feat(plugins/auth): add netzolabs provider (via google oauth)

Author: miguelrk

lib/plugins/auth/islands/auth-form.tsx

@@ -186,6 +186,12 @@ export function AuthForm(props: AuthFormProps) {
           </ButtonOAuth2>
         )} */
         }
+
+        {!!providers?.netzolabs && (
+          <ButtonNetzo text={`${i18n.authForm.text} NetzoLabs`} href="/auth/netzolabs/signin">
+            <div className="mr-4 w-22px h-22px i-netzo-symbol" />
+          </ButtonNetzo>
+        )}
       </div>
     </>
   );

lib/plugins/auth/plugin.ts

@@ -71,6 +71,10 @@ export type AuthConfig = {
       clientSecret?: string;
       oktaDomain?: string; // must set OKTA_DOMAIN environment variable
     };
+    netzolabs?: AuthConfigProvider & {
+      clientId?: string;
+      clientSecret?: string;
+    };
   };
   /** A function to check if a user is authorized to sign in. The function should
    * throw an Error with an optional error message if not authorized.
@@ -132,6 +136,7 @@ export const auth = (config: AuthConfig): Plugin<NetzoState> => {
     "gitlab",
     "auth0",
     "okta",
+    "netzolabs",
   ].some((key) => !!config?.providers?.[key as AuthProvider]);
   if (!authEnabled) return { name: "netzo.auth" }; // skip if auth but no providers are set
 

lib/plugins/auth/utils/providers/mod.ts

@@ -17,6 +17,7 @@ import { getUserGithub } from "./github.ts";
 import { getUserGitlab } from "./gitlab.ts";
 import { getUserGoogle } from "./google.ts";
 import { getUserNetzo, handleCallbackNetzo, signInNetzo } from "./netzo.ts";
+import { getUserNetzolabs } from "./netzolabs.ts";
 import { getUserOkta } from "./okta.ts";
 import { getUserSlack } from "./slack.ts";
 
@@ -36,7 +37,10 @@ export const getAuthConfig = (provider: AuthProvider, ctx: FreshContext) => {
     case "google": {
       return createGoogleOAuthConfig({
         redirectUri,
-        scope: "https://www.googleapis.com/auth/userinfo.profile",
+        scope: [
+          "https://www.googleapis.com/auth/userinfo.profile",
+          "https://www.googleapis.com/auth/userinfo.email",
+        ],
       });
     }
     case "github": {
@@ -70,6 +74,21 @@ export const getAuthConfig = (provider: AuthProvider, ctx: FreshContext) => {
     // case "discord":
     // case "dropbox":
     // case "facebook":
+    case "netzolabs": {
+      return {
+        clientId: Deno.env.get("NETZOLABS_CLIENT_ID")!,
+        clientSecret: Deno.env.get("NETZOLABS_CLIENT_SECRET")!,
+        authorizationEndpointUri: "https://accounts.google.com/o/oauth2/v2/auth",
+        tokenUri: "https://oauth2.googleapis.com/token",
+        redirectUri,
+        defaults: {
+          scope: [
+            "https://www.googleapis.com/auth/userinfo.profile",
+            "https://www.googleapis.com/auth/userinfo.email",
+          ],
+        },
+      }; // MUST be set if using Netzo Auth Provider
+    }
     default:
       throw new Error(`Provider ${provider} not supported`);
   }
@@ -107,6 +126,8 @@ export const getUserByProvider = async (
       return await getUserAuth0(accessToken);
     case "okta":
       return await getUserOkta(accessToken);
+    case "netzolabs":
+      return await getUserNetzolabs(accessToken);
     default:
       throw new Error(`Provider ${provider} not supported`);
   }

lib/plugins/auth/utils/providers/netzolabs.ts

@@ -0,0 +1,27 @@
+import type { AuthUserFromProvider } from "../types.ts";
+import { UserGoogle } from "./google.ts";
+
+export type UserNetzolabs = UserGoogle;
+
+export async function getUserNetzolabs(
+  accessToken: string,
+): Promise<AuthUserFromProvider> {
+  const response = await fetch(
+    "https://www.googleapis.com/oauth2/v3/userinfo",
+    {
+      headers: { authorization: `Bearer ${accessToken}` },
+    },
+  );
+  if (!response.ok) {
+    const { message } = await response.json();
+    throw new Error(`${response.status}: ${message}`);
+  }
+  const userNetzolabs: UserNetzolabs = await response.json();
+  return {
+    provider: "netzolabs",
+    authId: userNetzolabs.sub,
+    name: userNetzolabs.name,
+    email: userNetzolabs.email,
+    avatar: userNetzolabs.picture,
+  };
+}