fix: only use oauth redirects and add website to app registration details

This commit is contained in:
Daniel Roe 2022-11-29 22:55:53 +00:00
parent 98a647f8ca
commit 81732a4a8c
No known key found for this signature in database
GPG key ID: 22D5008E4F5D9B55
3 changed files with 27 additions and 19 deletions

View file

@ -1,19 +1,21 @@
import { stringifyQuery } from 'ufo' import { stringifyQuery } from 'ufo'
import { HOST_URL, getApp } from '~/server/shared' import { getApp, getRedirectURI } from '~/server/shared'
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
const server = event.context.params.server const { server } = getRouterParams(event)
const app = await getApp(server) const app = await getApp(server)
if (!app) { if (!app) {
event.node.res.statusCode = 400 throw createError({
return `App not registered for server: ${server}` statusCode: 400,
statusMessage: `App not registered for server: ${server}`,
})
} }
const query = stringifyQuery({ const query = stringifyQuery({
client_id: app.client_id, client_id: app.client_id,
scope: 'read write follow push', scope: 'read write follow push',
redirect_uri: `${HOST_URL}/api/${server}/oauth`, redirect_uri: getRedirectURI(server),
response_type: 'code', response_type: 'code',
}) })
const url = `https://${server}/oauth/authorize?${query}` const url = `https://${server}/oauth/authorize?${query}`

View file

@ -1,29 +1,37 @@
import { stringifyQuery } from 'vue-router' import { stringifyQuery } from 'vue-router'
import { HOST_URL, getApp } from '~/server/shared' import { getApp, getRedirectURI } from '~/server/shared'
export default defineEventHandler(async (event) => { export default defineEventHandler(async (event) => {
const server = event.context.params.server const { server } = getRouterParams(event)
const app = await getApp(server) const app = await getApp(server)
if (!app) { if (!app) {
event.node.res.statusCode = 400 throw createError({
return `App not registered for server: ${server}` statusCode: 400,
statusMessage: `App not registered for server: ${server}`,
})
} }
const { code } = getQuery(event) const { code } = getQuery(event)
if (!code) {
throw createError({
statusCode: 422,
statusMessage: 'Missing authentication code.',
})
}
const result: any = await $fetch(`https://${server}/oauth/token`, { const result: any = await $fetch(`https://${server}/oauth/token`, {
method: 'POST', method: 'POST',
body: { body: {
client_id: app.client_id, client_id: app.client_id,
client_secret: app.client_secret, client_secret: app.client_secret,
redirect_uri: `${HOST_URL}/api/${server}/oauth`, redirect_uri: getRedirectURI(server),
grant_type: 'authorization_code', grant_type: 'authorization_code',
code, code,
scope: 'read write follow push', scope: 'read write follow push',
}, },
}) })
const url = `${HOST_URL}/signin/callback?${stringifyQuery({ server, token: result.access_token })}` const url = `/signin/callback?${stringifyQuery({ server, token: result.access_token })}`
await sendRedirect(event, url, 302) await sendRedirect(event, url, 302)
}) })

View file

@ -7,7 +7,6 @@ import { parseURL } from 'ufo'
import { $fetch } from 'ohmyfetch' import { $fetch } from 'ohmyfetch'
import type { Storage } from 'unstorage' import type { Storage } from 'unstorage'
import { isCI } from 'std-env'
import cached from './cache-driver' import cached from './cache-driver'
import type { AppInfo } from '~/types' import type { AppInfo } from '~/types'
@ -32,18 +31,17 @@ else {
apiToken: config.cloudflare.apiToken, apiToken: config.cloudflare.apiToken,
}))) })))
} }
export function getRedirectURI(server: string) {
return `${HOST_URL}/api/${server}/oauth`
}
async function fetchAppInfo(server: string) { async function fetchAppInfo(server: string) {
const redirect_uris = [
'urn:ietf:wg:oauth:2.0:oob',
`${HOST_URL}/api/${server}/oauth`,
].join('\n')
const app: AppInfo = await $fetch(`https://${server}/api/v1/apps`, { const app: AppInfo = await $fetch(`https://${server}/api/v1/apps`, {
method: 'POST', method: 'POST',
body: { body: {
client_name: APP_NAME + (isCI ? '' : ' (dev)'), client_name: APP_NAME + (config.env === 'local' ? ' (dev)' : ''),
redirect_uris, website: 'https://elk.zone',
redirect_uris: getRedirectURI(server),
scopes: 'read write follow push', scopes: 'read write follow push',
}, },
}) })