{"version":3,"sources":["meteor://💻app/packages/facebook-oauth/facebook_server.js"],"names":["crypto","module","link","default","v","Facebook","handleAuthFromAccessToken","accessToken","expiresAt","whitelisted","identity","getIdentity","fields","forEach","field","serviceData","options","profile","name","OAuth","registerService","query","response","getTokenResponse","expiresIn","Date","isJSON","str","JSON","parse","e","config","ServiceConfiguration","configurations","findOne","service","ConfigError","responseContent","HTTP","get","params","client_id","appId","redirect_uri","_redirectUri","client_secret","openSecret","secret","code","data","err","Object","assign","Error","message","fbAccessToken","access_token","fbExpires","expires_in","hmac","createHmac","update","appsecret_proof","digest","join","retrieveCredential","credentialToken","credentialSecret"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAIA,MAAJ;AAAWC,MAAM,CAACC,IAAP,CAAY,QAAZ,EAAqB;AAACC,SAAO,CAACC,CAAD,EAAG;AAACJ,UAAM,GAACI,CAAP;AAAS;;AAArB,CAArB,EAA4C,CAA5C;AAAXC,QAAQ,GAAG,EAAX;;AAGAA,QAAQ,CAACC,yBAAT,GAAqC,CAACC,WAAD,EAAcC,SAAd,KAA4B;AAC/D;AACA;AACA,QAAMC,WAAW,GAAG,CAAC,IAAD,EAAO,OAAP,EAAgB,MAAhB,EAAwB,YAAxB,EAAsC,WAAtC,EAClB,aADkB,EACH,aADG,EACY,SADZ,EACuB,YADvB,CAApB;AAGA,QAAMC,QAAQ,GAAGC,WAAW,CAACJ,WAAD,EAAcE,WAAd,CAA5B;AAEA,QAAMG,MAAM,GAAG,EAAf;AACAH,aAAW,CAACI,OAAZ,CAAoBC,KAAK,IAAIF,MAAM,CAACE,KAAD,CAAN,GAAgBJ,QAAQ,CAACI,KAAD,CAArD;AACA,QAAMC,WAAW;AACfR,eADe;AAEfC;AAFe,KAGZI,MAHY,CAAjB;AAMA,SAAO;AACLG,eADK;AAELC,WAAO,EAAE;AAACC,aAAO,EAAE;AAACC,YAAI,EAAER,QAAQ,CAACQ;AAAhB;AAAV;AAFJ,GAAP;AAID,CApBD;;AAsBAC,KAAK,CAACC,eAAN,CAAsB,UAAtB,EAAkC,CAAlC,EAAqC,IAArC,EAA2CC,KAAK,IAAI;AAClD,QAAMC,QAAQ,GAAGC,gBAAgB,CAACF,KAAD,CAAjC;AACA,QAAM;AAAEd;AAAF,MAAkBe,QAAxB;AACA,QAAM;AAAEE;AAAF,MAAgBF,QAAtB;AAEA,SAAOjB,QAAQ,CAACC,yBAAT,CAAmCC,WAAnC,EAAiD,CAAC,IAAIkB,IAAJ,EAAF,GAAe,OAAOD,SAAtE,CAAP;AACD,CAND,E,CAQA;;AACA,MAAME,MAAM,GAAGC,GAAG,IAAI;AACpB,MAAI;AACFC,QAAI,CAACC,KAAL,CAAWF,GAAX;AACA,WAAO,IAAP;AACD,GAHD,CAGE,OAAOG,CAAP,EAAU;AACV,WAAO,KAAP;AACD;AACF,CAPD,C,CASA;AACA;AACA;;;AACA,MAAMP,gBAAgB,GAAGF,KAAK,IAAI;AAChC,QAAMU,MAAM,GAAGC,oBAAoB,CAACC,cAArB,CAAoCC,OAApC,CAA4C;AAACC,WAAO,EAAE;AAAV,GAA5C,CAAf;AACA,MAAI,CAACJ,MAAL,EACE,MAAM,IAAIC,oBAAoB,CAACI,WAAzB,EAAN;AAEF,MAAIC,eAAJ;;AACA,MAAI;AACF;AACAA,mBAAe,GAAGC,IAAI,CAACC,GAAL,CAChB,oDADgB,EACsC;AACpDC,YAAM,EAAE;AACNC,iBAAS,EAAEV,MAAM,CAACW,KADZ;AAENC,oBAAY,EAAExB,KAAK,CAACyB,YAAN,CAAmB,UAAnB,EAA+Bb,MAA/B,CAFR;AAGNc,qBAAa,EAAE1B,KAAK,CAAC2B,UAAN,CAAiBf,MAAM,CAACgB,MAAxB,CAHT;AAINC,YAAI,EAAE3B,KAAK,CAAC2B;AAJN;AAD4C,KADtC,EAQbC,IARL;AASD,GAXD,CAWE,OAAOC,GAAP,EAAY;AACZ,UAAMC,MAAM,CAACC,MAAP,CACJ,IAAIC,KAAJ,CAAW,qDAAoDH,GAAG,CAACI,OAAQ,EAA3E,CADI,EAEJ;AAAEhC,cAAQ,EAAE4B,GAAG,CAAC5B;AAAhB,KAFI,CAAN;AAID;;AAED,QAAMiC,aAAa,GAAGlB,eAAe,CAACmB,YAAtC;AACA,QAAMC,SAAS,GAAGpB,eAAe,CAACqB,UAAlC;;AAEA,MAAI,CAACH,aAAL,EAAoB;AAClB,UAAM,IAAIF,KAAJ,CAAU,sDACC,gDAA+ChB,eAAgB,EAD1E,CAAN;AAED;;AACD,SAAO;AACL9B,eAAW,EAAEgD,aADR;AAEL/B,aAAS,EAAEiC;AAFN,GAAP;AAID,CAnCD;;AAqCA,MAAM9C,WAAW,GAAG,CAACJ,WAAD,EAAcK,MAAd,KAAyB;AAC3C,QAAMmB,MAAM,GAAGC,oBAAoB,CAACC,cAArB,CAAoCC,OAApC,CAA4C;AAACC,WAAO,EAAE;AAAV,GAA5C,CAAf;AACA,MAAI,CAACJ,MAAL,EACE,MAAM,IAAIC,oBAAoB,CAACI,WAAzB,EAAN,CAHyC,CAK3C;AACA;;AACA,QAAMuB,IAAI,GAAG3D,MAAM,CAAC4D,UAAP,CAAkB,QAAlB,EAA4BzC,KAAK,CAAC2B,UAAN,CAAiBf,MAAM,CAACgB,MAAxB,CAA5B,CAAb;AACAY,MAAI,CAACE,MAAL,CAAYtD,WAAZ;;AAEA,MAAI;AACF,WAAO+B,IAAI,CAACC,GAAL,CAAS,oCAAT,EAA+C;AACpDC,YAAM,EAAE;AACNgB,oBAAY,EAAEjD,WADR;AAENuD,uBAAe,EAAEH,IAAI,CAACI,MAAL,CAAY,KAAZ,CAFX;AAGNnD,cAAM,EAAEA,MAAM,CAACoD,IAAP,CAAY,GAAZ;AAHF;AAD4C,KAA/C,EAMJf,IANH;AAOD,GARD,CAQE,OAAOC,GAAP,EAAY;AACZ,UAAMC,MAAM,CAACC,MAAP,CACJ,IAAIC,KAAJ,CAAW,2CAA0CH,GAAG,CAACI,OAAQ,EAAjE,CADI,EAEJ;AAAEhC,cAAQ,EAAE4B,GAAG,CAAC5B;AAAhB,KAFI,CAAN;AAID;AACF,CAxBD;;AA0BAjB,QAAQ,CAAC4D,kBAAT,GAA8B,CAACC,eAAD,EAAkBC,gBAAlB,KAC5BhD,KAAK,CAAC8C,kBAAN,CAAyBC,eAAzB,EAA0CC,gBAA1C,CADF,C","file":"/packages/facebook-oauth.js","sourcesContent":["Facebook = {};\nimport crypto from 'crypto';\n\nFacebook.handleAuthFromAccessToken = (accessToken, expiresAt) => {\n  // include basic fields from facebook\n  // https://developers.facebook.com/docs/facebook-login/permissions/\n  const whitelisted = ['id', 'email', 'name', 'first_name', 'last_name',\n    'middle_name', 'name_format', 'picture', 'short_name'];\n\n  const identity = getIdentity(accessToken, whitelisted);\n\n  const fields = {};\n  whitelisted.forEach(field => fields[field] = identity[field]);\n  const serviceData = {\n    accessToken,\n    expiresAt,\n    ...fields,\n  };\n  \n  return {\n    serviceData,\n    options: {profile: {name: identity.name}}\n  };\n};\n\nOAuth.registerService('facebook', 2, null, query => {\n  const response = getTokenResponse(query);\n  const { accessToken } = response;\n  const { expiresIn } = response;\n\n  return Facebook.handleAuthFromAccessToken(accessToken, (+new Date) + (1000 * expiresIn));\n});\n\n// checks whether a string parses as JSON\nconst isJSON = str => {\n  try {\n    JSON.parse(str);\n    return true;\n  } catch (e) {\n    return false;\n  }\n};\n\n// returns an object containing:\n// - accessToken\n// - expiresIn: lifetime of token in seconds\nconst getTokenResponse = query => {\n  const config = ServiceConfiguration.configurations.findOne({service: 'facebook'});\n  if (!config)\n    throw new ServiceConfiguration.ConfigError();\n\n  let responseContent;\n  try {\n    // Request an access token\n    responseContent = HTTP.get(\n      \"https://graph.facebook.com/v3.0/oauth/access_token\", {\n        params: {\n          client_id: config.appId,\n          redirect_uri: OAuth._redirectUri('facebook', config),\n          client_secret: OAuth.openSecret(config.secret),\n          code: query.code\n        }\n      }).data;\n  } catch (err) {\n    throw Object.assign(\n      new Error(`Failed to complete OAuth handshake with Facebook. ${err.message}`),\n      { response: err.response },\n    );\n  }\n\n  const fbAccessToken = responseContent.access_token;\n  const fbExpires = responseContent.expires_in;\n\n  if (!fbAccessToken) {\n    throw new Error(\"Failed to complete OAuth handshake with facebook \" +\n                    `-- can't find access token in HTTP response. ${responseContent}`);\n  }\n  return {\n    accessToken: fbAccessToken,\n    expiresIn: fbExpires\n  };\n};\n\nconst getIdentity = (accessToken, fields) => {\n  const config = ServiceConfiguration.configurations.findOne({service: 'facebook'});\n  if (!config)\n    throw new ServiceConfiguration.ConfigError();\n\n  // Generate app secret proof that is a sha256 hash of the app access token, with the app secret as the key\n  // https://developers.facebook.com/docs/graph-api/securing-requests#appsecret_proof\n  const hmac = crypto.createHmac('sha256', OAuth.openSecret(config.secret));\n  hmac.update(accessToken);\n\n  try {\n    return HTTP.get(\"https://graph.facebook.com/v3.0/me\", {\n      params: {\n        access_token: accessToken,\n        appsecret_proof: hmac.digest('hex'),\n        fields: fields.join(\",\")\n      }\n    }).data;\n  } catch (err) {\n    throw Object.assign(\n      new Error(`Failed to fetch identity from Facebook. ${err.message}`),\n      { response: err.response },\n    );\n  }\n};\n\nFacebook.retrieveCredential = (credentialToken, credentialSecret) =>\n  OAuth.retrieveCredential(credentialToken, credentialSecret);\n\n"]}