generated from ensdomains/router-ts-worker
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #1 from ensdomains/initial-staging-branch
Staging branch
- Loading branch information
Showing
12 changed files
with
173 additions
and
95 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
name: Deploy | ||
|
||
on: [push] | ||
|
||
jobs: | ||
deploy: | ||
runs-on: ubuntu-latest | ||
name: Deploy | ||
steps: | ||
- uses: actions/checkout@v4 | ||
|
||
- uses: oven-sh/setup-bun@v2 | ||
with: | ||
bun-version: 1.1.20 | ||
|
||
- name: Install dependencies | ||
run: bun install --frozen-lockfile | ||
|
||
- name: Deploy to production | ||
if: ${{ github.ref == 'refs/heads/main' }} | ||
uses: cloudflare/wrangler-action@v3 | ||
with: | ||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} | ||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | ||
command: deploy --env production | ||
environment: production | ||
secrets: | | ||
DENTITY_CLIENT_SECRET | ||
DENTITY_CLIENT_ID | ||
env: | ||
DENTITY_CLIENT_ID: ${{ secrets.DENTITY_CLIENT_ID }} | ||
DENTITY_CLIENT_SECRET: ${{ secrets.DENTITY_CLIENT_SECRET }} | ||
|
||
- name: Deploy to staging | ||
if: ${{ github.ref != 'refs/heads/main' }} | ||
uses: cloudflare/wrangler-action@v3 | ||
with: | ||
apiToken: ${{ secrets.CLOUDFLARE_API_TOKEN }} | ||
accountId: ${{ secrets.CLOUDFLARE_ACCOUNT_ID }} | ||
command: deploy --env staging | ||
environment: staging | ||
secrets: | | ||
DENTITY_CLIENT_SECRET | ||
DENTITY_CLIENT_ID | ||
env: | ||
DENTITY_CLIENT_ID: ${{ secrets.DENTITY_STAGING_CLIENT_ID }} | ||
DENTITY_CLIENT_SECRET: ${{ secrets.DENTITY_STAGING_CLIENT_SECRET }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,21 +1,24 @@ | ||
{ | ||
"name": "router-ts-worker", | ||
"version": "0.0.0", | ||
"private": true, | ||
"type": "module", | ||
"scripts": { | ||
"deploy": "wrangler deploy", | ||
"dev": "wrangler dev", | ||
"test": "NODE_OPTIONS='--experimental-vm-modules --no-warnings' vitest run" | ||
}, | ||
"devDependencies": { | ||
"@biomejs/biome": "1.5.3", | ||
"@cloudflare/workers-types": "^4.20240222.0", | ||
"itty-router": "^4.0.27", | ||
"miniflare": "^3.20240223.0", | ||
"msw": "^2.3.4", | ||
"typescript": "^5.3.3", | ||
"vitest": "^1.3.1", | ||
"vitest-environment-miniflare": "^2.14.2", | ||
"wrangler": "^3.0.0" | ||
}, | ||
"private": true, | ||
"scripts": { | ||
"deploy": "wrangler deploy", | ||
"dev": "wrangler dev -e staging", | ||
"test": "NODE_OPTIONS='--experimental-vm-modules --no-warnings' vitest run" | ||
}, | ||
"type": "module", | ||
"dependencies": { | ||
"itty-router": "4.0.27" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,5 +1,5 @@ | ||
import { example } from './v1/example.js' | ||
import { fetchDentityFederatedToken } from './v1/dentity/fetchDentityFederatedToken.js' | ||
|
||
export const v1 = { | ||
example, | ||
fetchDentityFederatedToken, | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,40 @@ | ||
import { afterAll, afterEach, beforeAll, expect, test } from 'vitest' | ||
import { fetchDentityFederatedToken } from './fetchDentityFederatedToken.js' | ||
import { setupServer } from 'msw/node' | ||
import { http, HttpResponse} from 'msw' | ||
|
||
const restHandlers = [ | ||
http.post('https://example.com/oidc/token', () => { | ||
return HttpResponse.json({ | ||
"access_token": "access-token", | ||
"expires_in": 86400, | ||
"id_token": "id-token", | ||
"scope": "openid federated_token", | ||
"token_type": "Bearer", | ||
"federated_token": "federated-token", | ||
"ens_name": "name.eth", | ||
"eth_address": "0xaddress" | ||
}) | ||
}), | ||
] | ||
|
||
const server = setupServer(...restHandlers) | ||
|
||
beforeAll(() => server.listen({ onUnhandledRequest: 'error' })) | ||
|
||
afterAll(() => server.close()) | ||
|
||
afterEach(() => server.resetHandlers()) | ||
|
||
test('works', async () => { | ||
const request = new Request('http://localhost/v1/example', { body: JSON.stringify({ code: 'test-code' }), method: 'POST' }) | ||
const response = await fetchDentityFederatedToken(request, { env: { | ||
DENTITY_CLIENT_ID: 'test-client-id', | ||
DENTITY_CLIENT_SECRET: 'test-client-secret', | ||
DENTITY_BASE_ENDPOINT: 'https://example.com', | ||
APP_REDIRECT: 'https://example.com', | ||
}, ctx: {} as ExecutionContext }) | ||
expect(response.status).toBe(200) | ||
// expect(response.headers.get('Content-Type')).toMatchInlineSnapshot(`"application/json; charset=utf-8"`) | ||
expect(await response.json()).toEqual({ name: 'name.eth', address: '0xaddress', token: 'federated-token' }) | ||
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
import { json } from "itty-router/json" | ||
|
||
import type { RouteParameters } from "@/types.js" | ||
import { error } from "itty-router" | ||
|
||
type DentityFederatedTokenResponse = { | ||
"access_token": string, | ||
"expires_in": number, | ||
"id_token": string, | ||
"scope": "openid federated_token", | ||
"token_type": "Bearer", | ||
"federated_token": string, | ||
"ens_name": string, | ||
"eth_address": string | ||
error?: string | ||
error_description?: string | ||
} | ||
|
||
export const fetchDentityFederatedToken = async ( | ||
_request: Request, | ||
{ env: _env, ctx: _ctx }: RouteParameters, | ||
) => { | ||
const { DENTITY_CLIENT_ID, DENTITY_CLIENT_SECRET, DENTITY_BASE_ENDPOINT, APP_REDIRECT } = _env | ||
const { code } = (await _request.json()) as { code: string } | ||
|
||
const body = new URLSearchParams() | ||
body.append("client_id", DENTITY_CLIENT_ID) | ||
body.append("client_secret", DENTITY_CLIENT_SECRET) | ||
body.append("grant_type", "authorization_code") | ||
body.append("code", code) | ||
body.append("redirect_uri", APP_REDIRECT) | ||
|
||
const resp = await fetch(`${DENTITY_BASE_ENDPOINT}/oidc/token`, { method: 'POST', body, headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }) | ||
const data = await resp.json() | ||
|
||
const { federated_token, ens_name, error: errorTitle, error_description, ...rest} = data as DentityFederatedTokenResponse | ||
|
||
if (!federated_token || !ens_name) return error(400, {error : errorTitle, error_description}) | ||
|
||
const url = new URL(`${DENTITY_BASE_ENDPOINT}/oidc/vp-token`) | ||
url.searchParams.append('federated_token', federated_token) | ||
url.searchParams.append('ens_name', ens_name) | ||
|
||
return json({ | ||
name: ens_name, | ||
verifiedPresentationUri: url.toString(), | ||
}) | ||
} |
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,16 +1,6 @@ | ||
interface Env { | ||
// Example binding to KV. Learn more at https://developers.cloudflare.com/workers/runtime-apis/kv/ | ||
// MY_KV_NAMESPACE: KVNamespace; | ||
// | ||
// Example binding to Durable Object. Learn more at https://developers.cloudflare.com/workers/runtime-apis/durable-objects/ | ||
// MY_DURABLE_OBJECT: DurableObjectNamespace; | ||
// | ||
// Example binding to R2. Learn more at https://developers.cloudflare.com/workers/runtime-apis/r2/ | ||
// MY_BUCKET: R2Bucket; | ||
// | ||
// Example binding to a Service. Learn more at https://developers.cloudflare.com/workers/runtime-apis/service-bindings/ | ||
// MY_SERVICE: Fetcher; | ||
// | ||
// Example binding to a Queue. Learn more at https://developers.cloudflare.com/queues/javascript-apis/ | ||
// MY_QUEUE: Queue; | ||
APP_REDIRECT: string; | ||
DENTITY_CLIENT_ID: string; | ||
DENTITY_CLIENT_SECRET: string; | ||
DENTITY_BASE_ENDPOINT: string; | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,51 +1,17 @@ | ||
name = "router-ts-worker" | ||
name = "auth-worker" | ||
main = "src/index.ts" | ||
compatibility_date = "2024-02-23" | ||
|
||
# Variable bindings. These are arbitrary, plaintext strings (similar to environment variables) | ||
# Note: Use secrets to store sensitive data. | ||
# Docs: https://developers.cloudflare.com/workers/platform/environment-variables | ||
# [vars] | ||
# MY_VARIABLE = "production_value" | ||
[env.production] | ||
name = "auth-worker" | ||
|
||
# Bind a KV Namespace. Use KV as persistent storage for small key-value pairs. | ||
# Docs: https://developers.cloudflare.com/workers/runtime-apis/kv | ||
# [[kv_namespaces]] | ||
# binding = "MY_KV_NAMESPACE" | ||
# id = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx" | ||
[env.production.vars] | ||
DENTITY_BASE_ENDPOINT = "https://oidc.dentity.com" | ||
APP_REDIRECT = "https://ens.domains" | ||
|
||
# Bind an R2 Bucket. Use R2 to store arbitrarily large blobs of data, such as files. | ||
# Docs: https://developers.cloudflare.com/r2/api/workers/workers-api-usage/ | ||
# [[r2_buckets]] | ||
# binding = "MY_BUCKET" | ||
# bucket_name = "my-bucket" | ||
[env.staging] | ||
name = "auth-worker-staging" | ||
|
||
# Bind a Queue producer. Use this binding to schedule an arbitrary task that may be processed later by a Queue consumer. | ||
# Docs: https://developers.cloudflare.com/queues/get-started | ||
# [[queues.producers]] | ||
# binding = "MY_QUEUE" | ||
# queue = "my-queue" | ||
|
||
# Bind a Queue consumer. Queue Consumers can retrieve tasks scheduled by Producers to act on them. | ||
# Docs: https://developers.cloudflare.com/queues/get-started | ||
# [[queues.consumers]] | ||
# queue = "my-queue" | ||
|
||
# Bind another Worker service. Use this binding to call another Worker without network overhead. | ||
# Docs: https://developers.cloudflare.com/workers/platform/services | ||
# [[services]] | ||
# binding = "MY_SERVICE" | ||
# service = "my-service" | ||
|
||
# Bind a Durable Object. Durable objects are a scale-to-zero compute primitive based on the actor model. | ||
# Durable Objects can live for as long as needed. Use these when you need a long-running "server", such as in realtime apps. | ||
# Docs: https://developers.cloudflare.com/workers/runtime-apis/durable-objects | ||
# [[durable_objects.bindings]] | ||
# name = "MY_DURABLE_OBJECT" | ||
# class_name = "MyDurableObject" | ||
|
||
# Durable Object migrations. | ||
# Docs: https://developers.cloudflare.com/workers/learning/using-durable-objects#configure-durable-object-classes-with-migrations | ||
# [[migrations]] | ||
# tag = "v1" | ||
# new_classes = ["MyDurableObject"] | ||
[env.staging.vars] | ||
DENTITY_BASE_ENDPOINT = "https://oidc.staging.dentity.com" | ||
APP_REDIRECT = "https://dentity-integration.ens-app-v3.pages.dev" |