basic couchDB authentication using passport

2024-06-01 18:20:18 +12:00 · 2021-04-01 20:34:43 +01:00 · 2021-04-01 20:34:43 +01:00 · 349a47c1e1
parent 865baf6d16
commit 349a47c1e1
13 changed files with 365 additions and 14 deletions
--- a/packages/worker/package.json
+++ b/packages/worker/package.json
@ -28,11 +28,15 @@
    "koa": "^2.7.0",
    "koa-body": "^4.2.0",
    "koa-compress": "^4.0.1",
+    "koa-passport": "^4.1.4",
    "koa-pino-logger": "^3.0.0",
    "koa-send": "^5.0.0",
    "koa-session": "^5.12.0",
    "koa-static": "^5.0.0",
    "node-fetch": "^2.6.1",
+    "passport-google-oauth": "^2.0.0",
+    "passport-jwt": "^4.0.0",
+    "passport-local": "^1.0.0",
    "pino-pretty": "^4.0.0",
    "pouchdb": "^7.2.1",
    "pouchdb-all-dbs": "^1.0.2",
--- a/packages/worker/src/api/controllers/admin/auth.js
+++ b/packages/worker/src/api/controllers/admin/auth.js
@ -0,0 +1,14 @@
+const jwt = require("jsonwebtoken")
+const CouchDB = require("../../../db")
+const passport = require("koa-passport")
+
+exports.authenticate = async (ctx, next) => {
+  return passport.authenticate("local", (err, user, info, status) => {
+    ctx.body = {
+      err,
+      user,
+      info,
+      status,
+    }
+  })(ctx, next)
+}
--- a/packages/worker/src/api/controllers/admin/index.js
+++ b/packages/worker/src/api/controllers/admin/index.js
@ -1,6 +1,10 @@
 const CouchDB = require("../../../db")
-const { StaticDatabases, generateUserID, getUserParams } = require("../../../db/utils")
-const { hash } = require("./utils")
+const {
+  StaticDatabases,
+  generateUserID,
+  getUserParams,
+} = require("../../../db/utils")
+const { hash } = require("../../../utils")
 const { UserStatus } = require("../../../constants")

 const USER_DB = StaticDatabases.USER.name
@ -10,10 +14,11 @@ exports.userSave = async ctx => {
  const { email, password, _id } = ctx.request.body
  const hashedPassword = password ? await hash(password) : null
  let user = {
-    ...ctx.request.body,
-    _id: generateUserID(email),
-    password: hashedPassword,
-  }, dbUser
+      ...ctx.request.body,
+      _id: generateUserID(email),
+      password: hashedPassword,
+    },
+    dbUser
  // in-case user existed already
  if (_id) {
    dbUser = await db.get(_id)
--- a/packages/worker/src/api/routes/admin/auth.js
+++ b/packages/worker/src/api/routes/admin/auth.js
@ -0,0 +1,8 @@
+// const Router = require("@koa/router")
+// const controller = require("../controllers/auth")
+
+// const router = Router()
+
+// router.post("/api/authenticate", controller.authenticate)
+
+// module.exports = router
--- a/packages/worker/src/api/routes/admin/index.js
+++ b/packages/worker/src/api/routes/admin/index.js
@ -1,10 +1,13 @@
 const Router = require("@koa/router")
 const controller = require("../../controllers/admin")
+const authController = require("../../controllers/admin/auth")
 const authorized = require("../../../middleware/authorized")

 const router = Router()

-router.post("/api/admin/users", authorized, controller.userSave)
+router
+  .post("/api/admin/users", authorized, controller.userSave)
+  .post("/api/admin/authenticate", authController.authenticate)
  .delete("/api/admin/users/:email", authorized, controller.userDelete)
  .get("/api/admin/users", authorized, controller.userFetch)
  .get("/api/admin/users/:email", authorized, controller.userFind)
--- a/packages/worker/src/db/utils.js
+++ b/packages/worker/src/db/utils.js
@ -1,11 +1,11 @@
 exports.StaticDatabases = {
  USER: {
    name: "user-db",
-  }
+  },
 }

 const DocumentTypes = {
-  USER: "us"
+  USER: "us",
 }

 const UNICODE_MAX = "\ufff0"
@ -29,4 +29,4 @@ exports.getUserParams = (email = "", otherProps = {}) => {
    startkey: `${DocumentTypes.USER}${SEPARATOR}${email}`,
    endkey: `${DocumentTypes.USER}${SEPARATOR}${email}${UNICODE_MAX}`,
  }
-}
+}
--- a/packages/worker/src/index.js
+++ b/packages/worker/src/index.js
@ -1,6 +1,7 @@
 const Koa = require("koa")
 const destroyable = require("server-destroy")
 const koaBody = require("koa-body")
+const passport = require("koa-passport")
 const logger = require("koa-pino-logger")
 const http = require("http")
 const api = require("./api")
@ -24,6 +25,11 @@ app.use(
  })
 )

+// authentication
+require("./middleware/auth")
+app.use(passport.initialize())
+app.use(passport.session())
+
 // api routes
 app.use(api.routes())

--- a/packages/worker/src/middleware/auth/google.js
+++ b/packages/worker/src/middleware/auth/google.js
@ -0,0 +1,13 @@
+// const GoogleStrategy = require("passport-google-auth").Strategy
+
+exports.options = {
+  clientId: "your-client-id",
+  clientSecret: "your-secret",
+  callbackURL:
+    "http://localhost:" + (process.env.PORT || 3000) + "/auth/google/callback",
+}
+
+exports.authenticate = async function(token, tokenSecret, profile, done) {
+  // retrieve user ...
+  // fetchUser().then(user => done(null, user))
+}
--- a/packages/worker/src/middleware/auth/index.js
+++ b/packages/worker/src/middleware/auth/index.js
@ -0,0 +1,20 @@
+const passport = require("koa-passport")
+const LocalStrategy = require("passport-local").Strategy
+const JwtStrategy = require("passport-jwt").Strategy
+const GoogleStrategy = require("passport-google-oauth").Strategy
+const jwt = require("./jwt")
+const local = require("./local")
+const google = require("./google")
+
+// Strategies
+passport.use(new LocalStrategy(local.options, local.authenticate))
+passport.use(new JwtStrategy(jwt.options, jwt.authenticate))
+// passport.use(new GoogleStrategy(google.options, google.authenticate))
+
+// exports.middleware = async (ctx, next) => {
+//   if (ctx.isAuthenticated()) {
+//     return next()
+//   } else {
+//     ctx.throw(403, "Not Authenticated")
+//   }
+// }
--- a/packages/worker/src/middleware/auth/jwt.js
+++ b/packages/worker/src/middleware/auth/jwt.js
@ -0,0 +1,38 @@
+const jwt = require("passport-jwt")
+const env = require("../../environment")
+const { getCookieName } = require("../../../../server/src/utilities")
+
+const ExtractJWT = jwt.ExtractJwt
+
+exports.options = {
+  jwtFromRequest: function(ctx) {
+    return ctx.cookies.get("budibase")
+  },
+  // TODO: fix
+  secretOrKey: env.JWT_SECRET || "funky",
+}
+
+exports.authenticate = async function(jwt, done) {
+  console.log(jwt)
+  done({ name: "joe" })
+  // const appId = ctx.appId
+  // if (!appId) ctx.throw(400, "No appId")
+
+  // const { email, password } = ctx.request.body
+
+  // if (!email) ctx.throw(400, "Email Required.")
+  // if (!password) ctx.throw(400, "Password Required.")
+
+  // // Check the user exists in the instance DB by email
+  // const db = new CouchDB(appId)
+  // const app = await db.get(appId)
+
+  // let dbUser
+  // try {
+  //   dbUser = await db.get(generateUserID(email))
+  // } catch (_) {
+  //   // do not want to throw a 404 - as this could be
+  //   // used to determine valid emails
+  //   ctx.throw(401, INVALID_ERR)
+  // }
+}
--- a/packages/worker/src/middleware/auth/local.js
+++ b/packages/worker/src/middleware/auth/local.js
@ -0,0 +1,58 @@
+const jwt = require("jsonwebtoken")
+const { UserStatus } = require("../../constants")
+const CouchDB = require("../../db")
+const { StaticDatabases, generateUserID } = require("../../db/utils")
+const { compare } = require("../../utils")
+const env = require("../../environment")
+
+const INVALID_ERR = "Invalid Credentials"
+
+exports.options = {}
+
+/**
+ * Passport Local Authentication Middleware.
+ * @param {*} username - username to login with
+ * @param {*} password - plain text password to log in with
+ * @param {*} done - callback from passport to return user information and errors
+ * @returns The authenticated user, or errors if they occur
+ */
+exports.authenticate = async function(username, password, done) {
+  if (!username) return done(null, false, "Email Required.")
+  if (!password) return done(null, false, "Password Required.")
+
+  // Check the user exists in the instance DB by email
+  const db = new CouchDB(StaticDatabases.USER.name)
+
+  let dbUser
+  try {
+    dbUser = await db.get(generateUserID(username))
+  } catch {
+    console.error("User not found")
+    return done(null, false, { message: "User not found" })
+  }
+
+  // check that the user is currently inactive, if this is the case throw invalid
+  if (dbUser.status === UserStatus.INACTIVE) {
+    return done(null, false, { message: INVALID_ERR })
+  }
+
+  // authenticate
+  if (await compare(password, dbUser.password)) {
+    const payload = {
+      userId: dbUser._id,
+    }
+
+    const token = jwt.sign(payload, env.JWT_SECRET, {
+      expiresIn: "1 day",
+    })
+
+    // TODO: remove and use cookie
+    dbUser.token = token
+    // setCookie(ctx, token, appId)
+
+    delete dbUser.password
+    return done(null, dbUser)
+  } else {
+    done(new Error(INVALID_ERR), false)
+  }
+}
--- a/packages/worker/src/api/controllers/admin/utils.js
+++ b/packages/worker/src/api/controllers/admin/utils.js
@ -1,5 +1,5 @@
 const bcrypt = require("bcryptjs")
-const env = require("../environment")
+const env = require("./environment")

 const SALT_ROUNDS = env.SALT_ROUNDS || 10

@ -10,4 +10,4 @@ exports.hash = async data => {

 exports.compare = async (data, encrypted) => {
  return bcrypt.compare(data, encrypted)
-}
+}
--- a/packages/worker/yarn.lock
+++ b/packages/worker/yarn.lock
@ -285,6 +285,11 @@ base64-js@^1.0.2, base64-js@^1.3.1:
  resolved "https://registry.yarnpkg.com/base64-js/-/base64-js-1.5.1.tgz#1b1b440160a5bf7ad40b650f095963481903930a"
  integrity sha512-AKpaYlHn8t4SVbOHCy+b5+KKgvR4vrsD8vbvrbiQJps7fKDTkjkDry6ji0rUJjC0kzbNePLwzxq8iypo41qeWA==

+base64url@3.x.x:
+  version "3.0.1"
+  resolved "https://registry.yarnpkg.com/base64url/-/base64url-3.0.1.tgz#6399d572e2bc3f90a9a8b22d5dbb0a32d33f788d"
+  integrity sha512-ir1UPr3dkwexU7FdV8qBBbNDRUhMmIekYMFZfi+C/sLNnRESKPl23nB9b2pltqfOQNnGzsDdId90AEtG5tCx4A==
+
 bcryptjs@^2.4.3:
  version "2.4.3"
  resolved "https://registry.yarnpkg.com/bcryptjs/-/bcryptjs-2.4.3.tgz#9ab5627b93e60621ff7cdac5da9733027df1d0cb"
@ -324,6 +329,11 @@ braces@~3.0.2:
  dependencies:
    fill-range "^7.0.1"

+buffer-equal-constant-time@1.0.1:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/buffer-equal-constant-time/-/buffer-equal-constant-time-1.0.1.tgz#f8e71132f7ffe6e01a5c9697a4c6f3e48d5cc819"
+  integrity sha1-+OcRMvf/5uAaXJaXpMbz5I1cyBk=
+
 buffer-from@1.1.1:
  version "1.1.1"
  resolved "https://registry.yarnpkg.com/buffer-from/-/buffer-from-1.1.1.tgz#32713bc028f75c02fdb710d7c7bcec1f2c6070ef"
@ -712,6 +722,13 @@ duplexer3@^0.1.4:
  resolved "https://registry.yarnpkg.com/duplexer3/-/duplexer3-0.1.4.tgz#ee01dd1cac0ed3cbc7fdbea37dc0a8f1ce002ce2"
  integrity sha1-7gHdHKwO08vH/b6jfcCo8c4ALOI=

+ecdsa-sig-formatter@1.0.11:
+  version "1.0.11"
+  resolved "https://registry.yarnpkg.com/ecdsa-sig-formatter/-/ecdsa-sig-formatter-1.0.11.tgz#ae0f0fa2d85045ef14a817daa3ce9acd0489e5bf"
+  integrity sha512-nagl3RYrbNv6kQkeJIpt6NJZy8twLB/2vtz6yN9Z4vRKHN4/QZJIEbqohALSgwKdnksuY3k5Addp5lg8sVoVcQ==
+  dependencies:
+    safe-buffer "^5.0.1"
+
 ee-first@1.1.1:
  version "1.1.1"
  resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
@ -1270,6 +1287,22 @@ json-buffer@3.0.1:
  resolved "https://registry.yarnpkg.com/json-buffer/-/json-buffer-3.0.1.tgz#9338802a30d3b6605fbe0613e094008ca8c05a13"
  integrity sha512-4bV5BfR2mqfQTJm+V5tPPdf+ZpuhiIvTuAB5g8kcrXOZpTT/QwwVRWBywX1ozr6lEuPdbHxwaJlm9G6mI2sfSQ==

+jsonwebtoken@^8.2.0:
+  version "8.5.1"
+  resolved "https://registry.yarnpkg.com/jsonwebtoken/-/jsonwebtoken-8.5.1.tgz#00e71e0b8df54c2121a1f26137df2280673bcc0d"
+  integrity sha512-XjwVfRS6jTMsqYs0EsuJ4LGxXV14zQybNd4L2r0UvbVnSF9Af8x7p5MzbJ90Ioz/9TI41/hTCvznF/loiSzn8w==
+  dependencies:
+    jws "^3.2.2"
+    lodash.includes "^4.3.0"
+    lodash.isboolean "^3.0.3"
+    lodash.isinteger "^4.0.4"
+    lodash.isnumber "^3.0.3"
+    lodash.isplainobject "^4.0.6"
+    lodash.isstring "^4.0.1"
+    lodash.once "^4.0.0"
+    ms "^2.1.1"
+    semver "^5.6.0"
+
 jstransform@~11.0.0:
  version "11.0.3"
  resolved "https://registry.yarnpkg.com/jstransform/-/jstransform-11.0.3.tgz#09a78993e0ae4d4ef4487f6155a91f6190cb4223"
@ -1290,6 +1323,23 @@ jstransform@~3.0.0:
    esprima-fb "~3001.1.0-dev-harmony-fb"
    source-map "0.1.31"

+jwa@^1.4.1:
+  version "1.4.1"
+  resolved "https://registry.yarnpkg.com/jwa/-/jwa-1.4.1.tgz#743c32985cb9e98655530d53641b66c8645b039a"
+  integrity sha512-qiLX/xhEEFKUAJ6FiBMbes3w9ATzyk5W7Hvzpa/SLYdxNtng+gcurvrI7TbACjIXlsJyr05/S1oUhZrc63evQA==
+  dependencies:
+    buffer-equal-constant-time "1.0.1"
+    ecdsa-sig-formatter "1.0.11"
+    safe-buffer "^5.0.1"
+
+jws@^3.2.2:
+  version "3.2.2"
+  resolved "https://registry.yarnpkg.com/jws/-/jws-3.2.2.tgz#001099f3639468c9414000e99995fa52fb478304"
+  integrity sha512-YHlZCB6lMTllWDtSPHz/ZXTsi8S00usEV6v1tjq8tOUZzw7DpSDWVXjXDre6ed1w/pd495ODpHZYSdkRTsa0HA==
+  dependencies:
+    jwa "^1.4.1"
+    safe-buffer "^5.0.1"
+
 keygrip@~1.1.0:
  version "1.1.0"
  resolved "https://registry.yarnpkg.com/keygrip/-/keygrip-1.1.0.tgz#871b1681d5e159c62a445b0c74b615e0917e7226"
@ -1356,6 +1406,13 @@ koa-is-json@^1.0.0:
  resolved "https://registry.yarnpkg.com/koa-is-json/-/koa-is-json-1.0.0.tgz#273c07edcdcb8df6a2c1ab7d59ee76491451ec14"
  integrity sha1-JzwH7c3Ljfaiwat9We52SRRR7BQ=

+koa-passport@^4.1.4:
+  version "4.1.4"
+  resolved "https://registry.yarnpkg.com/koa-passport/-/koa-passport-4.1.4.tgz#5f1665c1c2a37ace79af9f970b770885ca30ccfa"
+  integrity sha512-dJBCkl4X+zdYxbI2V2OtoGy0PUenpvp2ZLLWObc8UJhsId0iQpTFT8RVcuA0709AL2txGwRHnSPoT1bYNGa6Kg==
+  dependencies:
+    passport "^0.4.0"
+
 koa-pino-logger@^3.0.0:
  version "3.0.0"
  resolved "https://registry.yarnpkg.com/koa-pino-logger/-/koa-pino-logger-3.0.0.tgz#27600b4f3639e8767dfc6b66493109c5457f53ba"
@ -1530,6 +1587,41 @@ lie@3.0.4:
    inline-process-browser "^1.0.0"
    unreachable-branch-transform "^0.3.0"

+lodash.includes@^4.3.0:
+  version "4.3.0"
+  resolved "https://registry.yarnpkg.com/lodash.includes/-/lodash.includes-4.3.0.tgz#60bb98a87cb923c68ca1e51325483314849f553f"
+  integrity sha1-YLuYqHy5I8aMoeUTJUgzFISfVT8=
+
+lodash.isboolean@^3.0.3:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/lodash.isboolean/-/lodash.isboolean-3.0.3.tgz#6c2e171db2a257cd96802fd43b01b20d5f5870f6"
+  integrity sha1-bC4XHbKiV82WgC/UOwGyDV9YcPY=
+
+lodash.isinteger@^4.0.4:
+  version "4.0.4"
+  resolved "https://registry.yarnpkg.com/lodash.isinteger/-/lodash.isinteger-4.0.4.tgz#619c0af3d03f8b04c31f5882840b77b11cd68343"
+  integrity sha1-YZwK89A/iwTDH1iChAt3sRzWg0M=
+
+lodash.isnumber@^3.0.3:
+  version "3.0.3"
+  resolved "https://registry.yarnpkg.com/lodash.isnumber/-/lodash.isnumber-3.0.3.tgz#3ce76810c5928d03352301ac287317f11c0b1ffc"
+  integrity sha1-POdoEMWSjQM1IwGsKHMX8RwLH/w=
+
+lodash.isplainobject@^4.0.6:
+  version "4.0.6"
+  resolved "https://registry.yarnpkg.com/lodash.isplainobject/-/lodash.isplainobject-4.0.6.tgz#7c526a52d89b45c45cc690b88163be0497f550cb"
+  integrity sha1-fFJqUtibRcRcxpC4gWO+BJf1UMs=
+
+lodash.isstring@^4.0.1:
+  version "4.0.1"
+  resolved "https://registry.yarnpkg.com/lodash.isstring/-/lodash.isstring-4.0.1.tgz#d527dfb5456eca7cc9bb95d5daeaf88ba54a5451"
+  integrity sha1-1SfftUVuynzJu5XV2ur4i6VKVFE=
+
+lodash.once@^4.0.0:
+  version "4.1.1"
+  resolved "https://registry.yarnpkg.com/lodash.once/-/lodash.once-4.1.1.tgz#0dd3971213c7c56df880977d504c88fb471a97ac"
+  integrity sha1-DdOXEhPHxW34gJd9UEyI+0cal6w=
+
 lowercase-keys@^1.0.0, lowercase-keys@^1.0.1:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/lowercase-keys/-/lowercase-keys-1.0.1.tgz#6f9e30b47084d971a7c820ff15a6c5167b74c26f"
@ -1686,6 +1778,11 @@ normalize-url@^4.1.0:
  resolved "https://registry.yarnpkg.com/normalize-url/-/normalize-url-4.5.0.tgz#453354087e6ca96957bd8f5baf753f5982142129"
  integrity sha512-2s47yzUxdexf1OhyRi4Em83iQk0aPvwTddtFz4hnSSw9dCEsLEGf6SwIO8ss/19S9iBb5sJaOuTvTGDeZI00BQ==

+oauth@0.9.x:
+  version "0.9.15"
+  resolved "https://registry.yarnpkg.com/oauth/-/oauth-0.9.15.tgz#bd1fefaf686c96b75475aed5196412ff60cfb9c1"
+  integrity sha1-vR/vr2hslrdUda7VGWQS/2DPucE=
+
 object-assign@^2.0.0:
  version "2.1.1"
  resolved "https://registry.yarnpkg.com/object-assign/-/object-assign-2.1.1.tgz#43c36e5d569ff8e4816c4efa8be02d26967c18aa"
@ -1740,6 +1837,76 @@ parseurl@^1.3.2:
  resolved "https://registry.yarnpkg.com/parseurl/-/parseurl-1.3.3.tgz#9da19e7bee8d12dff0513ed5b76957793bc2e8d4"
  integrity sha512-CiyeOxFT/JZyN5m0z9PfXw4SCBJ6Sygz1Dpl0wqjlhDEGGBP1GnsUVEL0p63hoG1fcj3fHynXi9NYO4nWOL+qQ==

+passport-google-oauth1@1.x.x:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/passport-google-oauth1/-/passport-google-oauth1-1.0.0.tgz#af74a803df51ec646f66a44d82282be6f108e0cc"
+  integrity sha1-r3SoA99R7GRvZqRNgigr5vEI4Mw=
+  dependencies:
+    passport-oauth1 "1.x.x"
+
+passport-google-oauth20@2.x.x:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/passport-google-oauth20/-/passport-google-oauth20-2.0.0.tgz#0d241b2d21ebd3dc7f2b60669ec4d587e3a674ef"
+  integrity sha512-KSk6IJ15RoxuGq7D1UKK/8qKhNfzbLeLrG3gkLZ7p4A6DBCcv7xpyQwuXtWdpyR0+E0mwkpjY1VfPOhxQrKzdQ==
+  dependencies:
+    passport-oauth2 "1.x.x"
+
+passport-google-oauth@^2.0.0:
+  version "2.0.0"
+  resolved "https://registry.yarnpkg.com/passport-google-oauth/-/passport-google-oauth-2.0.0.tgz#f6eb4bc96dd6c16ec0ecfdf4e05ec48ca54d4dae"
+  integrity sha512-JKxZpBx6wBQXX1/a1s7VmdBgwOugohH+IxCy84aPTZNq/iIPX6u7Mqov1zY7MKRz3niFPol0KJz8zPLBoHKtYA==
+  dependencies:
+    passport-google-oauth1 "1.x.x"
+    passport-google-oauth20 "2.x.x"
+
+passport-jwt@^4.0.0:
+  version "4.0.0"
+  resolved "https://registry.yarnpkg.com/passport-jwt/-/passport-jwt-4.0.0.tgz#7f0be7ba942e28b9f5d22c2ebbb8ce96ef7cf065"
+  integrity sha512-BwC0n2GP/1hMVjR4QpnvqA61TxenUMlmfNjYNgK0ZAs0HK4SOQkHcSv4L328blNTLtHq7DbmvyNJiH+bn6C5Mg==
+  dependencies:
+    jsonwebtoken "^8.2.0"
+    passport-strategy "^1.0.0"
+
+passport-local@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/passport-local/-/passport-local-1.0.0.tgz#1fe63268c92e75606626437e3b906662c15ba6ee"
+  integrity sha1-H+YyaMkudWBmJkN+O5BmYsFbpu4=
+  dependencies:
+    passport-strategy "1.x.x"
+
+passport-oauth1@1.x.x:
+  version "1.1.0"
+  resolved "https://registry.yarnpkg.com/passport-oauth1/-/passport-oauth1-1.1.0.tgz#a7de988a211f9cf4687377130ea74df32730c918"
+  integrity sha1-p96YiiEfnPRoc3cTDqdN8ycwyRg=
+  dependencies:
+    oauth "0.9.x"
+    passport-strategy "1.x.x"
+    utils-merge "1.x.x"
+
+passport-oauth2@1.x.x:
+  version "1.5.0"
+  resolved "https://registry.yarnpkg.com/passport-oauth2/-/passport-oauth2-1.5.0.tgz#64babbb54ac46a4dcab35e7f266ed5294e3c4108"
+  integrity sha512-kqBt6vR/5VlCK8iCx1/KpY42kQ+NEHZwsSyt4Y6STiNjU+wWICG1i8ucc1FapXDGO15C5O5VZz7+7vRzrDPXXQ==
+  dependencies:
+    base64url "3.x.x"
+    oauth "0.9.x"
+    passport-strategy "1.x.x"
+    uid2 "0.0.x"
+    utils-merge "1.x.x"
+
+passport-strategy@1.x.x, passport-strategy@^1.0.0:
+  version "1.0.0"
+  resolved "https://registry.yarnpkg.com/passport-strategy/-/passport-strategy-1.0.0.tgz#b5539aa8fc225a3d1ad179476ddf236b440f52e4"
+  integrity sha1-tVOaqPwiWj0a0XlHbd8ja0QPUuQ=
+
+passport@^0.4.0:
+  version "0.4.1"
+  resolved "https://registry.yarnpkg.com/passport/-/passport-0.4.1.tgz#941446a21cb92fc688d97a0861c38ce9f738f270"
+  integrity sha512-IxXgZZs8d7uFSt3eqNjM9NQ3g3uQCW5avD8mRNoXV99Yig50vjuaez6dQK2qC0kVWPRTujxY0dWgGfT09adjYg==
+  dependencies:
+    passport-strategy "1.x.x"
+    pause "0.0.1"
+
 path-is-absolute@1.0.1, path-is-absolute@^1.0.0:
  version "1.0.1"
  resolved "https://registry.yarnpkg.com/path-is-absolute/-/path-is-absolute-1.0.1.tgz#174b9268735534ffbc7ace6bf53a5a9e1b5c5f5f"
@ -1752,6 +1919,11 @@ path-to-regexp@1.x:
  dependencies:
    isarray "0.0.1"

+pause@0.0.1:
+  version "0.0.1"
+  resolved "https://registry.yarnpkg.com/pause/-/pause-0.0.1.tgz#1d408b3fdb76923b9543d96fb4c9dfd535d9cb5d"
+  integrity sha1-HUCLP9t2kjuVQ9lvtMnf1TXZy10=
+
 picomatch@^2.0.4, picomatch@^2.2.1:
  version "2.2.2"
  resolved "https://registry.yarnpkg.com/picomatch/-/picomatch-2.2.2.tgz#21f333e9b6b8eaff02468f5146ea406d345f4dad"
@ -2051,7 +2223,7 @@ safe-buffer@5.1.2:
  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.1.2.tgz#991ec69d296e0313747d59bdfd2b745c35f8828d"
  integrity sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g==

-safe-buffer@~5.2.0:
+safe-buffer@^5.0.1, safe-buffer@~5.2.0:
  version "5.2.1"
  resolved "https://registry.yarnpkg.com/safe-buffer/-/safe-buffer-5.2.1.tgz#1eaf9fa9bdb1fdd4ec75f58f9cdb4e6b7827eec6"
  integrity sha512-rp3So07KcdmmKbGvgaNxQSJr7bGVSVk5S9Eq1F+ppbRo70+YeaDxkw5Dd8NPN+GD6bjnYm2VuPuCXmpuYvmCXQ==
@ -2078,7 +2250,7 @@ semver-diff@^3.1.1:
  dependencies:
    semver "^6.3.0"

-semver@^5.7.1:
+semver@^5.6.0, semver@^5.7.1:
  version "5.7.1"
  resolved "https://registry.yarnpkg.com/semver/-/semver-5.7.1.tgz#a954f931aeba508d307bbf069eff0c01c96116f7"
  integrity sha512-sauaDf/PZdVgrLTNYHRtpXa1iRiKcaebiKQ1BJdpQlWH2lCvexQdX55snPFyK7QzpudqbCI0qXFfOasHdyNDGQ==
@ -2319,6 +2491,11 @@ typedarray-to-buffer@^3.1.5:
  dependencies:
    is-typedarray "^1.0.0"

+uid2@0.0.x:
+  version "0.0.3"
+  resolved "https://registry.yarnpkg.com/uid2/-/uid2-0.0.3.tgz#483126e11774df2f71b8b639dcd799c376162b82"
+  integrity sha1-SDEm4Rd03y9xuLY53NeZw3YWK4I=
+
 undefsafe@^2.0.3:
  version "2.0.3"
  resolved "https://registry.yarnpkg.com/undefsafe/-/undefsafe-2.0.3.tgz#6b166e7094ad46313b2202da7ecc2cd7cc6e7aae"
@ -2396,6 +2573,11 @@ util-deprecate@^1.0.1:
  resolved "https://registry.yarnpkg.com/util-deprecate/-/util-deprecate-1.0.2.tgz#450d4dc9fa70de732762fbd2d4a28981419a0ccf"
  integrity sha1-RQ1Nyfpw3nMnYvvS1KKJgUGaDM8=

+utils-merge@1.x.x:
+  version "1.0.1"
+  resolved "https://registry.yarnpkg.com/utils-merge/-/utils-merge-1.0.1.tgz#9f95710f50a267947b2ccc124741c1028427e713"
+  integrity sha1-n5VxD1CiZ5R7LMwSR0HBAoQn5xM=
+
 uuid@3.3.2:
  version "3.3.2"
  resolved "https://registry.yarnpkg.com/uuid/-/uuid-3.3.2.tgz#1b4af4955eb3077c501c23872fc6513811587131"