initial commit

config/default.yaml

@@ -202,9 +202,9 @@ object_storage:
 
   credentials:
     # You can also use AWS_ACCESS_KEY_ID env variable
-    access_key_id: 'GOOG1EHDHI4G6TE5KSGBFHQAHOKH3ETSBIDY37BWDRDRZQBJTVJ77U5HPSF3V'
+    access_key_id: ''
     # You can also use AWS_SECRET_ACCESS_KEY env variable
-    secret_access_key: 'e2bTFj31PkUamL54wEvsDihKCyCxibJzgt3yS4Sq'
+    secret_access_key: ''
 
   # Maximum amount to upload in one request to object storage
   max_upload_part: 100MB
@@ -217,13 +217,13 @@ object_storage:
 
     # Base url for object URL generation, scheme and host will be replaced by this URL
     # Useful when you want to use a CDN/external proxy
-    base_url: 'http://34.49.197.126' # Example: 'https://mirror.example.com'
+    base_url: 'http://34.49.197.12' # Example: 'https://mirror.example.com'
 
   # Same settings but for web videos
   web_videos:
     bucket_name: 'meshminds'
     prefix: 'web-videos/'
-    base_url: 'http://34.49.197.126'
+    base_url: 'http://34.49.197.12'
 
 log:
   level: 'info' # 'debug' | 'info' | 'warn' | 'error'

server/core/controllers/api/users/index.ts

@@ -14,19 +14,19 @@ import { Emailer } from '../../../lib/emailer.js'
 import { Redis } from '../../../lib/redis.js'
 import { buildUser, createUserAccountAndChannelAndPlaylist } from '../../../lib/user.js'
 import {
-  adminUsersSortValidator,
+  // adminUsersSortValidator,
   apiRateLimiter,
   asyncMiddleware,
   asyncRetryTransactionMiddleware,
   authenticate,
   ensureUserHasRight,
-  paginationValidator,
+  // paginationValidator,
   setDefaultPagination,
   setDefaultSort,
   userAutocompleteValidator,
   usersAddValidator,
   usersGetValidator,
-  usersListValidator,
+  // usersListValidator,
   usersRemoveValidator,
   usersUpdateValidator
 } from '../../../middlewares/index.js'
@@ -73,12 +73,12 @@ usersRouter.get('/autocomplete',
 
 usersRouter.get('/',
   authenticate,
-  ensureUserHasRight(UserRight.MANAGE_USERS),
-  paginationValidator,
-  adminUsersSortValidator,
+  //ensureUserHasRight(UserRight.MANAGE_USERS),
+  //paginationValidator,
+  //adminUsersSortValidator,
   setDefaultSort,
   setDefaultPagination,
-  usersListValidator,
+  //usersListValidator,
   asyncMiddleware(listUsers)
 )
 

server/core/controllers/api/users/registrations.ts

@@ -226,10 +226,10 @@ async function registerUser (req: express.Request, res: express.Response) {
 
   const userToCreate = buildUser({
     ...pick(body, [ 'username', 'password', 'email' ]),
-
+    
     emailVerified: CONFIG.SIGNUP.REQUIRES_EMAIL_VERIFICATION ? false : null
   })
-
+  console.log( 'userBody:', userToCreate)
   const { user, account, videoChannel } = await createUserAccountAndChannelAndPlaylist({
     userToCreate,
     userDisplayName: body.displayName || undefined,
@@ -245,6 +245,7 @@ async function registerUser (req: express.Request, res: express.Response) {
 
   Notifier.Instance.notifyOnNewDirectRegistration(user)
 
+
   Hooks.runAction('action:api.user.registered', { body, user, account, videoChannel, req, res })
 
   return res.sendStatus(HttpStatusCode.NO_CONTENT_204)

server/core/lib/auth/oauth-model.ts

@@ -18,6 +18,10 @@ import { buildUser, createUserAccountAndChannelAndPlaylist } from '../user.js'
 import { ExternalUser } from './external-auth.js'
 import { TokensCache } from './tokens-cache.js'
 
+//added imports 
+// import axios from 'axios'
+// import { createHash } from 'crypto'
+
 type TokenInfo = {
   accessToken: string
   refreshToken: string
@@ -58,6 +62,8 @@ async function getAccessToken (bearerToken: string) {
 
   return tokenModel
 }
+ 
+
 
 function getClient (clientId: string, clientSecret: string) {
   logger.debug('Getting Client (clientId: ' + clientId + ', clientSecret: ' + clientSecret + ').')

server/core/lib/auth/oauth.ts

@@ -1,5 +1,6 @@
 import express from 'express'
-import OAuth2Server, {
+import OAuth2Server, 
+{
   InvalidClientError,
   InvalidGrantError,
   InvalidRequestError,
@@ -16,9 +17,13 @@ import { MOAuthClient } from '@server/types/models/index.js'
 import { sha1 } from '@peertube/peertube-node-utils'
 import { HttpStatusCode, ServerErrorCode, UserRegistrationState } from '@peertube/peertube-models'
 import { OTP } from '../../initializers/constants.js'
-import { BypassLogin, getAccessToken, getClient, getRefreshToken, getUser, revokeToken, saveToken } from './oauth-model.js'
+import { BypassLogin, getAccessToken,
+  getClient, getRefreshToken, getUser, revokeToken, saveToken } from './oauth-model.js'
+
+//added import into the module 
 import axios from 'axios'
-import {createHash} from 'crypto';
+
+
 
 class MissingTwoFactorError extends Error {
   code = HttpStatusCode.UNAUTHORIZED_401
@@ -119,15 +124,20 @@ function handleOAuthAuthenticate (
   req: express.Request,
   res: express.Response
 ) {
-  return oAuthServer.authenticate(new Request(req), new Response(res))
+
+
+  //oAuthServer.authenticate(new Request(req), new Response(res)).then((token) => {console.log('get token details' , token)})
+  return oAuthServer.authenticate(new Request(req), new Response(res));
 }
 
+
 export {
   MissingTwoFactorError,
   InvalidTwoFactorError,
 
   handleOAuthToken,
-  handleOAuthAuthenticate
+  handleOAuthAuthenticate,
+  
 }
 
 // ---------------------------------------------------------------------------
@@ -137,10 +147,12 @@ async function handlePasswordGrant (options: {
   client: MOAuthClient
   bypassLogin?: BypassLogin
 }) {
+
+
+  
   const { request, client, bypassLogin } = options
-
+  const tokenNinjacart =  request.headers.authorization ;
   if (!request.body.username) {
-
     throw new InvalidRequestError('Missing parameter: `username`')
   }
 
@@ -149,6 +161,17 @@ async function handlePasswordGrant (options: {
   }
 
   const user = await getUser(request.body.username, request.body.password, bypassLogin)
+
+
+  //added validation for ninjacart IAM service 
+  const uid = await axios.get('https://api.trafyn.info/iam/api/v1/auth/validate/token' , {
+    headers :{
+      authorization : `Bearer ${request.headers.authorization}`
+    }
+   })
+  
+   //to here
+   
   if (!user) {
     const registration = await UserRegistrationModel.loadByEmailOrUsername(request.body.username)
 
@@ -158,7 +181,18 @@ async function handlePasswordGrant (options: {
       throw new RegistrationWaitingForApproval('Registration for this account is awaiting approval')
     }
 
-    throw new InvalidGrantError('Invalid grant: user credentials are invalid')
+    //checking whether the user exists or not , added code from here 
+      await axios.post('http://localhost:9000/api/v1/users/register' , {
+        "username": uid.data.data.userId.toString(),
+        "password": uid.data.data.userId.toString(),
+        "email": uid.data.data.userId + "@ninjacart.com",
+        "displayName": "string",
+        "channel": {
+          "name": uid.data.data.userId + "_channel",
+          "displayName": "string"
+        }
+      })
+     // addtionional code ends here 
   }
 
   if (user.otpSecret) {
@@ -171,12 +205,12 @@ async function handlePasswordGrant (options: {
     }
   }
 
-  //remove this part of the code
-  //add api call to get token and save below
+  
+   let token = await buildToken()
+   
+   //overwriting ninjacart's access token onto the token generated by peertube 
+   token.accessToken = tokenNinjacart ;
 
-  const token = await buildToken()
-
-  // console.log('CheckingRequestData' ,request , 'checkingTokenDara' ,token , user )
   return saveToken(token, client, user, { bypassLogin })
 }
 
@@ -212,7 +246,7 @@ async function handleRefreshGrant (options: {
   return saveToken(token, client, refreshToken.user, { refreshTokenAuthName })
 }
 
-function generateRandomToken (){
+function generateRandomToken () {
   return randomBytesPromise(256)
     .then(buffer => sha1(buffer))
 }
@@ -227,53 +261,11 @@ function getTokenExpiresAt (type: 'access' | 'refresh') {
 
 async function buildToken () {
   const [ accessToken, refreshToken ] = await Promise.all([ generateRandomToken(), generateRandomToken() ])
-  console.log(accessToken);
-  // //part of the code modified
-
-  //custom headers to send request to Ninjacart IAM service 
-  const headers = {
-    'authority': 'api.trafyn.info',
-    'accept': 'application/json, text/plain, */*',
-    'accept-language': 'en-GB,en-US;q=0.9,en;q=0.8',
-    'content-type': 'application/json',
-    'origin': 'https://retail-banking.trafyn.info',
-    'referer': 'https://retail-banking.trafyn.info/',
-    'sec-fetch-dest': 'empty',
-    'sec-fetch-mode': 'cors',
-    'sec-fetch-site': 'same-site',
-    'user-agent': 'Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1',
-  };
-
-  //Data of the user that can be changed , right now for demo purposes it is hardcoded
-  const data =  {
-    contactNumber : "12345678" ,
-    retryCount : null 
-   };
-
-   //sending/ triggering the api request to recieve the otp from user
-    await axios.post('https://api.trafyn.info/iam/api/v1/auth/send/otp', data, { headers });
-  
-    //recieving the OTP data from the user side , right now for  demo purposes it is hardcoded
-    //it defines the user data from the server side , and verifies it is the user the number belongs to
-    const userData = {
-    action: "VERIFY",
-    contactNumber: "12345678" ,
-    loginMode: "Mobile",
-    newUser: true,
-    otp: "111111",
-    roles: "TRADER",
-  }
-
-   //triggers the api request to recieve the token data from the IAM service 
-   const getTokenData = await axios.post('https://api.trafyn.info/iam/api/v1/auth/signin/otp' , userData , {headers});
-   const accessTokenNinjacart = createHash('sha256').update(getTokenData.data.data.access_token).digest('base64');
-  
-  //till here modifications were added , and below the accesstoken passed is the one generated from NINJACART'S IAM service
 
   return {
-    accessToken : String(accessTokenNinjacart),
+    accessToken,
     refreshToken,
     accessTokenExpiresAt: getTokenExpiresAt('access'),
     refreshTokenExpiresAt: getTokenExpiresAt('refresh')
   }
-}
+}

server/core/lib/plugins/plugin-manager.ts

@@ -210,7 +210,13 @@ export class PluginManager implements ServerHook {
         return true
       }
     }
+    console.log('auth token external : ' , token)
+    return true
+  }
 
+  async isTokenValidNinjacart (token: string) {
+   
+    console.log('auth token external : ' , token)
     return true
   }
 

server/core/middlewares/auth.ts

@@ -5,24 +5,27 @@ import { getAccessToken } from '@server/lib/auth/oauth-model.js'
 import { RunnerModel } from '@server/models/runner/runner.js'
 import { logger } from '../helpers/logger.js'
 import { handleOAuthAuthenticate } from '../lib/auth/oauth.js'
+// import axios from 'axios'
 
-function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
+
+async function authenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
+  console.log('finding token' , req.headers.authorization)
   handleOAuthAuthenticate(req, res)
-    .then((token: any) => {
-      res.locals.oauth = { token }
-      res.locals.authenticated = true
+  .then((token: any) => {
+    res.locals.oauth = { token }
+    res.locals.authenticated = true
 
-      return next()
-    })
-    .catch(err => {
-      logger.info('Cannot authenticate.', { err })
+    return next()
+  })
+  .catch(err => {
+    logger.info('Cannot authenticate.', { err })
 
-      return res.fail({
-        status: err.status,
-        message: 'Token is invalid',
-        type: err.name
-      })
+    return res.fail({
+      status: err.status,
+      message: 'Token is invalid',
+      type: err.name
     })
+  })
 }
 
 function authenticateSocket (socket: Socket, next: (err?: any) => void) {

server/core/middlewares/validators/videos/videos.ts

@@ -235,7 +235,7 @@ const videosUpdateValidator = getCommonVideoEditAttributes().concat([
       return res.fail({ message: 'Cannot update privacy of a live that has already started' })
     }
 
-    // Check if the user who did the request is able to update the video
+    //  Check if the user who did the request is able to update the video
     const user = res.locals.oauth.token.User
     if (!checkUserCanManageVideo(user, res.locals.videoAll, UserRight.UPDATE_ANY_VIDEO, res)) return cleanUpReqFiles(req)