feat: add support for auth providers

package.json

@@ -36,7 +36,7 @@
     "@types/koa__router": "^12.0.0",
     "@typescript-eslint/eslint-plugin": "^5.56.0",
     "@typescript-eslint/parser": "^5.56.0",
-    "adminjs": "^7.0.0",
+    "adminjs": "^7.4.0",
     "eslint": "^8.36.0",
     "eslint-config-airbnb": "^19.0.4",
     "eslint-plugin-import": "^2.27.5",
@@ -52,7 +52,7 @@
   },
   "peerDependencies": {
     "@koa/router": "^12.0.0",
-    "adminjs": "^7.0.0",
+    "adminjs": "^7.4.0",
     "koa": "^2.14.1",
     "koa2-formidable": "^1.0.3"
   },

src/buildAuthenticatedRouter.ts

@@ -8,6 +8,10 @@ import formidableMiddleware from 'koa2-formidable'
 import { DEFAULT_ROOT_PATH } from './constants.js'
 import { KoaAuthOptions } from './types.js'
 import { addAdminJsAuthRoutes, addAdminJsRoutes } from './utils.js'
+
+const MISSING_AUTH_CONFIG_ERROR = 'You must configure either "authenticate" method or assign an auth "provider"'
+const INVALID_AUTH_CONFIG_ERROR = 'You cannot configure both "authenticate" and "provider". "authenticate" will be removed in next major release.'
+
 /**
  * Builds authenticated koa router.
  * @memberof module:@adminjs/koa
@@ -28,6 +32,22 @@ const buildAuthenticatedRouter = (
   predefinedRouter?: Router,
   formidableOptions?: Record<string, any>,
 ): Router => {
+  if (!auth.authenticate && !auth.provider) {
+    throw new Error(MISSING_AUTH_CONFIG_ERROR)
+  }
+
+  if (auth.authenticate && auth.provider) {
+    throw new Error(INVALID_AUTH_CONFIG_ERROR)
+  }
+
+  if (auth.provider) {
+    // eslint-disable-next-line no-param-reassign
+    admin.options.env = {
+      ...admin.options.env,
+      ...auth.provider.getUiProps(),
+    }
+  }
+
   const router = predefinedRouter || new Router({
     prefix: admin.options.rootPath || DEFAULT_ROOT_PATH,
   })

src/types.ts

@@ -1,4 +1,5 @@
-import { CurrentAdmin } from 'adminjs'
+import { BaseAuthProvider, CurrentAdmin } from 'adminjs'
+import { ParameterizedContext } from 'koa'
 import { opts as SessionOptions } from 'koa-session'
 
 /**
@@ -18,7 +19,11 @@ export type KoaAuthenticateFunction = (
   /**
    * Password passed in a form
    */
-  password: string
+  password: string,
+  /**
+   * Request context
+   */
+  context?: ParameterizedContext
 ) => Promise<CurrentAdmin | null>
 
 /**
@@ -32,10 +37,15 @@ export type KoaAuthOptions = {
   /**
    * Function returning {@link CurrentAdmin}
    */
-  authenticate: KoaAuthenticateFunction;
+  authenticate?: KoaAuthenticateFunction;
 
   /**
    * Session options passed to koa-session
    */
   sessionOptions?: Partial<SessionOptions>;
+
+  /**
+   * Auth provider instance
+   */
+  provider?: BaseAuthProvider;
 }

src/utils.ts

@@ -1,5 +1,6 @@
+/* eslint-disable no-underscore-dangle */
 import Router from '@koa/router'
-import AdminJS, { ActionRequest, Router as AdminJSRouter } from 'adminjs'
+import AdminJS, { ActionRequest, Router as AdminJSRouter, CurrentAdmin } from 'adminjs'
 import type { Files } from 'formidable'
 import Application, { Middleware, ParameterizedContext, Request } from 'koa'
 import mount from 'koa-mount'
@@ -14,6 +15,8 @@
 } from './constants.js'
 import { KoaAuthOptions } from './types.js'
 
+const MISSING_PROVIDER_ERROR = '"provider" has to be configured to use refresh token mechanism'
+
 type RequestWithFiles = Request & {
   files: Files;
 };
@@ -91,14 +94,23 @@
 
 const addAdminJsAuthRoutes = (admin: AdminJS, router: Router, auth: KoaAuthOptions): void => {
   const { rootPath } = admin.options
-  let { loginPath, logoutPath } = admin.options
+  let { loginPath, logoutPath, refreshTokenPath } = admin.options
   loginPath = loginPath.replace(DEFAULT_ROOT_PATH, '')
   logoutPath = logoutPath.replace(DEFAULT_ROOT_PATH, '')
+  refreshTokenPath = refreshTokenPath.replace(DEFAULT_ROOT_PATH, '')
+
+  const { provider } = auth
+  const providerProps = provider?.getUiProps() ?? {}
 
   router.get(loginPath, async (ctx) => {
-    ctx.body = await admin.renderLogin({
+    const baseProps = {
       action: rootPath + loginPath,
       errorMessage: null,
+    }
+
+    ctx.body = await admin.renderLogin({
+      ...baseProps,
+      ...providerProps,
     })
   })
 
@@ -107,8 +119,26 @@
       throw new Error('Invalid state, no session object in context')
     }
 
-    const { email, password } = (ctx.request as any).body
-    const adminUser = await auth.authenticate(email, password)
+    let adminUser
+    if (provider) {
+      adminUser = await provider.handleLogin(
+        {
+          headers: ctx.request.headers ?? {},
+          query: ctx.request.query ?? {},
+          params: ctx.params ?? {},
+          data: ctx.request.body ?? {},
+        },
+        ctx,
+      )
+    } else {
+      const { email, password } = ctx.request.body as {
+        email: string;
+        password: string;
+      }
+      // "auth.authenticate" must always be defined if "auth.provider" isn't
+      adminUser = await auth.authenticate!(email, password, ctx)
+    }
+
     if (adminUser) {
       ctx.session.adminUser = adminUser
       ctx.session.save()
@@ -126,10 +156,52 @@
   })
 
   router.get(logoutPath, async (ctx: ParameterizedContext) => {
+    if (provider) {
+      await provider.handleLogout(ctx)
+    }
+
     ctx.session = null
     ctx.redirect(rootPath + loginPath)
   })
 
+  router.post(refreshTokenPath, async (ctx: ParameterizedContext) => {
+    if (ctx.session == null) {
+      throw new Error('Invalid state, no session object in context')
+    }
+
+    if (!provider) {
+      throw new Error(MISSING_PROVIDER_ERROR)
+    }
+
+    const updatedAuthInfo = await provider.handleRefreshToken(
+      {
+        data: ctx.request.body ?? {},
+        query: ctx.request.query ?? {},
+        params: ctx.params ?? {},
+        headers: ctx.request.headers,
+      },
+      ctx,
+    )
+
+    let adminObject = ctx.session.adminUser as Partial<CurrentAdmin> | null
+    if (!adminObject) {
+      adminObject = {}
+    }
+
+    if (!adminObject._auth) {
+      adminObject._auth = {}
+    }
+
+    adminObject._auth = {
+      ...adminObject._auth,
+      ...updatedAuthInfo,
+    }
+
+    ctx.session.adminUser = adminObject
+    ctx.body = adminObject
+    ctx.session.save()
+  })
+
   router.use(async (ctx: ParameterizedContext, next) => {
     if (ctx.session == null) {
       throw new Error('Invalid state, no session object in context')

yarn.lock

@@ -2755,51 +2755,6 @@
   dependencies:
     "@types/node" "*"
 
-"@types/babel-core@^6.25.7":
-  version "6.25.7"
-  resolved "https://registry.yarnpkg.com/@types/babel-core/-/babel-core-6.25.7.tgz#f9c22d5c085686da2f6ffbdae778edb3e6017671"
-  integrity sha512-WPnyzNFVRo6bxpr7bcL27qXtNKNQ3iToziNBpibaXHyKGWQA0+tTLt73QQxC/5zzbM544ih6Ni5L5xrck6rGwg==
-  dependencies:
-    "@types/babel-generator" "*"
-    "@types/babel-template" "*"
-    "@types/babel-traverse" "*"
-    "@types/babel-types" "*"
-    "@types/babylon" "*"
-
-"@types/babel-generator@*":
-  version "6.25.5"
-  resolved "https://registry.yarnpkg.com/@types/babel-generator/-/babel-generator-6.25.5.tgz#b02723fd589349b05524376e5530228d3675d878"
-  integrity sha512-lhbwMlAy5rfWG+R6l8aPtJdEFX/kcv6LMFIuvUb0i89ehqgD24je9YcB+0fRspQhgJGlEsUImxpw4pQeKS/+8Q==
-  dependencies:
-    "@types/babel-types" "*"
-
-"@types/babel-template@*":
-  version "6.25.2"
-  resolved "https://registry.yarnpkg.com/@types/babel-template/-/babel-template-6.25.2.tgz#3c4cde02dbcbbf461a58d095a9f69f35eabd5f06"
-  integrity sha512-QKtDQRJmAz3Y1HSxfMl0syIHebMc/NnOeH/8qeD0zjgU2juD0uyC922biMxCy5xjTNvHinigML2l8kxE8eEBmw==
-  dependencies:
-    "@types/babel-types" "*"
-    "@types/babylon" "*"
-
-"@types/babel-traverse@*":
-  version "6.25.7"
-  resolved "https://registry.yarnpkg.com/@types/babel-traverse/-/babel-traverse-6.25.7.tgz#bc75fce23d8394534562a36a32dec94a54d11835"
-  integrity sha512-BeQiEGLnVzypzBdsexEpZAHUx+WucOMXW6srEWDkl4SegBlaCy+iBvRO+4vz6EZ+BNQg22G4MCdDdvZxf+jW5A==
-  dependencies:
-    "@types/babel-types" "*"
-
-"@types/babel-types@*":
-  version "7.0.11"
-  resolved "https://registry.yarnpkg.com/@types/babel-types/-/babel-types-7.0.11.tgz#263b113fa396fac4373188d73225297fb86f19a9"
-  integrity sha512-pkPtJUUY+Vwv6B1inAz55rQvivClHJxc9aVEPPmaq2cbyeMLCiDpbKpcKyX4LAwpNGi+SHBv0tHv6+0gXv0P2A==
-
-"@types/babylon@*":
-  version "6.16.6"
-  resolved "https://registry.yarnpkg.com/@types/babylon/-/babylon-6.16.6.tgz#a1e7e01567b26a5ebad321a74d10299189d8d932"
-  integrity sha512-G4yqdVlhr6YhzLXFKy5F7HtRBU8Y23+iWy7UKthMq/OSQnL1hbsoeXESQ2LY8zEDlknipDG3nRGhUC9tkwvy/w==
-  dependencies:
-    "@types/babel-types" "*"
-
 "@types/body-parser@*":
   version "1.19.0"
   resolved "https://registry.npmjs.org/@types/body-parser/-/body-parser-1.19.0.tgz"
@@ -3042,15 +2997,6 @@
     "@types/scheduler" "*"
     csstype "^3.0.2"
 
-"@types/react@^18.0.28":
-  version "18.0.28"
-  resolved "https://registry.yarnpkg.com/@types/react/-/react-18.0.28.tgz#accaeb8b86f4908057ad629a26635fe641480065"
-  integrity sha512-RD0ivG1kEztNBdoAK7lekI9M+azSnitIn85h4iOiaLjaTrMjzslhaqCGaI4IyCJ1RljWiLCEu4jyrLLgqxBTew==
-  dependencies:
-    "@types/prop-types" "*"
-    "@types/scheduler" "*"
-    csstype "^3.0.2"
-
 "@types/[email protected]":
   version "1.20.2"
   resolved "https://registry.yarnpkg.com/@types/resolve/-/resolve-1.20.2.tgz#97d26e00cd4a0423b4af620abecf3e6f442b7975"
@@ -3214,10 +3160,10 @@ acorn@^8.4.1, acorn@^8.5.0, acorn@^8.8.0:
   resolved "https://registry.yarnpkg.com/acorn/-/acorn-8.8.2.tgz#1b2f25db02af965399b9776b0c2c391276d37c4a"
   integrity sha512-xjIYgE8HBrkpd/sJqOGNspf8uHG+NOHGOw6a/Urj8taM2EXfdNAH2oFcPeIFfsv3+kz/mJrS5VuMqbNLjCa2vw==
 
-adminjs@^7.0.0:
-  version "7.0.0"
-  resolved "https://registry.yarnpkg.com/adminjs/-/adminjs-7.0.0.tgz#5dad16fcdd91dfe9fd84402b3e109f9fdbb74534"
-  integrity sha512-6cvr04yhPpoqpK9lfy5ohxHMUI+J9lDZbRScyqzmpPTZ4P8E68unZekixx7nAGXFBmhixP5+CumLNpCNzcUeGA==
+adminjs@^7.4.0:
+  version "7.4.0"
+  resolved "https://registry.yarnpkg.com/adminjs/-/adminjs-7.4.0.tgz#9551c79ac1b6047f1cc86ac1525e01660fea954a"
+  integrity sha512-GKot4WNEe5aQN2MLkSR216N0oE9KrpJ+COwPrYhRlF42wUMiQucwQbq36VfMb/ZsiEpF3SfBdSa9Qi6EApR0WQ==
   dependencies:
     "@adminjs/design-system" "^4.0.0"
     "@babel/core" "^7.21.0"
@@ -3236,8 +3182,6 @@ adminjs@^7.0.0:
     "@rollup/plugin-node-resolve" "^15.0.1"
     "@rollup/plugin-replace" "^5.0.2"
     "@rollup/plugin-terser" "^0.4.0"
-    "@types/babel-core" "^6.25.7"
-    "@types/react" "^18.0.28"
     axios "^1.3.4"
     commander "^10.0.0"
     flat "^5.0.2"
@@ -3248,6 +3192,7 @@ adminjs@^7.0.0:
     ora "^6.2.0"
     prop-types "^15.8.1"
     punycode "^2.3.0"
+    qs "^6.11.1"
     react "^18.2.0"
     react-dom "^18.2.0"
     react-feather "^2.0.10"
@@ -8300,6 +8245,13 @@ qs@^6.11.0:
   dependencies:
     side-channel "^1.0.4"
 
+qs@^6.11.1:
+  version "6.11.2"
+  resolved "https://registry.yarnpkg.com/qs/-/qs-6.11.2.tgz#64bea51f12c1f5da1bc01496f48ffcff7c69d7d9"
+  integrity sha512-tDNIz22aBzCDxLtVH++VnTfzxlfeK5CbqohpSqpJgj1Wg/cQbStNAz3NuqCs5vV+pjBsK4x4pN9HlVh7rcYRiA==
+  dependencies:
+    side-channel "^1.0.4"
+
 quick-lru@^4.0.1:
   version "4.0.1"
   resolved "https://registry.npmjs.org/quick-lru/-/quick-lru-4.0.1.tgz"