WIP Catch and process oauth request for openhive chat

config/default.json

@@ -57,5 +57,6 @@
     "max_fee_referrer": 300,
     "max_fee_creator": 100,
     "max_fee_provider": 100
-  }
+  },
+  "opehive_oauth_origin": "https://openhive.chat" 
 }

src/app/components/modules/LoginForm.jsx

@@ -73,6 +73,8 @@ class LoginForm extends Component {
         if (this.refs.username && !this.refs.username.value) this.refs.username.focus();
         // eslint-disable-next-line react/no-string-refs
         if (this.refs.username && this.refs.username.value) this.refs.pw.focus();
+
+        this.registerOauthRequest();
     }
 
     componentDidUpdate() {
@@ -143,6 +145,14 @@ class LoginForm extends Component {
         });
     };
 
+
+    registerOauthRequest = () => {
+        const params = new URLSearchParams(window.location.search);
+        if (params.has('redirect_uri') && params.get('scope') === 'login' && params.has('state')) {
+            sessionStorage.setItem('oauth', decodeURIComponent( params.toString()));
+        }
+    }
+
     loginWithHiveSigner = () => {
         const path = window.location.pathname;
         if (path === '/login/hivesigner') {
@@ -695,9 +705,7 @@ export default connect(
             afterLoginRedirectToWelcome
         ) => {
             const { type } = loginBroadcastOperation ? loginBroadcastOperation.toJS() : {};
-
             serverApiRecordEvent('SignIn', type);
-            console.log('really submit');
             dispatch(
                 userActions.usernamePasswordLogin({
                     username,

src/app/redux/UserSaga.js

@@ -530,6 +530,29 @@ function* usernamePasswordLogin2(options) {
 
             console.log('Logging in as', username);
             const response = yield serverApiLogin(username, signatures);
+
+
+            // Check if there is an ongoing oauth process
+            // if yes, generate a token and redirect
+            // TODO: still it is unknown why this is not satisfying rocket.chat
+            // TODO: also figure out why rocket.chat doesn't come back for the last
+            // token exchange step for retrieving access_token.
+            if (sessionStorage.getItem('oauth')) {
+                try {
+                    const params = new URLSearchParams(sessionStorage.getItem('oauth'));
+                    const msg = { authors: [username], timestamp: Date.now(), signed_message: 'login' };
+                    const h = hash.sha256(JSON.stringify(msg));
+                    const signature = Signature.sign(h, private_keys.get('posting_private'));
+                    const code = Buffer.from(signature.toHex(), 'hex').toString('base64');
+                    const url = params.get('redirect_uri') + '?code=' + code + '&state=' + params.get('state') + '&username=' + username;
+
+                    window.location.href = url;
+                    sessionStorage.removeItem('oauth');
+                } catch (err) {
+                    sessionStorage.removeItem('oauth');
+                }
+            }
+
             yield response.data;
         }
     } catch (error) {

src/server/server.js

@@ -116,6 +116,24 @@ app.use(async (ctx, next) => {
         return;
     }
 
+    if (ctx.method === 'GET' && ['/oauth/authorize', '/oauth/token'].includes(ctx.URL.pathname)) {
+        // TODO: strictly check if incoming origin is "opehive_oauth_origin" from config
+        const params = new URLSearchParams(ctx.URL.search);
+        if (!params.has('state') && !params.has('redirect_uri') && !params.has('scope')) {
+            ctx.redirect('/');
+            return;
+        }
+
+        ctx.redirect('/login.html?' + params.toString());
+        return;
+    }
+    // openhive.chat token exchange
+    if (ctx.method === 'GET' && ctx.URL.pathname === '/oauth/token') {
+        const params = new URLSearchParams(ctx.URL.search);
+        console.log(params);
+        return;
+    }
+
     // redirect to home page/feed if known account
     if (ctx.method === 'GET' && ctx.url === '/' && ctx.session.a) {
         ctx.status = 302;