{"version":3,"sources":["meteor://💻app/packages/google-oauth/google_server.js","meteor://💻app/packages/google-oauth/namespace.js"],"names":["Google","module","link","default","v","Accounts","hasOwn","Object","prototype","hasOwnProperty","whitelistedFields","getServiceDataFromTokens","tokens","accessToken","idToken","scopes","getScopes","identity","getIdentity","serviceData","scope","call","expiresAt","Date","now","parseInt","expiresIn","fields","create","forEach","name","assign","refreshToken","options","profile","registerLoginHandler","request","googleSignIn","serverAuthCode","getTokens","code","result","updateOrCreateUserFromExternalService","id","userId","email","picture","imageUrl","getServiceData","query","OAuth","registerService","config","ServiceConfiguration","configurations","findOne","service","ConfigError","response","HTTP","post","params","client_id","clientId","client_secret","openSecret","secret","redirect_uri","_redirectUri","grant_type","err","Error","message","data","error","access_token","refresh_token","expires_in","id_token","get","split","retrieveCredential","credentialToken","credentialSecret","exports"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAIA,MAAJ;AAAWC,MAAM,CAACC,IAAP,CAAY,gBAAZ,EAA6B;AAACC,SAAO,CAACC,CAAD,EAAG;AAACJ,UAAM,GAACI,CAAP;AAAS;;AAArB,CAA7B,EAAoD,CAApD;AAAuD,IAAIC,QAAJ;AAAaJ,MAAM,CAACC,IAAP,CAAY,sBAAZ,EAAmC;AAACG,UAAQ,CAACD,CAAD,EAAG;AAACC,YAAQ,GAACD,CAAT;AAAW;;AAAxB,CAAnC,EAA6D,CAA7D;AAG/E,MAAME,MAAM,GAAGC,MAAM,CAACC,SAAP,CAAiBC,cAAhC,C,CAEA;;AACAT,MAAM,CAACU,iBAAP,GAA2B,CAAC,IAAD,EAAO,OAAP,EAAgB,gBAAhB,EAAkC,MAAlC,EAA0C,YAA1C,EACR,aADQ,EACO,SADP,EACkB,QADlB,EAC4B,UAD5B,EACwC,QADxC,CAA3B;;AAGA,MAAMC,wBAAwB,GAAGC,MAAM,IAAI;AACzC,QAAM;AAAEC,eAAF;AAAeC;AAAf,MAA2BF,MAAjC;AACA,QAAMG,MAAM,GAAGC,SAAS,CAACH,WAAD,CAAxB;AACA,QAAMI,QAAQ,GAAGC,WAAW,CAACL,WAAD,CAA5B;AACA,QAAMM,WAAW,GAAG;AAClBN,eADkB;AAElBC,WAFkB;AAGlBM,SAAK,EAAEL;AAHW,GAApB;;AAMA,MAAIT,MAAM,CAACe,IAAP,CAAYT,MAAZ,EAAoB,WAApB,CAAJ,EAAsC;AACpCO,eAAW,CAACG,SAAZ,GACEC,IAAI,CAACC,GAAL,KAAa,OAAOC,QAAQ,CAACb,MAAM,CAACc,SAAR,EAAmB,EAAnB,CAD9B;AAED;;AAED,QAAMC,MAAM,GAAGpB,MAAM,CAACqB,MAAP,CAAc,IAAd,CAAf;AACA5B,QAAM,CAACU,iBAAP,CAAyBmB,OAAzB,CAAiC,UAAUC,IAAV,EAAgB;AAC/C,QAAIxB,MAAM,CAACe,IAAP,CAAYJ,QAAZ,EAAsBa,IAAtB,CAAJ,EAAiC;AAC/BH,YAAM,CAACG,IAAD,CAAN,GAAeb,QAAQ,CAACa,IAAD,CAAvB;AACD;AACF,GAJD;AAMAvB,QAAM,CAACwB,MAAP,CAAcZ,WAAd,EAA2BQ,MAA3B,EAtByC,CAwBzC;AACA;AACA;;AACA,MAAIf,MAAM,CAACoB,YAAX,EAAyB;AACvBb,eAAW,CAACa,YAAZ,GAA2BpB,MAAM,CAACoB,YAAlC;AACD;;AAED,SAAO;AACLb,eADK;AAELc,WAAO,EAAE;AACPC,aAAO,EAAE;AACPJ,YAAI,EAAEb,QAAQ,CAACa;AADR;AADF;AAFJ,GAAP;AAQD,CAvCD;;AAyCAzB,QAAQ,CAAC8B,oBAAT,CAA8BC,OAAO,IAAI;AACvC,MAAIA,OAAO,CAACC,YAAR,KAAyB,IAA7B,EAAmC;AACjC;AACD;;AAED,QAAMzB,MAAM,GAAG;AACbC,eAAW,EAAEuB,OAAO,CAACvB,WADR;AAEbmB,gBAAY,EAAEI,OAAO,CAACJ,YAFT;AAGblB,WAAO,EAAEsB,OAAO,CAACtB;AAHJ,GAAf;;AAMA,MAAIsB,OAAO,CAACE,cAAZ,EAA4B;AAC1B/B,UAAM,CAACwB,MAAP,CAAcnB,MAAd,EAAsB2B,SAAS,CAAC;AAC9BC,UAAI,EAAEJ,OAAO,CAACE;AADgB,KAAD,CAA/B;AAGD;;AAED,QAAMG,MAAM,GAAG9B,wBAAwB,CAACC,MAAD,CAAvC;AAEA,SAAOP,QAAQ,CAACqC,qCAAT,CAA+C,QAA/C;AACLC,MAAE,EAAEP,OAAO,CAACQ,MADP;AAEL9B,WAAO,EAAEsB,OAAO,CAACtB,OAFZ;AAGLD,eAAW,EAAEuB,OAAO,CAACvB,WAHhB;AAILgC,SAAK,EAAET,OAAO,CAACS,KAJV;AAKLC,WAAO,EAAEV,OAAO,CAACW;AALZ,KAMFN,MAAM,CAACtB,WANL,GAOJsB,MAAM,CAACR,OAPH,CAAP;AAQD,CA3BD;;AA6BA,MAAMe,cAAc,GAAGC,KAAK,IAAItC,wBAAwB,CAAC4B,SAAS,CAACU,KAAD,CAAV,CAAxD;;AAEAC,KAAK,CAACC,eAAN,CAAsB,QAAtB,EAAgC,CAAhC,EAAmC,IAAnC,EAAyCH,cAAzC,E,CAEA;AACA;AACA;AACA;;AACA,MAAMT,SAAS,GAAGU,KAAK,IAAI;AACzB,QAAMG,MAAM,GAAGC,oBAAoB,CAACC,cAArB,CAAoCC,OAApC,CAA4C;AAACC,WAAO,EAAE;AAAV,GAA5C,CAAf;AACA,MAAI,CAACJ,MAAL,EACE,MAAM,IAAIC,oBAAoB,CAACI,WAAzB,EAAN;AAEF,MAAIC,QAAJ;;AACA,MAAI;AACFA,YAAQ,GAAGC,IAAI,CAACC,IAAL,CACT,4CADS,EACqC;AAACC,YAAM,EAAE;AACrDrB,YAAI,EAAES,KAAK,CAACT,IADyC;AAErDsB,iBAAS,EAAEV,MAAM,CAACW,QAFmC;AAGrDC,qBAAa,EAAEd,KAAK,CAACe,UAAN,CAAiBb,MAAM,CAACc,MAAxB,CAHsC;AAIrDC,oBAAY,EAAEjB,KAAK,CAACkB,YAAN,CAAmB,QAAnB,EAA6BhB,MAA7B,CAJuC;AAKrDiB,kBAAU,EAAE;AALyC;AAAT,KADrC,CAAX;AAQD,GATD,CASE,OAAOC,GAAP,EAAY;AACZ,UAAM/D,MAAM,CAACwB,MAAP,CACJ,IAAIwC,KAAJ,CAAW,mDAAkDD,GAAG,CAACE,OAAQ,EAAzE,CADI,EAEJ;AAAEd,cAAQ,EAAEY,GAAG,CAACZ;AAAhB,KAFI,CAAN;AAID;;AAED,MAAIA,QAAQ,CAACe,IAAT,CAAcC,KAAlB,EAAyB;AAAE;AACzB,UAAM,IAAIH,KAAJ,CAAW,mDAAkDb,QAAQ,CAACe,IAAT,CAAcC,KAAM,EAAjF,CAAN;AACD,GAFD,MAEO;AACL,WAAO;AACL7D,iBAAW,EAAE6C,QAAQ,CAACe,IAAT,CAAcE,YADtB;AAEL3C,kBAAY,EAAE0B,QAAQ,CAACe,IAAT,CAAcG,aAFvB;AAGLlD,eAAS,EAAEgC,QAAQ,CAACe,IAAT,CAAcI,UAHpB;AAIL/D,aAAO,EAAE4C,QAAQ,CAACe,IAAT,CAAcK;AAJlB,KAAP;AAMD;AACF,CAhCD;;AAkCA,MAAM5D,WAAW,GAAGL,WAAW,IAAI;AACjC,MAAI;AACF,WAAO8C,IAAI,CAACoB,GAAL,CACL,+CADK,EAEL;AAAClB,YAAM,EAAE;AAACc,oBAAY,EAAE9D;AAAf;AAAT,KAFK,EAEkC4D,IAFzC;AAGD,GAJD,CAIE,OAAOH,GAAP,EAAY;AACZ,UAAM/D,MAAM,CAACwB,MAAP,CACJ,IAAIwC,KAAJ,CAAW,yCAAwCD,GAAG,CAACE,OAAQ,EAA/D,CADI,EAEJ;AAAEd,cAAQ,EAAEY,GAAG,CAACZ;AAAhB,KAFI,CAAN;AAID;AACF,CAXD;;AAaA,MAAM1C,SAAS,GAAGH,WAAW,IAAI;AAC/B,MAAI;AACF,WAAO8C,IAAI,CAACoB,GAAL,CACL,gDADK,EAEL;AAAClB,YAAM,EAAE;AAACc,oBAAY,EAAE9D;AAAf;AAAT,KAFK,EAEkC4D,IAFlC,CAEuCrD,KAFvC,CAE6C4D,KAF7C,CAEmD,GAFnD,CAAP;AAGD,GAJD,CAIE,OAAOV,GAAP,EAAY;AACZ,UAAM/D,MAAM,CAACwB,MAAP,CACJ,IAAIwC,KAAJ,CAAW,0CAAyCD,GAAG,CAACE,OAAQ,EAAhE,CADI,EAEJ;AAAEd,cAAQ,EAAEY,GAAG,CAACZ;AAAhB,KAFI,CAAN;AAID;AACF,CAXD;;AAaA1D,MAAM,CAACiF,kBAAP,GAA4B,CAACC,eAAD,EAAkBC,gBAAlB,KAC1BjC,KAAK,CAAC+B,kBAAN,CAAyBC,eAAzB,EAA0CC,gBAA1C,CADF,C;;;;;;;;;;;ACnJA;AACA;AACAnF,MAAM,GAAGC,MAAM,CAACmF,OAAhB,C,CAEA;;AACApF,MAAM,CAACA,MAAP,GAAgBA,MAAhB,C","file":"/packages/google-oauth.js","sourcesContent":["import Google from './namespace.js';\nimport { Accounts } from 'meteor/accounts-base';\n\nconst hasOwn = Object.prototype.hasOwnProperty;\n\n// https://developers.google.com/accounts/docs/OAuth2Login#userinfocall\nGoogle.whitelistedFields = ['id', 'email', 'verified_email', 'name', 'given_name',\n                   'family_name', 'picture', 'locale', 'timezone', 'gender'];\n\nconst getServiceDataFromTokens = tokens => {\n  const { accessToken, idToken } = tokens;\n  const scopes = getScopes(accessToken);\n  const identity = getIdentity(accessToken);\n  const serviceData = {\n    accessToken,\n    idToken,\n    scope: scopes\n  };\n\n  if (hasOwn.call(tokens, \"expiresIn\")) {\n    serviceData.expiresAt =\n      Date.now() + 1000 * parseInt(tokens.expiresIn, 10);\n  }\n\n  const fields = Object.create(null);\n  Google.whitelistedFields.forEach(function (name) {\n    if (hasOwn.call(identity, name)) {\n      fields[name] = identity[name];\n    }\n  });\n\n  Object.assign(serviceData, fields);\n\n  // only set the token in serviceData if it's there. this ensures\n  // that we don't lose old ones (since we only get this on the first\n  // log in attempt)\n  if (tokens.refreshToken) {\n    serviceData.refreshToken = tokens.refreshToken;\n  }\n\n  return {\n    serviceData,\n    options: {\n      profile: {\n        name: identity.name\n      }\n    }\n  };\n}\n\nAccounts.registerLoginHandler(request => {\n  if (request.googleSignIn !== true) {\n    return;\n  }\n\n  const tokens = {\n    accessToken: request.accessToken,\n    refreshToken: request.refreshToken,\n    idToken: request.idToken,\n  };\n\n  if (request.serverAuthCode) {\n    Object.assign(tokens, getTokens({\n      code: request.serverAuthCode\n    }));\n  }\n\n  const result = getServiceDataFromTokens(tokens);\n\n  return Accounts.updateOrCreateUserFromExternalService(\"google\", {\n    id: request.userId,\n    idToken: request.idToken,\n    accessToken: request.accessToken,\n    email: request.email,\n    picture: request.imageUrl,\n    ...result.serviceData,\n  }, result.options);\n});\n\nconst getServiceData = query => getServiceDataFromTokens(getTokens(query));\n\nOAuth.registerService('google', 2, null, getServiceData);\n\n// returns an object containing:\n// - accessToken\n// - expiresIn: lifetime of token in seconds\n// - refreshToken, if this is the first authorization request\nconst getTokens = query => {\n  const config = ServiceConfiguration.configurations.findOne({service: 'google'});\n  if (!config)\n    throw new ServiceConfiguration.ConfigError();\n\n  let response;\n  try {\n    response = HTTP.post(\n      \"https://accounts.google.com/o/oauth2/token\", {params: {\n        code: query.code,\n        client_id: config.clientId,\n        client_secret: OAuth.openSecret(config.secret),\n        redirect_uri: OAuth._redirectUri('google', config),\n        grant_type: 'authorization_code'\n      }});\n  } catch (err) {\n    throw Object.assign(\n      new Error(`Failed to complete OAuth handshake with Google. ${err.message}`),\n      { response: err.response }\n    );\n  }\n\n  if (response.data.error) { // if the http response was a json object with an error attribute\n    throw new Error(`Failed to complete OAuth handshake with Google. ${response.data.error}`);\n  } else {\n    return {\n      accessToken: response.data.access_token,\n      refreshToken: response.data.refresh_token,\n      expiresIn: response.data.expires_in,\n      idToken: response.data.id_token\n    };\n  }\n};\n\nconst getIdentity = accessToken => {\n  try {\n    return HTTP.get(\n      \"https://www.googleapis.com/oauth2/v1/userinfo\",\n      {params: {access_token: accessToken}}).data;\n  } catch (err) {\n    throw Object.assign(\n      new Error(`Failed to fetch identity from Google. ${err.message}`),\n      { response: err.response }\n    );\n  }\n};\n\nconst getScopes = accessToken => {\n  try {\n    return HTTP.get(\n      \"https://www.googleapis.com/oauth2/v1/tokeninfo\",\n      {params: {access_token: accessToken}}).data.scope.split(' ');\n  } catch (err) {\n    throw Object.assign(\n      new Error(`Failed to fetch tokeninfo from Google. ${err.message}`),\n      { response: err.response }\n    );\n  }\n};\n\nGoogle.retrieveCredential = (credentialToken, credentialSecret) =>\n  OAuth.retrieveCredential(credentialToken, credentialSecret);\n","// The module.exports object of this module becomes the Google namespace\n// for other modules in this package.\nGoogle = module.exports;\n\n// So that api.export finds the \"Google\" property.\nGoogle.Google = Google;\n"]}