Enable oauth strategies only if the keys are set

For tests, the keys are set to 'none'.
Lokiedu · Nov 13, 2017 · 8767760 · 8767760
1 parent de8c2e5
commit 8767760
Show file tree

Hide file tree

Showing 3 changed files with 31 additions and 21 deletions.
diff --git a/src/api/auth.js b/src/api/auth.js
@@ -36,7 +36,6 @@ import { API_URL_PREFIX } from '../config';
 import { USER_RELATIONS } from './consts';
 
 import {
-  none,
   FACEBOOK_CLIENT_ID, FACEBOOK_CLIENT_SECRET,
   GOOGLE_CLIENT_ID, GOOGLE_CLIENT_SECRET,
   TWITTER_CONSUMER_KEY, TWITTER_CONSUMER_SECRET,
@@ -89,7 +88,7 @@ export function setUpPassport(bookshelf) {
   }));
 
   // Facebook
-  if (FACEBOOK_CLIENT_ID !== none) {
+  if (FACEBOOK_CLIENT_ID) {
     passport.use(new FacebookStrategy(
       {
         clientID: FACEBOOK_CLIENT_ID,
@@ -107,7 +106,7 @@ export function setUpPassport(bookshelf) {
 
   // Google
   // Enable Google+ api in app settings.
-  if (GOOGLE_CLIENT_ID !== none) {
+  if (GOOGLE_CLIENT_ID) {
     passport.use(new GoogleStrategy(
       {
         clientID: GOOGLE_CLIENT_ID,
@@ -124,7 +123,7 @@ export function setUpPassport(bookshelf) {
 
   // Twitter
   // Enable "Request email addresses from users" in app settings.
-  if (TWITTER_CONSUMER_KEY !== none) {
+  if (TWITTER_CONSUMER_KEY) {
     passport.use(new TwitterStrategy(
       {
         consumerKey: TWITTER_CONSUMER_KEY,
@@ -141,7 +140,7 @@ export function setUpPassport(bookshelf) {
   }
 
   // Github
-  if (GOOGLE_CLIENT_ID !== none) {
+  if (GOOGLE_CLIENT_ID) {
     passport.use(new GithubStrategy(
       {
         clientID: GITHUB_CLIENT_ID,

diff --git a/src/api/env.js b/src/api/env.js
@@ -15,8 +15,9 @@
  You should have received a copy of the GNU Affero General Public License
  along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
-const isDev = !process.env.NODE_ENV || process.env.NODE_ENV === 'development' || process.env.NODE_ENV === 'test';
-export const none = (isDev && 'none');
+const isTest = ['test', 'travis'].includes(process.env.DB_ENV);
+// Using any string as a key doesn't throw an error in passport strategies which may be useful for tests.
+export const none = (isTest && 'none');
 
 export const FACEBOOK_CLIENT_ID = process.env.FACEBOOK_CLIENT_ID || none;
 export const FACEBOOK_CLIENT_SECRET = process.env.FACEBOOK_CLIENT_SECRET || none;

diff --git a/src/api/routing.js b/src/api/routing.js
@@ -18,6 +18,7 @@
 import Router from 'koa-router';
 import multer from 'koa-multer';
 
+import { FACEBOOK_CLIENT_ID, GOOGLE_CLIENT_ID, TWITTER_CONSUMER_KEY, GITHUB_CLIENT_ID } from './env';
 import { getAuthController, getAuthProfileController, auth, setUpPassport } from './auth';
 import * as test from './controllers/test';
 import * as users from './controllers/users';
@@ -48,20 +49,29 @@ export function initApi(bookshelf) {
   api.post('/session', users.login);
 
   // Universal login/register/add provider controllers. Open in a popup.
-  api.get('/auth/facebook', getAuthController('facebook', passport, { resetOnlyProfile: true }));
-  api.get('/auth/facebook/callback', getAuthController('facebook', passport));
-  api.get('/auth/google', getAuthController('google', passport, { resetOnlyProfile: true }));
-  api.get('/auth/google/callback', getAuthController('google', passport));
-  api.get('/auth/twitter', getAuthController('twitter', passport, { resetOnlyProfile: true }));
-  api.get('/auth/twitter/callback', getAuthController('twitter', passport));
-  api.get('/auth/github', getAuthController('github', passport, { resetOnlyProfile: true }));
-  api.get('/auth/github/callback', getAuthController('github', passport));
-
-  // These do not login/create user, only respond with a oauth profile. Open in a popup.
-  api.get('/auth/profile/facebook', getAuthProfileController('facebook', passport));
-  api.get('/auth/profile/google', getAuthProfileController('google', passport));
-  api.get('/auth/profile/twitter', getAuthProfileController('twitter', passport));
-  api.get('/auth/profile/github', getAuthProfileController('github', passport));
+  // /auth/profile controllers may be used to get a user profile without authentication.
+  if (FACEBOOK_CLIENT_ID) {
+    api.get('/auth/facebook', getAuthController('facebook', passport, { resetOnlyProfile: true }));
+    api.get('/auth/facebook/callback', getAuthController('facebook', passport));
+    api.get('/auth/profile/facebook', getAuthProfileController('facebook', passport));
+  }
+  if (GOOGLE_CLIENT_ID) {
+    api.get('/auth/google', getAuthController('google', passport, { resetOnlyProfile: true }));
+    api.get('/auth/google/callback', getAuthController('google', passport));
+    api.get('/auth/profile/google', getAuthProfileController('google', passport));
+  }
+
+  if (TWITTER_CONSUMER_KEY) {
+    api.get('/auth/twitter', getAuthController('twitter', passport, { resetOnlyProfile: true }));
+    api.get('/auth/twitter/callback', getAuthController('twitter', passport));
+    api.get('/auth/profile/twitter', getAuthProfileController('twitter', passport));
+  }
+
+  if (GITHUB_CLIENT_ID) {
+    api.get('/auth/github', getAuthController('github', passport, { resetOnlyProfile: true }));
+    api.get('/auth/github/callback', getAuthController('github', passport));
+    api.get('/auth/profile/github', getAuthProfileController('github', passport));
+  }
 
   api.get('/posts', auth, posts.subscriptions);
   api.get('/posts/subscriptions/hashtag', auth, posts.hashtagSubscriptions);