mirror of
https://github.com/TryGhost/Ghost.git
synced 2024-12-21 01:41:46 +03:00
d246a4761e
no-issue
This adds two new endpoints, one at /ghost/.well-known/jwks.json for exposing
a public key, and one on the canary api /identities, which allows the
Owner user to fetch a JWT.
This token can then be used by external services to verify the domain
* Added ghost_{public,private}_key settings
This key can be used for generating tokens for communicating with
external services on behalf of Ghost
* Added .well-known directory to /ghost/.well-known
We add a jwks.json file to the .well-known directory which exposes a
public JWK which can be used to verify the signatures of JWT's created
by Ghost
This is added to the /ghost/ path so that it can live on the admin
domain, rather than the frontend. This is because most of its
uses/functions will be in relation to the admin domain.
* Improved settings model tests
This removes hardcoded positions in favour of testing that a particular
event wasn't emitted which is less brittle and more precise about what's
being tested
* Fixed parent app unit tests for well-known
This updates the parent app unit tests to check that the well-known
route is mounted. We all change proxyquire to use `noCallThru` which
ensures that the ubderlying modules are not required. This stops the
initialisation logic in ./well-known erroring in tests
https://github.com/thlorenz/proxyquire/issues/215
* Moved jwt signature to a separate 'token' propery
This structure corresponds to other resources and allows to exptend with
additional properties in future if needed
166 lines
3.9 KiB
JavaScript
166 lines
3.9 KiB
JavaScript
const shared = require('../shared');
|
|
const localUtils = require('./utils');
|
|
|
|
module.exports = {
|
|
get http() {
|
|
return shared.http;
|
|
},
|
|
|
|
get authentication() {
|
|
return shared.pipeline(require('./authentication'), localUtils);
|
|
},
|
|
|
|
get db() {
|
|
return shared.pipeline(require('./db'), localUtils);
|
|
},
|
|
|
|
get identities() {
|
|
return shared.pipeline(require('./identities'), localUtils);
|
|
},
|
|
|
|
get integrations() {
|
|
return shared.pipeline(require('./integrations'), localUtils);
|
|
},
|
|
|
|
// @TODO: transform
|
|
get session() {
|
|
return require('./session');
|
|
},
|
|
|
|
get schedules() {
|
|
return shared.pipeline(require('./schedules'), localUtils);
|
|
},
|
|
|
|
get pages() {
|
|
return shared.pipeline(require('./pages'), localUtils);
|
|
},
|
|
|
|
get redirects() {
|
|
return shared.pipeline(require('./redirects'), localUtils);
|
|
},
|
|
|
|
get roles() {
|
|
return shared.pipeline(require('./roles'), localUtils);
|
|
},
|
|
|
|
get slugs() {
|
|
return shared.pipeline(require('./slugs'), localUtils);
|
|
},
|
|
|
|
get webhooks() {
|
|
return shared.pipeline(require('./webhooks'), localUtils);
|
|
},
|
|
|
|
get posts() {
|
|
return shared.pipeline(require('./posts'), localUtils);
|
|
},
|
|
|
|
get invites() {
|
|
return shared.pipeline(require('./invites'), localUtils);
|
|
},
|
|
|
|
get mail() {
|
|
return shared.pipeline(require('./mail'), localUtils);
|
|
},
|
|
|
|
get notifications() {
|
|
return shared.pipeline(require('./notifications'), localUtils);
|
|
},
|
|
|
|
get settings() {
|
|
return shared.pipeline(require('./settings'), localUtils);
|
|
},
|
|
|
|
get members() {
|
|
return shared.pipeline(require('./members'), localUtils);
|
|
},
|
|
|
|
get memberSigninUrls() {
|
|
return shared.pipeline(require('./memberSigninUrls.js'), localUtils);
|
|
},
|
|
|
|
get labels() {
|
|
return shared.pipeline(require('./labels'), localUtils);
|
|
},
|
|
|
|
get images() {
|
|
return shared.pipeline(require('./images'), localUtils);
|
|
},
|
|
|
|
get tags() {
|
|
return shared.pipeline(require('./tags'), localUtils);
|
|
},
|
|
|
|
get users() {
|
|
return shared.pipeline(require('./users'), localUtils);
|
|
},
|
|
|
|
get preview() {
|
|
return shared.pipeline(require('./preview'), localUtils);
|
|
},
|
|
|
|
get oembed() {
|
|
return shared.pipeline(require('./oembed'), localUtils);
|
|
},
|
|
|
|
get slack() {
|
|
return shared.pipeline(require('./slack'), localUtils);
|
|
},
|
|
|
|
get config() {
|
|
return shared.pipeline(require('./config'), localUtils);
|
|
},
|
|
|
|
get themes() {
|
|
return shared.pipeline(require('./themes'), localUtils);
|
|
},
|
|
|
|
get actions() {
|
|
return shared.pipeline(require('./actions'), localUtils);
|
|
},
|
|
|
|
get email_preview() {
|
|
return shared.pipeline(require('./email-preview'), localUtils);
|
|
},
|
|
|
|
get emails() {
|
|
return shared.pipeline(require('./email'), localUtils);
|
|
},
|
|
|
|
get site() {
|
|
return shared.pipeline(require('./site'), localUtils);
|
|
},
|
|
|
|
get serializers() {
|
|
return require('./utils/serializers');
|
|
},
|
|
|
|
/**
|
|
* Content API Controllers
|
|
*
|
|
* @NOTE:
|
|
*
|
|
* Please create separate controllers for Content & Admin API. The goal is to expose `api.canary.content` and
|
|
* `api.canary.admin` soon. Need to figure out how serializers & validation works then.
|
|
*/
|
|
get pagesPublic() {
|
|
return shared.pipeline(require('./pages-public'), localUtils, 'content');
|
|
},
|
|
|
|
get tagsPublic() {
|
|
return shared.pipeline(require('./tags-public'), localUtils, 'content');
|
|
},
|
|
|
|
get publicSettings() {
|
|
return shared.pipeline(require('./settings-public'), localUtils, 'content');
|
|
},
|
|
|
|
get postsPublic() {
|
|
return shared.pipeline(require('./posts-public'), localUtils, 'content');
|
|
},
|
|
|
|
get authorsPublic() {
|
|
return shared.pipeline(require('./authors-public'), localUtils, 'content');
|
|
}
|
|
};
|