Fix #26 Customization of the OAuth flow page rendering (#27)

seratch · Apr 20, 2024 · f81af83 · f81af83
1 parent dc1deb2
commit f81af83
Show file tree

Hide file tree

Showing 12 changed files with 398 additions and 207 deletions.
diff --git a/src/index.ts b/src/index.ts
@@ -23,15 +23,15 @@ export * from "./context/context";
 
 export * from "./oauth-app";
 export * from "./oauth/authorize-url-generator";
-export * from "./oauth/callback";
+export * from "./oauth/hook";
 export * from "./oauth/escape-html";
 export * from "./oauth/installation";
 export * from "./oauth/installation-store";
 export * from "./oauth/oauth-page-renderer";
 export * from "./oauth/state-store";
 
 export * from "./oidc/authorize-url-generator";
-export * from "./oidc/callback";
+export * from "./oidc/hook";
 export * from "./oidc/login";
 
 export * from "./request/request-body";

diff --git a/src/oauth-app.ts b/src/oauth-app.ts
@@ -22,11 +22,11 @@ import {
   defaultOAuthStart,
   defaultOnFailure,
   defaultOnStateValidationError,
-} from "./oauth/callback";
+} from "./oauth/hook";
 import {
   OpenIDConnectCallback,
   defaultOpenIDConnectCallback,
-} from "./oidc/callback";
+} from "./oidc/hook";
 import { generateOIDCAuthorizeUrl } from "./oidc/authorize-url-generator";
 import {
   InstallationError,
@@ -35,6 +35,11 @@ import {
   InstallationStoreError,
   OpenIDConnectError,
 } from "./oauth/error-codes";
+import {
+  OAuthStartPageRenderer,
+  OAuthCompletionPageRenderer,
+  OAuthErrorPageRenderer,
+} from "./oauth/oauth-page-renderer";
 
 /**
  * Options for initializing SlackOAuthApp instance.
@@ -64,10 +69,15 @@ export interface SlackOAuthAppOptions<E extends SlackOAuthEnv> {
     beforeInstallation?: BeforeInstallation;
     afterInstallation?: AfterInstallation;
     onFailure?: OnFailure;
+    onFailureRenderer?: OAuthErrorPageRenderer;
     onStateValidationError?: OnStateValidationError;
+    onStateValidationRenderer?: OAuthErrorPageRenderer;
     redirectUri?: string;
     start?: OAuthStart;
+    startImmediateRedirect?: boolean; // default: true
+    startRenderer?: OAuthStartPageRenderer;
     callback?: OAuthCallback;
+    callbackRenderer?: OAuthCompletionPageRenderer;
   };
 
   /**
@@ -78,9 +88,15 @@ export interface SlackOAuthAppOptions<E extends SlackOAuthEnv> {
   oidc?: {
     stateCookieName?: string;
     start?: OAuthStart;
+    startImmediateRedirect?: boolean; // default: true
+    startRenderer?: OAuthStartPageRenderer;
+    // We intentionally don't provide callbackRenderer
+    // because your app will need to handle the whole response to make it meaningful
     callback: OpenIDConnectCallback;
     onFailure?: OnFailure;
+    onFailureRenderer?: OAuthErrorPageRenderer;
     onStateValidationError?: OnStateValidationError;
+    onStateValidationRenderer?: OAuthErrorPageRenderer;
     redirectUri?: string;
   };
 
@@ -168,22 +184,42 @@ export class SlackOAuthApp<E extends SlackOAuthEnv> extends SlackApp<E> {
     this.oauth = {
       stateCookieName:
         options.oauth?.stateCookieName ?? "slack-app-oauth-state",
-      onFailure: options.oauth?.onFailure ?? defaultOnFailure,
+      onFailure:
+        options.oauth?.onFailure ??
+        defaultOnFailure(options.oauth?.onFailureRenderer),
       onStateValidationError:
-        options.oauth?.onStateValidationError ?? defaultOnStateValidationError,
+        options.oauth?.onStateValidationError ??
+        defaultOnStateValidationError(options.oauth?.onStateValidationRenderer),
       redirectUri: options.oauth?.redirectUri ?? this.env.SLACK_REDIRECT_URI,
-      start: options.oauth?.start ?? defaultOAuthStart,
+      start:
+        options.oauth?.start ??
+        defaultOAuthStart(
+          options.oauth?.startImmediateRedirect,
+          options.oauth?.startRenderer,
+        ),
       beforeInstallation: options.oauth?.beforeInstallation,
       afterInstallation: options.oauth?.afterInstallation,
-      callback: options.oauth?.callback ?? defaultOAuthCallback,
+      callback:
+        options.oauth?.callback ??
+        defaultOAuthCallback(options.oauth?.callbackRenderer),
     };
     if (options.oidc) {
       this.oidc = {
         stateCookieName: options.oidc.stateCookieName ?? "slack-app-oidc-state",
-        onFailure: options.oidc.onFailure ?? defaultOnFailure,
+        onFailure:
+          options.oidc.onFailure ??
+          defaultOnFailure(options.oidc?.onFailureRenderer),
         onStateValidationError:
-          options.oidc.onStateValidationError ?? defaultOnStateValidationError,
-        start: options.oidc?.start ?? defaultOAuthStart,
+          options.oidc.onStateValidationError ??
+          defaultOnStateValidationError(
+            options.oidc?.onStateValidationRenderer,
+          ),
+        start:
+          options.oidc?.start ??
+          defaultOAuthStart(
+            options.oidc?.startImmediateRedirect,
+            options.oidc?.startRenderer,
+          ),
         callback: options.oidc.callback ?? defaultOpenIDConnectCallback,
         redirectUri:
           options.oidc.redirectUri ?? this.env.SLACK_OIDC_REDIRECT_URI,

diff --git a/src/oauth/callback.ts → src/oauth/hook.ts b/src/oauth/callback.ts → src/oauth/hook.ts
@@ -2,9 +2,12 @@ import { OAuthV2AccessResponse } from "slack-web-api-client";
 import { InvalidStateParameter, OAuthErrorCode } from "./error-codes";
 import { Installation } from "./installation";
 import {
-  renderDefaultCompletionPage,
-  renderDefaultErrorPage,
-  renderDefaultStartPage,
+  OAuthCompletionPageRenderer,
+  OAuthErrorPageRenderer,
+  renderDefaultOAuthCompletionPage,
+  renderDefaultOAuthErrorPage,
+  renderDefaultOAuthStartPage,
+  OAuthStartPageRenderer,
 } from "./oauth-page-renderer";
 import { LoggingEnv } from "../app-env";
 
@@ -57,21 +60,24 @@ export type OnStateValidationError = (
 
 /**
  * The default onStateValidationError implementation.
- * @param startPath the path to start the OAuth flow again
- * @returns response
  */
-// deno-lint-ignore require-await
-export const defaultOnStateValidationError: OnStateValidationError = async ({
-  startPath,
-}) => {
-  return new Response(
-    renderDefaultErrorPage(startPath, InvalidStateParameter),
-    {
-      status: 400,
-      headers: { "Content-Type": "text/html; charset=utf-8" },
-    },
-  );
-};
+export function defaultOnStateValidationError(
+  renderer?: OAuthErrorPageRenderer,
+): OnStateValidationError {
+  return async ({ startPath }) => {
+    const renderPage = renderer ?? renderDefaultOAuthErrorPage;
+    return new Response(
+      await renderPage({
+        installPath: startPath,
+        reason: InvalidStateParameter,
+      }),
+      {
+        status: 400,
+        headers: { "Content-Type": "text/html; charset=utf-8" },
+      },
+    );
+  };
+}
 
 /**
  * onFailure args
@@ -94,13 +100,15 @@ export type OnFailure = (args: OnFailureArgs) => Promise<Response>;
  * @param reason the error reason code
  * @returns response
  */
-// deno-lint-ignore require-await
-export const defaultOnFailure: OnFailure = async ({ startPath, reason }) => {
-  return new Response(renderDefaultErrorPage(startPath, reason), {
-    status: 400,
-    headers: { "Content-Type": "text/html; charset=utf-8" },
-  });
-};
+export function defaultOnFailure(renderer?: OAuthErrorPageRenderer): OnFailure {
+  return async ({ startPath, reason }) => {
+    const renderPage = renderer ?? renderDefaultOAuthErrorPage;
+    return new Response(await renderPage({ installPath: startPath, reason }), {
+      status: 400,
+      headers: { "Content-Type": "text/html; charset=utf-8" },
+    });
+  };
+}
 
 /**
  * OAuthStart args
@@ -120,26 +128,28 @@ export type OAuthStart = (args: OAuthStartArgs) => Promise<Response>;
 
 /**
  * The default OAuthStart implementation.
- * @param authorizeUrl the authorize URL to redirect the installing user
- * @param stateCookieName cookie name used for the state parameter validation
- * @param stateValue state parameter string data
- * @returns response
  */
-// deno-lint-ignore require-await
-export const defaultOAuthStart: OAuthStart = async ({
-  authorizeUrl,
-  stateCookieName,
-  stateValue,
-}) => {
-  return new Response(renderDefaultStartPage(authorizeUrl), {
-    status: 302,
-    headers: {
-      Location: authorizeUrl,
-      "Set-Cookie": `${stateCookieName}=${stateValue}; Secure; HttpOnly; Path=/; Max-Age=300`,
-      "Content-Type": "text/html; charset=utf-8",
-    },
-  });
-};
+export function defaultOAuthStart(
+  startImmediateRedirect?: boolean,
+  renderer?: OAuthStartPageRenderer,
+): OAuthStart {
+  return async ({ authorizeUrl, stateCookieName, stateValue }) => {
+    const immediateRedirect = startImmediateRedirect !== false;
+    const status = immediateRedirect ? 302 : 200;
+    const renderPage = renderer ?? renderDefaultOAuthStartPage;
+    return new Response(
+      await renderPage({ immediateRedirect, url: authorizeUrl }),
+      {
+        status,
+        headers: {
+          Location: authorizeUrl,
+          "Set-Cookie": `${stateCookieName}=${stateValue}; Secure; HttpOnly; Path=/; Max-Age=300`,
+          "Content-Type": "text/html; charset=utf-8",
+        },
+      },
+    );
+  };
+}
 
 /**
  * OAuthCallback args
@@ -159,30 +169,26 @@ export type OAuthCallback = (args: OAuthCallbackArgs) => Promise<Response>;
 
 /**
  * The default OAuthCallback implementation.
- * @param oauthAccess oauth.v2.access API response
- * @param enterpriseUrl the management console URL for Enterprise Grid admins
- * @param stateCookieName cookie name used for the state parameter validation
- * @returns response
  */
-// deno-lint-ignore require-await
-export const defaultOAuthCallback: OAuthCallback = async ({
-  oauthAccess,
-  enterpriseUrl,
-  stateCookieName,
-}) => {
-  return new Response(
-    renderDefaultCompletionPage(
-      oauthAccess.app_id!,
-      oauthAccess.team?.id!,
-      oauthAccess.is_enterprise_install,
-      enterpriseUrl,
-    ),
-    {
-      status: 200,
-      headers: {
-        "Set-Cookie": `${stateCookieName}=deleted; Secure; HttpOnly; Path=/; Max-Age=0`,
-        "Content-Type": "text/html; charset=utf-8",
+export function defaultOAuthCallback(
+  renderer?: OAuthCompletionPageRenderer,
+): OAuthCallback {
+  return async ({ oauthAccess, enterpriseUrl, stateCookieName }) => {
+    const renderPage = renderer ?? renderDefaultOAuthCompletionPage;
+    return new Response(
+      await renderPage({
+        appId: oauthAccess.app_id!,
+        teamId: oauthAccess.team?.id!,
+        isEnterpriseInstall: oauthAccess.is_enterprise_install,
+        enterpriseUrl,
+      }),
+      {
+        status: 200,
+        headers: {
+          "Set-Cookie": `${stateCookieName}=deleted; Secure; HttpOnly; Path=/; Max-Age=0`,
+          "Content-Type": "text/html; charset=utf-8",
+        },
       },
-    },
-  );
-};
+    );
+  };
+}