{"version":3,"sources":["meteor://💻app/packages/facebook-oauth/facebook_server.js"],"names":["_objectSpread","module","link","default","v","crypto","Accounts","Facebook","API_VERSION","Meteor","settings","public","packages","apiVersion","handleAuthFromAccessToken","accessToken","expiresAt","whitelisted","identity","getIdentity","fields","forEach","field","serviceData","options","profile","name","registerLoginHandler","request","facebookSignIn","facebookData","Date","expirationTime","updateOrCreateUserFromExternalService","OAuth","registerService","query","response","getTokenResponse","expiresIn","getAbsoluteUrlOptions","overrideRootUrlFromStateRedirectUrl","undefined","state","_stateFromQuery","redirectUrl","URL","rootUrl","origin","e","console","error","config","ServiceConfiguration","configurations","findOne","service","ConfigError","responseContent","absoluteUrlOptions","redirectUri","_redirectUri","HTTP","get","params","client_id","appId","redirect_uri","client_secret","openSecret","secret","code","data","err","Object","assign","Error","message","fbAccessToken","access_token","fbExpires","expires_in","hmac","createHmac","update","appsecret_proof","digest","join","retrieveCredential","credentialToken","credentialSecret"],"mappings":";;;;;;;;;;;;;;;;;;;;;;;;;;;AAAA,IAAIA,aAAJ;;AAAkBC,MAAM,CAACC,IAAP,CAAY,sCAAZ,EAAmD;AAACC,SAAO,CAACC,CAAD,EAAG;AAACJ,iBAAa,GAACI,CAAd;AAAgB;;AAA5B,CAAnD,EAAiF,CAAjF;AAAlB,IAAIC,MAAJ;AAAWJ,MAAM,CAACC,IAAP,CAAY,QAAZ,EAAqB;AAACC,SAAO,CAACC,CAAD,EAAG;AAACC,UAAM,GAACD,CAAP;AAAS;;AAArB,CAArB,EAA4C,CAA5C;AAA+C,IAAIE,QAAJ;AAAaL,MAAM,CAACC,IAAP,CAAY,sBAAZ,EAAmC;AAACI,UAAQ,CAACF,CAAD,EAAG;AAACE,YAAQ,GAACF,CAAT;AAAW;;AAAxB,CAAnC,EAA6D,CAA7D;AAAvEG,QAAQ,GAAG,EAAX;AAIA,MAAMC,WAAW,GAAG,qBAAAC,MAAM,CAACC,QAAP,+FAAiBC,MAAjB,0GAAyBC,QAAzB,4GAAoC,gBAApC,mFAAuDC,UAAvD,KAAqE,MAAzF;;AAEAN,QAAQ,CAACO,yBAAT,GAAqC,CAACC,WAAD,EAAcC,SAAd,KAA4B;AAC/D;AACA;AACA,QAAMC,WAAW,GAAG,CAAC,IAAD,EAAO,OAAP,EAAgB,MAAhB,EAAwB,YAAxB,EAAsC,WAAtC,EAClB,aADkB,EACH,aADG,EACY,SADZ,EACuB,YADvB,CAApB;AAGA,QAAMC,QAAQ,GAAGC,WAAW,CAACJ,WAAD,EAAcE,WAAd,CAA5B;AAEA,QAAMG,MAAM,GAAG,EAAf;AACAH,aAAW,CAACI,OAAZ,CAAoBC,KAAK,IAAIF,MAAM,CAACE,KAAD,CAAN,GAAgBJ,QAAQ,CAACI,KAAD,CAArD;;AACA,QAAMC,WAAW;AACfR,eADe;AAEfC;AAFe,KAGZI,MAHY,CAAjB;;AAMA,SAAO;AACLG,eADK;AAELC,WAAO,EAAE;AAACC,aAAO,EAAE;AAACC,YAAI,EAAER,QAAQ,CAACQ;AAAhB;AAAV;AAFJ,GAAP;AAID,CApBD;;AAsBApB,QAAQ,CAACqB,oBAAT,CAA8BC,OAAO,IAAI;AACvC,MAAIA,OAAO,CAACC,cAAR,KAA2B,IAA/B,EAAqC;AACnC;AACD;;AACD,QAAMC,YAAY,GAAGvB,QAAQ,CAACO,yBAAT,CAAmCc,OAAO,CAACb,WAA3C,EAAyD,CAAC,IAAIgB,IAAJ,EAAF,GAAe,OAAOH,OAAO,CAACI,cAAtF,CAArB;AACA,SAAO1B,QAAQ,CAAC2B,qCAAT,CAA+C,UAA/C,EAA2DH,YAAY,CAACP,WAAxE,EAAqFO,YAAY,CAACN,OAAlG,CAAP;AACD,CAND;AAQAU,KAAK,CAACC,eAAN,CAAsB,UAAtB,EAAkC,CAAlC,EAAqC,IAArC,EAA2CC,KAAK,IAAI;AAClD,QAAMC,QAAQ,GAAGC,gBAAgB,CAACF,KAAD,CAAjC;AACA,QAAM;AAAErB;AAAF,MAAkBsB,QAAxB;AACA,QAAM;AAAEE;AAAF,MAAgBF,QAAtB;AAEA,SAAO9B,QAAQ,CAACO,yBAAT,CAAmCC,WAAnC,EAAiD,CAAC,IAAIgB,IAAJ,EAAF,GAAe,OAAOQ,SAAtE,CAAP;AACD,CAND;;AAQA,SAASC,qBAAT,CAA+BJ,KAA/B,EAAsC;AAAA;;AACpC,QAAMK,mCAAmC,wBAAGhC,MAAM,CAACC,QAAV,+EAAG,kBAAiBE,QAApB,oFAAG,sBAA4B,gBAA5B,CAAH,2DAAG,uBAA+C6B,mCAA3F;;AACA,MAAI,CAACA,mCAAL,EAA0C;AACxC,WAAOC,SAAP;AACD;;AACD,MAAI;AACF,UAAMC,KAAK,GAAGT,KAAK,CAACU,eAAN,CAAsBR,KAAtB,KAAgC,EAA9C;AACA,UAAMS,WAAW,GAAG,IAAIC,GAAJ,CAAQH,KAAK,CAACE,WAAd,CAApB;AACA,WAAO;AACLE,aAAO,EAAEF,WAAW,CAACG;AADhB,KAAP;AAGD,GAND,CAME,OAAOC,CAAP,EAAU;AACVC,WAAO,CAACC,KAAR,8KAC+KF,CAD/K;AAGA,WAAOP,SAAP;AACD;AACF,C,CAED;AACA;AACA;;;AACA,MAAMJ,gBAAgB,GAAGF,KAAK,IAAI;AAChC,QAAMgB,MAAM,GAAGC,oBAAoB,CAACC,cAArB,CAAoCC,OAApC,CAA4C;AAACC,WAAO,EAAE;AAAV,GAA5C,CAAf;AACA,MAAI,CAACJ,MAAL,EACE,MAAM,IAAIC,oBAAoB,CAACI,WAAzB,EAAN;AAEF,MAAIC,eAAJ;;AACA,MAAI;AAEF,UAAMC,kBAAkB,GAAGnB,qBAAqB,CAACJ,KAAD,CAAhD;;AACA,UAAMwB,WAAW,GAAG1B,KAAK,CAAC2B,YAAN,CAAmB,UAAnB,EAA+BT,MAA/B,EAAuCV,SAAvC,EAAkDiB,kBAAlD,CAApB,CAHE,CAIF;;;AACAD,mBAAe,GAAGI,IAAI,CAACC,GAAL,uCACevD,WADf,0BACiD;AAC/DwD,YAAM,EAAE;AACNC,iBAAS,EAAEb,MAAM,CAACc,KADZ;AAENC,oBAAY,EAAEP,WAFR;AAGNQ,qBAAa,EAAElC,KAAK,CAACmC,UAAN,CAAiBjB,MAAM,CAACkB,MAAxB,CAHT;AAINC,YAAI,EAAEnC,KAAK,CAACmC;AAJN;AADuD,KADjD,EAQbC,IARL;AASD,GAdD,CAcE,OAAOC,GAAP,EAAY;AACZ,UAAMC,MAAM,CAACC,MAAP,CACJ,IAAIC,KAAJ,6DAA+DH,GAAG,CAACI,OAAnE,EADI,EAEJ;AAAExC,cAAQ,EAAEoC,GAAG,CAACpC;AAAhB,KAFI,CAAN;AAID;;AAED,QAAMyC,aAAa,GAAGpB,eAAe,CAACqB,YAAtC;AACA,QAAMC,SAAS,GAAGtB,eAAe,CAACuB,UAAlC;;AAEA,MAAI,CAACH,aAAL,EAAoB;AAClB,UAAM,IAAIF,KAAJ,CAAU,6GACgDlB,eADhD,CAAV,CAAN;AAED;;AACD,SAAO;AACL3C,eAAW,EAAE+D,aADR;AAELvC,aAAS,EAAEyC;AAFN,GAAP;AAID,CAtCD;;AAwCA,MAAM7D,WAAW,GAAG,CAACJ,WAAD,EAAcK,MAAd,KAAyB;AAC3C,QAAMgC,MAAM,GAAGC,oBAAoB,CAACC,cAArB,CAAoCC,OAApC,CAA4C;AAACC,WAAO,EAAE;AAAV,GAA5C,CAAf;AACA,MAAI,CAACJ,MAAL,EACE,MAAM,IAAIC,oBAAoB,CAACI,WAAzB,EAAN,CAHyC,CAK3C;AACA;;AACA,QAAMyB,IAAI,GAAG7E,MAAM,CAAC8E,UAAP,CAAkB,QAAlB,EAA4BjD,KAAK,CAACmC,UAAN,CAAiBjB,MAAM,CAACkB,MAAxB,CAA5B,CAAb;AACAY,MAAI,CAACE,MAAL,CAAYrE,WAAZ;;AAEA,MAAI;AACF,WAAO+C,IAAI,CAACC,GAAL,uCAAwCvD,WAAxC,UAA0D;AAC/DwD,YAAM,EAAE;AACNe,oBAAY,EAAEhE,WADR;AAENsE,uBAAe,EAAEH,IAAI,CAACI,MAAL,CAAY,KAAZ,CAFX;AAGNlE,cAAM,EAAEA,MAAM,CAACmE,IAAP,CAAY,GAAZ;AAHF;AADuD,KAA1D,EAMJf,IANH;AAOD,GARD,CAQE,OAAOC,GAAP,EAAY;AACZ,UAAMC,MAAM,CAACC,MAAP,CACJ,IAAIC,KAAJ,mDAAqDH,GAAG,CAACI,OAAzD,EADI,EAEJ;AAAExC,cAAQ,EAAEoC,GAAG,CAACpC;AAAhB,KAFI,CAAN;AAID;AACF,CAxBD;;AA0BA9B,QAAQ,CAACiF,kBAAT,GAA8B,CAACC,eAAD,EAAkBC,gBAAlB,KAC5BxD,KAAK,CAACsD,kBAAN,CAAyBC,eAAzB,EAA0CC,gBAA1C,CADF,C","file":"/packages/facebook-oauth.js","sourcesContent":["Facebook = {};\nimport crypto from 'crypto';\nimport { Accounts } from 'meteor/accounts-base';\n\nconst API_VERSION = Meteor.settings?.public?.packages?.['facebook-oauth']?.apiVersion || '13.0';\n\nFacebook.handleAuthFromAccessToken = (accessToken, expiresAt) => {\n  // include basic fields from facebook\n  // https://developers.facebook.com/docs/facebook-login/permissions/\n  const whitelisted = ['id', 'email', 'name', 'first_name', 'last_name',\n    'middle_name', 'name_format', 'picture', 'short_name'];\n\n  const identity = getIdentity(accessToken, whitelisted);\n\n  const fields = {};\n  whitelisted.forEach(field => fields[field] = identity[field]);\n  const serviceData = {\n    accessToken,\n    expiresAt,\n    ...fields,\n  };\n\n  return {\n    serviceData,\n    options: {profile: {name: identity.name}}\n  };\n};\n\nAccounts.registerLoginHandler(request => {\n  if (request.facebookSignIn !== true) {\n    return;\n  }\n  const facebookData = Facebook.handleAuthFromAccessToken(request.accessToken, (+new Date) + (1000 * request.expirationTime));\n  return Accounts.updateOrCreateUserFromExternalService('facebook', facebookData.serviceData, facebookData.options);\n});\n\nOAuth.registerService('facebook', 2, null, query => {\n  const response = getTokenResponse(query);\n  const { accessToken } = response;\n  const { expiresIn } = response;\n\n  return Facebook.handleAuthFromAccessToken(accessToken, (+new Date) + (1000 * expiresIn));\n});\n\nfunction getAbsoluteUrlOptions(query) {\n  const overrideRootUrlFromStateRedirectUrl = Meteor.settings?.packages?.['facebook-oauth']?.overrideRootUrlFromStateRedirectUrl;\n  if (!overrideRootUrlFromStateRedirectUrl) {\n    return undefined;\n  }\n  try {\n    const state = OAuth._stateFromQuery(query) || {};\n    const redirectUrl = new URL(state.redirectUrl);\n    return {\n      rootUrl: redirectUrl.origin,\n    }\n  } catch (e) {\n    console.error(\n      `Failed to complete OAuth handshake with Facebook because it was not able to obtain the redirect url from the state and you are using overrideRootUrlFromStateRedirectUrl.`, e\n    );\n    return undefined;\n  }\n}\n\n// returns an object containing:\n// - accessToken\n// - expiresIn: lifetime of token in seconds\nconst getTokenResponse = query => {\n  const config = ServiceConfiguration.configurations.findOne({service: 'facebook'});\n  if (!config)\n    throw new ServiceConfiguration.ConfigError();\n\n  let responseContent;\n  try {\n\n    const absoluteUrlOptions = getAbsoluteUrlOptions(query);\n    const redirectUri = OAuth._redirectUri('facebook', config, undefined, absoluteUrlOptions);\n    // Request an access token\n    responseContent = HTTP.get(\n      `https://graph.facebook.com/v${API_VERSION}/oauth/access_token`, {\n        params: {\n          client_id: config.appId,\n          redirect_uri: redirectUri,\n          client_secret: OAuth.openSecret(config.secret),\n          code: query.code\n        }\n      }).data;\n  } catch (err) {\n    throw Object.assign(\n      new Error(`Failed to complete OAuth handshake with Facebook. ${err.message}`),\n      { response: err.response },\n    );\n  }\n\n  const fbAccessToken = responseContent.access_token;\n  const fbExpires = responseContent.expires_in;\n\n  if (!fbAccessToken) {\n    throw new Error(\"Failed to complete OAuth handshake with facebook \" +\n                    `-- can't find access token in HTTP response. ${responseContent}`);\n  }\n  return {\n    accessToken: fbAccessToken,\n    expiresIn: fbExpires\n  };\n};\n\nconst getIdentity = (accessToken, fields) => {\n  const config = ServiceConfiguration.configurations.findOne({service: 'facebook'});\n  if (!config)\n    throw new ServiceConfiguration.ConfigError();\n\n  // Generate app secret proof that is a sha256 hash of the app access token, with the app secret as the key\n  // https://developers.facebook.com/docs/graph-api/securing-requests#appsecret_proof\n  const hmac = crypto.createHmac('sha256', OAuth.openSecret(config.secret));\n  hmac.update(accessToken);\n\n  try {\n    return HTTP.get(`https://graph.facebook.com/v${API_VERSION}/me`, {\n      params: {\n        access_token: accessToken,\n        appsecret_proof: hmac.digest('hex'),\n        fields: fields.join(\",\")\n      }\n    }).data;\n  } catch (err) {\n    throw Object.assign(\n      new Error(`Failed to fetch identity from Facebook. ${err.message}`),\n      { response: err.response },\n    );\n  }\n};\n\nFacebook.retrieveCredential = (credentialToken, credentialSecret) =>\n  OAuth.retrieveCredential(credentialToken, credentialSecret);\n\n"]}