Feature/add steam passport

packages/medusa-plugin-auth/package.json

@@ -55,6 +55,7 @@
     "@types/express": "^4.17.17",
     "@types/jest": "^29.1.2",
     "@types/passport-oauth2": "^1.4.15",
+    "@types/passport-steam": "^1.0.4",
     "jest": "^29.1.2",
     "passport": "^0.6.0",
     "ts-jest": "^29.0.3",
@@ -74,7 +75,8 @@
     "passport-firebase-jwt": "^1.2.1",
     "passport-google-oauth2": "^0.2.0",
     "passport-linkedin-oauth2": "^2.0.0",
-    "passport-oauth2": "^1.7.0"
+    "passport-oauth2": "^1.7.0",
+    "passport-steam": "^1.0.18"
   },
   "jest": {
     "preset": "ts-jest",

packages/medusa-plugin-auth/src/api/index.ts

@@ -8,6 +8,7 @@ import LinkedinStrategy from '../auth-strategies/linkedin';
 import FirebaseStrategy from '../auth-strategies/firebase';
 import Auth0Strategy from '../auth-strategies/auth0';
 import AzureStrategy from '../auth-strategies/azure-oidc';
+import SteamStrategy from '../auth-strategies/steam';
 
 import { AuthOptions } from '../types';
 
@@ -26,6 +27,7 @@ function loadRouters(configModule: ConfigModule, options: AuthOptions): Router[]
 	routers.push(...FirebaseStrategy.getRouter(configModule, options));
 	routers.push(...Auth0Strategy.getRouter(configModule, options));
 	routers.push(...AzureStrategy.getRouter(configModule, options));
+	routers.push(...SteamStrategy.getRouter(configModule, options));
 
 	return routers;
 }

packages/medusa-plugin-auth/src/auth-strategies/steam/__tests__/admin/verify-callback.spec.ts

@@ -0,0 +1,191 @@
+import { ConfigModule, MedusaContainer } from '@medusajs/medusa/dist/types/global';
+import { SteamAdminStrategy } from '../../admin';
+import { AUTH_PROVIDER_KEY } from '../../../../types';
+import { STEAM_ADMIN_STRATEGY_NAME, SteamAuthOptions } from '../../types';
+
+describe('Steam admin strategy verify callback', function() {
+	const existsEmail = '[email protected]';
+	const existsEmailWithProviderKey = '[email protected]';
+	const existsEmailWithWrongProviderKey = '[email protected]';
+
+	let container: MedusaContainer;
+	let req: Request;
+	let accessToken: string;
+	let refreshToken: string;
+	let profile: { emails: { value: string }[]; name?: { givenName?: string; familyName?: string } };
+	let steamAdminStrategy: SteamAdminStrategy;
+
+	beforeEach(() => {
+		profile = {
+			emails: [{ value: existsEmail }],
+		};
+
+		container = {
+			resolve: (name: string) => {
+				const container_ = {
+					userService: {
+						retrieveByEmail: jest.fn().mockImplementation(async (email: string) => {
+							if (email === existsEmail) {
+								return {
+									id: 'test',
+								};
+							}
+
+							if (email === existsEmailWithProviderKey) {
+								return {
+									id: 'test2',
+									metadata: {
+										[AUTH_PROVIDER_KEY]: STEAM_ADMIN_STRATEGY_NAME,
+									},
+								};
+							}
+
+							if (email === existsEmailWithWrongProviderKey) {
+								return {
+									id: 'test3',
+									metadata: {
+										[AUTH_PROVIDER_KEY]: 'fake_provider_key',
+									},
+								};
+							}
+
+							return;
+						}),
+					},
+				};
+
+				return container_[name];
+			},
+		} as MedusaContainer;
+	});
+
+	describe('when strict is set to admin', function() {
+		beforeEach(() => {
+			steamAdminStrategy = new SteamAdminStrategy(
+				container,
+				{} as ConfigModule,
+				{
+					realm: 'http://localhost',
+					apiKey: 'fake',
+					admin: {
+						callbackUrl: 'http://localhost',
+					},
+				} as SteamAuthOptions,
+				'admin',
+			);
+		});
+
+		afterEach(() => {
+			jest.clearAllMocks();
+		});
+
+		it('should succeed', async () => {
+			profile = {
+				emails: [{ value: existsEmailWithProviderKey }],
+			};
+
+			const data = await steamAdminStrategy.validate(req, accessToken, refreshToken, profile);
+			expect(data).toEqual(
+				expect.objectContaining({
+					id: 'test2',
+				}),
+			);
+		});
+
+		it('should fail when a user exists without the auth provider metadata', async () => {
+			profile = {
+				emails: [{ value: existsEmail }],
+			};
+
+			const err = await steamAdminStrategy.validate(req, accessToken, refreshToken, profile).catch((err) => err);
+			expect(err).toEqual(new Error(`Admin with email ${existsEmail} already exists`));
+		});
+
+		it('should fail when a user exists with the wrong auth provider key', async () => {
+			profile = {
+				emails: [{ value: existsEmailWithWrongProviderKey }],
+			};
+
+			const err = await steamAdminStrategy.validate(req, accessToken, refreshToken, profile).catch((err) => err);
+			expect(err).toEqual(new Error(`Admin with email ${existsEmailWithWrongProviderKey} already exists`));
+		});
+
+		it('should fail when the user does not exist', async () => {
+			profile = {
+				emails: [{ value: 'fake' }],
+			};
+
+			const err = await steamAdminStrategy.validate(req, accessToken, refreshToken, profile).catch((err) => err);
+			expect(err).toEqual(new Error(`Unable to authenticate the user with the email fake`));
+		});
+	});
+
+	describe('when strict is set for store only', function() {
+		beforeEach(() => {
+			steamAdminStrategy = new SteamAdminStrategy(
+				container,
+				{} as ConfigModule,
+				{
+					realm: 'http://localhost',
+					apiKey: 'fake',
+					admin: {
+						callbackUrl: 'http://localhost',
+					},
+				} as SteamAuthOptions,
+				'store',
+			);
+		});
+
+		afterEach(() => {
+			jest.clearAllMocks();
+		});
+
+		it('should succeed', async () => {
+			profile = {
+				emails: [{ value: existsEmailWithProviderKey }],
+			};
+
+			const data = await steamAdminStrategy.validate(req, accessToken, refreshToken, profile);
+			expect(data).toEqual(
+				expect.objectContaining({
+					id: 'test2',
+				}),
+			);
+		});
+
+		it('should succeed when a user exists without the auth provider metadata', async () => {
+			profile = {
+				emails: [{ value: existsEmail }],
+			};
+
+			const data = await steamAdminStrategy.validate(req, accessToken, refreshToken, profile);
+			expect(data).toEqual(
+				expect.objectContaining({
+					id: 'test',
+				}),
+			);
+		});
+
+		it('should succeed when a user exists with the wrong auth provider key', async () => {
+			profile = {
+				emails: [{ value: existsEmailWithWrongProviderKey }],
+			};
+
+			const data = await steamAdminStrategy.validate(req, accessToken, refreshToken, profile);
+			expect(data).toEqual(
+				expect.objectContaining({
+					id: 'test3',
+				}),
+			);
+		});
+
+		it('should fail when the user does not exist', async () => {
+			profile = {
+				emails: [{ value: 'fake' }],
+			};
+
+			const err = await steamAdminStrategy.validate(req, accessToken, refreshToken, profile).catch((err) => err);
+			expect(err).toEqual(new Error(`Unable to authenticate the user with the email fake`));
+		});
+	});
+});