Plat-JIRA-152

web-assets/auth0/dev-tenant/database/create.js

@@ -0,0 +1,124 @@
+/*function create(user, callback) {
+  // This script should create a user entry in your existing database. It will
+  // be executed when a user attempts to sign up, or when a user is created
+  // through the Auth0 dashboard or API.
+  // When this script has finished executing, the Login script will be
+  // executed immediately afterwards, to verify that the user was created
+  // successfully.
+  //
+  // The user object will always contain the following properties:
+  // * email: the user's email
+  // * password: the password entered by the user, in plain text
+  // * tenant: the name of this Auth0 account
+  // * client_id: the client ID of the application where the user signed up, or
+  //              API key if created through the API or Auth0 dashboard
+  // * connection: the name of this database connection
+  //
+  // There are three ways this script can finish:
+  // 1. A user was successfully created
+  //     callback(null);
+  // 2. This user already exists in your database
+  //     callback(new ValidationError("user_exists", "my error message"));
+  // 3. Something went wrong while trying to reach your database
+  //     callback(new Error("my error message"));
+
+  const msg = 'Please implement the Create script for this database connection ' +
+    'at https://manage.auth0.com/#/connections/database';
+  return callback(new Error(msg)); */
+function create(user, callback) {
+    //console.log("landed here...................................");
+    var countryObj = JSON.parse(user.user_metadata.country);
+    var regSource = user.user_metadata.regSource;
+    var utmSource = user.user_metadata.utmSource;
+    var utmMedium = user.user_metadata.utmMedium;
+    var utmCampaign = user.user_metadata.utmCampaign;
+    var retUrl = user.user_metadata.returnUrl;
+    var afterActivationURL = retUrl != null ? retUrl : "https://" + configuration.DOMAIN + "/home";
+    if (regSource === configuration.REG_BUSINESS) {
+        afterActivationURL = "https://connect." + configuration.DOMAIN;
+    }
+    var data = {
+        "param": {
+            "handle": user.username,
+            "email": user.email,
+            "credential": {
+                "password": user.password
+            },
+            "firstName": user.user_metadata.firstName,
+            "lastName": user.user_metadata.lastName,
+            "country": {
+                "code": countryObj.code,
+                "isoAlpha3Code": countryObj.alpha3,
+                "isoAlpha2Code": countryObj.alpha2
+            },
+            "regSource": regSource,
+            "utmSource": utmSource,
+            "utmMedium": utmMedium,
+            "utmCampaign": utmCampaign,
+        },
+        "options": {
+            "afterActivationURL": encodeURIComponent(afterActivationURL)
+        }
+    };
+    //console.log("SignUp....", user, data);
+    request.post({
+        url: "https://api." + configuration.DOMAIN + "/v3/users",
+        json: data
+        //for more options check:
+        //https://github.com/mikeal/request#requestoptions-callback
+    }, function (err, response, body) {
+
+        // console.log(err);
+        // console.log(response.statusCode);
+        // console.log(body.result.content);
+
+        if (err) return callback(err);
+        console.log(body.result.content);
+        if (response.statusCode !== 200) {
+            //return callback(new ValidationError("lock.fallback",body.result.content));
+            const error_message = body.result.content;
+            let code = "lock.fallback";
+
+            if (error_message.search("Handle may not contain a space") !== -1) {
+                code = "handle_invalid_space";
+            } else if (error_message.search("Length of Handle in character should be between 2 and 15") !== -1) {
+                code = "handle_invalid_length";
+            } else if (error_message.search("Please choose another handle, not starting with admin") !== -1) {
+                code = "handle_invalid_startwith_admin";
+            } else if (error_message.search('Handle may contain only letters, numbers and') !== -1) {
+                code = "handle_invalid_constains_forbidden_char";
+            } else if (error_message.search("Handle may not contain only punctuation") !== -1) {
+                code = "handle_invalid_conatins_only_punctuation";
+            } else if (error_message.search("The user already exists") !== -1) {
+                code = "user_exists";
+            } else if (error_message.search("has already been taken") !== -1) {
+                code = "user_exists";
+            }
+
+
+
+            return callback(new ValidationError(code, error_message));
+
+            //return callback(new Error(body.result.content));
+        }
+        //if (response.statusCode === 401) return callback();
+       /* const Analytics = require('analytics-node');
+        const _ = require('lodash');
+        var analytics = new Analytics('bkPtWMUMTYDhww2zsJluzxtdhtmSsyd9');
+        analytics.identify({
+            anonymousId: 'signup',
+            traits: {
+                user: _.omit(user, ['credential', 'password'])
+            }
+        });
+        analytics.track({
+            anonymousId: 'BXWXUWnilVUPdN01t2Se29Tw2ZYNGZvH',
+            event: 'signUp',
+            properties: _.omit(user, ['credential', 'password'])
+        });*/
+        callback(null);
+    }); //end post request 
+    //callback(null);
+}
+
+//}

web-assets/auth0/dev-tenant/database/login.js

@@ -0,0 +1,61 @@
+function login(handleOrEmail, password, callback) {
+    // This script should authenticate a user against the credentials stored in
+    // your database.
+    // It is executed when a user attempts to log in or immediately after signing
+    // up (as a verification that the user was successfully signed up).
+    //
+    // Everything returned by this script will be set as part of the user profile
+    // and will be visible by any of the tenant admins. Avoid adding attributes
+    // with values such as passwords, keys, secrets, etc.
+    //
+    // The `password` parameter of this function is in plain text. It must be
+    // hashed/salted to match whatever is stored in your database. For example:
+    //
+    //     var bcrypt = require('bcrypt@0.8.5');
+    //     bcrypt.compare(password, dbPasswordHash, function(err, res)) { ... }
+    //
+    // There are three ways this script can finish:
+    // 1. The user's credentials are valid. The returned user profile should be in
+    // the following format: https://auth0.com/docs/users/normalized/auth0/normalized-user-profile-schema
+    //     var profile = {
+    //       user_id: ..., // user_id is mandatory
+    //       email: ...,
+    //       [...]
+    //     };
+    //     callback(null, profile);
+    // 2. The user's credentials are invalid
+    //     callback(new WrongUsernameOrPasswordError(email, "my error message"));
+    // 3. Something went wrong while trying to reach your database
+    //     callback(new Error("my error message"));
+    //
+    // A list of Node.js modules which can be referenced is available here:
+    //
+    //    https://tehsis.github.io/webtaskio-canirequire/
+  request.post({
+      url:  "https://api."+configuration.DOMAIN+"/v3/users/login",
+      form: {
+        handleOrEmail: handleOrEmail,
+        password: password
+      }
+      //for more options check: https://github.com/mikeal/request#requestoptions-callback
+    }, function (err, response, body) {
+      console.log("response..............", err,response.statusCode);
+      if (err) return callback(err);
+      if (response.statusCode === 401) return callback();
+      var user = JSON.parse(body);
+      user.result.content.roles = user.result.content.roles.map(function(role) {
+        return role.roleName;
+      });
+
+      callback(null,   {
+        user_id: user.result.content.id,
+        nickname: user.result.content.handle,
+        email: user.result.content.email,
+        handle:user.result.content.handle,
+        roles: user.result.content.roles,
+        email_verified: user.result.content.emailActive,
+        created_at: user.result.content.createdAt
+      });
+    });
+  }
+

web-assets/auth0/dev-tenant/rules/custom.js

@@ -0,0 +1,78 @@
+
+function (user, context, callback) {
+    if (context.clientID === configuration.CLIENT_ACCOUNTS_LOGIN) { // 
+        const _ = require('lodash');
+
+      // TODO: implement your rule
+        //  if (context.protocol === "redirect-callback") {
+                            // User was redirected to the /continue endpoint
+        if (context.redirect) { 
+          return callback(null, user, context);
+          // returnning from here no need to check further  
+        }
+       // otherwise to nothing 
+
+        console.log("Enter Rule: Custom-Claims");
+        let handle = _.get(user, "handle", null);
+        const provider = _.get(user, "identities[0].provider", null);
+        if (!handle && provider === "auth0") {
+          handle = _.get(user, "nickname", null);
+        }
+        console.log("Fetch roles for email/handle: ", user.email, handle, provider);
+
+        global.AUTH0_CLAIM_NAMESPACE = "https://" + configuration.DOMAIN + "/";
+        try {
+            request.post({
+                url: 'https://api.' + configuration.DOMAIN + '/v3/users/roles',
+                form: {
+                    email: user.email,
+                    handle: handle
+                }
+            }, function (err, response, body) {
+                console.log("called topcoder api for role: response status - ", response.statusCode);
+                if (err) return callback(err, user, context);
+                if (response.statusCode !== 200) {
+                  return callback('Login Error: Whoops! Something went wrong. Looks like your registered email has discrepancy with Authentication. Please connect to our support <a href="mailto:support@topcoder.com">support@topcoder.com</a>. Back to application ', user, context);
+                }
+
+                let res = JSON.parse(body);
+                // TODO need to double sure about multiple result or no result 
+                let userId = res.result.content.id;
+                let handle = res.result.content.handle;
+                let roles = res.result.content.roles.map(function (role) {
+                    return role.roleName;
+                });
+                let userStatus = res.result.content.active; // true/false 
+
+                // TEMP
+                let tcsso = res.result.content.regSource || '';
+
+                context.idToken[global.AUTH0_CLAIM_NAMESPACE + 'roles'] = roles;
+                context.idToken[global.AUTH0_CLAIM_NAMESPACE + 'userId'] = userId;
+                context.idToken[global.AUTH0_CLAIM_NAMESPACE + 'handle'] = handle;
+                context.idToken[global.AUTH0_CLAIM_NAMESPACE + 'user_id'] = user.identities[0].provider + "|" + userId;
+                context.idToken[global.AUTH0_CLAIM_NAMESPACE + 'tcsso'] = tcsso;
+                context.idToken[global.AUTH0_CLAIM_NAMESPACE + 'active'] = userStatus;
+                context.idToken.nickname = handle;
+                //console.log(user, context);
+                if (!userStatus) {
+                   context.redirect = {
+      								url: `https://accounts-auth0.${configuration.DOMAIN}/check_email.html`
+    						    };
+                  return callback(null, user, context);
+                }
+                if (!userStatus && context.login_counts > 1) {
+                  return callback('Login Alert: Please verify your email first! Please connect to our support <a href="mailto:support@topcoder.com">support@topcoder.com</a>. Back to application ', user, context);
+                }
+                return callback(null, user, context);
+            }
+            );
+        } catch (e) {
+            console.log("Error in calling user roles" + e);
+            return callback("Something went worng!. Please retry.", user, context);
+        }
+    } else {
+        // for other apps do nothing 
+        return callback(null, user, context);
+    }
+}