forked from Mirrors/elk
fix: only use oauth redirects and add website to app registration details
This commit is contained in:
parent
98a647f8ca
commit
81732a4a8c
3 changed files with 27 additions and 19 deletions
|
@ -1,19 +1,21 @@
|
||||||
import { stringifyQuery } from 'ufo'
|
import { stringifyQuery } from 'ufo'
|
||||||
import { HOST_URL, getApp } from '~/server/shared'
|
import { getApp, getRedirectURI } from '~/server/shared'
|
||||||
|
|
||||||
export default defineEventHandler(async (event) => {
|
export default defineEventHandler(async (event) => {
|
||||||
const server = event.context.params.server
|
const { server } = getRouterParams(event)
|
||||||
const app = await getApp(server)
|
const app = await getApp(server)
|
||||||
|
|
||||||
if (!app) {
|
if (!app) {
|
||||||
event.node.res.statusCode = 400
|
throw createError({
|
||||||
return `App not registered for server: ${server}`
|
statusCode: 400,
|
||||||
|
statusMessage: `App not registered for server: ${server}`,
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
const query = stringifyQuery({
|
const query = stringifyQuery({
|
||||||
client_id: app.client_id,
|
client_id: app.client_id,
|
||||||
scope: 'read write follow push',
|
scope: 'read write follow push',
|
||||||
redirect_uri: `${HOST_URL}/api/${server}/oauth`,
|
redirect_uri: getRedirectURI(server),
|
||||||
response_type: 'code',
|
response_type: 'code',
|
||||||
})
|
})
|
||||||
const url = `https://${server}/oauth/authorize?${query}`
|
const url = `https://${server}/oauth/authorize?${query}`
|
||||||
|
|
|
@ -1,29 +1,37 @@
|
||||||
import { stringifyQuery } from 'vue-router'
|
import { stringifyQuery } from 'vue-router'
|
||||||
import { HOST_URL, getApp } from '~/server/shared'
|
import { getApp, getRedirectURI } from '~/server/shared'
|
||||||
|
|
||||||
export default defineEventHandler(async (event) => {
|
export default defineEventHandler(async (event) => {
|
||||||
const server = event.context.params.server
|
const { server } = getRouterParams(event)
|
||||||
const app = await getApp(server)
|
const app = await getApp(server)
|
||||||
|
|
||||||
if (!app) {
|
if (!app) {
|
||||||
event.node.res.statusCode = 400
|
throw createError({
|
||||||
return `App not registered for server: ${server}`
|
statusCode: 400,
|
||||||
|
statusMessage: `App not registered for server: ${server}`,
|
||||||
|
})
|
||||||
}
|
}
|
||||||
|
|
||||||
const { code } = getQuery(event)
|
const { code } = getQuery(event)
|
||||||
|
if (!code) {
|
||||||
|
throw createError({
|
||||||
|
statusCode: 422,
|
||||||
|
statusMessage: 'Missing authentication code.',
|
||||||
|
})
|
||||||
|
}
|
||||||
|
|
||||||
const result: any = await $fetch(`https://${server}/oauth/token`, {
|
const result: any = await $fetch(`https://${server}/oauth/token`, {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
body: {
|
body: {
|
||||||
client_id: app.client_id,
|
client_id: app.client_id,
|
||||||
client_secret: app.client_secret,
|
client_secret: app.client_secret,
|
||||||
redirect_uri: `${HOST_URL}/api/${server}/oauth`,
|
redirect_uri: getRedirectURI(server),
|
||||||
grant_type: 'authorization_code',
|
grant_type: 'authorization_code',
|
||||||
code,
|
code,
|
||||||
scope: 'read write follow push',
|
scope: 'read write follow push',
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
|
|
||||||
const url = `${HOST_URL}/signin/callback?${stringifyQuery({ server, token: result.access_token })}`
|
const url = `/signin/callback?${stringifyQuery({ server, token: result.access_token })}`
|
||||||
await sendRedirect(event, url, 302)
|
await sendRedirect(event, url, 302)
|
||||||
})
|
})
|
||||||
|
|
|
@ -7,7 +7,6 @@ import { parseURL } from 'ufo'
|
||||||
import { $fetch } from 'ohmyfetch'
|
import { $fetch } from 'ohmyfetch'
|
||||||
import type { Storage } from 'unstorage'
|
import type { Storage } from 'unstorage'
|
||||||
|
|
||||||
import { isCI } from 'std-env'
|
|
||||||
import cached from './cache-driver'
|
import cached from './cache-driver'
|
||||||
|
|
||||||
import type { AppInfo } from '~/types'
|
import type { AppInfo } from '~/types'
|
||||||
|
@ -32,18 +31,17 @@ else {
|
||||||
apiToken: config.cloudflare.apiToken,
|
apiToken: config.cloudflare.apiToken,
|
||||||
})))
|
})))
|
||||||
}
|
}
|
||||||
|
export function getRedirectURI(server: string) {
|
||||||
|
return `${HOST_URL}/api/${server}/oauth`
|
||||||
|
}
|
||||||
|
|
||||||
async function fetchAppInfo(server: string) {
|
async function fetchAppInfo(server: string) {
|
||||||
const redirect_uris = [
|
|
||||||
'urn:ietf:wg:oauth:2.0:oob',
|
|
||||||
`${HOST_URL}/api/${server}/oauth`,
|
|
||||||
].join('\n')
|
|
||||||
|
|
||||||
const app: AppInfo = await $fetch(`https://${server}/api/v1/apps`, {
|
const app: AppInfo = await $fetch(`https://${server}/api/v1/apps`, {
|
||||||
method: 'POST',
|
method: 'POST',
|
||||||
body: {
|
body: {
|
||||||
client_name: APP_NAME + (isCI ? '' : ' (dev)'),
|
client_name: APP_NAME + (config.env === 'local' ? ' (dev)' : ''),
|
||||||
redirect_uris,
|
website: 'https://elk.zone',
|
||||||
|
redirect_uris: getRedirectURI(server),
|
||||||
scopes: 'read write follow push',
|
scopes: 'read write follow push',
|
||||||
},
|
},
|
||||||
})
|
})
|
||||||
|
|
Loading…
Reference in a new issue