations:
- Implement benchmarking tools to compare performance with both Laravel and the original Angel3.
- Use Dart's profiling tools to identify and optimize bottlenecks.
- Consider implementing lazy loading and deferred initialization where appropriate.
3. Asynchronous programming:
- Leverage Dart's async/await and Future-based programming extensively.
- Implement proper error handling and cancellation for asynchronous operations.
- Consider using Streams for reactive programming where appropriate.
4. Code style and structure:
- Follow Dart's official style guide and linting rules.
- Implement consistent error handling and logging practices across all packages.
- Use Dart's strong typing system to its full potential, including generics and type inference.
5. Testing strategy:
- Implement both unit and integration tests for all components.
- Use mock objects and dependency injection to facilitate easier testing.
- Implement property-based testing for complex algorithms or data structures.
6. Documentation:
- Use Dart's documentation comments extensively.
- Provide examples in documentation for all public APIs.
- Create architecture decision records (ADRs) for significant design choices.
7. Internationalization and localization:
- Design with i18n in mind from the start.
- Use Dart's intl package for formatting dates, numbers, and plurals.
8. Error handling and logging:
- Implement a consistent error handling strategy across all packages.
- Create custom exception classes where appropriate.
- Implement structured logging with different log levels.
9. Security:
- Implement security best practices, including input validation, output encoding, and CSRF protection.
- Use secure random number generation for cryptographic operations.
- Implement rate limiting and throttling mechanisms.
10. Dependency management:
- Use Dart's pub tool effectively for package management.
- Consider implementing a monorepo structure for managing multiple packages.
11. Compatibility layers:
- Implement compatibility layers or wrappers to ease migration from Angel3 to the new framework.
- Provide migration scripts or tools where possible.
12. Extensibility:
- Design components with extensibility in mind, allowing for easy customization and overriding of default behaviors.
- Implement plugin systems where appropriate.
13. Configuration:
- Implement a flexible configuration system that supports different environments (development, testing, production).
- Support both file-based and environment variable-based configuration.
14. CLI tools:
- Develop CLI tools to assist in common development tasks (e.g., generating boilerplate code, running migrations).
- Ensure CLI tools are cross-platform compatible.
15. Database abstraction:
- Implement database migrations and seeders.
- Support multiple database systems, including NoSQL databases.
16. API design:
- Follow RESTful principles when designing APIs.
- Consider implementing GraphQL support.
17. Caching strategies:
- Implement various caching mechanisms (in-memory, file-based, distributed).
- Provide cache invalidation strategies.
18. Scalability:
- Design components with horizontal scalability in mind.
- Implement support for distributed systems and microservices architecture.
19. Metrics and monitoring:
- Implement instrumentation for gathering metrics.
- Provide hooks for integrating with monitoring systems.
20. Dependency injection:
- Implement a robust dependency injection system.
- Support both constructor and property injection.
21. Reflection and metadata:
- Utilize Dart's reflection capabilities where appropriate.
- Implement custom metadata annotations for declarative programming.
22. Error reporting:
- Implement integration with error reporting services (e.g., Sentry).
- Provide detailed stack traces and context for errors.
23. Code generation:
- Utilize Dart's build system for code generation where appropriate.
- Implement source code generators for repetitive tasks.
24. Versioning:
- Follow semantic versioning principles.
- Maintain a detailed changelog.
25. Community engagement:
- Set up issue templates and contribution guidelines on GitHub.
- Implement a code of conduct for the project.
26. Null Safety
- Implement sound null safety throughout the entire codebase.
- Utilize Dart's null safety features, including:
- Nullable and non-nullable types
- Late variables
- Null-aware operators
- Perform null checks where necessary and provide clear documentation on nullability for all public APIs.
- Use the `required` keyword for named parameters that must not be null.
- Leverage the `?`, `!`, and `??` operators appropriately to handle potential null values.
- Implement proper error handling for cases where null values are unexpected.
- When interfacing with external code or APIs that are not null-safe:
- Use the `dynamic` type or appropriate cast operations cautiously
- Utilize the `Never` type for functions that never return normally (i.e., always throw an exception or loop forever).
- Consider using the `late` keyword for variables that are initialized after their declaration but before they're used.
- When working with collections:
- Prefer using nullable item types (e.g., `List<String?>`) over nullable collections (e.g., `List<String>?`) where appropriate
- Use static analysis tools to catch potential null safety issues early in the development process.
- When migrating existing code:
- Use the Dart migration tool
- Carefully review all changes
- Educate contributors on null safety best practices and include null safety checks in code review processes.
Here are some notes that you should always keep in mind when working with the project
Here's the content formatted in Markdown:
## General Guidelines
- Always consider the idiomatic Dart approach when implementing Laravel features.
- Maintain compatibility with existing Angel3 applications where possible.
- Prioritize performance and scalability in all implementations.
- Write comprehensive tests for each component, aiming for high code coverage.
- Document all public APIs and provide usage examples.
- Consider cross-platform compatibility (server, web, mobile) where applicable.
- Keep security as a top priority, especially when implementing authentication and encryption features.
- Regularly refactor and optimize code as the project progresses.
- Engage with the Angel3 community for feedback and contributions throughout the development process.
## Advanced Implementation Considerations
- When implementing advanced features like Telescope or Dusk, consider how they can be adapted to work well in a Dart ecosystem.
- Pay special attention to how Facades and Macroable traits can be implemented in Dart, as these are core to Laravel's flexibility but may not have direct equivalents in Dart.
- For packages like Scout and Passport, research Dart-specific best practices for implementing search and OAuth2 functionalities.
- When working on Blade-like templating, consider how to balance between staying close to Blade's syntax and leveraging Dart's language features.
## Dart-Specific Considerations
- Always consider the implications of Dart's strong typing when implementing dynamic features from Laravel.
- Look for opportunities to leverage Dart's unique features, such as isolates for concurrency, where appropriate.
The Project Road Map is in @Roadmap Book
You now have access to all the information that all team members need to start working on the project.

View file

@ -1,6 +0,0 @@
{
"image": "dart:3.4",
"forwardPorts": [3000,5000],
"features": {
}
}

1
.fork
View file

@ -1 +0,0 @@
Hard-Fork of Angel3 Master Repo 2024-10-01 Advance to Version 9.x

3
.github/FUNDING.yml vendored Normal file
View file

@ -0,0 +1,3 @@
# These are supported funding model platforms
github: [thosakwe]

54
.gitignore vendored
View file

@ -14,6 +14,7 @@
.metals/
build/
#**/packages/
packages/hubbub/
# Files created by dart2js
# (Most Dart developers will use pub build to compile Dart, use/modify these
@ -36,34 +37,38 @@ pubspec.lock
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
# If you're building an application, you may want to check-in your pubspec.lock
#pubspec.lock
pubspec_overrides.yaml
pubspec.yaml.bak
# User-specific stuff:
.idea/workspace.xml
.idea/tasks.xml
.idea/dictionaries
.idea/vcs.xml
.idea/jsLibraryMappings.xml
## VsCode
.vscode/
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
# IntelliJ
.idea/
/out/
.idea_modules/
# Sensitive or high-churn files:
.idea/dataSources.ids
.idea/dataSources.xml
.idea/dataSources.local.xml
.idea/sqlDataSources.xml
.idea/dynamic.xml
.idea/uiDesigner.xml
# Gradle:
.idea/gradle.xml
.idea/libraries
# Mongo Explorer plugin:
.idea/mongoSettings.xml
## File-based project format:
*.iws
## Plugin-specific files:
# IntelliJ
/out/
# mpeltonen/sbt-idea plugin
.idea_modules/
# JIRA plugin
atlassian-ide-plugin.xml
@ -74,15 +79,14 @@ crashlytics.properties
crashlytics-build.properties
fabric.properties
# Others
### VSCode template
.vscode/*
!.vscode/settings.json
!.vscode/tasks.json
!.vscode/launch.json
!.vscode/extensions.json
logs/
*.pem
.DS_Store
server_log.txt
backup/
# ignore protevus platform
#wspace/
# temp
#inbox/

View file

@ -1,2 +0,0 @@
.DS_Store
tasks.json

15
.vscode/settings.json vendored
View file

@ -1,18 +1,5 @@
{
"files.watcherExclude": {
"**/target": true
},
"[javascript]": {
"editor.defaultFormatter": "esbenp.prettier-vscode",
"editor.formatOnSave": true
},
"beautify.language": {
"html": ["html"],
"css": [],
"js": []
},
"editor.codeActionsOnSave": {
"source.fixAll.markdownlint": "explicit"
},
"cmake.configureOnOpen": false
}
}

View file

@ -1,36 +0,0 @@
# Protevus Platform Authors
## Core Team
- Patrick Stewart <p.stewart@protevus.com> (Project Lead)
- Vacant Spot <jane.smith@example.com> (Lead Developer)
- Vacant Spot <bob.johnson@example.com> (Developer)
## AI Team
- Cody <cody@protevus.com> (AI Coding Assistant)
- Claude <claude@protevus.com> (AI Coding Assistant)
- Code Copilot <c.copilot@protevus.com> (AI Coding Assistant)
- Keymate <keymate@protevus.com> (AI Coding Assistant)
## Contributors
- Alice Williams <alice.williams@example.com>
- Implemented the ORM module
- Contributed to the database abstraction layer
- Charlie Brown <charlie.brown@example.com>
- Implemented the authentication and authorization system
- Contributed to the event broadcasting and queueing system
- Eve Green <eve.green@example.com>
- Improved the routing system
- Contributed to the middleware implementation
- Michael Davis <michael.davis@example.com>
- Worked on the caching and performance optimization features
- Contributed to the documentation
# Additional contributors (in alphabetical order)
- Vacant Spot

View file

@ -0,0 +1,56 @@
# 3.0.1 (NNBD)
* Changed Dart SDK requirements for all packages to ">=2.12.0 <3.0.0" to support NNBD.
* Updated pretty_logging to 2.0.0
* Updated angel_http_exception to 2.0.0
* Updated angel_cli to 3.0.0. (Rename not working)
# 3.0.0 (Non NNBD)
* Changed Dart SDK requirements for all packages to ">=2.10.0 <3.0.0"
* Updated pretty_logging to 2.0.0
* Updated angel_http_exception to 2.0.0
* Updated angel_cli to 3.0.0. (Rename not working)
* Updated angel_route to 4.0.0
* Updated angel_model to 2.0.0
* Updated angel_container to 2.0.0
* Updated angel_framework to 3.0.0
* Updated angel_auth to 3.0.0
* Updated angel_configuration to 3.0.0
* Updated jael to 3.0.0
* Updated jael_preprocessor to 3.0.0
* Updated validate to 3.0.0
* Added and updated json_god to 3.0.0
* Updated angel_client to 3.0.0
* Updated angel_websocket to 3.0.0 (3/3 tests passed)
* Updated test to 3.0.0
* Updated angel_jael to 3.0.0 (Issue with 2 dependencies)
* Added pub_sub and updated to 3.0.0
* Updated production to 2.0.0
* Updated hot to 3.0.0
* Updated static to 3.0.0
* Update basic-sdk-2.12.x boilerplate
* Updated angel_serialize to 3.0.0
* Updated angel_serialize_generator to 3.0.0
* Updated angel_orm to 3.0.0
* Updated angel_migration to 3.0.0
* Updated angel_orm_generator to 3.0.0 (use a fork of postgres)
* Updated angel_migration_runner to 3.0.0
* Updated angel_orm_test to 1.0.0
* Updated angel_orm_postgres to 2.0.0
* Update orm-sdk-2.12.x boilerplate
* Updated angel_auth_oauth2 to 3.0.0
* Updated angel_auth_cache to 3.0.0
* Updated angel_auth_cors to 3.0.0
* Updated angel_container_generator to 2.0.0
* Updated angel_file_service to 3.0.0
* Updated angel_eventsource to 2.0.0 (use a fork of eventsource)
* Updated angel_auth_twitter to 3.0.0 (use a fork of twitter and oauth)
# 2.2.0
* Changed Dart SDK requirements for all packages to ">=2.10.0 <2.12.0"
* Upgraded 3rd party libraries to the latest version prior to dart 2.12
* Fixed broken code due to 3rd party libraries update
* Revert packages/validate from version 3.0 to version 2.2
# 2.1.x and below
* Refer to the orginal repo before the fork

View file

@ -1,39 +0,0 @@
# Protevus Platform Code of Conduct
## Our Pledge
We, as members, contributors, and leaders of the Protevus Platform community, pledge to make participation in our project and community a harassment-free experience for everyone, regardless of age, body size, visible or invisible disability, ethnicity, sex characteristics, gender identity and expression, level of experience, education, socio-economic status, nationality, personal appearance, race, caste, color, religion, or sexual identity and orientation.
We pledge to act and interact in ways that contribute to an open, welcoming, diverse, inclusive, and healthy community.
## Our Standards
Examples of behavior that contributes to a positive environment for our community include:
- Using welcoming and inclusive language
- Being respectful of differing viewpoints and experiences
- Gracefully accepting constructive criticism
- Focusing on what is best for the community
- Showing empathy towards other community members
Examples of unacceptable behavior include:
- The use of sexualized language or imagery, and sexual attention or advances of any kind
- Trolling, insulting/derogatory comments, and personal or political attacks
- Public or private harassment
- Publishing others' private information, such as a physical or electronic address, without explicit permission
- Other conduct which could reasonably be considered inappropriate in a professional setting
## Enforcement Responsibilities
Community leaders are responsible for clarifying and enforcing our standards of acceptable behavior and will take appropriate and fair corrective action in response to any behavior that they deem inappropriate, threatening, offensive, or harmful.
Community leaders have the right and responsibility to remove, edit, or reject comments, commits, code, wiki edits, issues, and other contributions that are not aligned with this Code of Conduct, and will communicate reasons for moderation decisions when appropriate.
## Scope
This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public spaces. Examples of representing our community include using an official e-mail address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
## Enforcement
Instances of abusive, harassing, or otherwise unacceptable behavior may be reported to the community leaders responsible for enforcement at [insert email

View file

@ -1,71 +0,0 @@
# Contributing to the Protevus Platform
Welcome to the Protevus Platform project! We appreciate your interest in contributing to our open-source application server platform. This document outlines the guidelines and best practices for contributing to the project.
## Code of Conduct
By participating in this project, you are expected to uphold our [Code of Conduct](CODE_OF_CONDUCT.md). Please review it to understand the behavior standards expected of all contributors.
## Ways to Contribute
There are many ways to contribute to the Protevus Platform project, including:
- Reporting bugs or issues
- Suggesting new features or improvements
- Submitting pull requests with bug fixes or new features
- Improving documentation
- Participating in discussions and providing feedback
## Getting Started
1. Fork the repository and create a new branch for your contribution.
2. Follow the project's coding standards and conventions.
3. Write clear and descriptive commit messages.
4. Test your changes locally before submitting a pull request.
5. Submit a pull request with a detailed description of your changes.
## Branching Conventions
When creating a new branch for your contribution, please follow these naming conventions:
topic names.
```
docs/<description>
fix/<username>-<description>
feature/<username>-<description>
refactor/<username>-<description>
```
If the scope of the issue changes for any reason, please create a new branch with the appropriate naming convention.
## Local Testing
While we provide CI/CD through GitHub Actions, it is recommended to set up your local testing environment to run tests before pushing commits. Follow the instructions in the project's documentation or the CI configuration files to set up your local testing environment.
### Running Tests
Currently, there are three sets of tests that need to be run:
```bash
melos test-unit
# These two need to be run inside packages/conduit
dart test -j1 test/* # use dart test -j1 for Windows and macOS
dart tool/generated_test_runner.dart
```
The first command will run all the unit tests in the Conduit package and its dependencies. The last two commands test CLI components and string-compiled code, respectively.
## Pull Request Requirements
Document the intent and purpose of the pull request.
All non-documentation pull requests must include automated tests that cover the new code, including failure cases.
If tests work locally but not on the CI, please mention @j4qfrost on the pull request or reach out on the Discord server.
## Commits and Versioning
The project uses melos for tooling, which provides autoversioning based on conventional commits. Commits to the master branch will usually be squashed from pull requests, so ensure that the pull request title uses conventional commits to trigger versioning and publishing CI. You do not need to use conventional commits on each commit to your branch.
## Licensing
Protevus Platform is released under the [MIT License](LICENSE).
Thank you for your interest in contributing to the Protevus Platform project! We look forward to your contributions and appreciate your efforts to make this project better.

View file

@ -1,6 +1,6 @@
MIT License
The MIT License (MIT)
Copyright (c) 2024 Protevus
Copyright (c) 2016 angel-dart
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal

144
README.md
View file

@ -1,113 +1,69 @@
<p align="center"><a href="https://protevus.com" target="_blank"><img src="https://git.protevus.com/protevus/branding/raw/branch/main/protevus-logo-bg.png"></a></p>
[![The Angel Framework](https://angel-dart.github.io/assets/images/logo.png)](https://angel-dart.dev)
# Protevus Platform
[![Gitter](https://img.shields.io/gitter/room/nwjs/nw.js.svg)](https://gitter.im/angel_dart/discussion)
[![Pub](https://img.shields.io/pub/v/angel_framework.svg)](https://pub.dartlang.org/packages/angel_framework)
[![Build status](https://travis-ci.org/angel-dart/framework.svg?branch=master)](https://travis-ci.org/angel-dart/framework)
![License](https://img.shields.io/github/license/angel-dart/framework.svg)
Protevus Platform is a highly versatile and extensible application server platform for the Dart programming language. It is a hard fork of the Angel3 framework, inspired by Express.js and Laravel, aiming to provide a familiar and Laravel-compatible API while leveraging the power of Dart.
**A polished, production-ready backend framework in Dart.**
> **Note:** This repository contains the core code of the Protevus Platform. If you want to build an application using Protevus, visit the main [Protevus repository](https://github.com/protevus/protevus).
-----
## About
Angel is a full-stack Web framework in Dart. It aims to
streamline development by providing many common features
out-of-the-box in a consistent manner.
## About Protevus
With features like the following, Angel is the all-in-one framework you should choose to build your next project:
* GraphQL Support
* PostgreSQL ORM
* Dependency Injection
* Static File Handling
* And much more...
Protevus Platform allows developers to leverage their existing Laravel knowledge and experience in the Dart ecosystem. It combines the best features of Angel3 with Laravel-inspired design patterns and APIs, creating a powerful and familiar environment for web application development.
See all the packages in the `packages/` directory.
## AI Assistance
## Installation & Setup
The Protevus Platform project utilizes AI assistance in various aspects of its development process. We believe in leveraging the capabilities of AI to enhance productivity, code quality, and overall project progress while maintaining transparency and adhering to ethical practices.
Once you have [Dart](https://www.dartlang.org/) installed, bootstrapping a project is as simple as running a few shell commands:
### AI Tools and Models
Install the [Angel CLI](https://github.com/angel-dart/cli):
The following AI tools and models have been primarily employed in the development of the Protevus Platform:
- **Continue** (continue.dev)
- **OpenRouter** (openrouter.ai)
- **Claude** (claude.ai)
- **Codestral** (mistral.ai)
- **Voyage** (voyage.ai)
- Other tools and LLMs
### Guidelines and Limitations
While AI assistance has been invaluable in accelerating certain aspects of development, we adhere to strict guidelines to ensure quality, security, and ethical use of AI in our development process.
## Features
- **Laravel API Compatibility**: Familiar API for Laravel developers
- **Modular Architecture**: Separating core components and libraries
- **High Performance**: Leverages Dart's efficient event-driven model and isolates for concurrent processing.
- **Asynchronous Processing**: Built on Dart's async-await paradigm for non-blocking operations.
- **Extensibility**: Support for custom extensions
- **Community-Driven**: Open-source principles and community contributions
- **Modular Packages**: Standalone Dart packages for each component
- **Comprehensive Routing**: Powerful routing capabilities
- **Dependency Injection**: Built-in support
- **Middleware Support**: For filtering HTTP requests
- **Authentication & Authorization**: Robust tools
- **Database Abstraction**: Query builder and ORM
- **Queueing System**: Manage background tasks
- **Event Broadcasting**: Real-time event capabilities
- **Full-Stack Experience**: Server-side views and Flutter support for frontends
- **WebSocket Support**: Real-time communication
- **ORM and Database Integration**: Work with various database systems
- **Templating Engine**: For server-side rendering
- **Static File Serving**: Built-in middleware
- **Scalability**: Designed to handle multiple concurrent connections efficiently.
- **Testing Utilities**: Comprehensive testing support
## Getting Started
To get started with Protevus Platform, follow these steps:
1. **Install Dart**: Ensure you have the Dart SDK installed on your system.
2. **Create a new project**:
- dart create -t console my_protevus_app cd
- my_protevus_app
3. **Add Protevus dependencies**: Add the following to your `pubspec.yaml`:
```yaml
dependencies:
protevus_framework: ^1.0.0
protevus_configuration: ^1.0.0
```bash
pub global activate angel_cli
```
4. **Run pub get**:
```shell
dart pub get
Bootstrap a project:
```bash
angel init hello
```
5. **Create your first Protevus application**: Replace the contents of bin/my_protevus_app.dart with:
```dart
import 'package:protevus_framework/protevus_framework.dart';
import 'package:protevus_framework/http.dart';
void main() async {
var app = Protevus();
var http = ProtevusHttp(app);
You can even have your server run and be *hot-reloaded* on file changes:
app.get('/', (req, res) => res.write('Hello, Protevus!'));
await http.startServer('localhost', 3000);
print('Server listening at http://localhost:3000');
}
```bash
dart --observe bin/dev.dart
```
6. **Run your application**:
```shell
dart run bin/my_protevus_app.dart
```
Visit http://localhost:3000 in your browser to see your Protevus app in action!
## Documentation
Comprehensive documentation for Protevus Platform is available at protevus.com/docs/platform. The documentation covers installation, configuration, usage, and advanced topics, including guides and examples.
Next, check out the [detailed documentation](https://docs.angel-dart.dev/v/2.x) to learn to flesh out your project.
## Plugins and Packages
Protevus Platform offers a wide range of official plugins and packages to extend its functionality, building upon the Angel3 ecosystem and introducing new Laravel-inspired components.
## Development
## Community and Support
GitHub Discussions: github.com/protevus/platform/discussions
Twitter: @Protevus
Contributing
We welcome contributions from the community! Please read our CONTRIBUTING.md for guidelines on how to contribute to Protevus Platform.
* Install development version of Angel CLI
`dart pub global activate --source path ./packages/cli`
`dart pub global activate --source git https://github.com/dukefirehawk/angel/packages/cli`
## License
Protevus Platform is open-source software licensed under the MIT license.
## Examples and Documentation
Visit the [documentation](https://docs.angel-dart.dev/v/2.x)
for dozens of guides and resources, including video tutorials,
to get up and running as quickly as possible with Angel.
## Acknowledgements
Protevus Platform is built upon the foundation of Angel3 and inspired by Laravel. We'd like to thank the creators and contributors of both these frameworks for their invaluable work in the web development ecosystem.
Examples and complete projects can be found
[here](https://github.com/angel-dart/examples-v2).
You can also view the [API Documentation](http://www.dartdocs.org/documentation/angel_framework/latest).
There is also an [Awesome Angel :fire:](https://github.com/angel-dart/awesome-angel) list.
## Contributing
Interested in contributing to Angel? Start by reading the contribution guide [here](CONTRIBUTING.md).

View file

@ -1,49 +0,0 @@
# Protevus Platform Security
The Protevus Platform team takes security seriously and is committed to ensuring the security and integrity of the project. This document outlines the security practices, policies, and guidelines followed by the project.
## Reporting Security Vulnerabilities
If you discover a security vulnerability within the Protevus Platform, we appreciate your help in disclosing it responsibly. Please follow these steps:
1. **Do not** create a public issue or disclose the vulnerability publicly.
2. Send an email to the Protevus Platform security team at [security@protevus.com](mailto:security@protevus.com) with details about the vulnerability, including:
- A brief description of the vulnerability
- Steps to reproduce the issue
- Any potential impact or consequences
- Your contact information (optional)
3. The security team will acknowledge your report and work with you to investigate and address the vulnerability.
4. Once the vulnerability has been addressed, you will be credited in the release notes and the security advisory.
We appreciate your cooperation in responsibly disclosing security vulnerabilities, as it helps us maintain the integrity and security of the Protevus Platform.
## Security Practices
The Protevus Platform team follows industry-standard security practices to ensure the security and integrity of the project:
- **Code Reviews**: All code contributions undergo thorough code reviews by the core team to identify and mitigate potential security risks.
- **Secure Coding Practices**: The project adheres to secure coding practices, including input validation, output encoding, and protection against common web application vulnerabilities (e.g., XSS, CSRF, SQL injection).
- **Dependency Management**: Third-party dependencies are regularly monitored and updated to address known vulnerabilities.
- **Security Testing**: The project undergoes regular security testing, including static code analysis, dynamic application security testing (DAST), and penetration testing.
- **Secure Development Lifecycle**: The project follows a secure development lifecycle, incorporating security considerations throughout the development process, from design to deployment.
## Security Advisories
In the event of a security vulnerability being discovered and addressed, the Protevus Platform team will release a security advisory containing the following information:
- A description of the vulnerability
- Affected versions
- Mitigation steps or patches
- Credit to the individuals who reported the vulnerability (if desired)
Security advisories will be published on the project's website and communicated to the community through appropriate channels.
## Responsible Disclosure
The Protevus Platform team believes in responsible disclosure of security vulnerabilities. We will work with researchers and security professionals to address vulnerabilities in a timely and responsible manner, ensuring that the necessary fixes and mitigations are in place before publicly disclosing the details of the vulnerability.
## Conclusion
The security and integrity of the Protevus Platform are of utmost importance to the project team. We are committed to following industry-standard security practices, responsibly disclosing and addressing vulnerabilities, and maintaining open communication with the community regarding security matters.
If you have any questions or concerns regarding the security of the Protevus Platform, please contact the security team at [security@protevus.com](mailto:security@protevus.com).

9
TODO.md Normal file
View file

@ -0,0 +1,9 @@
# Todo
### Container/angel_container_generator
* test/reflector_test.reflectab.dart - Changed ImplicitGetterMirrorImpl() from 5 to 3 parameters (revisit later)
* A user forum
* Updated User Guide

View file

@ -1,30 +0,0 @@
# This file configures the static analysis results for your project (errors,
# warnings, and lints).
#
# This enables the 'recommended' set of lints from `package:lints`.
# This set helps identify many issues that may lead to problems when running
# or consuming Dart code, and enforces writing Dart using a single, idiomatic
# style and format.
#
# If you want a smaller set of lints you can change this to specify
# 'package:lints/core.yaml'. These are just the most critical lints
# (the recommended set includes the core lints).
# The core lints are also what is used by pub.dev for scoring packages.
include: package:lints/recommended.yaml
# Uncomment the following section to specify additional rules.
# linter:
# rules:
# - camel_case_types
# analyzer:
# exclude:
# - path/to/excluded/files/**
# For more information about the core and recommended set of lints, see
# https://dart.dev/go/core-lints
# For additional information about configuring this file, see
# https://dart.dev/guides/language/analysis-options

View file

@ -1,75 +0,0 @@
# Protevus Platform DevOps
This directory contains Docker and Kubernetes configurations for the Protevus Platform. It is organized to support our containerization and orchestration needs across different environments.
## Directory Structure
```
devops/
├── docker/
│ ├── Dockerfile
│ ├── docker-compose.yml
│ └── .dockerignore
├── kubernetes/
│ ├── deployment.yaml
│ ├── service.yaml
│ ├── ingress.yaml
│ └── configmap.yaml
├── scripts/
│ ├── docker-build.sh
│ ├── docker-push.sh
│ ├── k8s-deploy.sh
│ └── k8s-rollback.sh
└── README.md
```
### docker/
This directory contains Docker-related files for building and running the Protevus Platform in containers.
- `Dockerfile`: Defines the container image for the Protevus Platform.
- `docker-compose.yml`: Configures multi-container Docker applications for local development.
- `.dockerignore`: Specifies which files and directories should be excluded when building Docker images.
### kubernetes/
The kubernetes/ directory houses Kubernetes manifests for deploying and managing the Protevus Platform in a Kubernetes cluster.
- `deployment.yaml`: Defines the deployment configuration for the Protevus Platform.
- `service.yaml`: Specifies the service configuration for exposing the platform.
- `ingress.yaml`: Configures ingress rules for routing external traffic to the service.
- `configmap.yaml`: Stores configuration data that can be consumed by pods.
### scripts/
This directory contains utility scripts for Docker and Kubernetes operations.
- `docker-build.sh`: Script for building Docker images.
- `docker-push.sh`: Script for pushing Docker images to a registry.
- `k8s-deploy.sh`: Script for deploying the application to a Kubernetes cluster.
- `k8s-rollback.sh`: Script for rolling back a Kubernetes deployment.
## Usage Guidelines
1. Use the provided scripts in the `scripts/` directory for common Docker and Kubernetes operations.
2. Ensure all configuration files are properly parameterized for different environments (dev, staging, production).
3. Keep sensitive information (like passwords and API keys) out of these files and use Kubernetes secrets instead.
4. Regularly update and test these configurations as the Protevus Platform evolves.
## Deployment Process
1. Build the Docker image using `scripts/docker-build.sh`.
2. Push the image to the container registry with `scripts/docker-push.sh`.
3. Deploy to Kubernetes using `scripts/k8s-deploy.sh`.
4. If needed, rollback the deployment using `scripts/k8s-rollback.sh`.
## Contributing
When contributing to the DevOps configurations:
1. Test all changes thoroughly in a non-production environment before applying to production.
2. Document any new scripts or significant changes to existing configurations.
3. Follow Kubernetes and Docker best practices for security and efficiency.
4. Submit a pull request with a clear description of the changes and their purpose.
For any questions or suggestions regarding the DevOps setup, please contact the Protevus Platform infrastructure team.

View file

@ -1,172 +0,0 @@
# Docker Services
The required applications by the framework can be run using the docker compose files provided in this folder.
## PostreSQL
### Starting the PostreSQL container
```bash
docker compose -f docker-compose-pg.yml -p pg up -d
```
### Stopping the PostreSQL container
```bash
docker compose -f docker-compose-pg.yml -p pg stop
docker compose -f docker-compose-pg.yml -p pg down
```
### Checking the PostreSQL container log
```bash
docker logs docker-pg-1 -f
```
### Running psql
```bash
docker exec -it <container id> /bin/bash
psql --username postgres
```
### Create PostgreSQL database, user and grant access
```sql
create database orm_test;
create user test with encrypted password 'test123';
grant all privileges on database orm_test to test;
```
## MariaDB
### Starting the MariaDB container
```bash
docker compose -f docker-compose-mariadb.yml -p maria up -d
```
### Stopping the MariaDB container
```bash
docker compose -f docker-compose-mariadb.yml -p maria stop
docker compose -f docker-compose-mariadb.yml -p maria down
```
### Checking the MariaDB container log
```bash
docker logs maria-mariadb-1 -f
```
### Create MariaDB database, user and grant access
```sql
create database orm_test;
-- Granting localhost access only
create user 'test'@'localhost' identified by 'test123';
grant all privileges on orm_test.* to 'test'@'localhost';
-- Granting localhost and remote access
create user 'test'@'%' identified by 'test123';
grant all privileges on orm_test.* to 'test'@'%';
```
## MySQL
### Starting the MySQL container
```bash
docker compose -f docker-compose-mysql.yml -p mysql up -d
```
### Stopping the MySQL container
```bash
docker compose -f docker-compose-mysql.yml -p mysql stop
docker compose -f docker-compose-mysql.yml -p mysql down
```
### Checking the MySQL container log
```bash
docker logs mysql-mysql-1 -f
```
### Create MySQL database, user and grant access
```sql
create database orm_test;
-- Granting localhost access only
create user 'test'@'localhost' identified by 'test123';
grant all privileges on orm_test.* to 'test'@'localhost';
-- Granting localhost and remote access
create user 'test'@'%' identified by 'test123';
grant all privileges on orm_test.* to 'test'@'%';
```
## MongoDB
### Starting the MongoDB container
```bash
docker compose -f docker-compose-mongo.yml -p mongo up -d
```
### Stopping the MongoDB container
```bash
docker compose -f docker-compose-mongo.yml -p mongo stop
docker compose -f docker-compose-mongo.yml -p mongo down
```
### Checking the MongoDB container log
```bash
docker logs mongo-mongo-1 -f
```
## rethinkDB
### Starting the rethinkDB container
```bash
docker compose -f docker-compose-rethinkdb.yml -p rethink up -d
```
### Stopping the rethinkDB container
```bash
docker compose -f docker-compose-rethinkdb.yml -p rethink stop
docker compose -f docker-compose-rethinkdb.yml -p rethink down
```
### Checking the rethinkDB container log
```bash
docker logs rethink-rethinkdb-1 -f
```
## Redis
### Starting the Redis container
```bash
docker compose -f docker-compose-redis.yml -p redis up -d
```
### Stopping the Redis container
```bash
docker compose -f docker-compose-redis.yml -p redis stop
docker compose -f docker-compose-redis.yml -p redis down
```
### Checking the Redis container log
```bash
docker logs redis-redis-1 -f
```

View file

@ -1,19 +0,0 @@
services:
mariadb:
image: mariadb:latest
restart: "no"
ports:
- "3306:3306"
environment:
- MARIADB_ROOT_PASSWORD=Qwerty
volumes:
- "mariadb:/var/lib/mysql"
networks:
- appnet
volumes:
mariadb:
driver: local
networks:
appnet:

View file

@ -1,37 +0,0 @@
services:
mongo:
image: mongo
restart: no
ports:
- 27017:27017
environment:
MONGO_INITDB_ROOT_USERNAME: root
MONGO_INITDB_ROOT_PASSWORD: Qwerty
MONGO_INITDB_DATABASE: local
volumes:
- "mongo:/data/db"
networks:
- appnet
mongo-express:
image: mongo-express
restart: no
depends_on:
- mongo
ports:
- 8081:8081
environment:
ME_CONFIG_MONGODB_ADMINUSERNAME: root
ME_CONFIG_MONGODB_ADMINPASSWORD: Qwerty
ME_CONFIG_MONGODB_URL: mongodb://root:Qwerty@mongo:27017/
ME_CONFIG_BASICAUTH: false
networks:
- webnet
volumes:
mongo:
driver: local
networks:
appnet:

View file

@ -1,19 +0,0 @@
services:
mysql:
image: mysql:latest
restart: "no"
ports:
- "3306:3306"
environment:
- MYSQL_ROOT_PASSWORD=Qwerty
volumes:
- "mysql:/var/lib/mysql"
networks:
- appnet
volumes:
mysql:
driver: local
networks:
appnet:

View file

@ -1,31 +0,0 @@
services:
pgdb:
image: postgres:latest
restart: "no"
ports:
- "5432:5432"
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
volumes:
- "db:/var/lib/postgresql/data"
networks:
- appnet
pgadmin4:
image: dpage/pgadmin4:latest
restart: "no"
ports:
- "5050:80"
environment:
- PGADMIN_DEFAULT_EMAIL=admin@mydomain.com
- PGADMIN_DEFAULT_PASSWORD=Qwerty
networks:
- appnet
volumes:
db:
driver: local
networks:
appnet:

View file

@ -1,20 +0,0 @@
services:
redis:
image: redis:latest
restart: "no"
ports:
- "5432:5432"
environment:
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
volumes:
- "redis:/data"
networks:
- appnet
volumes:
redis:
driver: local
networks:
appnet:

View file

@ -1,19 +0,0 @@
services:
rethinkdb:
image: rethinkdb:latest
restart: "no"
ports:
- "8080:8080"
- "28015:28015"
- "29015:29015"
volumes:
- "rethinkdb:/data"
networks:
- appnet
volumes:
rethinkdb:
driver: local
networks:
appnet:

View file

@ -1,10 +0,0 @@
# Performance Testing
The performance test can be run with the following tools.
## WRT
```bash
wrk -t12 -c400 -d30s http://localhost:8080/query?queries=20
```
This runs a benchmark for 30 seconds, using 12 threads, and keeping 400 HTTP connections open.

View file

@ -1,68 +0,0 @@
# Protevus Platform Helpers
This directory contains various helper functionalities, tools, and utilities for the Protevus Platform. It is organized into subdirectories to maintain a clear structure and separation of concerns.
## Directory Structure
```
helpers/
├── cli/
├── console/
├── tools/
└── utilities/
```
### cli/
This directory contains command-line interface tools and scripts specific to the Protevus Platform. These are typically used for development, deployment, or maintenance tasks that are run directly from the command line.
Examples:
- Database migration scripts
- Code generation tools
- Deployment scripts
### console/
The console/ directory houses console commands and utilities, similar to Laravel's Artisan commands. These are interactive tools that provide a user-friendly interface for various platform operations.
Examples:
- REPL (Read-Eval-Print Loop) for the Protevus Platform
- Interactive configuration tools
- Database seeding commands
### tools/
This directory is for larger, more complex helper applications or scripts used in development, testing, or deployment of the Protevus Platform. These tools often combine multiple functionalities or interact with external services.
Examples:
- Automated testing suites
- Performance profiling tools
- Documentation generators
### utilities/
The utilities/ directory contains general-purpose utility functions and smaller helper scripts. These are typically reusable across different parts of the platform and provide common functionality.
Examples:
- String manipulation functions
- Date and time helpers
- File system operations
## Usage Guidelines
1. Place new helpers in the appropriate subdirectory based on their purpose and complexity.
2. Maintain consistency in naming conventions and file structures within each subdirectory.
3. Document each helper, tool, or utility with clear comments and usage examples.
4. Update this README when adding new significant helpers or changing the structure.
## Contributing
When contributing new helpers:
1. Ensure your code follows the Protevus Platform coding standards.
2. Write tests for your helpers when applicable.
3. Update or create documentation for new functionalities.
4. Submit a pull request with a clear description of the new helper and its purpose.
For any questions or suggestions regarding the helpers structure, please contact the Protevus Platform core development team.

View file

@ -1,20 +0,0 @@
name: protevus_platform
repository: https://github.com/protevus/platform
packages:
- core/**
- packages/**
- sandbox/**
- wspace/**
- examples/**
command:
version:
# Generate commit links in package changelogs.
linkToCommits: true
# Only allow versioning to happen on main branch.
branch: master
workspaceChangelog: true
ide:
intellij:
enabled: false

View file

@ -1,32 +1,15 @@
# See https://www.dartlang.org/tools/private-files.html
# Files and directories created by pub
.dart_tool
.packages
.pub/
build/
# If you're building an application, you may want to check-in your pubspec.lock
pubspec.lock
# Directory created by dartdoc
# If you don't generate documentation locally you can remove this line.
doc/api/
# Created by .ignore support plugin (hsz.mobi)
### Dart template
# See https://www.dartlang.org/tools/private-files.html
# Files and directories created by pub
# SDK 1.20 and later (no longer creates packages directories)
# Older SDK versions
# (Include if the minimum SDK version specified in pubsepc.yaml is earlier than 1.20)
.project
.buildlog
.packages
.project
.pub/
build/
**/packages/
# Files created by dart2js
# (Most Dart developers will use pub build to compile Dart, use/modify these
# rules if you intend to use dart2js directly
@ -39,17 +22,36 @@ doc/api/
*.info.json
# Directory created by dartdoc
doc/api/
# Don't commit pubspec lock file
# (Library packages only! Remove pattern if developing an application package)
pubspec.lock
### JetBrains template
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
# User-specific stuff:
.idea/workspace.xml
.idea/tasks.xml
.idea/dictionaries
.idea/vcs.xml
.idea/jsLibraryMappings.xml
## VsCode
.vscode/
# Sensitive or high-churn files:
.idea/dataSources.ids
.idea/dataSources.xml
.idea/dataSources.local.xml
.idea/sqlDataSources.xml
.idea/dynamic.xml
.idea/uiDesigner.xml
# Gradle:
.idea/gradle.xml
.idea/libraries
# Mongo Explorer plugin:
.idea/mongoSettings.xml
## File-based project format:
*.iws
@ -57,8 +59,9 @@ doc/api/
## Plugin-specific files:
# IntelliJ
.idea/
/out/
# mpeltonen/sbt-idea plugin
.idea_modules/
# JIRA plugin
@ -69,4 +72,5 @@ com_crashlytics_export_strings.xml
crashlytics.properties
crashlytics-build.properties
fabric.properties
.DS_Store
.dart_tool

View file

@ -0,0 +1,17 @@
<?xml version="1.0" encoding="UTF-8"?>
<module type="WEB_MODULE" version="4">
<component name="NewModuleRootManager">
<content url="file://$MODULE_DIR$">
<excludeFolder url="file://$MODULE_DIR$/.dart_tool" />
<excludeFolder url="file://$MODULE_DIR$/.pub" />
<excludeFolder url="file://$MODULE_DIR$/.tmp" />
<excludeFolder url="file://$MODULE_DIR$/build" />
<excludeFolder url="file://$MODULE_DIR$/temp" />
<excludeFolder url="file://$MODULE_DIR$/tmp" />
</content>
<orderEntry type="inheritedJdk" />
<orderEntry type="sourceFolder" forTests="false" />
<orderEntry type="library" name="Dart SDK" level="project" />
<orderEntry type="library" name="Dart Packages" level="project" />
</component>
</module>

View file

@ -0,0 +1,28 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="JavaScriptSettings">
<option name="languageLevel" value="ES6" />
</component>
<component name="ProjectInspectionProfilesVisibleTreeState">
<entry key="Project Default">
<profile-state>
<expanded-state>
<State>
<id />
</State>
<State>
<id>General</id>
</State>
<State>
<id>XPath</id>
</State>
</expanded-state>
<selected-state>
<State>
<id>AngularJS</id>
</State>
</selected-state>
</profile-state>
</entry>
</component>
</project>

View file

@ -0,0 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ProjectModuleManager">
<modules>
<module fileurl="file://$PROJECT_DIR$/.idea/angel_auth.iml" filepath="$PROJECT_DIR$/.idea/angel_auth.iml" />
</modules>
</component>
</project>

View file

@ -0,0 +1,8 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="All Tests" type="DartTestRunConfigurationType" factoryName="Dart Test" singleton="true">
<option name="filePath" value="$PROJECT_DIR$/test" />
<option name="scope" value="FOLDER" />
<option name="testRunnerOptions" value="-j 4" />
<method />
</configuration>
</component>

View file

@ -0,0 +1,6 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Auth Token Tests" type="DartTestRunConfigurationType" factoryName="Dart Test" singleton="true">
<option name="filePath" value="$PROJECT_DIR$/test/auth_token_test.dart" />
<method />
</configuration>
</component>

View file

@ -0,0 +1,6 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Callback Tests" type="DartTestRunConfigurationType" factoryName="Dart Test" singleton="true">
<option name="filePath" value="$PROJECT_DIR$/test/callback_test.dart" />
<method />
</configuration>
</component>

View file

@ -0,0 +1,6 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Local Tests" type="DartTestRunConfigurationType" factoryName="Dart Test" singleton="true">
<option name="filePath" value="$PROJECT_DIR$/test/local_test.dart" />
<method />
</configuration>
</component>

View file

@ -0,0 +1,8 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="preserve existing user in callback_test.dart" type="DartTestRunConfigurationType" factoryName="Dart Test" singleton="true" nameIsGenerated="true">
<option name="filePath" value="$PROJECT_DIR$/test/callback_test.dart" />
<option name="scope" value="GROUP_OR_TEST_BY_NAME" />
<option name="testName" value="preserve existing user" />
<method />
</configuration>
</component>

View file

@ -0,0 +1,7 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="tests in protect_cookie_test.dart" type="DartTestRunConfigurationType" factoryName="Dart Test" singleton="true" nameIsGenerated="true">
<option name="filePath" value="$PROJECT_DIR$/test/protect_cookie_test.dart" />
<option name="testRunnerOptions" value="-j4" />
<method />
</configuration>
</component>

View file

@ -0,0 +1,4 @@
language: dart
dart:
- dev
- stable

View file

@ -1,12 +0,0 @@
Primary Authors
===============
* __[Thomas Hii](dukefirehawk.apps@gmail.com)__
Thomas is the current maintainer of the code base. He has refactored and migrated the
code base to support NNBD.
* __[Tobe O](thosakwe@gmail.com)__
Tobe has written much of the original code prior to NNBD migration. He has moved on and
is no longer involved with the project.

View file

@ -1,193 +1,83 @@
# Change Log
## 8.2.0
* Require Dart >= 3.3
* Updated `lints` to 4.0.0
## 8.1.1
* Updated repository link
## 8.1.0
* Updated `lints` to 3.0.0
## 8.0.0
* Require Dart >= 3.0
* Upgraded `http` to 1.0.0
* Fixed failed `successRedirect` test case
* Fixed failed `failureRedirect` test case
* Fixed failed `login` test case
* Fixed failed `force basic` test case
* Added `example1` and `example2`
## 7.0.1
* Fixed linter warnings
## 7.0.0
* Require Dart >= 2.17
## 6.0.0
* Require Dart >= 2.16
## 5.0.0
* Skipped release
## 4.1.2
* Fixed `requireAuthentication` to work correctly with null-safety type
## 4.1.1
* Changed `userId` field of `AuthToken` to String type
* Changed `serializer` return value to String type
* Changed `deserializer` input parameter to String type
## 4.1.0
* Updated linter to `package:lints`
## 4.0.5
* Added support for verifier function to return an empty Map instead of null
* Fixed `canRespondWithJson` option to return data in the response body when set to true
## 4.0.4
* Changed `serializer` and `deserializer` parameters to be required
* Fixed HTTP basic authentication
* All 31 unit tests passed
## 4.0.3
* Fixed "failureRedirect" unit test
## 4.0.2
* Added MirrorsReflector to unit test
## 4.0.1
* Updated README
## 4.0.0
* Migrated to support Dart >= 2.12 NNBD
## 3.0.0
* Migrated to work with Dart >= 2.12 Non NNBD
## 2.1.5+1
# 2.1.5+1
* Fix error in popup page.
## 2.1.5
# 2.1.5
* Modify `_apply` to honor an existing `User` over `Future<User>`.
## 2.1.4
# 2.1.4
* Deprecate `decodeJwt`, in favor of asynchronous injections.
## 2.1.3
# 2.1.3
* Use `await` on redirects, etc.
## 2.1.2
# 2.1.2
* Change empty cookie string to have double quotes (thanks @korsvanloon).
## 2.1.1
# 2.1.1
* Added `scopes` to `ExternalAuthOptions`.
## 2.1.0
# 2.1.0
* Added `ExternalAuthOptions`.
## 2.0.4
# 2.0.4
* `successRedirect` was previously explicitly returning a `200`; remove this and allow the default `302`.
## 2.0.3
# 2.0.3
* Updates for streaming parse of request bodies.
## 2.0.2
# 2.0.2
* Handle `null` return in `authenticate` + `failureRedirect`.
## 2.0.1
# 2.0.1
* Add generic parameter to `options` on `AuthStrategy.authenticate`.
## 2.0.0+1
# 2.0.0+1
* Meta update to improve Pub score.
## 2.0.0
# 2.0.0
* Made `AuthStrategy` generic.
* `ProtevusAuth.strategies` is now a `Map<String, AuthStrategy<User>>`.
* `AngelAuth.strategies` is now a `Map<String, AuthStrategy<User>>`.
* Removed `AuthStrategy.canLogout`.
* Made `ProtevusAuthTokenCallback` generic.
* Made `AngelAuthTokenCallback` generic.
## 2.0.0-alpha
* Depend on Dart 2 and Protevus 2.
# 2.0.0-alpha
* Depend on Dart 2 and Angel 2.
* Remove `dart2_constant`.
* Remove `requireAuth`.
* Remove `userKey`, instead favoring generic parameters.
## 1.2.0
# 1.2.0
* Deprecate `requireAuth`, in favor of `requireAuthentication`.
* Allow configuring of the `userKey`.
* Deprecate `middlewareName`.
## 1.1.1+6
# 1.1.1+6
* Fix a small logic bug that prevented `LocalAuthStrategy`
from correctly propagating the authenticated user when
using `Basic` auth.
## 1.1.1+5
# 1.1.1+5
* Prevent duplication of cookies.
* Regenerate the JWT if `tokenCallback` is called.
## 1.1.1+4
# 1.1.1+4
* Patched `logout` to properly erase cookies
* Fixed checking of expired tokens.
## 1.1.1+3
# 1.1.1+3
* `authenticate` returns the current user, if one is present.
## 1.1.1+2
# 1.1.1+2
* `_apply` now always sends a `token` cookie.
## 1.1.1+1
# 1.1.1+1
* Update `protectCookie` to only send `maxAge` when it is not `-1`.
## 1.1.1
# 1.1.1
* Added `protectCookie`, to better protect data sent in cookies.
## 1.1.0+2
# 1.1.0+2
* `LocalAuthStrategy` returns `true` on `Basic` authentication.
## 1.1.0+1
# 1.1.0+1
* Modified `LocalAuthStrategy`'s handling of `Basic` authentication.

View file

@ -1,29 +1,21 @@
BSD 3-Clause License
The MIT License (MIT)
Copyright (c) 2021, dukefirehawk.com
All rights reserved.
Copyright (c) 2016 angel-dart
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

View file

@ -1,33 +1,31 @@
# Protevus Anthentication
# angel_auth
![Pub Version (including pre-releases)](https://img.shields.io/pub/v/protevus_auth?include_prereleases)
[![Null Safety](https://img.shields.io/badge/null-safety-brightgreen)](https://dart.dev/null-safety)
[![Discord](https://img.shields.io/discord/1060322353214660698)](https://discord.gg/3X6bxTUdCM)
[![License](https://img.shields.io/github/license/dart-backend/protevus)](https://github.com/dart-backend/protevus/tree/master/packages/auth/LICENSE)
[![Pub](https://img.shields.io/pub/v/angel_auth.svg)](https://pub.dartlang.org/packages/angel_auth)
[![build status](https://travis-ci.org/angel-dart/auth.svg?branch=master)](https://travis-ci.org/angel-dart/auth)
A complete authentication plugin for Protevus. Inspired by Passport. More details in the [User Guide](https://protevus-docs.dukefirehawk.com/guides/authentication).
A complete authentication plugin for Angel. Inspired by Passport.
## Bundled Strategies
# Wiki
[Click here](https://github.com/angel-dart/auth/wiki).
# Bundled Strategies
* Local (with and without Basic Auth)
* Find other strategies (Twitter, Google, OAuth2, etc.) on pub
* Find other strategies (Twitter, Google, OAuth2, etc.) on Pub!!!
## Example
Ensure you have read the [User Guide](https://protevus-docs.dukefirehawk.com/guides/authentication).
# Example
Ensure you have read the [wiki](https://github.com/angel-dart/auth/wiki).
```dart
configureServer(Protevus app) async {
var auth = ProtevusAuth<User>(
serializer: (user) => user.id ?? '',
deserializer: (id) => fetchAUserByIdSomehow(id
);
configureServer(Angel app) async {
var auth = AngelAuth<User>();
auth.serializer = ...;
auth.deserializer = ...;
auth.strategies['local'] = LocalAuthStrategy(...);
// POST route to handle username+password
app.post('/local', auth.authenticate('local'));
// Using Protevus's asynchronous injections, we can parse the JWT
// Using Angel's asynchronous injections, we can parse the JWT
// on demand. It won't be parsed until we check.
app.get('/profile', ioc((User user) {
print(user.description);
@ -50,15 +48,17 @@ configureServer(Protevus app) async {
}
```
## Default Authentication Callback
A frequent use case within SPA's is opening OAuth login endpoints in a separate window. [`protevus_client`](https://pub.dev/packages/protevus_client) provides a facility for this, which works perfectly with the default callback provided in this package.
# Default Authentication Callback
A frequent use case within SPA's is opening OAuth login endpoints in a separate window.
[`angel_client`](https://github.com/angel-dart/client)
provides a facility for this, which works perfectly with the default callback provided
in this package.
```dart
configureServer(Protevus app) async {
configureServer(Angel app) async {
var handler = auth.authenticate(
'facebook',
ProtevusAuthOptions(callback: confirmPopupAuthentication()));
AngelAuthOptions(callback: confirmPopupAuthentication()));
app.get('/auth/facebook', handler);
// Use a comma to try multiple strategies!!!
@ -75,7 +75,8 @@ configureServer(Protevus app) async {
}
```
This renders a simple HTML page that fires the user's JWT as a `token` event in `window.opener`. `protevus_client` [exposes this as a Stream](https://pub.dev/documentation/protevus_client/latest/):
This renders a simple HTML page that fires the user's JWT as a `token` event in `window.opener`.
`angel_client` [exposes this as a Stream](https://github.com/angel-dart/client#authentication):
```dart
app.authenticateViaPopup('/auth/google').listen((jwt) {

View file

@ -1 +1,4 @@
include: package:lints/recommended.yaml
include: package:pedantic/analysis_options.yaml
analyzer:
strong-mode:
implicit-casts: false

View file

@ -1,22 +0,0 @@
### Load landing page
GET http://localhost:3000/ HTTP/1.1
### login (call_back)
POST http://localhost:3000/login HTTP/1.1
Content-Type: application/json
Authorization: Basic jdoe1:password
### Success redirect (local)
POST http://localhost:3000/login HTTP/1.1
Content-Type: application/json
Authorization: Basic username:password
### Failure redirect (local)
POST http://localhost:3000/login HTTP/1.1
Content-Type: application/json
Authorization: Basic password:username
### Force basic
GET http://localhost:3000/hello HTTP/1.1
Content-Type: application/json
Accept:application/json

View file

@ -1,13 +1,15 @@
import 'dart:async';
import 'package:protevus_auth/protevus_auth.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:protevus_framework/http.dart';
import 'package:angel_auth/angel_auth.dart';
import 'package:angel_framework/angel_framework.dart';
import 'package:angel_framework/http.dart';
void main() async {
var app = Protevus();
var auth = ProtevusAuth<User>(
serializer: (user) => user.id ?? '',
deserializer: (id) => fetchAUserByIdSomehow(id));
main() async {
var app = Angel();
var auth = AngelAuth<User>();
auth.serializer = (user) => user.id;
auth.deserializer = (id) => fetchAUserByIdSomehow(id);
// Middleware to decode JWT's and inject a user object...
await app.configure(auth.configureServer);
@ -17,22 +19,21 @@ void main() async {
// If authentication succeeds, return a User object.
//
// Otherwise, return `null`.
return null;
});
app.post('/auth/local', auth.authenticate('local'));
var http = ProtevusHttp(app);
var http = AngelHttp(app);
await http.startServer('127.0.0.1', 3000);
print('Listening at http://127.0.0.1:3000');
}
class User {
String? id, username, password;
String id, username, password;
}
Future<User> fetchAUserByIdSomehow(String id) async {
Future<User> fetchAUserByIdSomehow(id) async {
// Fetch a user somehow...
throw UnimplementedError();
}

View file

@ -1,114 +0,0 @@
import 'package:protevus_auth/protevus_auth.dart';
import 'package:protevus_container/mirrors.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:protevus_framework/http.dart';
import 'package:collection/collection.dart' show IterableExtension;
import 'package:io/ansi.dart';
import 'package:logging/logging.dart';
import 'package:collection/collection.dart';
class User extends Model {
String? username, password;
User({this.username, this.password});
static User parse(Map<String, dynamic> map) {
return User(
username: map['username'],
password: map['password'],
);
}
Map<String, dynamic> toJson() {
return {
'id': id,
'username': username,
'password': password,
'created_at': createdAt?.toIso8601String(),
'updated_at': updatedAt?.toIso8601String()
};
}
}
/*
* Backend for callback test cases
*/
void main() async {
hierarchicalLoggingEnabled = true;
Protevus app = Protevus(reflector: MirrorsReflector());
ProtevusHttp angelHttp = ProtevusHttp(app);
app.use('/users', MapService());
var oldErrorHandler = app.errorHandler;
app.errorHandler = (e, req, res) {
app.logger.severe(e.message, e, e.stackTrace ?? StackTrace.current);
return oldErrorHandler(e, req, res);
};
app.logger = Logger('protevus_auth')
..level = Level.FINEST
..onRecord.listen((rec) {
print(rec);
if (rec.error != null) {
print(yellow.wrap(rec.error.toString()));
}
if (rec.stackTrace != null) {
print(yellow.wrap(rec.stackTrace.toString()));
}
});
await app
.findService('users')
?.create({'username': 'jdoe1', 'password': 'password'});
var auth = ProtevusAuth<User>(
serializer: (u) => u.id ?? '',
deserializer: (id) async =>
await app.findService('users')?.read(id) as User);
//auth.serializer = (u) => u.id;
//auth.deserializer =
// (id) async => await app.findService('users')!.read(id) as User;
await app.configure(auth.configureServer);
auth.strategies['local'] = LocalAuthStrategy((username, password) async {
var users = await app
.findService('users')
?.index()
.then((it) => it.map<User>((m) => User.parse(m)).toList());
var result = users?.firstWhereOrNull(
(user) => user.username == username && user.password == password);
return Future.value(result);
}, allowBasic: true);
app.post(
'/login',
auth.authenticate('local',
ProtevusAuthOptions(callback: (req, res, token) {
res
..write('Hello!')
..close();
})));
app.get('/', (req, res) => res.write("Hello"));
app.chain([
(req, res) {
if (!req.container!.has<User>()) {
req.container!.registerSingleton<User>(
User(username: req.params['name']?.toString()));
}
return true;
}
]).post(
'/existing/:name',
auth.authenticate('local'),
);
await angelHttp.startServer('127.0.0.1', 3000);
}

View file

@ -1,69 +0,0 @@
import 'dart:async';
import 'package:protevus_auth/protevus_auth.dart';
import 'package:protevus_container/mirrors.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:protevus_framework/http.dart';
import 'package:logging/logging.dart';
final Map<String, String> sampleUser = {'hello': 'world'};
final ProtevusAuth<Map<String, String>> auth =
ProtevusAuth<Map<String, String>>(
serializer: (user) async => '1337',
deserializer: (id) async => sampleUser);
//var headers = <String, String>{'accept': 'application/json'};
var localOpts = ProtevusAuthOptions<Map<String, String>>(
failureRedirect: '/failure', successRedirect: '/success');
var localOpts2 =
ProtevusAuthOptions<Map<String, String>>(canRespondWithJson: false);
Future<Map<String, String>> verifier(String? username, String? password) async {
if (username == 'username' && password == 'password') {
return sampleUser;
} else {
return {};
}
}
Future wireAuth(Protevus app) async {
//auth.strategies['local'] = LocalAuthStrategy(verifier);
auth.strategies['local'] =
LocalAuthStrategy(verifier, forceBasic: true, realm: 'test');
await app.configure(auth.configureServer);
}
/*
* Backend for local test cases
*/
void main() async {
Protevus app = Protevus(reflector: MirrorsReflector());
ProtevusHttp angelHttp = ProtevusHttp(app, useZone: false);
await app.configure(wireAuth);
app.get('/hello', (req, res) {
// => 'Woo auth'
return 'Woo auth';
}, middleware: [auth.authenticate('local', localOpts2)]);
app.post('/login', (req, res) => 'This should not be shown',
middleware: [auth.authenticate('local', localOpts)]);
app.get('/success', (req, res) => 'yep', middleware: [
requireAuthentication<Map<String, String>>(),
]);
app.get('/failure', (req, res) => 'nope');
app.logger = Logger('local_test')
..onRecord.listen((rec) {
print(
'${rec.time}: ${rec.level.name}: ${rec.loggerName}: ${rec.message}');
if (rec.error != null) {
print(rec.error);
print(rec.stackTrace);
}
});
await angelHttp.startServer('127.0.0.1', 3000);
}

View file

@ -1,4 +1,4 @@
library protevus_auth;
library angel_auth;
export 'src/middleware/require_auth.dart';
export 'src/strategies/strategies.dart';

View file

@ -1,4 +1,4 @@
/// Stand-alone JWT library.
library protevus_auth.auth_token;
library angel_auth.auth_token;
export 'src/auth_token.dart';

View file

@ -1,8 +1,7 @@
import 'dart:collection';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:angel_framework/angel_framework.dart';
import 'dart:convert';
import 'package:crypto/crypto.dart';
import 'package:logging/logging.dart';
/// Calls [BASE64URL], but also works for strings with lengths
/// that are *not* multiples of 4.
@ -26,100 +25,88 @@ String decodeBase64(String str) {
}
class AuthToken {
static final _log = Logger('AuthToken');
final SplayTreeMap<String, String> _header =
SplayTreeMap.from({'alg': 'HS256', 'typ': 'JWT'});
SplayTreeMap.from({"alg": "HS256", "typ": "JWT"});
String? ipAddress;
String ipAddress;
DateTime issuedAt;
num lifeSpan;
String userId;
late DateTime issuedAt;
var userId;
Map<String, dynamic> payload = {};
AuthToken(
{this.ipAddress,
this.lifeSpan = -1,
required this.userId,
DateTime? issuedAt,
Map<String, dynamic>? payload}) {
this.userId,
DateTime issuedAt,
Map payload = const {}}) {
this.issuedAt = issuedAt ?? DateTime.now();
if (payload != null) {
this.payload.addAll(payload.keys
.fold({}, ((out, k) => out?..[k.toString()] = payload[k])) ??
this.payload.addAll(
payload?.keys?.fold({}, (out, k) => out..[k.toString()] = payload[k]) ??
{});
}
}
factory AuthToken.fromJson(String jsons) =>
AuthToken.fromMap(json.decode(jsons) as Map<String, dynamic>);
AuthToken.fromMap(json.decode(jsons) as Map);
factory AuthToken.fromMap(Map<String, dynamic> data) {
factory AuthToken.fromMap(Map data) {
return AuthToken(
ipAddress: data['aud'].toString(),
lifeSpan: data['exp'] as num,
issuedAt: DateTime.parse(data['iat'].toString()),
userId: data['sub'],
payload: data['pld']);
ipAddress: data["aud"].toString(),
lifeSpan: data["exp"] as num,
issuedAt: DateTime.parse(data["iat"].toString()),
userId: data["sub"],
payload: data["pld"] as Map ?? {});
}
factory AuthToken.parse(String jwt) {
var split = jwt.split('.');
var split = jwt.split(".");
if (split.length != 3) {
_log.warning('Invalid JWT');
throw ProtevusHttpException.notAuthenticated(message: 'Invalid JWT.');
}
if (split.length != 3)
throw AngelHttpException.notAuthenticated(message: "Invalid JWT.");
var payloadString = decodeBase64(split[1]);
return AuthToken.fromMap(
json.decode(payloadString) as Map<String, dynamic>);
return AuthToken.fromMap(json.decode(payloadString) as Map);
}
factory AuthToken.validate(String jwt, Hmac hmac) {
var split = jwt.split('.');
var split = jwt.split(".");
if (split.length != 3) {
_log.warning('Invalid JWT');
throw ProtevusHttpException.notAuthenticated(message: 'Invalid JWT.');
}
if (split.length != 3)
throw AngelHttpException.notAuthenticated(message: "Invalid JWT.");
// var headerString = decodeBase64(split[0]);
var payloadString = decodeBase64(split[1]);
var data = '${split[0]}.${split[1]}';
var data = split[0] + "." + split[1];
var signature = base64Url.encode(hmac.convert(data.codeUnits).bytes);
if (signature != split[2]) {
_log.warning('JWT payload does not match hashed version');
throw ProtevusHttpException.notAuthenticated(
message: 'JWT payload does not match hashed version.');
}
if (signature != split[2])
throw AngelHttpException.notAuthenticated(
message: "JWT payload does not match hashed version.");
return AuthToken.fromMap(
json.decode(payloadString) as Map<String, dynamic>);
return AuthToken.fromMap(json.decode(payloadString) as Map);
}
String serialize(Hmac hmac) {
var headerString = base64Url.encode(json.encode(_header).codeUnits);
var payloadString = base64Url.encode(json.encode(toJson()).codeUnits);
var data = '$headerString.$payloadString';
var data = headerString + "." + payloadString;
var signature = hmac.convert(data.codeUnits).bytes;
return '$data.${base64Url.encode(signature)}';
return data + "." + base64Url.encode(signature);
}
Map<String, dynamic> toJson() {
Map toJson() {
return _splayify({
'iss': 'angel_auth',
'aud': ipAddress,
'exp': lifeSpan,
'iat': issuedAt.toIso8601String(),
'sub': userId,
'pld': _splayify(payload)
"iss": "angel_auth",
"aud": ipAddress,
"exp": lifeSpan,
"iat": issuedAt.toIso8601String(),
"sub": userId,
"pld": _splayify(payload)
});
}
}
Map<String, dynamic> _splayify(Map<String, dynamic> map) {
SplayTreeMap _splayify(Map map) {
var data = {};
map.forEach((k, v) {
data[k] = _splay(v);
@ -127,12 +114,11 @@ Map<String, dynamic> _splayify(Map<String, dynamic> map) {
return SplayTreeMap.from(data);
}
dynamic _splay(dynamic value) {
_splay(value) {
if (value is Iterable) {
return value.map(_splay).toList();
} else if (value is Map) {
return _splayify(value as Map<String, dynamic>);
} else {
} else if (value is Map)
return _splayify(value);
else
return value;
}
}

View file

@ -1,12 +1,10 @@
import 'package:charcode/ascii.dart';
import 'package:collection/collection.dart';
import 'package:quiver/core.dart';
import 'package:logging/logging.dart';
import 'package:meta/meta.dart';
import 'package:quiver_hashcode/hashcode.dart';
/// A common class containing parsing and validation logic for third-party authentication configuration.
class ExternalAuthOptions {
static final _log = Logger('VirtualDirectory');
/// The user's identifier, otherwise known as an "application id".
final String clientId;
@ -20,12 +18,18 @@ class ExternalAuthOptions {
final Set<String> scopes;
ExternalAuthOptions._(
this.clientId, this.clientSecret, this.redirectUri, this.scopes);
this.clientId, this.clientSecret, this.redirectUri, this.scopes) {
if (clientId == null) {
throw ArgumentError.notNull('clientId');
} else if (clientSecret == null) {
throw ArgumentError.notNull('clientSecret');
}
}
factory ExternalAuthOptions(
{required String clientId,
required String clientSecret,
required redirectUri,
{@required String clientId,
@required String clientSecret,
@required redirectUri,
Iterable<String> scopes = const []}) {
if (redirectUri is String) {
return ExternalAuthOptions._(
@ -34,7 +38,6 @@ class ExternalAuthOptions {
return ExternalAuthOptions._(
clientId, clientSecret, redirectUri, scopes.toSet());
} else {
_log.severe('RedirectUri is not valid');
throw ArgumentError.value(
redirectUri, 'redirectUri', 'must be a String or Uri');
}
@ -46,17 +49,10 @@ class ExternalAuthOptions {
/// * `client_id`
/// * `client_secret`
/// * `redirect_uri`
factory ExternalAuthOptions.fromMap(Map<String, dynamic> map) {
var clientId = map['client_id'];
var clientSecret = map['client_secret'];
if (clientId == null || clientSecret == null) {
_log.severe('clientId or clientSecret is null');
throw ArgumentError('Invalid clientId and/or clientSecret');
}
factory ExternalAuthOptions.fromMap(Map map) {
return ExternalAuthOptions(
clientId: clientId,
clientSecret: clientSecret,
clientId: map['client_id'] as String,
clientSecret: map['client_secret'] as String,
redirectUri: map['redirect_uri'],
scopes: map['scopes'] is Iterable
? ((map['scopes'] as Iterable).map((x) => x.toString()))
@ -77,15 +73,15 @@ class ExternalAuthOptions {
/// Creates a copy of this object, with the specified changes.
ExternalAuthOptions copyWith(
{String? clientId,
String? clientSecret,
{String clientId,
String clientSecret,
redirectUri,
Iterable<String> scopes = const []}) {
Iterable<String> scopes}) {
return ExternalAuthOptions(
clientId: clientId ?? this.clientId,
clientSecret: clientSecret ?? this.clientSecret,
redirectUri: redirectUri ?? this.redirectUri,
scopes: (scopes).followedBy(this.scopes),
scopes: (scopes ??= []).followedBy(this.scopes),
);
}
@ -115,8 +111,8 @@ class ExternalAuthOptions {
/// If no [asteriskCount] is given, then the number of asterisks will equal the length of
/// the actual [clientSecret].
@override
String toString({bool obscureSecret = true, int? asteriskCount}) {
String? secret;
String toString({bool obscureSecret = true, int asteriskCount}) {
String secret;
if (!obscureSecret) {
secret = clientSecret;

View file

@ -1,23 +1,20 @@
import 'dart:async';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:angel_framework/angel_framework.dart';
/// Forces Basic authentication over the requested resource, with the given [realm] name, if no JWT is present.
///
/// [realm] defaults to `'protevus_auth'`.
RequestHandler forceBasicAuth<User>({String? realm}) {
/// [realm] defaults to `'angel_auth'`.
RequestHandler forceBasicAuth<User>({String realm}) {
return (RequestContext req, ResponseContext res) async {
if (req.container != null) {
var reqContainer = req.container!;
if (reqContainer.has<User>()) {
if (req.container.has<User>())
return true;
} else if (reqContainer.has<Future<User>>()) {
await reqContainer.makeAsync<User>();
else if (req.container.has<Future<User>>()) {
await req.container.makeAsync<User>();
return true;
}
}
res.headers['www-authenticate'] = 'Basic realm="${realm ?? 'angel_auth'}"';
throw ProtevusHttpException.notAuthenticated();
throw AngelHttpException.notAuthenticated();
};
}
@ -25,27 +22,20 @@ RequestHandler forceBasicAuth<User>({String? realm}) {
RequestHandler requireAuthentication<User>() {
return (RequestContext req, ResponseContext res,
{bool throwError = true}) async {
bool reject(ResponseContext res) {
bool _reject(ResponseContext res) {
if (throwError) {
res.statusCode = 403;
throw ProtevusHttpException.forbidden();
} else {
throw AngelHttpException.forbidden();
} else
return false;
}
}
if (req.container != null) {
var reqContainer = req.container!;
if (reqContainer.has<User>() || req.method == 'OPTIONS') {
if (req.container.has<User>() || req.method == 'OPTIONS')
return true;
} else if (reqContainer.has<Future<User>>()) {
await reqContainer.makeAsync<User>();
else if (req.container.has<Future<User>>()) {
await req.container.makeAsync<User>();
return true;
} else {
return reject(res);
}
} else {
return reject(res);
}
} else
return _reject(res);
};
}

View file

@ -1,19 +1,19 @@
import 'dart:async';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:angel_framework/angel_framework.dart';
import 'auth_token.dart';
typedef ProtevusAuthCallback = FutureOr Function(
typedef FutureOr AngelAuthCallback(
RequestContext req, ResponseContext res, String token);
typedef ProtevusAuthTokenCallback<User> = FutureOr Function(
typedef FutureOr AngelAuthTokenCallback<User>(
RequestContext req, ResponseContext res, AuthToken token, User user);
class ProtevusAuthOptions<User> {
ProtevusAuthCallback? callback;
ProtevusAuthTokenCallback<User>? tokenCallback;
String? successRedirect;
String? failureRedirect;
class AngelAuthOptions<User> {
AngelAuthCallback callback;
AngelAuthTokenCallback<User> tokenCallback;
String successRedirect;
String failureRedirect;
/// If `false` (default: `true`), then successful authentication will return `true` and allow the
/// execution of subsequent handlers, just like any other middleware.
@ -21,10 +21,10 @@ class ProtevusAuthOptions<User> {
/// Works well with `Basic` authentication.
bool canRespondWithJson;
ProtevusAuthOptions(
AngelAuthOptions(
{this.callback,
this.tokenCallback,
this.canRespondWithJson = true,
this.successRedirect,
this.failureRedirect});
String this.failureRedirect});
}

View file

@ -1,24 +1,20 @@
import 'dart:async';
import 'dart:io';
import 'dart:math';
import 'package:protevus_framework/protevus_framework.dart';
import 'dart:math' as Math;
import 'package:angel_framework/angel_framework.dart';
import 'package:crypto/crypto.dart';
import 'package:logging/logging.dart';
import 'auth_token.dart';
import 'options.dart';
import 'strategy.dart';
/// Handles authentication within an Protevus application.
class ProtevusAuth<User> {
final _log = Logger('ProtevusAuth');
late Hmac _hs256;
late int _jwtLifeSpan;
/// Handles authentication within an Angel application.
class AngelAuth<User> {
Hmac _hs256;
int _jwtLifeSpan;
final StreamController<User> _onLogin = StreamController<User>(),
_onLogout = StreamController<User>();
final Random _random = Random.secure();
final RegExp _rgxBearer = RegExp(r'^Bearer');
Math.Random _random = Math.Random.secure();
final RegExp _rgxBearer = RegExp(r"^Bearer");
/// If `true` (default), then JWT's will be stored and retrieved from a `token` cookie.
final bool allowCookie;
@ -33,7 +29,7 @@ class ProtevusAuth<User> {
/// A domain to restrict emitted cookies to.
///
/// Only applies if [allowCookie] is `true`.
final String? cookieDomain;
final String cookieDomain;
/// A path to restrict emitted cookies to.
///
@ -52,10 +48,10 @@ class ProtevusAuth<User> {
Map<String, AuthStrategy<User>> strategies = {};
/// Serializes a user into a unique identifier associated only with one identity.
FutureOr<String> Function(User) serializer;
FutureOr Function(User) serializer;
/// Deserializes a unique identifier into its associated identity. In most cases, this is a user object or model instance.
FutureOr<User> Function(String) deserializer;
FutureOr<User> Function(Object) deserializer;
/// Fires the result of [deserializer] whenever a user signs in to the application.
Stream<User> get onLogin => _onLogin.stream;
@ -69,89 +65,71 @@ class ProtevusAuth<User> {
String _randomString(
{int length = 32,
String validChars =
'ABCDEFHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_'}) {
"ABCDEFHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789_"}) {
var chars = <int>[];
while (chars.length < length) {
chars.add(_random.nextInt(validChars.length));
}
while (chars.length < length) chars.add(_random.nextInt(validChars.length));
return String.fromCharCodes(chars);
}
/// `jwtLifeSpan` - should be in *milliseconds*.
ProtevusAuth(
{String? jwtKey,
required this.serializer,
required this.deserializer,
num jwtLifeSpan = -1,
AngelAuth(
{String jwtKey,
this.serializer,
this.deserializer,
num jwtLifeSpan,
this.allowCookie = true,
this.allowTokenInQuery = true,
this.enforceIp = true,
this.cookieDomain,
this.cookiePath = '/',
this.secureCookies = true,
this.reviveTokenEndpoint = '/auth/token'})
this.reviveTokenEndpoint = "/auth/token"})
: super() {
_hs256 = Hmac(sha256, (jwtKey ?? _randomString()).codeUnits);
_jwtLifeSpan = jwtLifeSpan.toInt();
_jwtLifeSpan = jwtLifeSpan?.toInt() ?? -1;
}
/// Configures an Protevus server to decode and validate JSON Web tokens on demand,
/// Configures an Angel server to decode and validate JSON Web tokens on demand,
/// whenever an instance of [User] is injected.
Future<void> configureServer(Protevus app) async {
/*
if (serializer == null) {
Future<void> configureServer(Angel app) async {
if (serializer == null)
throw StateError(
'An `ProtevusAuth` plug-in was called without its `serializer` being set. All authentication will fail.');
}
if (deserializer == null) {
'An `AngelAuth` plug-in was called without its `serializer` being set. All authentication will fail.');
if (deserializer == null)
throw StateError(
'An `ProtevusAuth` plug-in was called without its `deserializer` being set. All authentication will fail.');
}
'An `AngelAuth` plug-in was called without its `deserializer` being set. All authentication will fail.');
if (app.container == null) {
_log.severe('Protevus container is null');
throw StateError(
'Protevus.container is null. All authentication will fail.');
}
*/
var appContainer = app.container;
app.container.registerSingleton(this);
if (runtimeType != AngelAuth)
app.container.registerSingleton(this, as: AngelAuth);
appContainer.registerSingleton(this);
if (runtimeType != ProtevusAuth) {
appContainer.registerSingleton(this, as: ProtevusAuth);
}
if (!appContainer.has<_AuthResult<User>>()) {
appContainer
if (!app.container.has<_AuthResult<User>>()) {
app.container
.registerLazySingleton<Future<_AuthResult<User>>>((container) async {
var req = container.make<RequestContext>();
var res = container.make<ResponseContext>();
//if (req == null || res == null) {
// _log.warning('RequestContext or responseContext is null');
// throw ProtevusHttpException.forbidden();
//}
var result = await _decodeJwt(req, res);
if (result != null) {
return result;
} else {
_log.warning('JWT is null');
throw ProtevusHttpException.forbidden();
throw AngelHttpException.forbidden();
}
});
appContainer.registerLazySingleton<Future<User>>((container) async {
app.container.registerLazySingleton<Future<User>>((container) async {
var result = await container.makeAsync<_AuthResult<User>>();
return result.user;
});
appContainer.registerLazySingleton<Future<AuthToken>>((container) async {
app.container.registerLazySingleton<Future<AuthToken>>((container) async {
var result = await container.makeAsync<_AuthResult<User>>();
return result.token;
});
}
app.post(reviveTokenEndpoint, _reviveJwt);
if (reviveTokenEndpoint != null) {
app.post(reviveTokenEndpoint, reviveJwt);
}
app.shutdownHooks.add((_) {
_onLogin.close();
@ -160,22 +138,15 @@ class ProtevusAuth<User> {
void _apply(
RequestContext req, ResponseContext res, AuthToken token, User user) {
if (req.container == null) {
_log.severe('RequestContext.container is null');
throw StateError(
'RequestContext.container is not set. All authentication will fail.');
if (!req.container.has<User>()) {
req.container.registerSingleton<User>(user);
}
var reqContainer = req.container!;
if (!reqContainer.has<User>()) {
reqContainer.registerSingleton<User>(user);
if (!req.container.has<AuthToken>()) {
req.container.registerSingleton<AuthToken>(token);
}
if (!reqContainer.has<AuthToken>()) {
reqContainer.registerSingleton<AuthToken>(token);
}
if (allowCookie) {
if (allowCookie == true) {
_addProtectedCookie(res, 'token', token.serialize(_hs256));
}
}
@ -184,10 +155,10 @@ class ProtevusAuth<User> {
///
/// Now that `package:angel_framework` supports asynchronous injections, this middleware
/// is no longer directly necessary. Instead, call [configureServer]. You can then use
/// `makeAsync<User>`, or Protevus's injections directly:
/// `makeAsync<User>`, or Angel's injections directly:
///
/// ```dart
/// var auth = ProtevusAuth<User>(...);
/// var auth = AngelAuth<User>(...);
/// await app.configure(auth.configureServer);
///
/// app.get('/hmm', (User user) async {
@ -201,41 +172,35 @@ class ProtevusAuth<User> {
/// String getUsername(User user) => user.name
/// }
/// ```
/*
@deprecated
Future decodeJwt(RequestContext req, ResponseContext res) async {
if (req.method == 'POST' && req.path == reviveTokenEndpoint) {
return await _reviveJwt(req, res);
if (req.method == "POST" && req.path == reviveTokenEndpoint) {
return await reviveJwt(req, res);
} else {
await _decodeJwt(req, res);
return true;
}
}
*/
Future<_AuthResult<User>?> _decodeJwt(
Future<_AuthResult<User>> _decodeJwt(
RequestContext req, ResponseContext res) async {
var jwt = getJwt(req);
String jwt = getJwt(req);
if (jwt != null) {
var token = AuthToken.validate(jwt, _hs256);
if (enforceIp) {
if (req.ip != token.ipAddress) {
_log.warning('JWT cannot be accessed from this IP address');
throw ProtevusHttpException.forbidden(
message: 'JWT cannot be accessed from this IP address.');
}
if (req.ip != null && req.ip != token.ipAddress)
throw AngelHttpException.forbidden(
message: "JWT cannot be accessed from this IP address.");
}
if (token.lifeSpan > -1) {
var expiry =
token.issuedAt.add(Duration(milliseconds: token.lifeSpan.toInt()));
if (!expiry.isAfter(DateTime.now())) {
_log.warning('Expired JWT');
throw ProtevusHttpException.forbidden(message: 'Expired JWT.');
}
if (!expiry.isAfter(DateTime.now()))
throw AngelHttpException.forbidden(message: "Expired JWT.");
}
var user = await deserializer(token.userId);
@ -247,25 +212,19 @@ class ProtevusAuth<User> {
}
/// Retrieves a JWT from a request, if any was sent at all.
String? getJwt(RequestContext req) {
if (req.headers?.value('Authorization') != null) {
final authHeader = req.headers?.value('Authorization');
if (authHeader != null) {
// Allow Basic auth to fall through
if (_rgxBearer.hasMatch(authHeader)) {
return authHeader.replaceAll(_rgxBearer, '').trim();
}
}
String getJwt(RequestContext req) {
if (req.headers.value("Authorization") != null) {
final authHeader = req.headers.value("Authorization");
_log.info('RequestContext.headers is null');
// Allow Basic auth to fall through
if (_rgxBearer.hasMatch(authHeader))
return authHeader.replaceAll(_rgxBearer, "").trim();
} else if (allowCookie &&
req.cookies.any((cookie) => cookie.name == 'token')) {
return req.cookies.firstWhere((cookie) => cookie.name == 'token').value;
} else if (allowTokenInQuery) {
//&& req.uri?.queryParameters['token'] is String) {
if (req.uri != null) {
return req.uri?.queryParameters['token']?.toString();
}
req.cookies.any((cookie) => cookie.name == "token")) {
return req.cookies.firstWhere((cookie) => cookie.name == "token").value;
} else if (allowTokenInQuery &&
req.uri.queryParameters['token'] is String) {
return req.uri.queryParameters['token']?.toString();
}
return null;
@ -284,10 +243,10 @@ class ProtevusAuth<User> {
cookie.secure = true;
}
var lifeSpan = _jwtLifeSpan;
if (lifeSpan > 0) {
cookie.maxAge ??= lifeSpan < 0 ? -1 : lifeSpan ~/ 1000;
cookie.expires ??= DateTime.now().add(Duration(milliseconds: lifeSpan));
if (_jwtLifeSpan > 0) {
cookie.maxAge ??= _jwtLifeSpan < 0 ? -1 : _jwtLifeSpan ~/ 1000;
cookie.expires ??=
DateTime.now().add(Duration(milliseconds: _jwtLifeSpan));
}
cookie.domain ??= cookieDomain;
@ -296,7 +255,7 @@ class ProtevusAuth<User> {
}
/// Attempts to revive an expired (or still alive) JWT.
Future<Map<String, dynamic>> _reviveJwt(
Future<Map<String, dynamic>> reviveJwt(
RequestContext req, ResponseContext res) async {
try {
var jwt = getJwt(req);
@ -305,18 +264,14 @@ class ProtevusAuth<User> {
var body = await req.parseBody().then((_) => req.bodyAsMap);
jwt = body['token']?.toString();
}
if (jwt == null) {
_log.warning('No JWT provided');
throw ProtevusHttpException.forbidden(message: 'No JWT provided');
throw AngelHttpException.forbidden(message: "No JWT provided");
} else {
var token = AuthToken.validate(jwt, _hs256);
if (enforceIp) {
if (req.ip != token.ipAddress) {
_log.warning('WT cannot be accessed from this IP address');
throw ProtevusHttpException.forbidden(
message: 'JWT cannot be accessed from this IP address.');
}
if (req.ip != token.ipAddress)
throw AngelHttpException.forbidden(
message: "JWT cannot be accessed from this IP address.");
}
if (token.lifeSpan > -1) {
@ -339,11 +294,8 @@ class ProtevusAuth<User> {
return {'data': data, 'token': token.serialize(_hs256)};
}
} catch (e) {
if (e is ProtevusHttpException) {
rethrow;
}
_log.warning('Malformed JWT');
throw ProtevusHttpException.badRequest(message: 'Malformed JWT');
if (e is AngelHttpException) rethrow;
throw AngelHttpException.badRequest(message: "Malformed JWT");
}
}
@ -355,17 +307,14 @@ class ProtevusAuth<User> {
/// or a `401 Not Authenticated` is thrown, if it is the last one.
///
/// Any other result is considered an authenticated user, and terminates the loop.
RequestHandler authenticate(type, [ProtevusAuthOptions<User>? opt]) {
RequestHandler authenticate(type, [AngelAuthOptions<User> options]) {
return (RequestContext req, ResponseContext res) async {
var authOption = opt ?? ProtevusAuthOptions<User>();
var names = <String>[];
List<String> names = [];
var arr = type is Iterable
? type.map((x) => x.toString()).toList()
: [type.toString()];
for (var t in arr) {
for (String t in arr) {
var n = t
.split(',')
.map((s) => s.trim())
@ -374,30 +323,19 @@ class ProtevusAuth<User> {
names.addAll(n);
}
for (var i = 0; i < names.length; i++) {
for (int i = 0; i < names.length; i++) {
var name = names[i];
var strategy = strategies[name];
if (strategy == null) {
_log.severe('No strategy "$name" found.');
var strategy = strategies[name] ??=
throw ArgumentError('No strategy "$name" found.');
}
var reqContainer = req.container;
if (reqContainer == null) {
print('req.container is null');
}
var hasExisting = reqContainer?.has<User>() ?? false;
var hasExisting = req.container.has<User>();
var result = hasExisting
? reqContainer?.make<User>()
: await strategy.authenticate(req, res, authOption);
if (result == true) {
? req.container.make<User>()
: await strategy.authenticate(req, res, options);
if (result == true)
return result;
} else if (result != null && result != false) {
//} else if (result != null && result is Map && result.isNotEmpty) {
else if (result != false && result != null) {
var userId = await serializer(result);
// Create JWT
@ -405,13 +343,12 @@ class ProtevusAuth<User> {
userId: userId, lifeSpan: _jwtLifeSpan, ipAddress: req.ip);
var jwt = token.serialize(_hs256);
if (authOption.tokenCallback != null) {
var hasUser = reqContainer?.has<User>() ?? false;
if (!hasUser) {
reqContainer?.registerSingleton<User>(result);
if (options?.tokenCallback != null) {
if (!req.container.has<User>()) {
req.container.registerSingleton<User>(result);
}
var r = await authOption.tokenCallback!(req, res, token, result);
var r = await options.tokenCallback(req, res, token, result);
if (r != null) return r;
jwt = token.serialize(_hs256);
}
@ -422,21 +359,20 @@ class ProtevusAuth<User> {
_addProtectedCookie(res, 'token', jwt);
}
// Options is not null
if (authOption.callback != null) {
return await authOption.callback!(req, res, jwt);
if (options?.callback != null) {
return await options.callback(req, res, jwt);
}
if (authOption.successRedirect?.isNotEmpty == true) {
await res.redirect(authOption.successRedirect);
if (options?.successRedirect?.isNotEmpty == true) {
await res.redirect(options.successRedirect);
return false;
} else if (authOption.canRespondWithJson &&
} else if (options?.canRespondWithJson != false &&
req.accepts('application/json')) {
var user = hasExisting
? result
: await deserializer(await serializer(result));
_onLogin.add(user);
return {'data': user, 'token': jwt};
return {"data": user, "token": jwt};
}
return true;
@ -445,15 +381,13 @@ class ProtevusAuth<User> {
// Check if not redirect
if (res.statusCode == 301 ||
res.statusCode == 302 ||
res.headers.containsKey('location')) {
res.headers.containsKey('location'))
return false;
} else if (authOption.failureRedirect != null) {
await res.redirect(authOption.failureRedirect);
else if (options?.failureRedirect != null) {
await res.redirect(options.failureRedirect);
return false;
} else {
_log.warning('Not authenticated');
throw ProtevusHttpException.notAuthenticated();
}
} else
throw AngelHttpException.notAuthenticated();
}
}
};
@ -471,8 +405,7 @@ class ProtevusAuth<User> {
}
/// Log a user in on-demand.
Future loginById(
String userId, RequestContext req, ResponseContext res) async {
Future loginById(userId, RequestContext req, ResponseContext res) async {
var user = await deserializer(userId);
var token =
AuthToken(userId: userId, lifeSpan: _jwtLifeSpan, ipAddress: req.ip);
@ -485,23 +418,21 @@ class ProtevusAuth<User> {
}
/// Log an authenticated user out.
RequestHandler logout([ProtevusAuthOptions<User>? options]) {
RequestHandler logout([AngelAuthOptions<User> options]) {
return (RequestContext req, ResponseContext res) async {
if (req.container?.has<User>() == true) {
var user = req.container?.make<User>();
if (user != null) {
if (req.container.has<User>()) {
var user = req.container.make<User>();
_onLogout.add(user);
}
}
if (allowCookie == true) {
res.cookies.removeWhere((cookie) => cookie.name == 'token');
res.cookies.removeWhere((cookie) => cookie.name == "token");
_addProtectedCookie(res, 'token', '""');
}
if (options != null &&
options.successRedirect != null &&
options.successRedirect!.isNotEmpty) {
options.successRedirect.isNotEmpty) {
await res.redirect(options.successRedirect);
}

View file

@ -1,10 +1,10 @@
import 'dart:convert';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:angel_framework/angel_framework.dart';
import 'package:http_parser/http_parser.dart';
import 'options.dart';
/// Displays a default callback page to confirm authentication via popups.
ProtevusAuthCallback confirmPopupAuthentication({String eventName = 'token'}) {
AngelAuthCallback confirmPopupAuthentication({String eventName = 'token'}) {
return (req, ResponseContext res, String jwt) {
var evt = json.encode(eventName);
var detail = json.encode({'detail': jwt});

View file

@ -1,20 +1,18 @@
import 'dart:async';
import 'dart:convert';
import 'package:logging/logging.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:angel_framework/angel_framework.dart';
import '../options.dart';
import '../strategy.dart';
bool _validateString(String str) => str != null && str.isNotEmpty;
/// Determines the validity of an incoming username and password.
// typedef FutureOr<User> LocalAuthVerifier<User>(String? username, String? password);
typedef LocalAuthVerifier<User> = FutureOr<User?> Function(
String? username, String? password);
typedef FutureOr<User> LocalAuthVerifier<User>(
String username, String password);
class LocalAuthStrategy<User> extends AuthStrategy<User> {
final _log = Logger('LocalAuthStrategy');
final RegExp _rgxBasic = RegExp(r'^Basic (.+)$', caseSensitive: false);
final RegExp _rgxUsrPass = RegExp(r'^([^:]+):(.+)$');
RegExp _rgxBasic = RegExp(r'^Basic (.+)$', caseSensitive: false);
RegExp _rgxUsrPass = RegExp(r'^([^:]+):(.+)$');
LocalAuthVerifier<User> verifier;
String usernameField;
@ -25,40 +23,35 @@ class LocalAuthStrategy<User> extends AuthStrategy<User> {
String realm;
LocalAuthStrategy(this.verifier,
{this.usernameField = 'username',
this.passwordField = 'password',
this.invalidMessage = 'Please provide a valid username and password.',
this.allowBasic = false,
this.forceBasic = false,
this.realm = 'Authentication is required.'}) {
_log.info('Using LocalAuthStrategy');
}
{String this.usernameField = 'username',
String this.passwordField = 'password',
String this.invalidMessage =
'Please provide a valid username and password.',
bool this.allowBasic = true,
bool this.forceBasic = false,
String this.realm = 'Authentication is required.'});
@override
Future<User?> authenticate(RequestContext req, ResponseContext res,
[ProtevusAuthOptions? options]) async {
var localOptions = options ?? ProtevusAuthOptions();
User? verificationResult;
Future<User> authenticate(RequestContext req, ResponseContext res,
[AngelAuthOptions options_]) async {
AngelAuthOptions options = options_ ?? AngelAuthOptions();
User verificationResult;
if (allowBasic) {
var authHeader = req.headers?.value('authorization') ?? '';
String authHeader = req.headers.value('authorization') ?? "";
if (_rgxBasic.hasMatch(authHeader)) {
var base64AuthString = _rgxBasic.firstMatch(authHeader)?.group(1);
if (base64AuthString == null) {
return null;
}
var authString = String.fromCharCodes(base64.decode(base64AuthString));
String base64AuthString = _rgxBasic.firstMatch(authHeader).group(1);
String authString =
String.fromCharCodes(base64.decode(base64AuthString));
if (_rgxUsrPass.hasMatch(authString)) {
Match usrPassMatch = _rgxUsrPass.firstMatch(authString)!;
Match usrPassMatch = _rgxUsrPass.firstMatch(authString);
verificationResult =
await verifier(usrPassMatch.group(1), usrPassMatch.group(2));
} else {
_log.warning('Bad request: $invalidMessage');
throw ProtevusHttpException.badRequest(errors: [invalidMessage]);
}
} else
throw AngelHttpException.badRequest(errors: [invalidMessage]);
if (verificationResult == null) {
if (verificationResult == false || verificationResult == null) {
res
..statusCode = 401
..headers['www-authenticate'] = 'Basic realm="$realm"';
@ -66,10 +59,11 @@ class LocalAuthStrategy<User> extends AuthStrategy<User> {
return null;
}
//Allow non-null to pass through
//return verificationResult;
return verificationResult;
}
} else {
}
if (verificationResult == null) {
var body = await req
.parseBody()
.then((_) => req.bodyAsMap)
@ -81,58 +75,23 @@ class LocalAuthStrategy<User> extends AuthStrategy<User> {
}
}
// User authentication succeeded can return Map(one element), User(non null) or true
if (verificationResult != null && verificationResult != false) {
if (verificationResult is Map && verificationResult.isNotEmpty) {
return verificationResult;
} else if (verificationResult is! Map) {
return verificationResult;
}
}
// Force basic if set
if (forceBasic) {
//res.headers['www-authenticate'] = 'Basic realm="$realm"';
res
..statusCode = 401
..headers['www-authenticate'] = 'Basic realm="$realm"';
await res.close();
return null;
}
// Redirect failed authentication
if (localOptions.failureRedirect != null &&
localOptions.failureRedirect!.isNotEmpty) {
await res.redirect(localOptions.failureRedirect, code: 401);
return null;
}
_log.info('Not authenticated');
throw ProtevusHttpException.notAuthenticated();
/*
if (verificationResult is Map && verificationResult.isEmpty) {
if (localOptions.failureRedirect != null &&
localOptions.failureRedirect!.isNotEmpty) {
await res.redirect(localOptions.failureRedirect, code: 401);
if (verificationResult == false || verificationResult == null) {
if (options.failureRedirect != null &&
options.failureRedirect.isNotEmpty) {
await res.redirect(options.failureRedirect, code: 401);
return null;
}
if (forceBasic) {
res.headers['www-authenticate'] = 'Basic realm="$realm"';
return null;
throw AngelHttpException.notAuthenticated();
}
return null;
} else if (verificationResult != false ||
(verificationResult is Map && verificationResult.isNotEmpty)) {
} else if (verificationResult != null && verificationResult != false) {
return verificationResult;
} else {
_log.info('Not authenticated');
throw ProtevusHttpException.notAuthenticated();
throw AngelHttpException.notAuthenticated();
}
*/
}
bool _validateString(String? str) => str != null && str.isNotEmpty;
}

View file

@ -1,10 +1,10 @@
import 'dart:async';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:angel_framework/angel_framework.dart';
import 'options.dart';
/// A function that handles login and signup for an Protevus application.
/// A function that handles login and signup for an Angel application.
abstract class AuthStrategy<User> {
/// Authenticates or rejects an incoming user.
FutureOr<User?> authenticate(RequestContext req, ResponseContext res,
[ProtevusAuthOptions<User>? options]);
FutureOr<User> authenticate(RequestContext req, ResponseContext res,
[AngelAuthOptions<User> options]);
}

View file

@ -1,35 +1,26 @@
name: protevus_auth
description: A complete authentication plugin for Protevus. Includes support for stateless JWT tokens, Basic Auth, and more.
version: 8.2.0
homepage: https://protevus-framework.web.app/
repository: https://github.com/dart-backend/protevus/tree/master/packages/auth
name: angel_auth
description: A complete authentication plugin for Angel. Includes support for stateless JWT tokens, Basic Auth, and more.
version: 3.0.0
author: Tobe O <thosakwe@gmail.com>
homepage: https://github.com/angel-dart/angel_auth
publish_to: none
environment:
sdk: '>=3.3.0 <4.0.0'
sdk: ">=2.10.0 <3.0.0"
dependencies:
protevus_framework: ^8.0.0
charcode: ^1.3.0
collection: ^1.17.0
angel_framework:
git:
url: https://github.com/dukefirehawk/angel.git
ref: sdk-2.12.x
path: packages/framework
charcode: ^1.0.0
collection: ^1.0.0
crypto: ^3.0.0
http_parser: ^4.0.0
meta: ^1.9.0
quiver: ^3.2.0
logging: ^1.2.0
meta: ^1.0.0
quiver_hashcode: ^2.0.0
dev_dependencies:
protevus_container: ^8.0.0
http: ^1.0.0
http: ^0.13.0
io: ^1.0.0
test: ^1.24.0
lints: ^4.0.0
# dependency_overrides:
# protevus_container:
# path: ../container/angel_container
# protevus_framework:
# path: ../framework
# protevus_http_exception:
# path: ../http_exception
# protevus_model:
# path: ../model
# protevus_route:
# path: ../route
# protevus_mock_request:
# path: ../mock_request
logging: ^1.0.0
pedantic: ^1.0.0
test: ^1.15.7

View file

@ -1,12 +1,12 @@
import 'package:protevus_auth/src/auth_token.dart';
import 'package:crypto/crypto.dart';
import 'package:test/test.dart';
import "package:angel_auth/src/auth_token.dart";
import "package:crypto/crypto.dart";
import "package:test/test.dart";
void main() async {
final hmac = Hmac(sha256, 'angel_auth'.codeUnits);
main() async {
final Hmac hmac = Hmac(sha256, "angel_auth".codeUnits);
test('sample serialization', () {
var token = AuthToken(ipAddress: 'localhost', userId: 'thosakwe');
test("sample serialization", () {
var token = AuthToken(ipAddress: "localhost", userId: "thosakwe");
var jwt = token.serialize(hmac);
print(jwt);
@ -17,11 +17,11 @@ void main() async {
});
test('custom payload', () {
var token = AuthToken(ipAddress: 'localhost', userId: 'thosakwe', payload: {
'foo': 'bar',
'baz': {
'one': 1,
'franken': ['stein']
var token = AuthToken(ipAddress: "localhost", userId: "thosakwe", payload: {
"foo": "bar",
"baz": {
"one": 1,
"franken": ["stein"]
}
});
var jwt = token.serialize(hmac);

View file

@ -1,25 +1,22 @@
import 'dart:io';
import 'package:protevus_auth/protevus_auth.dart';
import 'package:protevus_container/mirrors.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:protevus_framework/http.dart';
import 'package:angel_auth/angel_auth.dart';
import 'package:angel_framework/angel_framework.dart';
import 'package:angel_framework/http.dart';
import 'dart:convert';
import 'package:collection/collection.dart' show IterableExtension;
import 'package:http/http.dart' as http;
import 'package:io/ansi.dart';
import 'package:logging/logging.dart';
import 'package:test/test.dart';
import 'package:collection/collection.dart';
class User extends Model {
String? username, password;
String username, password;
User({this.username, this.password});
static User parse(Map<String, dynamic> map) {
static User parse(Map map) {
return User(
username: map['username'] as String?,
password: map['password'] as String?,
username: map['username'] as String,
password: map['password'] as String,
);
}
@ -34,19 +31,18 @@ class User extends Model {
}
}
void main() {
late Protevus app;
late ProtevusHttp angelHttp;
ProtevusAuth<User> auth;
http.Client? client;
main() {
Angel app;
AngelHttp angelHttp;
AngelAuth<User> auth;
http.Client client;
HttpServer server;
String? url;
String? encodedAuth;
String url;
setUp(() async {
hierarchicalLoggingEnabled = true;
app = Protevus(reflector: MirrorsReflector());
angelHttp = ProtevusHttp(app);
app = Angel();
angelHttp = AngelHttp(app);
app.use('/users', MapService());
var oldErrorHandler = app.errorHandler;
@ -55,7 +51,7 @@ void main() {
return oldErrorHandler(e, req, res);
};
app.logger = Logger('protevus_auth')
app.logger = Logger('angel_auth')
..level = Level.FINEST
..onRecord.listen((rec) {
print(rec);
@ -71,34 +67,29 @@ void main() {
await app
.findService('users')
?.create({'username': 'jdoe1', 'password': 'password'});
.create({'username': 'jdoe1', 'password': 'password'});
auth = ProtevusAuth<User>(
serializer: (u) => u.id ?? '',
deserializer: (id) async =>
await app.findService('users')?.read(id) as User);
//auth.serializer = (u) => u.id;
//auth.deserializer =
// (id) async => await app.findService('users')!.read(id) as User;
auth = AngelAuth<User>();
auth.serializer = (u) => u.id;
auth.deserializer =
(id) async => await app.findService('users').read(id) as User;
await app.configure(auth.configureServer);
auth.strategies['local'] = LocalAuthStrategy((username, password) async {
var users = await app
.findService('users')
?.index()
.then((it) => it.map<User>((m) => User.parse(m)).toList());
var result = users?.firstWhereOrNull(
(user) => user.username == username && user.password == password);
return Future.value(result);
}, allowBasic: true);
.index()
.then((it) => it.map<User>((m) => User.parse(m as Map)).toList());
return users.firstWhere(
(user) => user.username == username && user.password == password,
orElse: () => null);
});
app.post(
'/login',
auth.authenticate('local',
ProtevusAuthOptions(callback: (req, res, token) {
AngelAuthOptions(callback: (req, res, token) {
res
..write('Hello!')
..close();
@ -106,8 +97,8 @@ void main() {
app.chain([
(req, res) {
if (!req.container!.has<User>()) {
req.container!.registerSingleton<User>(
if (!req.container.has<User>()) {
req.container.registerSingleton<User>(
User(username: req.params['name']?.toString()));
}
return true;
@ -117,24 +108,22 @@ void main() {
auth.authenticate('local'),
);
encodedAuth = base64.encode(utf8.encode('jdoe1:password'));
client = http.Client();
server = await angelHttp.startServer();
url = 'http://${server.address.address}:${server.port}';
});
tearDown(() async {
client!.close();
client.close();
await angelHttp.close();
//app = null;
app = null;
client = null;
url = null;
});
test('login', () async {
final response = await client!.post(Uri.parse('$url/login'),
headers: {'Authorization': 'Basic $encodedAuth'});
final response = await client.post(Uri.parse('$url/login'),
body: {'username': 'jdoe1', 'password': 'password'});
print('Response: ${response.body}');
expect(response.body, equals('Hello!'));
},
@ -143,11 +132,10 @@ void main() {
: null);
test('preserve existing user', () async {
final response = await client!.post(Uri.parse('$url/existing/foo'),
final response = await client.post(Uri.parse('$url/existing/foo'),
body: {'username': 'jdoe1', 'password': 'password'},
headers: {'accept': 'application/json'});
print('Response: ${response.body}');
print(response.headers);
expect(json.decode(response.body)['data']['username'], equals('foo'));
});
}

View file

@ -1,4 +1,4 @@
import 'package:protevus_auth/protevus_auth.dart';
import 'package:angel_auth/angel_auth.dart';
import 'package:test/test.dart';
void main() {
@ -70,7 +70,6 @@ void main() {
);
});
/* Deprecated as clientId and clientSecret cannot be null
test('ensures id not null', () {
expect(
() => ExternalAuthOptions(
@ -90,7 +89,6 @@ void main() {
throwsArgumentError,
);
});
*/
});
group('fromMap()', () {

View file

@ -1,58 +1,48 @@
import 'dart:async';
import 'package:protevus_auth/protevus_auth.dart';
import 'package:protevus_container/mirrors.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:protevus_framework/http.dart';
import 'package:angel_auth/angel_auth.dart';
import 'package:angel_framework/angel_framework.dart';
import 'package:angel_framework/http.dart';
import 'dart:convert';
import 'package:http/http.dart' as http;
import 'package:logging/logging.dart';
import 'package:test/test.dart';
final ProtevusAuth<Map<String, String>> auth =
ProtevusAuth<Map<String, String>>(
serializer: (user) async => '1337',
deserializer: (id) async => sampleUser);
//var headers = <String, String>{'accept': 'application/json'};
var localOpts = ProtevusAuthOptions<Map<String, String>>(
final AngelAuth<Map<String, String>> auth = AngelAuth<Map<String, String>>();
var headers = <String, String>{'accept': 'application/json'};
var localOpts = AngelAuthOptions<Map<String, String>>(
failureRedirect: '/failure', successRedirect: '/success');
var localOpts2 =
ProtevusAuthOptions<Map<String, String>>(canRespondWithJson: false);
Map<String, String> sampleUser = {'hello': 'world'};
Future<Map<String, String>> verifier(String? username, String? password) async {
Future<Map<String, String>> verifier(String username, String password) async {
if (username == 'username' && password == 'password') {
return sampleUser;
} else {
return {};
return null;
}
}
Future wireAuth(Protevus app) async {
//auth.serializer = (user) async => 1337;
//auth.deserializer = (id) async => sampleUser;
Future wireAuth(Angel app) async {
auth.serializer = (user) async => 1337;
auth.deserializer = (id) async => sampleUser;
auth.strategies['local'] = LocalAuthStrategy(verifier, allowBasic: true);
auth.strategies['local'] = LocalAuthStrategy(verifier);
await app.configure(auth.configureServer);
}
void main() async {
Protevus app;
late ProtevusHttp angelHttp;
late http.Client client;
String? url;
String? basicAuthUrl;
Angel app;
AngelHttp angelHttp;
http.Client client;
String url;
String basicAuthUrl;
setUp(() async {
client = http.Client();
app = Protevus(reflector: MirrorsReflector());
angelHttp = ProtevusHttp(app, useZone: false);
app = Angel();
angelHttp = AngelHttp(app, useZone: false);
await app.configure(wireAuth);
app.get('/hello', (req, res) {
// => 'Woo auth'
return 'Woo auth';
}, middleware: [auth.authenticate('local', localOpts2)]);
app.get('/hello', (req, res) => 'Woo auth',
middleware: [auth.authenticate('local')]);
app.post('/login', (req, res) => 'This should not be shown',
middleware: [auth.authenticate('local', localOpts)]);
app.get('/success', (req, res) => 'yep', middleware: [
@ -60,11 +50,8 @@ void main() async {
]);
app.get('/failure', (req, res) => 'nope');
app.logger = Logger('local_test')
app.logger = Logger('angel_auth')
..onRecord.listen((rec) {
print(
'${rec.time}: ${rec.level.name}: ${rec.loggerName}: ${rec.message}');
if (rec.error != null) {
print(rec.error);
print(rec.stackTrace);
@ -79,7 +66,7 @@ void main() async {
tearDown(() async {
await angelHttp.close();
//client = null;
client = null;
url = null;
basicAuthUrl = null;
});
@ -92,43 +79,28 @@ void main() async {
});
test('successRedirect', () async {
//var postData = {'username': 'username', 'password': 'password'};
var encodedAuth = base64.encode(utf8.encode('username:password'));
var postData = {'username': 'username', 'password': 'password'};
var response = await client.post(Uri.parse('$url/login'),
headers: {'Authorization': 'Basic $encodedAuth'});
body: json.encode(postData),
headers: {'content-type': 'application/json'});
expect(response.statusCode, equals(302));
expect(response.headers['location'], equals('/success'));
});
test('failureRedirect', () async {
//var postData = {'username': 'password', 'password': 'username'};
var encodedAuth = base64.encode(utf8.encode('password:username'));
var postData = {'username': 'password', 'password': 'username'};
var response = await client.post(Uri.parse('$url/login'),
headers: {'Authorization': 'Basic $encodedAuth'});
print('Status Code: ${response.statusCode}');
print(response.headers);
print(response.body);
body: json.encode(postData),
headers: {'content-type': 'application/json'});
print('Login response: ${response.body}');
expect(response.headers['location'], equals('/failure'));
expect(response.statusCode, equals(401));
});
test('basic auth without authorization', () async {
var response = await client.get(Uri.parse('$url/hello'));
print('Status Code: ${response.statusCode}');
print(response.headers);
print(response.body);
expect(response.statusCode, equals(401));
});
//test('allow basic', () async {
test('basic auth with authorization', () async {
test('allow basic', () async {
var authString = base64.encode('username:password'.runes.toList());
var response = await client.get(Uri.parse('$url/hello'),
headers: {'authorization': 'Basic $authString'});
print(response.statusCode);
print(response.body);
expect(response.body, equals('"Woo auth"'));
});
@ -145,9 +117,8 @@ void main() async {
'accept': 'application/json',
'content-type': 'application/json'
});
print('Header = ${response.headers}');
print(response.headers);
print('Body <${response.body}>');
var head = response.headers['www-authenticate'];
expect(head, equals('Basic realm="test"'));
expect(response.headers['www-authenticate'], equals('Basic realm="test"'));
});
}

View file

@ -1,18 +1,17 @@
import 'dart:io';
import 'package:protevus_auth/protevus_auth.dart';
import 'package:angel_auth/angel_auth.dart';
import 'package:test/test.dart';
const Duration threeDays = Duration(days: 3);
const Duration threeDays = const Duration(days: 3);
void main() {
late Cookie defaultCookie;
var auth = ProtevusAuth(
Cookie defaultCookie;
var auth = AngelAuth(
secureCookies: true,
cookieDomain: 'SECURE',
jwtLifeSpan: threeDays.inMilliseconds,
serializer: (u) => u,
deserializer: (u) => u);
);
setUp(() => defaultCookie = Cookie('a', 'b'));
@ -22,7 +21,7 @@ void main() {
test('sets expires', () {
var now = DateTime.now();
var expiry = auth.protectCookie(defaultCookie).expires!;
var expiry = auth.protectCookie(defaultCookie).expires;
var diff = expiry.difference(now);
expect(diff.inSeconds, threeDays.inSeconds);
});

View file

@ -0,0 +1,16 @@
<?xml version="1.0" encoding="UTF-8"?>
<module type="WEB_MODULE" version="4">
<component name="NewModuleRootManager">
<content url="file://$MODULE_DIR$">
<excludeFolder url="file://$MODULE_DIR$/.pub" />
<excludeFolder url="file://$MODULE_DIR$/.tmp" />
<excludeFolder url="file://$MODULE_DIR$/build" />
<excludeFolder url="file://$MODULE_DIR$/temp" />
<excludeFolder url="file://$MODULE_DIR$/tmp" />
</content>
<orderEntry type="inheritedJdk" />
<orderEntry type="sourceFolder" forTests="false" />
<orderEntry type="library" name="Dart SDK" level="project" />
<orderEntry type="library" name="Dart Packages" level="project" />
</component>
</module>

View file

@ -0,0 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ProjectModuleManager">
<modules>
<module fileurl="file://$PROJECT_DIR$/.idea/auth_oauth2.iml" filepath="$PROJECT_DIR$/.idea/auth_oauth2.iml" />
</modules>
</component>
</project>

View file

@ -0,0 +1,7 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="Github Auth Server" type="DartCommandLineRunConfigurationType" factoryName="Dart Command Line Application" singleton="true">
<option name="filePath" value="$PROJECT_DIR$/example/main.dart" />
<option name="workingDirectory" value="$PROJECT_DIR$" />
<method />
</configuration>
</component>

View file

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="VcsDirectoryMappings">
<mapping directory="$PROJECT_DIR$" vcs="Git" />
</component>
</project>

View file

@ -1,12 +0,0 @@
Primary Authors
===============
* __[Thomas Hii](dukefirehawk.apps@gmail.com)__
Thomas is the current maintainer of the code base. He has refactored and migrated the
code base to support NNBD.
* __[Tobe O](thosakwe@gmail.com)__
Tobe has written much of the original code prior to NNBD migration. He has moved on and
is no longer involved with the project.

View file

@ -1,74 +1,13 @@
# Change Log
## 8.2.0
* Require Dart >= 3.3
* Updated `lints` to 4.0.0
## 8.1.1
* Updated repository link
## 8.1.0
* Updated `lints` to 3.0.0
* Fixed linter warnings
## 8.0.0
* Require Dart >= 3.0
* Issue: `oauth2` does not support `http` 1.0.0
## 7.0.1
* Updated example
## 7.0.0
* Require Dart >= 2.17
## 6.0.0
* Require Dart >= 2.16
## 5.0.0
* Skipped release
## 4.1.0
* Updated linter to `package:lints`
## 4.0.2
* Updated example
## 4.0.1
* Updated README
## 4.0.0
* Migrated to support Dart >= 2.12 NNBD
## 3.0.0
* Migrated to work with Dart >= 2.12.x Non NNBD
## 2.1.0
* Protevus 2 + Dart 2 update
# 2.1.0
* Angel 2 + Dart 2 update
* Support for handling errors + rejections.
* Use `ExternalAuthOptions`.
## 2.0.0+1
# 2.0.0+1
* Meta update to improve Pub score.
## 2.0.0
# 2.0.0
* Angel 2 + Dart 2 updates.
* Protevus 2 + Dart 2 updates.
## 1.0.2
Added `getParameters` to `ProtevusOAuth2Options`.
# 1.0.2
Added `getParameters` to `AngelOAuth2Options`.

View file

@ -1,29 +1,21 @@
BSD 3-Clause License
MIT License
Copyright (c) 2021, dukefirehawk.com
All rights reserved.
Copyright (c) 2017 Tobe O
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

View file

@ -1,18 +1,14 @@
# Protevus OAuth2 Handler
# auth_oauth2
![Pub Version (including pre-releases)](https://img.shields.io/pub/v/protevus_auth_oauth2?include_prereleases)
![Null Safety](https://img.shields.io/badge/null-safety-brightgreen)(<https://dart.dev/null-safety>)
[![Discord](https://img.shields.io/discord/1060322353214660698)](https://discord.gg/3X6bxTUdCM)
[![License](https://img.shields.io/github/license/dart-backend/protevus)](https://github.com/dart-backend/protevus/tree/master/packages/auth_oauth2/LICENSE)
[![Pub](https://img.shields.io/pub/v/angel_auth_oauth2.svg)](https://pub.dartlang.org/packages/angel_auth_oauth2)
Protevus library for authenticating users with remote identity providers via OAuth2, i.e. Facebook, Google, Azure AD, etc.
## Usage
`package:angel_auth` strategy for OAuth2 login, i.e. Facebook or Github.
# Usage
First, create an options object:
```dart
configureServer(Protevus app) async {
configureServer(Angel app) async {
// Load from a Map, i.e. app config:
var opts = ExternalAuthOptions.fromMap(app.configuration['auth0'] as Map);
@ -24,10 +20,11 @@ configureServer(Protevus app) async {
}
```
After getting authenticated against the remote server, we need to be able to identify users within our own application.
After getting authenticated against the remote server, we need to be able to identify
users within our own application.
```dart
typedef OAuth2Verifier = FutureOr<User> Function(oauth2.Client, RequestContext, ResponseContext);
typedef FutureOr<User> OAuth2Verifier(oauth2.Client, RequestContext, ResponseContext);
/// You might use a pure function to create a verifier that queries a
/// given service.
@ -52,10 +49,12 @@ OAuth2Verifier oauth2verifier(Service<User> userService) {
}
```
Now, initialize an `OAuth2Strategy`, using the options and verifier. You'll also need to provide a name for this instance of the strategy. Consider using the name of the remote authentication provider (ex. `facebook`).
Now, initialize an `OAuth2Strategy`, using the options and verifier.
You'll also need to provide a name for this instance of the strategy.
Consider using the name of the remote authentication provider (ex. `facebook`).
```dart
configureServer(Protevus app) {
configureServer(Angel app) {
auth.strategies['github'] = OAuth2Strategy(
options,
authorizationEndpoint,
@ -71,17 +70,19 @@ configureServer(Protevus app) {
}
```
Lastly, connect it to an `ProtevusAuth` instance, and wire it up to an `Protevus` server. Set up two routes:
Lastly, connect it to an `AngelAuth` instance, and wire it up to an `Angel` server.
Set up two routes:
1. Redirect users to the external provider
2. Acts as a callback and handles an access code
In the case of the callback route, you may want to display an HTML page that closes a popup window. In this case, use `confirmPopupAuthentication`, which is bundled with `package:protevus_auth`, as a `callback` function:
In the case of the callback route, you may want to display an HTML page that closes
a popup window. In this case, use `confirmPopupAuthentication`, which is bundled with
`package:angel_auth`, as a `callback` function:
```dart
configureServer(Protevus app) async {
configureServer(Angel app) async {
// ...
var auth = ProtevusAuth<User>();
var auth = AngelAuth<User>();
auth.strategies['github'] = oauth2Strategy;
// Redirect
@ -90,7 +91,7 @@ configureServer(Protevus app) async {
// Callback
app.get('/auth/github/callback', auth.authenticate(
'github',
ProtevusAuthOptions(callback: confirmPopupAuthentication())
AngelAuthOptions(callback: confirmPopupAuthentication())
));
// Connect the plug-in!!!
@ -99,20 +100,22 @@ configureServer(Protevus app) async {
```
## Custom Scope Delimiter
This package should work out-of-the-box for most OAuth2 providers, such as Github or Dropbox. However, if your OAuth2 scopes are separated by a delimiter other than the default (`' '`), you can add it in the `OAuth2Strategy` constructor:
This package should work out-of-the-box for most OAuth2 providers, such as Github or Dropbox.
However, if your OAuth2 scopes are separated by a delimiter other than the default (`' '`),
you can add it in the `OAuth2Strategy` constructor:
```dart
configureServer(Protevus app) async {
configureServer(Angel app) async {
OAuth2Strategy(..., delimiter: ' ');
}
```
## Handling non-JSON responses
Many OAuth2 providers do not follow the specification, and do not return
`application/json` responses.
Many OAuth2 providers do not follow the specification, and do not return `application/json` responses.
You can add a `getParameters` callback to parse the contents of any arbitrary response:
You can add a `getParameters` callback to parse the contents of any arbitrary
response:
```dart
OAuth2Strategy(

View file

@ -1 +1,4 @@
include: package:lints/recommended.yaml
include: package:pedantic/analysis_options.yaml
analyzer:
strong-mode:
implicit-casts: false

View file

@ -1,8 +1,8 @@
import 'dart:convert';
import 'package:protevus_auth/protevus_auth.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:protevus_framework/http.dart';
import 'package:protevus_auth_oauth2/protevus_auth_oauth2.dart';
import 'package:angel_auth/angel_auth.dart';
import 'package:angel_framework/angel_framework.dart';
import 'package:angel_framework/http.dart';
import 'package:angel_auth_oauth2/angel_auth_oauth2.dart';
import 'package:http_parser/http_parser.dart';
import 'package:logging/logging.dart';
@ -33,9 +33,9 @@ Map<String, dynamic> parseParamsFromGithub(MediaType contentType, String body) {
void main() async {
// Create the server instance.
var app = Protevus();
var http = ProtevusHttp(app);
app.logger = Logger('protevus')
var app = Angel();
var http = AngelHttp(app);
app.logger = Logger('angel')
..onRecord.listen((rec) {
print(rec);
if (rec.error != null) print(rec.error);
@ -47,12 +47,11 @@ void main() async {
var mappedUserService = userService.map(User.parse, User.serialize);
// Set up the authenticator plugin.
var auth = ProtevusAuth<User>(
serializer: (user) async => user.id ?? '',
deserializer: (id) => mappedUserService.read(id),
jwtKey: 'oauth2 example secret',
allowCookie: false);
await app.configure(auth.configureServer);
var auth =
AngelAuth<User>(jwtKey: 'oauth2 example secret', allowCookie: false);
auth.serializer = (user) async => user.id;
auth.deserializer = (id) => mappedUserService.read(id.toString());
app.fallback(auth.decodeJwt);
/// Create an instance of the strategy class.
auth.strategies['github'] = OAuth2Strategy(
@ -64,7 +63,7 @@ void main() async {
(client, req, res) async {
var response = await client.get(Uri.parse('https://api.github.com/user'));
var ghUser = json.decode(response.body);
var id = ghUser['id'] as int?;
var id = ghUser['id'] as int;
var matchingUsers = await mappedUserService.index({
'query': {'github_id': id}
@ -86,7 +85,7 @@ void main() async {
},
// We have to pass this parser function when working with Github.
//getParameters: parseParamsFromGithub,
getParameters: parseParamsFromGithub,
);
// Mount some routes
@ -94,12 +93,12 @@ void main() async {
app.get(
'/auth/github/callback',
auth.authenticate('github',
ProtevusAuthOptions(callback: (req, res, jwt) async {
AngelAuthOptions(callback: (req, res, jwt) async {
// In real-life, you might include a pop-up callback script.
//
// Use `confirmPopupAuthentication`, which is bundled with
// `package:angel_auth`.
var user = req.container!.make<User>();
var user = req.container.make<User>();
res.write('Your user info: ${user.toJson()}\n\n');
res.write('Your JWT: $jwt');
await res.close();
@ -113,12 +112,15 @@ void main() async {
}
class User extends Model {
int? githubId;
@override
String id;
User({super.id, this.githubId});
int githubId;
static User parse(Map<String, dynamic> map) =>
User(id: map['id'] as String?, githubId: map['github_id'] as int?);
User({this.id, this.githubId});
static User parse(Map map) =>
User(id: map['id'] as String, githubId: map['github_id'] as int);
static Map<String, dynamic> serialize(User user) => user.toJson();

View file

@ -1,12 +1,12 @@
library protevus_auth_oauth2;
library angel_auth_oauth2;
import 'dart:async';
import 'package:protevus_auth/protevus_auth.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:angel_auth/angel_auth.dart';
import 'package:angel_framework/angel_framework.dart';
import 'package:http_parser/http_parser.dart';
import 'package:oauth2/oauth2.dart' as oauth2;
/// An Protevus [AuthStrategy] that signs users in via a third-party service that speaks OAuth 2.0.
/// An Angel [AuthStrategy] that signs users in via a third-party service that speaks OAuth 2.0.
class OAuth2Strategy<User> implements AuthStrategy<User> {
/// A callback that uses the third-party service to authenticate a [User].
///
@ -28,34 +28,34 @@ class OAuth2Strategy<User> implements AuthStrategy<User> {
final Uri tokenEndpoint;
/// An optional callback used to parse the response from a server who does not follow the OAuth 2.0 spec.
final Map<String, dynamic> Function(MediaType?, String)? getParameters;
final Map<String, dynamic> Function(MediaType, String) getParameters;
/// An optional delimiter used to send requests to server who does not follow the OAuth 2.0 spec.
final String delimiter;
Uri? _redirect;
Uri _redirect;
OAuth2Strategy(this.options, this.authorizationEndpoint, this.tokenEndpoint,
this.verifier, this.onError,
{this.getParameters, this.delimiter = ' '});
oauth2.AuthorizationCodeGrant _createGrant() => oauth2.AuthorizationCodeGrant(
options.clientId, authorizationEndpoint, tokenEndpoint,
oauth2.AuthorizationCodeGrant _createGrant() =>
new oauth2.AuthorizationCodeGrant(options.clientId, authorizationEndpoint,
tokenEndpoint,
secret: options.clientSecret,
delimiter: delimiter,
getParameters: getParameters);
@override
FutureOr<User?> authenticate(RequestContext req, ResponseContext res,
[ProtevusAuthOptions<User>? options]) async {
FutureOr<User> authenticate(RequestContext req, ResponseContext res,
[AngelAuthOptions<User> options]) async {
if (options != null) {
var result = await authenticateCallback(req, res, options);
if (result is User) {
if (result is User)
return result;
} else {
else
return null;
}
}
if (_redirect == null) {
var grant = _createGrant();
@ -65,20 +65,20 @@ class OAuth2Strategy<User> implements AuthStrategy<User> {
);
}
await res.redirect(_redirect);
res.redirect(_redirect);
return null;
}
/// The endpoint that is invoked by the third-party after successful authentication.
Future<dynamic> authenticateCallback(RequestContext req, ResponseContext res,
[ProtevusAuthOptions? options]) async {
[AngelAuthOptions options]) async {
var grant = _createGrant();
grant.getAuthorizationUrl(this.options.redirectUri,
scopes: this.options.scopes);
try {
var client =
await grant.handleAuthorizationResponse(req.uri!.queryParameters);
await grant.handleAuthorizationResponse(req.uri.queryParameters);
return await verifier(client, req, res);
} on oauth2.AuthorizationException catch (e) {
return await onError(e, req, res);

View file

@ -1,30 +1,24 @@
name: protevus_auth_oauth2
version: 8.2.0
description: Protevus library for authenticating users with external identity providers via OAuth2.
homepage: https://protevus-framework.web.app/
repository: https://github.com/dart-backend/protevus/tree/master/packages/auth_oauth2
name: angel_auth_oauth2
description: angel_auth strategy for OAuth2 login, i.e. Facebook, Github, etc.
version: 3.0.0
#author: Tobe O <thosakwe@gmail.com>
publish_to: none
environment:
sdk: '>=3.3.0 <4.0.0'
sdk: ">=2.10.0 <3.0.0"
homepage: https://github.com/angel-dart/auth_oauth2.git
dependencies:
protevus_auth: ^8.0.0
protevus_framework: ^8.0.0
angel_auth:
git:
url: https://github.com/dukefirehawk/angel.git
ref: sdk-2.12.x
path: packages/auth
angel_framework:
git:
url: https://github.com/dukefirehawk/angel.git
ref: sdk-2.12.x
path: packages/framework
http_parser: ^4.0.0
oauth2: ^2.0.0
dev_dependencies:
logging: ^1.2.0
lints: ^4.0.0
# dependency_overrides:
# protevus_container:
# path: ../container/angel_container
# protevus_framework:
# path: ../framework
# protevus_http_exception:
# path: ../http_exception
# protevus_model:
# path: ../model
# protevus_route:
# path: ../route
# protevus_mock_request:
# path: ../mock_request
# protevus_auth:
# path: ../auth
logging: ^1.0.0
pedantic: ^1.0.0

View file

@ -1,36 +1,5 @@
# Change Log
## 8.0.0
* Require Dart >= 3.3
* Updated `oauth1` to `belatuk_oauth1`
* Updated `lints` to 4.0.0
* Updated repository link
* Fixed linter warnings
## 7.0.0
* Require Dart >= 2.17
## 6.0.0
* Require Dart >= 2.16
## 5.0.0
* Skipped release
## 4.0.0
* Migrated to support Dart >= 2.12 NNBD
## 3.0.0
* Migrated to work with Dart >= 2.12 Non NNBD
## 2.0.0
* Protevus 2 + Dart 2 suppport.
# 2.0.0
* Angel 2 + Dart 2 suppport.
* Use `package:twitter` instead of `package:twit`.
* Add `TwitterAuthorizationException`.
* Add `onError` callback.

View file

@ -1,29 +1,21 @@
BSD 3-Clause License
MIT License
Copyright (c) 2023, dukefirehawk.com
All rights reserved.
Copyright (c) 2016 The Angel Framework
Redistribution and use in source and binary forms, with or without
modification, are permitted provided that the following conditions are met:
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
1. Redistributions of source code must retain the above copyright notice, this
list of conditions and the following disclaimer.
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
2. Redistributions in binary form must reproduce the above copyright notice,
this list of conditions and the following disclaimer in the documentation
and/or other materials provided with the distribution.
3. Neither the name of the copyright holder nor the names of its
contributors may be used to endorse or promote products derived from
this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

View file

@ -1,11 +1,4 @@
# Protevus Twitter OAuth1
# auth_twitter
angel_auth strategy for Twitter login.
![Pub Version (including pre-releases)](https://img.shields.io/pub/v/protevus_auth_twitter?include_prereleases)
![Null Safety](https://img.shields.io/badge/null-safety-brightgreen)](<https://dart.dev/null-safety>)
[![Discord](https://img.shields.io/discord/1060322353214660698)](https://discord.gg/3X6bxTUdCM)
[![License](https://img.shields.io/github/license/dart-backend/protevus)](https://github.com/dart-backend/protevus/tree/master/packages/auth_twitter/LICENSE)
**Not ready for release**
Protevus authentication strategy using Twitter OAuth 1.0a.
See the [example](example/example.dart);
See the [example](example/server.dart);

View file

@ -1 +1,4 @@
include: package:lints/recommended.yaml
include: package:pedantic/analysis_options.yaml
analyzer:
strong-mode:
implicit-casts: false

View file

@ -1,9 +1,9 @@
import 'dart:convert';
import 'dart:io';
import 'package:protevus_auth/protevus_auth.dart';
import 'package:protevus_auth_twitter/protevus_auth_twitter.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:protevus_framework/http.dart';
import 'package:angel_auth/angel_auth.dart';
import 'package:angel_auth_twitter/angel_auth_twitter.dart';
import 'package:angel_framework/angel_framework.dart';
import 'package:angel_framework/http.dart';
import 'package:logging/logging.dart';
class _User {
@ -14,10 +14,10 @@ class _User {
Map<String, dynamic> toJson() => {'handle': handle};
}
void main() async {
var app = Protevus();
var http = ProtevusHttp(app);
var auth = ProtevusAuth<_User>(
main() async {
var app = Angel();
var http = AngelHttp(app);
var auth = AngelAuth<_User>(
jwtKey: 'AUTH_TWITTER_SECRET',
allowCookie: false,
serializer: (user) async => user.handle,
@ -38,8 +38,8 @@ void main() async {
'http://localhost:3000/auth/twitter/callback',
),
(twit, req, res) async {
var response = await twit.client.get(Uri.parse(
'https://api.twitter.com/1.1/account/verify_credentials.json'));
var response = await twit.twitterClient
.get('https://api.twitter.com/1.1/account/verify_credentials.json');
var userData = json.decode(response.body) as Map;
return _User(userData['screen_name'] as String);
},
@ -48,18 +48,21 @@ void main() async {
if (e.isDenial) {
res.write("Why'd you say no???");
} else {
res.write('oops: ${e.message}');
res.write("oops: ${e.message}");
}
},
);
app.get('/', auth.authenticate('twitter'));
app
..fallback(auth.decodeJwt)
..get('/', auth.authenticate('twitter'));
app.get(
app
..get(
'/auth/twitter/callback',
auth.authenticate(
'twitter',
ProtevusAuthOptions(
AngelAuthOptions(
callback: (req, res, jwt) {
return res.redirect('/home?token=$jwt');
},
@ -72,7 +75,7 @@ void main() async {
chain([
requireAuthentication<_User>(),
(req, res) {
var user = req.container!.make<_User>();
var user = req.container.make<_User>();
res.write('Your Twitter handle is ${user.handle}');
return false;
},

View file

@ -1,13 +1,11 @@
import 'dart:async';
import 'dart:convert';
import 'dart:io';
import 'package:protevus_auth/protevus_auth.dart';
import 'package:protevus_framework/protevus_framework.dart';
import 'package:angel_auth/angel_auth.dart';
import 'package:angel_framework/angel_framework.dart';
import 'package:http/http.dart' as http;
import 'package:oauth/oauth.dart' as oauth;
import 'package:path/path.dart' as p;
//import 'package:oauth1/oauth1.dart' as oauth;
import 'package:belatuk_oauth1/belatuk_oauth1.dart' as oauth;
import 'package:dart_twitter_api/twitter_api.dart';
import 'package:twitter/twitter.dart';
/// Authenticates users by connecting to Twitter's API.
class TwitterStrategy<User> extends AuthStrategy<User> {
@ -17,7 +15,7 @@ class TwitterStrategy<User> extends AuthStrategy<User> {
/// A callback that uses Twitter to authenticate a [User].
///
/// As always, return `null` if authentication fails.
final FutureOr<User> Function(TwitterApi, RequestContext, ResponseContext)
final FutureOr<User> Function(Twitter, RequestContext, ResponseContext)
verifier;
/// A callback that is triggered when an OAuth2 error occurs (i.e. the user declines to login);
@ -27,47 +25,17 @@ class TwitterStrategy<User> extends AuthStrategy<User> {
/// The root of Twitter's API. Defaults to `'https://api.twitter.com'`.
final Uri baseUrl;
oauth.Client? _client;
oauth.Client _client;
/// The underlying [oauth.Client] used to query Twitter.
oauth.Client get client => _client!;
oauth.Client get client => _client;
TwitterStrategy(this.options, this.verifier, this.onError,
{http.BaseClient? client, Uri? baseUrl})
: baseUrl = baseUrl ?? Uri.parse('https://api.twitter.com') {
// define platform (server)
final oauth.Platform platform = oauth.Platform(
'$baseUrl/oauth/request_token', // temporary credentials request
'$baseUrl/oauth/authorize', // resource owner authorization
'$baseUrl/oauth/access_token', // token credentials request
oauth.SignatureMethods.hmacSha1 // signature method
);
// define client credentials (consumer keys)
final oauth.ClientCredentials clientCredentials =
oauth.ClientCredentials(options.clientId, options.clientSecret);
// create Authorization object with client credentials and platform definition
final oauth.Authorization auth =
oauth.Authorization(clientCredentials, platform);
// request temporary credentials (request tokens)
auth.requestTemporaryCredentials('oob').then((res) {
// redirect to authorization page
print(
"Open with your browser: ${auth.getResourceOwnerAuthorizationURI(res.credentials.token)}");
// get verifier (PIN)
stdout.write("PIN: ");
String verifier = stdin.readLineSync() ?? '';
// request token credentials (access tokens)
return auth.requestTokenCredentials(res.credentials, verifier);
}).then((res) {
// create Client object
_client = oauth.Client(
platform.signatureMethod, clientCredentials, res.credentials);
});
{http.BaseClient client, Uri baseUrl})
: this.baseUrl = baseUrl ?? Uri.parse('https://api.twitter.com') {
var tokens = oauth.Tokens(
consumerId: options.clientId, consumerKey: options.clientSecret);
_client = oauth.Client(tokens, client: client);
}
/// Handle a response from Twitter.
@ -92,7 +60,7 @@ class TwitterStrategy<User> extends AuthStrategy<User> {
/// Get an access token.
Future<Map<String, String>> getAccessToken(String token, String verifier) {
return client.post(
return _client.post(
baseUrl.replace(path: p.join(baseUrl.path, 'oauth/access_token')),
headers: {
'accept': 'application/json'
@ -107,46 +75,45 @@ class TwitterStrategy<User> extends AuthStrategy<User> {
/// Get a request token.
Future<Map<String, String>> getRequestToken() {
return client.post(
return _client.post(
baseUrl.replace(path: p.join(baseUrl.path, 'oauth/request_token')),
headers: {
'accept': 'application/json'
},
body: {
'oauth_callback': options.redirectUri.toString()
"oauth_callback": options.redirectUri.toString()
}).then(handleUrlEncodedResponse);
}
@override
Future<User?> authenticate(RequestContext req, ResponseContext res,
[ProtevusAuthOptions? options]) async {
Future<User> authenticate(RequestContext req, ResponseContext res,
[AngelAuthOptions options]) async {
try {
if (options != null) {
var result = await authenticateCallback(req, res, options);
if (result is User) {
if (result is User)
return result;
} else {
else
return null;
}
} else {
var result = await getRequestToken();
var token = result['oauth_token'];
var url = baseUrl.replace(
path: p.join(baseUrl.path, 'oauth/authorize'),
queryParameters: {'oauth_token': token});
await res.redirect(url);
res.redirect(url);
return null;
}
} on TwitterAuthorizationException catch (e) {
var result = await onError(e, req, res);
await req.app?.executeHandler(result, req, res);
await req.app.executeHandler(result, req, res);
await res.close();
return null;
}
}
Future authenticateCallback(RequestContext req, ResponseContext res,
ProtevusAuthOptions options) async {
Future authenticateCallback(
RequestContext req, ResponseContext res, AngelAuthOptions options) async {
try {
if (req.queryParameters.containsKey('denied')) {
throw TwitterAuthorizationException(
@ -156,13 +123,8 @@ class TwitterStrategy<User> extends AuthStrategy<User> {
var token = req.queryParameters['oauth_token'] as String;
var verifier = req.queryParameters['oauth_verifier'] as String;
var loginData = await getAccessToken(token, verifier);
var twitter = TwitterApi(
client: TwitterClient(
consumerKey: this.options.clientId,
consumerSecret: this.options.clientSecret,
token: loginData['oauth_token'] ?? '',
secret: loginData['oauth_token_secret'] ?? ''));
var twitter = Twitter(this.options.clientId, this.options.clientSecret,
loginData['oauth_token'], loginData['oauth_token_secret']);
return await this.verifier(twitter, req, res);
} on TwitterAuthorizationException catch (e) {
return await onError(e, req, res);

View file

@ -1,34 +1,28 @@
name: "protevus_auth_twitter"
description: Protevus authentication strategy for Twitter login. Auto-signs requests.
version: 8.0.0
homepage: https://protevus-framework.web.app/
repository: https://github.com/dart-backend/protevus/tree/master/packages/auth_twitter
publish_to: none
name: "angel_auth_twitter"
#author: "Tobe O <thosakwe@gmail.com>"
description: "package:angel_auth strategy for Twitter login. Auto-signs requests."
environment:
sdk: ">=3.3.0 <4.0.0"
sdk: ">=2.10.0 <3.0.0"
homepage: "https://github.com/angel-dart/auth_twitter.git"
version: 3.0.0
publish_to: none
dependencies:
protevus_auth: ^8.0.0
protevus_framework: ^8.0.0
http: ^1.0.0
path: ^1.9.0
belatuk_oauth1: ^3.0.0
dart_twitter_api: ^0.5.6+1
angel_auth:
git:
url: https://github.com/dukefirehawk/angel.git
ref: sdk-2.12.x
path: packages/auth
angel_framework:
git:
url: https://github.com/dukefirehawk/angel.git
ref: sdk-2.12.x
path: packages/framework
http: ^0.13.0
path: ^1.0.0
twitter:
git:
url: https://github.com/dukefirehawk/twitter.dart.git
ref: sdk-2.12.x
dev_dependencies:
logging: ^1.2.0
lints: ^4.0.0
dependency_overrides:
http: ^1.0.0
# protevus_container:
# path: ../container/angel_container
# protevus_framework:
# path: ../framework
# protevus_http_exception:
# path: ../http_exception
# protevus_model:
# path: ../model
# protevus_route:
# path: ../route
# protevus_mock_request:
# path: ../mock_request
# protevus_auth:
# path: ../auth
logging: ^1.0.0
pedantic: ^1.11.0

64
packages/body_parser/.gitignore vendored Normal file
View file

@ -0,0 +1,64 @@
# Created by .ignore support plugin (hsz.mobi)
### JetBrains template
# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio and Webstorm
# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
# User-specific stuff:
.idea/**/workspace.xml
.idea/**/tasks.xml
.idea/dictionaries
# Sensitive or high-churn files:
.idea/**/dataSources/
.idea/**/dataSources.ids
.idea/**/dataSources.xml
.idea/**/dataSources.local.xml
.idea/**/sqlDataSources.xml
.idea/**/dynamic.xml
.idea/**/uiDesigner.xml
# Gradle:
.idea/**/gradle.xml
.idea/**/libraries
# CMake
cmake-build-debug/
# Mongo Explorer plugin:
.idea/**/mongoSettings.xml
## File-based project format:
*.iws
## Plugin-specific files:
# IntelliJ
out/
# mpeltonen/sbt-idea plugin
.idea_modules/
# JIRA plugin
atlassian-ide-plugin.xml
# Cursive Clojure plugin
.idea/replstate.xml
# Crashlytics plugin (for Android Studio and IntelliJ)
com_crashlytics_export_strings.xml
crashlytics.properties
crashlytics-build.properties
fabric.properties
### Dart template
# See https://www.dartlang.org/tools/private-files.html
# Files and directories created by pub
.packages
.pub/
build/
# If you're building an application, you may want to check-in your pubspec.lock
pubspec.lock
# Directory created by dartdoc
# If you don't generate documentation locally you can remove this line.
doc/api/

View file

@ -0,0 +1,15 @@
<?xml version="1.0" encoding="UTF-8"?>
<module type="JAVA_MODULE" version="4">
<component name="NewModuleRootManager" inherit-compiler-output="true">
<exclude-output />
<content url="file://$MODULE_DIR$">
<excludeFolder url="file://$MODULE_DIR$/.dart_tool" />
<excludeFolder url="file://$MODULE_DIR$/.pub" />
<excludeFolder url="file://$MODULE_DIR$/build" />
</content>
<orderEntry type="inheritedJdk" />
<orderEntry type="sourceFolder" forTests="false" />
<orderEntry type="library" name="Dart SDK" level="project" />
<orderEntry type="library" name="Dart Packages" level="project" />
</component>
</module>

View file

@ -0,0 +1,421 @@
<component name="libraryTable">
<library name="Dart Packages" type="DartPackagesLibraryType">
<properties>
<option name="packageNameToDirsMap">
<entry key="analyzer">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/analyzer-0.32.4/lib" />
</list>
</value>
</entry>
<entry key="args">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/args-1.5.0/lib" />
</list>
</value>
</entry>
<entry key="async">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/async-2.0.8/lib" />
</list>
</value>
</entry>
<entry key="boolean_selector">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/boolean_selector-1.0.4/lib" />
</list>
</value>
</entry>
<entry key="charcode">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/charcode-1.1.2/lib" />
</list>
</value>
</entry>
<entry key="collection">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/collection-1.14.11/lib" />
</list>
</value>
</entry>
<entry key="convert">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/convert-2.0.2/lib" />
</list>
</value>
</entry>
<entry key="crypto">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/crypto-2.0.6/lib" />
</list>
</value>
</entry>
<entry key="csslib">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/csslib-0.14.4+1/lib" />
</list>
</value>
</entry>
<entry key="dart2_constant">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/dart2_constant-1.0.2+dart2/lib" />
</list>
</value>
</entry>
<entry key="front_end">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/front_end-0.1.4/lib" />
</list>
</value>
</entry>
<entry key="glob">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/glob-1.1.7/lib" />
</list>
</value>
</entry>
<entry key="html">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/html-0.13.3+2/lib" />
</list>
</value>
</entry>
<entry key="http">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/http-0.11.3+17/lib" />
</list>
</value>
</entry>
<entry key="http_multi_server">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/http_multi_server-2.0.5/lib" />
</list>
</value>
</entry>
<entry key="http_parser">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/http_parser-3.1.3/lib" />
</list>
</value>
</entry>
<entry key="http_server">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/http_server-0.9.8/lib" />
</list>
</value>
</entry>
<entry key="io">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/io-0.3.3/lib" />
</list>
</value>
</entry>
<entry key="js">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/js-0.6.1+1/lib" />
</list>
</value>
</entry>
<entry key="json_rpc_2">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/json_rpc_2-2.0.9/lib" />
</list>
</value>
</entry>
<entry key="kernel">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/kernel-0.3.4/lib" />
</list>
</value>
</entry>
<entry key="logging">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/logging-0.11.3+2/lib" />
</list>
</value>
</entry>
<entry key="matcher">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/matcher-0.12.3+1/lib" />
</list>
</value>
</entry>
<entry key="meta">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/meta-1.1.6/lib" />
</list>
</value>
</entry>
<entry key="mime">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/mime-0.9.6+2/lib" />
</list>
</value>
</entry>
<entry key="multi_server_socket">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/multi_server_socket-1.0.2/lib" />
</list>
</value>
</entry>
<entry key="node_preamble">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/node_preamble-1.4.4/lib" />
</list>
</value>
</entry>
<entry key="package_config">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/package_config-1.0.5/lib" />
</list>
</value>
</entry>
<entry key="package_resolver">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/package_resolver-1.0.4/lib" />
</list>
</value>
</entry>
<entry key="path">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/path-1.6.2/lib" />
</list>
</value>
</entry>
<entry key="plugin">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/plugin-0.2.0+3/lib" />
</list>
</value>
</entry>
<entry key="pool">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/pool-1.3.6/lib" />
</list>
</value>
</entry>
<entry key="pub_semver">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/pub_semver-1.4.2/lib" />
</list>
</value>
</entry>
<entry key="shelf">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf-0.7.3+3/lib" />
</list>
</value>
</entry>
<entry key="shelf_packages_handler">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf_packages_handler-1.0.4/lib" />
</list>
</value>
</entry>
<entry key="shelf_static">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf_static-0.2.8/lib" />
</list>
</value>
</entry>
<entry key="shelf_web_socket">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf_web_socket-0.2.2+4/lib" />
</list>
</value>
</entry>
<entry key="source_map_stack_trace">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/source_map_stack_trace-1.1.5/lib" />
</list>
</value>
</entry>
<entry key="source_maps">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/source_maps-0.10.7/lib" />
</list>
</value>
</entry>
<entry key="source_span">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/source_span-1.4.1/lib" />
</list>
</value>
</entry>
<entry key="stack_trace">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/stack_trace-1.9.3/lib" />
</list>
</value>
</entry>
<entry key="stream_channel">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/stream_channel-1.6.8/lib" />
</list>
</value>
</entry>
<entry key="string_scanner">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/string_scanner-1.0.3/lib" />
</list>
</value>
</entry>
<entry key="term_glyph">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/term_glyph-1.0.1/lib" />
</list>
</value>
</entry>
<entry key="test">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/test-1.3.0/lib" />
</list>
</value>
</entry>
<entry key="typed_data">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/typed_data-1.1.6/lib" />
</list>
</value>
</entry>
<entry key="utf">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/utf-0.9.0+5/lib" />
</list>
</value>
</entry>
<entry key="vm_service_client">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/vm_service_client-0.2.6/lib" />
</list>
</value>
</entry>
<entry key="watcher">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/watcher-0.9.7+10/lib" />
</list>
</value>
</entry>
<entry key="web_socket_channel">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/web_socket_channel-1.0.9/lib" />
</list>
</value>
</entry>
<entry key="yaml">
<value>
<list>
<option value="$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/yaml-2.1.15/lib" />
</list>
</value>
</entry>
</option>
</properties>
<CLASSES>
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/analyzer-0.32.4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/args-1.5.0/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/async-2.0.8/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/boolean_selector-1.0.4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/charcode-1.1.2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/collection-1.14.11/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/convert-2.0.2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/crypto-2.0.6/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/csslib-0.14.4+1/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/dart2_constant-1.0.2+dart2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/front_end-0.1.4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/glob-1.1.7/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/html-0.13.3+2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/http-0.11.3+17/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/http_multi_server-2.0.5/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/http_parser-3.1.3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/http_server-0.9.8/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/io-0.3.3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/js-0.6.1+1/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/json_rpc_2-2.0.9/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/kernel-0.3.4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/logging-0.11.3+2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/matcher-0.12.3+1/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/meta-1.1.6/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/mime-0.9.6+2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/multi_server_socket-1.0.2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/node_preamble-1.4.4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/package_config-1.0.5/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/package_resolver-1.0.4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/path-1.6.2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/plugin-0.2.0+3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/pool-1.3.6/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/pub_semver-1.4.2/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf-0.7.3+3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf_packages_handler-1.0.4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf_static-0.2.8/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/shelf_web_socket-0.2.2+4/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/source_map_stack_trace-1.1.5/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/source_maps-0.10.7/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/source_span-1.4.1/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/stack_trace-1.9.3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/stream_channel-1.6.8/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/string_scanner-1.0.3/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/term_glyph-1.0.1/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/test-1.3.0/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/typed_data-1.1.6/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/utf-0.9.0+5/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/vm_service_client-0.2.6/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/watcher-0.9.7+10/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/web_socket_channel-1.0.9/lib" />
<root url="file://$USER_HOME$/.pub-cache/hosted/pub.dartlang.org/yaml-2.1.15/lib" />
</CLASSES>
<JAVADOC />
<LIBRARY_FILE />
<SOURCES />
</library>
</component>

View file

@ -0,0 +1,8 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="ProjectModuleManager">
<modules>
<module fileurl="file://$PROJECT_DIR$/.idea/body_parser.iml" filepath="$PROJECT_DIR$/.idea/body_parser.iml" />
</modules>
</component>
</project>

View file

@ -0,0 +1,7 @@
<component name="ProjectRunConfigurationManager">
<configuration default="false" name="main.dart" type="DartCommandLineRunConfigurationType" factoryName="Dart Command Line Application" singleton="true" nameIsGenerated="true">
<option name="filePath" value="$PROJECT_DIR$/example/main.dart" />
<option name="workingDirectory" value="$PROJECT_DIR$" />
<method />
</configuration>
</component>

View file

@ -0,0 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<project version="4">
<component name="VcsDirectoryMappings">
<mapping directory="" vcs="Git" />
</component>
</project>

View file

@ -0,0 +1,4 @@
language: dart
dart:
- dev
- stable

View file

@ -0,0 +1,5 @@
# 1.1.1
* Dart 2 updates; should fix Angel in Travis.
# 1.1.0
* Add `parseBodyFromStream`

View file

@ -0,0 +1,21 @@
The MIT License (MIT)
Copyright (c) 2016 Tobe O
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

View file

@ -0,0 +1,82 @@
# body_parser
[![Pub](https://img.shields.io/pub/v/body_parser.svg)](https://pub.dartlang.org/packages/body_parser)
[![build status](https://travis-ci.org/angel-dart/body_parser.svg)](https://travis-ci.org/angel-dart/body_parser)
Parse request bodies and query strings in Dart, as well multipart/form-data uploads. No external
dependencies required.
This is the request body parser powering the
[Angel](https://angel-dart.github.io)
framework. If you are looking for a server-side solution with dependency injection,
WebSockets, and more, then I highly recommend it as your first choice. Bam!
### Contents
* [Body Parser](#body-parser)
* [About](#about)
* [Installation](#installation)
* [Usage](#usage)
* [Thanks](#thank-you-for-using-body-parser)
# About
I needed something like Express.js's `body-parser` module, so I made it here. It fully supports JSON requests.
x-www-form-urlencoded fully supported, as well as query strings. You can also include arrays in your query,
in the same way you would for a PHP application. Full file upload support will also be present by the production 1.0.0 release.
A benefit of this is that primitive types are automatically deserialized correctly. As in, if you have a `hello=1.5` request, then
`body['hello']` will equal `1.5` and not `'1.5'`. A very semantic difference, yes, but it relieves stress in my head.
# Installation
To install Body Parser for your Dart project, simply add body_parser to your
pub dependencies.
dependencies:
body_parser: any
# Usage
Body Parser exposes a simple class called `BodyParseResult`.
You can easily parse the query string and request body for a request by calling `Future<BodyParseResult> parseBody`.
```dart
import 'dart:convert';
import 'package:body_parser/body_parser.dart';
main() async {
// ...
await for (HttpRequest request in server) {
request.response.write(JSON.encode(await parseBody(request).body));
await request.response.close();
}
}
```
You can also use `buildMapFromUri(Map, String)` to populate a map from a URL encoded string.
This can easily be used with a library like [JSON God](https://github.com/thosakwe/json_god)
to build structured JSON/REST APIs. Add validation and you've got an instant backend.
```dart
MyClass create(HttpRequest request) async {
return god.deserialize(await parseBody(request).body, MyClass);
}
```
## Custom Body Parsing
In cases where you need to parse unrecognized content types, `body_parser` won't be of any help to you
on its own. However, you can use the `originalBuffer` property of a `BodyParseResult` to see the original
request buffer. To get this functionality, pass `storeOriginalBuffer` as `true` when calling `parseBody`.
For example, if you wanted to
[parse GraphQL queries within your server](https://github.com/angel-dart/graphql)...
```dart
app.get('/graphql', (req, res) async {
if (req.headers.contentType.mimeType == 'application/graphql') {
var graphQlString = new String.fromCharCodes(req.originalBuffer);
// ...
}
});
```

View file

@ -0,0 +1,3 @@
analyzer:
strong-mode:
implicit-casts: false

View file

@ -0,0 +1,61 @@
import 'dart:async';
import 'dart:convert';
import 'dart:io';
import 'dart:isolate';
import 'package:http_parser/http_parser.dart';
import 'package:body_parser/body_parser.dart';
main() async {
var address = '127.0.0.1';
var port = 3000;
var futures = <Future>[];
for (int i = 1; i < Platform.numberOfProcessors; i++) {
futures.add(Isolate.spawn(start, [address, port, i]));
}
Future.wait(futures).then((_) {
print('All instances started.');
print(
'Test with "wrk -t12 -c400 -d30s -s ./example/post.lua http://localhost:3000" or similar');
start([address, port, 0]);
});
}
void start(List args) {
var address = new InternetAddress(args[0] as String);
int port = 8080;
if (args[1] is int) {
args[1];
}
int id = 0;
if (args[2] is int) {
args[2];
}
HttpServer.bind(address, port, shared: true).then((server) {
server.listen((request) async {
// ignore: deprecated_member_use
var body = await defaultParseBody(request);
request.response
..headers.contentType = new ContentType('application', 'json')
..write(json.encode(body.body))
..close();
});
print(
'Server #$id listening at http://${server.address.address}:${server.port}');
});
}
Future<BodyParseResult> defaultParseBody(HttpRequest request,
{bool storeOriginalBuffer: false}) {
return parseBodyFromStream(
request,
request.headers.contentType != null
? new MediaType.parse(request.headers.contentType.toString())
: null,
request.uri,
storeOriginalBuffer: storeOriginalBuffer);
}

View file

@ -0,0 +1,6 @@
-- example HTTP POST script which demonstrates setting the
-- HTTP method, body, and adding a header
wrk.method = "POST"
wrk.body = "foo=bar&baz=quux"
wrk.headers["Content-Type"] = "application/x-www-form-urlencoded"

View file

@ -0,0 +1,6 @@
/// A library for parsing HTTP request bodies and queries.
library body_parser;
export 'src/body_parse_result.dart';
export 'src/file_upload_info.dart';
export 'src/parse_body.dart';

View file

@ -0,0 +1,28 @@
import 'file_upload_info.dart';
/// A representation of data from an incoming request.
abstract class BodyParseResult {
/// The parsed body.
Map<String, dynamic> get body;
/// The parsed query string.
Map<String, dynamic> get query;
/// All files uploaded within this request.
List<FileUploadInfo> get files;
/// The original body bytes sent with this request.
///
/// You must set [storeOriginalBuffer] to `true` to see this.
List<int> get originalBuffer;
/// If an error was encountered while parsing the body, it will appear here.
///
/// Otherwise, this is `null`.
dynamic get error;
/// If an error was encountered while parsing the body, the call stack will appear here.
///
/// Otherwise, this is `null`.
StackTrace get stack;
}

View file

@ -0,0 +1,7 @@
import 'file_upload_info.dart';
List<FileUploadInfo> getFileDataFromChunk(
String chunk, String boundary, String fileUploadName, Map body) {
List<FileUploadInfo> result = [];
return result;
}

View file

@ -0,0 +1,17 @@
/// Represents a file uploaded to the server.
class FileUploadInfo {
/// The MIME type of the uploaded file.
String mimeType;
/// The name of the file field from the request.
String name;
/// The filename of the file.
String filename;
/// The bytes that make up this file.
List<int> data;
FileUploadInfo(
{this.mimeType, this.name, this.filename, this.data: const []}) {}
}

View file

@ -0,0 +1,20 @@
import 'package:dart2_constant/convert.dart';
getValue(String value) {
try {
num numValue = num.parse(value);
if (!numValue.isNaN)
return numValue;
else
return value;
} on FormatException {
if (value.startsWith('[') && value.endsWith(']'))
return json.decode(value);
else if (value.startsWith('{') && value.endsWith('}'))
return json.decode(value);
else if (value.trim().toLowerCase() == 'null')
return null;
else
return value;
}
}

Some files were not shown because too many files have changed in this diff Show more