elk/server/api/[server]/oauth.ts

42 lines
1.2 KiB
TypeScript
Raw Permalink Normal View History

2022-11-15 16:48:23 +01:00
import { stringifyQuery } from 'vue-router'
import { createError, defineEventHandler, getQuery, getRouterParams, sendRedirect } from 'h3'
import { getApp, getRedirectURI } from '~/server/shared'
2022-11-15 12:54:07 +01:00
export default defineEventHandler(async (event) => {
2023-01-01 20:30:39 +01:00
const { origin } = getQuery(event) as { origin: string }
2022-12-24 01:51:45 +01:00
let { server } = getRouterParams(event)
server = server.toLocaleLowerCase().trim()
2023-01-01 20:30:39 +01:00
const app = await getApp(origin, server)
2022-11-15 15:29:46 +01:00
if (!app) {
throw createError({
statusCode: 400,
statusMessage: `App not registered for server: ${server}`,
})
2022-11-15 15:29:46 +01:00
}
const { code } = getQuery(event)
if (!code) {
throw createError({
statusCode: 422,
statusMessage: 'Missing authentication code.',
})
}
2022-11-15 12:54:07 +01:00
2022-11-15 16:48:23 +01:00
const result: any = await $fetch(`https://${server}/oauth/token`, {
2022-11-15 12:54:07 +01:00
method: 'POST',
body: {
2022-11-15 15:29:46 +01:00
client_id: app.client_id,
client_secret: app.client_secret,
2023-01-01 20:30:39 +01:00
redirect_uri: getRedirectURI(origin, server),
2022-11-15 12:54:07 +01:00
grant_type: 'authorization_code',
code,
scope: 'read write follow push',
},
retry: 3,
2022-11-15 12:54:07 +01:00
})
2022-11-15 15:29:46 +01:00
const url = `/signin/callback?${stringifyQuery({ server, token: result.access_token, vapid_key: app.vapid_key })}`
await sendRedirect(event, url, 302)
2022-11-15 12:54:07 +01:00
})