mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-25 03:44:29 +03:00
Added stripe connect module to member service
no-issue This module handles the creation of a url used for authorization of Stripe Connect, and also the parsing of the data eventually received from the authorization flow.
This commit is contained in:
parent
88b4c5571d
commit
eb962d8e5c
@ -45,7 +45,9 @@ const membersService = {
|
||||
cookieName: 'ghost-members-ssr',
|
||||
cookieCacheName: 'ghost-members-ssr-cache',
|
||||
getMembersApi: () => membersService.api
|
||||
})
|
||||
}),
|
||||
|
||||
stripeConnect: require('./stripe-connect')
|
||||
};
|
||||
|
||||
module.exports = membersService;
|
||||
|
62
core/server/services/members/stripe-connect.js
Normal file
62
core/server/services/members/stripe-connect.js
Normal file
@ -0,0 +1,62 @@
|
||||
const {Buffer} = require('buffer');
|
||||
const {randomBytes} = require('crypto');
|
||||
const {URL} = require('url');
|
||||
|
||||
const STATE_PROP = 'stripe-connect-state';
|
||||
|
||||
const clientID = 'ca_8LBuZWhYshxF0A55KgCXu8PRTquCKC5x';
|
||||
const redirectURI = 'https://stripe.ghost.org';
|
||||
|
||||
/**
|
||||
* @function getStripeConnectOAuthUrl
|
||||
* @desc Returns a url for the auth endpoint for Stripe Connect, generates state and stores it on the session.
|
||||
*
|
||||
* @param {(prop: string, val: any) => Promise<void>} setSessionProp - A function to set data on the current session
|
||||
*
|
||||
* @returns {Promise<URL>}
|
||||
*/
|
||||
async function getStripeConnectOAuthUrl(setSessionProp) {
|
||||
const state = randomBytes(16).toString('hex');
|
||||
|
||||
await setSessionProp(STATE_PROP, state);
|
||||
|
||||
const authUrl = new URL('https://connect.stripe.com/oauth/authorize');
|
||||
authUrl.searchParams.set('response_type', 'code');
|
||||
authUrl.searchParams.set('scope', 'read_write');
|
||||
authUrl.searchParams.set('client_id', clientID);
|
||||
authUrl.searchParams.set('redirect_uri', redirectURI);
|
||||
authUrl.searchParams.set('state', state);
|
||||
|
||||
return authUrl;
|
||||
}
|
||||
|
||||
/**
|
||||
* @function getStripeConnectTokenData
|
||||
* @desc Returns the api keys and the livemode for a Stripe Connect integration after validating the state.
|
||||
*
|
||||
* @param {string} encodedData - A string encoding the response from Stripe Connect
|
||||
* @param {(prop: string) => Promise<any>} getSessionProp - A function to retrieve data from the current session
|
||||
*
|
||||
* @returns {Promise<{secret_key: string, public_key: string, livemode: boolean}>}
|
||||
*/
|
||||
async function getStripeConnectTokenData(encodedData, getSessionProp) {
|
||||
const data = JSON.parse(Buffer.from(encodedData, 'base64').toString());
|
||||
|
||||
const state = await getSessionProp(STATE_PROP);
|
||||
|
||||
if (state !== data.s) {
|
||||
throw new Error('State did not match');
|
||||
}
|
||||
|
||||
return {
|
||||
public_key: data.p,
|
||||
secret_key: data.a,
|
||||
livemode: data.l
|
||||
};
|
||||
}
|
||||
|
||||
module.exports = {
|
||||
getStripeConnectOAuthUrl,
|
||||
getStripeConnectTokenData,
|
||||
STATE_PROP
|
||||
};
|
61
test/unit/services/members/stripe-connect_spec.js
Normal file
61
test/unit/services/members/stripe-connect_spec.js
Normal file
@ -0,0 +1,61 @@
|
||||
const should = require('should');
|
||||
const stripeConnect = require('../../../../core/server/services/members/stripe-connect');
|
||||
|
||||
describe('Members - Stripe Connect', function () {
|
||||
it('getStripeConnectOAuthUrl returns the correct url and sets the necessary state on session and url', async function () {
|
||||
const session = new Map();
|
||||
const setSessionProp = session.set.bind(session);
|
||||
|
||||
/** @type URL */
|
||||
const url = await stripeConnect.getStripeConnectOAuthUrl(setSessionProp);
|
||||
|
||||
should.ok(url instanceof URL, 'getStripeConnectOAuthUrl should return an instance of URL');
|
||||
|
||||
should.exist(session.get(stripeConnect.STATE_PROP), 'The session should have a state set');
|
||||
|
||||
should.equal(url.origin, 'https://connect.stripe.com');
|
||||
should.equal(url.pathname, '/oauth/authorize');
|
||||
|
||||
should.equal(url.searchParams.get('response_type'), 'code');
|
||||
should.equal(url.searchParams.get('scope'), 'read_write');
|
||||
should.equal(url.searchParams.get('state'), session.get(stripeConnect.STATE_PROP));
|
||||
});
|
||||
|
||||
it('getStripeConnectTokenData returns token data when the state is correct', async function () {
|
||||
const getSessionProp = prop => 'correct_state';
|
||||
|
||||
const data = {
|
||||
p: 'publishable_stripe_key',
|
||||
a: 'access_token',
|
||||
l: 'livemode',
|
||||
s: 'correct_state'
|
||||
};
|
||||
|
||||
const encodedData = Buffer.from(JSON.stringify(data)).toString('base64');
|
||||
|
||||
const tokenData = await stripeConnect.getStripeConnectTokenData(encodedData, getSessionProp);
|
||||
|
||||
should.equal(tokenData.public_key, data.p);
|
||||
should.equal(tokenData.secret_key, data.a);
|
||||
should.equal(tokenData.livemode, data.l);
|
||||
});
|
||||
|
||||
it('getStripeConnectTokenData throws when the state is incorrect', async function () {
|
||||
const getSessionProp = prop => 'incorrect_state';
|
||||
|
||||
const data = {
|
||||
p: 'publishable_stripe_key',
|
||||
a: 'access_token',
|
||||
l: 'livemode',
|
||||
s: 'correct_state'
|
||||
};
|
||||
|
||||
const encodedData = Buffer.from(JSON.stringify(data)).toString('base64');
|
||||
|
||||
await stripeConnect.getStripeConnectTokenData(encodedData, getSessionProp).then((success) => {
|
||||
throw new Error('The token data should not be returned if the state is incorrect');
|
||||
}, (error) => {
|
||||
should.ok(error);
|
||||
});
|
||||
});
|
||||
});
|
Loading…
Reference in New Issue
Block a user