@tinyrack/tinyauth-server 0.0.15 → 0.0.16
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/entrypoints/app.d.ts +41 -1
- package/dist/entrypoints/app.d.ts.map +1 -1
- package/dist/entrypoints/database/postgres/postgres.d.ts.map +1 -1
- package/dist/entrypoints/database/postgres/postgres.js +1 -0
- package/dist/entrypoints/database/postgres/postgres.js.map +1 -1
- package/dist/entrypoints/database/sqlite/sqlite.d.ts.map +1 -1
- package/dist/entrypoints/database/sqlite/sqlite.js +1 -0
- package/dist/entrypoints/database/sqlite/sqlite.js.map +1 -1
- package/dist/entrypoints/identity-providers/apple.d.ts +1 -0
- package/dist/entrypoints/identity-providers/apple.d.ts.map +1 -1
- package/dist/entrypoints/identity-providers/apple.js +1 -0
- package/dist/entrypoints/identity-providers/apple.js.map +1 -1
- package/dist/entrypoints/identity-providers/generic-oauth.d.ts +2 -0
- package/dist/entrypoints/identity-providers/generic-oauth.d.ts.map +1 -1
- package/dist/entrypoints/identity-providers/generic-oauth.js +2 -0
- package/dist/entrypoints/identity-providers/generic-oauth.js.map +1 -1
- package/dist/lib/config/identity-providers.d.ts +4 -0
- package/dist/lib/config/identity-providers.d.ts.map +1 -1
- package/dist/lib/config/identity-providers.js +40 -0
- package/dist/lib/config/identity-providers.js.map +1 -1
- package/dist/lib/config/resolved.d.ts +2 -0
- package/dist/lib/config/resolved.d.ts.map +1 -1
- package/dist/lib/pkce.d.ts.map +1 -1
- package/dist/lib/pkce.js +5 -1
- package/dist/lib/pkce.js.map +1 -1
- package/dist/middleware/session.d.ts.map +1 -1
- package/dist/middleware/session.js +2 -0
- package/dist/middleware/session.js.map +1 -1
- package/dist/routes/api/auth/passkey/verify/post.d.ts.map +1 -1
- package/dist/routes/api/auth/passkey/verify/post.js +1 -1
- package/dist/routes/api/auth/passkey/verify/post.js.map +1 -1
- package/dist/routes/api/index.d.ts +38 -0
- package/dist/routes/api/index.d.ts.map +1 -1
- package/dist/routes/api/oauth/_provider/callback/get.d.ts +19 -0
- package/dist/routes/api/oauth/_provider/callback/get.d.ts.map +1 -1
- package/dist/routes/api/oauth/_provider/callback/get.js +19 -10
- package/dist/routes/api/oauth/_provider/callback/get.js.map +1 -1
- package/dist/routes/api/oauth/_provider/callback/post.d.ts +19 -0
- package/dist/routes/api/oauth/_provider/callback/post.d.ts.map +1 -1
- package/dist/routes/api/oauth/_provider/callback/post.js +19 -10
- package/dist/routes/api/oauth/_provider/callback/post.js.map +1 -1
- package/dist/routes/api/oauth/index.d.ts +38 -0
- package/dist/routes/api/oauth/index.d.ts.map +1 -1
- package/dist/routes/index.d.ts +39 -1
- package/dist/routes/index.d.ts.map +1 -1
- package/dist/routes/oauth/client-auth.d.ts +10 -0
- package/dist/routes/oauth/client-auth.d.ts.map +1 -0
- package/dist/routes/oauth/client-auth.js +57 -0
- package/dist/routes/oauth/client-auth.js.map +1 -0
- package/dist/routes/oauth/index.d.ts +1 -1
- package/dist/routes/oauth/introspect/post.d.ts.map +1 -1
- package/dist/routes/oauth/introspect/post.js +36 -12
- package/dist/routes/oauth/introspect/post.js.map +1 -1
- package/dist/routes/oauth/revoke/post.d.ts.map +1 -1
- package/dist/routes/oauth/revoke/post.js +30 -12
- package/dist/routes/oauth/revoke/post.js.map +1 -1
- package/dist/routes/oauth/token/post.d.ts +1 -1
- package/dist/routes/oauth/token/post.d.ts.map +1 -1
- package/dist/routes/oauth/token/post.js +31 -9
- package/dist/routes/oauth/token/post.js.map +1 -1
- package/dist/schemas/field.d.ts.map +1 -1
- package/dist/schemas/field.js +4 -0
- package/dist/schemas/field.js.map +1 -1
- package/dist/services/container.d.ts +2 -0
- package/dist/services/container.d.ts.map +1 -1
- package/dist/services/jwt.service.d.ts +1 -0
- package/dist/services/jwt.service.d.ts.map +1 -1
- package/dist/services/jwt.service.js +29 -18
- package/dist/services/jwt.service.js.map +1 -1
- package/dist/services/oauth-authorize.service.d.ts +1 -0
- package/dist/services/oauth-authorize.service.d.ts.map +1 -1
- package/dist/services/oauth-authorize.service.js +10 -1
- package/dist/services/oauth-authorize.service.js.map +1 -1
- package/dist/services/oauth-client.service.d.ts +2 -0
- package/dist/services/oauth-client.service.d.ts.map +1 -1
- package/dist/services/oauth-client.service.js +26 -0
- package/dist/services/oauth-client.service.js.map +1 -1
- package/dist/services/oauth-connect.service.d.ts +5 -8
- package/dist/services/oauth-connect.service.d.ts.map +1 -1
- package/dist/services/oauth-connect.service.js +99 -15
- package/dist/services/oauth-connect.service.js.map +1 -1
- package/dist/services/oauth-token.service.d.ts +3 -2
- package/dist/services/oauth-token.service.d.ts.map +1 -1
- package/dist/services/oauth-token.service.js +44 -22
- package/dist/services/oauth-token.service.js.map +1 -1
- package/dist/services/passkey.service.d.ts +1 -1
- package/dist/services/passkey.service.d.ts.map +1 -1
- package/dist/services/passkey.service.js +11 -3
- package/dist/services/passkey.service.js.map +1 -1
- package/package.json +1 -1
- package/public/assets/{index-KMvNrUPy.js → index-CLq6d6iO.js} +22 -22
- package/public/assets/{index-KMvNrUPy.js.map → index-CLq6d6iO.js.map} +1 -1
- package/public/index.html +1 -1
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/post.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;
|
|
1
|
+
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/post.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;AAiB5D,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;oCA4JrC,CAAC"}
|
|
@@ -3,7 +3,7 @@ import { describeRoute, resolver, validator } from 'hono-openapi';
|
|
|
3
3
|
import { z } from 'zod';
|
|
4
4
|
import { TAGS } from "../../../../../lib/swagger-tags.js";
|
|
5
5
|
import { verifyAuth, verifyOAuth } from "../../../../../middleware/auth.js";
|
|
6
|
-
import { e } from "../../../../../schemas/error.js";
|
|
6
|
+
import { e, TinyAuthError } from "../../../../../schemas/error.js";
|
|
7
7
|
import { f } from "../../../../../schemas/field.js";
|
|
8
8
|
import { r } from "../../../../../schemas/response.js";
|
|
9
9
|
const OAuthProviderCallbackFormBody = z
|
|
@@ -112,15 +112,24 @@ export const oauthProviderCallbackPost = new Hono().post('/oauth/:provider/callb
|
|
|
112
112
|
if (!oauthSession) {
|
|
113
113
|
throw new e.OAuthSessionExpired.Error();
|
|
114
114
|
}
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
115
|
+
let result;
|
|
116
|
+
try {
|
|
117
|
+
result = await oauthConnectService.processOAuthCallback({
|
|
118
|
+
provider,
|
|
119
|
+
code,
|
|
120
|
+
state,
|
|
121
|
+
oauthSession,
|
|
122
|
+
userSub: c.var.verifiedUser?.user.sub,
|
|
123
|
+
requestUrl: c.req.url,
|
|
124
|
+
});
|
|
125
|
+
}
|
|
126
|
+
catch (err) {
|
|
127
|
+
session.set('oauth', undefined);
|
|
128
|
+
if (err instanceof TinyAuthError) {
|
|
129
|
+
return c.json(err.toJson(), err.status);
|
|
130
|
+
}
|
|
131
|
+
throw err;
|
|
132
|
+
}
|
|
124
133
|
session.set('oauth', undefined);
|
|
125
134
|
switch (result.action) {
|
|
126
135
|
case 'error_redirect':
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAC5E,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAC5E,OAAO,EAAE,CAAC,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,oCAAoC,CAAC;AAGvD,MAAM,6BAA6B,GAAG,CAAC;KACpC,MAAM,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,iBAAiB,CAAC,QAAQ,EAAE;IACpC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE;IACzB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACzC,CAAC;KACD,QAAQ,CAAC,iCAAiC,CAAC,CAAC;AAE/C,MAAM,CAAC,MAAM,yBAAyB,GAAG,IAAI,IAAI,EAAU,CAAC,IAAI,CAC9D,2BAA2B,EAC3B,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC;IAC1B,OAAO,EAAE,uBAAuB;IAChC,WAAW,EACT,gEAAgE;IAClE,SAAS,EAAE;QACT,GAAG,EAAE;YACH,WAAW,EAAE,UAAU;SACxB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC;iBAC1C;aACF;YACD,WAAW,EAAE,SAAS;SACvB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,kBAAkB,CAAC,MAAM;wBAC3B,CAAC,CAAC,mBAAmB,CAAC,MAAM;wBAC5B,CAAC,CAAC,mBAAmB,CAAC,MAAM;qBAC7B,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,qDAAqD;SACnE;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,qBAAqB,CAAC,MAAM;wBAC9B,CAAC,CAAC,2BAA2B,CAAC,MAAM;qBACrC,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,sDAAsD;SACpE;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC,MAAM,CAAC;iBACjD;aACF;YACD,WAAW,EAAE,0BAA0B;SACxC;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,kBAAkB,CAAC,MAAM;wBAC3B,CAAC,CAAC,yBAAyB,CAAC,MAAM;qBACnC,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,0CAA0C;SACxD;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,wBAAwB,CAAC,MAAM;wBACjC,CAAC,CAAC,mBAAmB,CAAC,MAAM;qBAC7B,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,2CAA2C;SACzD;KACF;CACF,CAAC,EACF,SAAS,CACP,OAAO,EACP,CAAC,CAAC,MAAM,CAAC;IACP,QAAQ,EAAE,CAAC,CAAC,YAAY;CACzB,CAAC,CACH,EACD,SAAS,CAAC,MAAM,EAAE,6BAA6B,CAAC,EAChD,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC9B,WAAW,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC/B,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACtE,MAAM,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC;IAC1B,MAAM,EAAE,MAAM,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IACvD,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC;IAEzC,8BAA8B;IAC9B,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAChE,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAChD,IAAI,iBAAiB,EAAE,CAAC;YACtB,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,yBAAyB,EAAE,iBAAiB,CAAC,CAAC;QAC1E,CAAC;QACD,IAAI,YAAY,EAAE,SAAS,EAAE,CAAC;YAC5B,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,YAAY,CAAC,SAAS,CAAC,CAAC;QAChE,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAChC,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,+BAA+B;IAC/B,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACpB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,IAAI,MAA2B,CAAC;IAChC,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,mBAAmB,CAAC,oBAAoB,CAAC;YACtD,QAAQ;YACR,IAAI;YACJ,KAAK;YACL,YAAY;YACZ,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,GAAG;YACrC,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG;SACtB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAChC,IAAI,GAAG,YAAY,aAAa,EAAE,CAAC;YACjC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAEhC,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;QACtB,KAAK,gBAAgB;YACnB,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChC,KAAK,eAAe;YAClB,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACtC,KAAK,gBAAgB;YACnB,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChC,KAAK,sBAAsB;YACzB,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvC,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,KAAK,gBAAgB;YACnB,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvC,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,IAAI,UAAU,CAAC,CAAC;IACtD,CAAC;AACH,CAAC,CACF,CAAC"}
|
|
@@ -35,6 +35,25 @@ export declare const oauthRoutes: import("hono/hono-base").HonoBase<AppEnv, impo
|
|
|
35
35
|
output: undefined;
|
|
36
36
|
outputFormat: "redirect";
|
|
37
37
|
status: 302;
|
|
38
|
+
} | {
|
|
39
|
+
input: {
|
|
40
|
+
param: {
|
|
41
|
+
provider: string;
|
|
42
|
+
};
|
|
43
|
+
} & {
|
|
44
|
+
query: {
|
|
45
|
+
code?: string | string[];
|
|
46
|
+
state?: string | string[];
|
|
47
|
+
error?: string | string[];
|
|
48
|
+
error_description?: string | string[];
|
|
49
|
+
};
|
|
50
|
+
};
|
|
51
|
+
output: {
|
|
52
|
+
code: any;
|
|
53
|
+
message: any;
|
|
54
|
+
};
|
|
55
|
+
outputFormat: "json";
|
|
56
|
+
status: any;
|
|
38
57
|
};
|
|
39
58
|
};
|
|
40
59
|
}, "/"> | import("hono/types").MergeSchemaPath<{
|
|
@@ -55,6 +74,25 @@ export declare const oauthRoutes: import("hono/hono-base").HonoBase<AppEnv, impo
|
|
|
55
74
|
output: undefined;
|
|
56
75
|
outputFormat: "redirect";
|
|
57
76
|
status: 302;
|
|
77
|
+
} | {
|
|
78
|
+
input: {
|
|
79
|
+
param: {
|
|
80
|
+
provider: string;
|
|
81
|
+
};
|
|
82
|
+
} & {
|
|
83
|
+
form: {
|
|
84
|
+
code?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
85
|
+
state?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
86
|
+
error?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
87
|
+
error_description?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
88
|
+
};
|
|
89
|
+
};
|
|
90
|
+
output: {
|
|
91
|
+
code: any;
|
|
92
|
+
message: any;
|
|
93
|
+
};
|
|
94
|
+
outputFormat: "json";
|
|
95
|
+
status: any;
|
|
58
96
|
};
|
|
59
97
|
};
|
|
60
98
|
}, "/"> | import("hono/types").MergeSchemaPath<{
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/routes/api/oauth/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAMtD,eAAO,MAAM,WAAW
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/routes/api/oauth/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAMtD,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAIU,CAAC"}
|
package/dist/routes/index.d.ts
CHANGED
|
@@ -886,6 +886,25 @@ export declare const routes: import("hono/hono-base").HonoBase<AppEnv, import("h
|
|
|
886
886
|
output: undefined;
|
|
887
887
|
outputFormat: "redirect";
|
|
888
888
|
status: 302;
|
|
889
|
+
} | {
|
|
890
|
+
input: {
|
|
891
|
+
param: {
|
|
892
|
+
provider: string;
|
|
893
|
+
};
|
|
894
|
+
} & {
|
|
895
|
+
query: {
|
|
896
|
+
code?: string | string[];
|
|
897
|
+
state?: string | string[];
|
|
898
|
+
error?: string | string[];
|
|
899
|
+
error_description?: string | string[];
|
|
900
|
+
};
|
|
901
|
+
};
|
|
902
|
+
output: {
|
|
903
|
+
code: any;
|
|
904
|
+
message: any;
|
|
905
|
+
};
|
|
906
|
+
outputFormat: "json";
|
|
907
|
+
status: any;
|
|
889
908
|
};
|
|
890
909
|
};
|
|
891
910
|
}, "/"> | import("hono/types").MergeSchemaPath<{
|
|
@@ -906,6 +925,25 @@ export declare const routes: import("hono/hono-base").HonoBase<AppEnv, import("h
|
|
|
906
925
|
output: undefined;
|
|
907
926
|
outputFormat: "redirect";
|
|
908
927
|
status: 302;
|
|
928
|
+
} | {
|
|
929
|
+
input: {
|
|
930
|
+
param: {
|
|
931
|
+
provider: string;
|
|
932
|
+
};
|
|
933
|
+
} & {
|
|
934
|
+
form: {
|
|
935
|
+
code?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
936
|
+
state?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
937
|
+
error?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
938
|
+
error_description?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
939
|
+
};
|
|
940
|
+
};
|
|
941
|
+
output: {
|
|
942
|
+
code: any;
|
|
943
|
+
message: any;
|
|
944
|
+
};
|
|
945
|
+
outputFormat: "json";
|
|
946
|
+
status: any;
|
|
909
947
|
};
|
|
910
948
|
};
|
|
911
949
|
}, "/"> | import("hono/types").MergeSchemaPath<{
|
|
@@ -974,9 +1012,9 @@ export declare const routes: import("hono/hono-base").HonoBase<AppEnv, import("h
|
|
|
974
1012
|
input: {
|
|
975
1013
|
form: {
|
|
976
1014
|
grant_type: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
977
|
-
client_id: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
978
1015
|
code?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
979
1016
|
redirect_uri?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
1017
|
+
client_id?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
980
1018
|
client_secret?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
981
1019
|
code_verifier?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
982
1020
|
refresh_token?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/routes/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAKhD,eAAO,MAAM,MAAM
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../src/routes/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,mBAAmB,CAAC;AAKhD,eAAO,MAAM,MAAM;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;mCAGsB,CAAC"}
|
|
@@ -0,0 +1,10 @@
|
|
|
1
|
+
import type { Context } from 'hono';
|
|
2
|
+
export interface BasicClientCredentials {
|
|
3
|
+
clientId: string;
|
|
4
|
+
clientSecret: string;
|
|
5
|
+
}
|
|
6
|
+
export declare const BASIC_CLIENT_AUTH_CHALLENGE = "Basic realm=\"tinyauth\"";
|
|
7
|
+
export declare function parseBasicClientCredentials(authorizationHeader: string | undefined): BasicClientCredentials | null | undefined;
|
|
8
|
+
export declare function throwInvalidClientCredentialsWithBasicChallenge(c: Context): never;
|
|
9
|
+
export declare function setBasicClientAuthChallengeIfInvalidClientCredentials(c: Context, err: unknown): void;
|
|
10
|
+
//# sourceMappingURL=client-auth.d.ts.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"client-auth.d.ts","sourceRoot":"","sources":["../../../src/routes/oauth/client-auth.ts"],"names":[],"mappings":"AAAA,OAAO,KAAK,EAAE,OAAO,EAAE,MAAM,MAAM,CAAC;AAGpC,MAAM,WAAW,sBAAsB;IACrC,QAAQ,EAAE,MAAM,CAAC;IACjB,YAAY,EAAE,MAAM,CAAC;CACtB;AAED,eAAO,MAAM,2BAA2B,6BAA2B,CAAC;AAKpE,wBAAgB,2BAA2B,CACzC,mBAAmB,EAAE,MAAM,GAAG,SAAS,GACtC,sBAAsB,GAAG,IAAI,GAAG,SAAS,CAwC3C;AAED,wBAAgB,+CAA+C,CAC7D,CAAC,EAAE,OAAO,GACT,KAAK,CAGP;AAED,wBAAgB,qDAAqD,CACnE,CAAC,EAAE,OAAO,EACV,GAAG,EAAE,OAAO,GACX,IAAI,CAON"}
|
|
@@ -0,0 +1,57 @@
|
|
|
1
|
+
import { e, TinyAuthError } from '../../schemas/error.js';
|
|
2
|
+
export const BASIC_CLIENT_AUTH_CHALLENGE = 'Basic realm="tinyauth"';
|
|
3
|
+
const BASIC_BASE64_PATTERN = /^(?:[A-Za-z0-9+/]{4})*(?:[A-Za-z0-9+/]{2}==|[A-Za-z0-9+/]{3}=)?$/;
|
|
4
|
+
export function parseBasicClientCredentials(authorizationHeader) {
|
|
5
|
+
if (!authorizationHeader) {
|
|
6
|
+
return undefined;
|
|
7
|
+
}
|
|
8
|
+
const [scheme, encoded, extra] = authorizationHeader.split(' ');
|
|
9
|
+
if (!scheme || scheme.toLowerCase() !== 'basic') {
|
|
10
|
+
return null;
|
|
11
|
+
}
|
|
12
|
+
if (!encoded ||
|
|
13
|
+
extra !== undefined ||
|
|
14
|
+
/\s/.test(encoded) ||
|
|
15
|
+
!BASIC_BASE64_PATTERN.test(encoded)) {
|
|
16
|
+
return null;
|
|
17
|
+
}
|
|
18
|
+
const decodedBytes = Buffer.from(encoded, 'base64');
|
|
19
|
+
const decoded = decodeUtf8(decodedBytes);
|
|
20
|
+
if (!decoded || Buffer.from(decoded, 'utf8').toString('base64') !== encoded) {
|
|
21
|
+
return null;
|
|
22
|
+
}
|
|
23
|
+
const separatorIndex = decoded.indexOf(':');
|
|
24
|
+
if (separatorIndex < 0) {
|
|
25
|
+
return null;
|
|
26
|
+
}
|
|
27
|
+
const clientId = decodeBasicCredential(decoded.slice(0, separatorIndex));
|
|
28
|
+
if (!clientId) {
|
|
29
|
+
return null;
|
|
30
|
+
}
|
|
31
|
+
return {
|
|
32
|
+
clientId,
|
|
33
|
+
clientSecret: decodeBasicCredential(decoded.slice(separatorIndex + 1)),
|
|
34
|
+
};
|
|
35
|
+
}
|
|
36
|
+
export function throwInvalidClientCredentialsWithBasicChallenge(c) {
|
|
37
|
+
c.header('WWW-Authenticate', BASIC_CLIENT_AUTH_CHALLENGE);
|
|
38
|
+
throw new e.InvalidClientCredentials.Error();
|
|
39
|
+
}
|
|
40
|
+
export function setBasicClientAuthChallengeIfInvalidClientCredentials(c, err) {
|
|
41
|
+
if (err instanceof TinyAuthError &&
|
|
42
|
+
err.code === 'INVALID_CLIENT_CREDENTIALS') {
|
|
43
|
+
c.header('WWW-Authenticate', BASIC_CLIENT_AUTH_CHALLENGE);
|
|
44
|
+
}
|
|
45
|
+
}
|
|
46
|
+
function decodeUtf8(value) {
|
|
47
|
+
try {
|
|
48
|
+
return new TextDecoder('utf-8', { fatal: true }).decode(value);
|
|
49
|
+
}
|
|
50
|
+
catch {
|
|
51
|
+
return null;
|
|
52
|
+
}
|
|
53
|
+
}
|
|
54
|
+
function decodeBasicCredential(value) {
|
|
55
|
+
return new URLSearchParams(`value=${value}`).get('value') ?? '';
|
|
56
|
+
}
|
|
57
|
+
//# sourceMappingURL=client-auth.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"file":"client-auth.js","sourceRoot":"","sources":["../../../src/routes/oauth/client-auth.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,CAAC,EAAE,aAAa,EAAE,MAAM,wBAAwB,CAAC;AAO1D,MAAM,CAAC,MAAM,2BAA2B,GAAG,wBAAwB,CAAC;AAEpE,MAAM,oBAAoB,GACxB,kEAAkE,CAAC;AAErE,MAAM,UAAU,2BAA2B,CACzC,mBAAuC;IAEvC,IAAI,CAAC,mBAAmB,EAAE,CAAC;QACzB,OAAO,SAAS,CAAC;IACnB,CAAC;IAED,MAAM,CAAC,MAAM,EAAE,OAAO,EAAE,KAAK,CAAC,GAAG,mBAAmB,CAAC,KAAK,CAAC,GAAG,CAAC,CAAC;IAChE,IAAI,CAAC,MAAM,IAAI,MAAM,CAAC,WAAW,EAAE,KAAK,OAAO,EAAE,CAAC;QAChD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,IACE,CAAC,OAAO;QACR,KAAK,KAAK,SAAS;QACnB,IAAI,CAAC,IAAI,CAAC,OAAO,CAAC;QAClB,CAAC,oBAAoB,CAAC,IAAI,CAAC,OAAO,CAAC,EACnC,CAAC;QACD,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,YAAY,GAAG,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,QAAQ,CAAC,CAAC;IACpD,MAAM,OAAO,GAAG,UAAU,CAAC,YAAY,CAAC,CAAC;IACzC,IAAI,CAAC,OAAO,IAAI,MAAM,CAAC,IAAI,CAAC,OAAO,EAAE,MAAM,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,KAAK,OAAO,EAAE,CAAC;QAC5E,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,cAAc,GAAG,OAAO,CAAC,OAAO,CAAC,GAAG,CAAC,CAAC;IAE5C,IAAI,cAAc,GAAG,CAAC,EAAE,CAAC;QACvB,OAAO,IAAI,CAAC;IACd,CAAC;IAED,MAAM,QAAQ,GAAG,qBAAqB,CAAC,OAAO,CAAC,KAAK,CAAC,CAAC,EAAE,cAAc,CAAC,CAAC,CAAC;IACzE,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,OAAO,IAAI,CAAC;IACd,CAAC;IAED,OAAO;QACL,QAAQ;QACR,YAAY,EAAE,qBAAqB,CAAC,OAAO,CAAC,KAAK,CAAC,cAAc,GAAG,CAAC,CAAC,CAAC;KACvE,CAAC;AACJ,CAAC;AAED,MAAM,UAAU,+CAA+C,CAC7D,CAAU;IAEV,CAAC,CAAC,MAAM,CAAC,kBAAkB,EAAE,2BAA2B,CAAC,CAAC;IAC1D,MAAM,IAAI,CAAC,CAAC,wBAAwB,CAAC,KAAK,EAAE,CAAC;AAC/C,CAAC;AAED,MAAM,UAAU,qDAAqD,CACnE,CAAU,EACV,GAAY;IAEZ,IACE,GAAG,YAAY,aAAa;QAC5B,GAAG,CAAC,IAAI,KAAK,4BAA4B,EACzC,CAAC;QACD,CAAC,CAAC,MAAM,CAAC,kBAAkB,EAAE,2BAA2B,CAAC,CAAC;IAC5D,CAAC;AACH,CAAC;AAED,SAAS,UAAU,CAAC,KAAa;IAC/B,IAAI,CAAC;QACH,OAAO,IAAI,WAAW,CAAC,OAAO,EAAE,EAAE,KAAK,EAAE,IAAI,EAAE,CAAC,CAAC,MAAM,CAAC,KAAK,CAAC,CAAC;IACjE,CAAC;IAAC,MAAM,CAAC;QACP,OAAO,IAAI,CAAC;IACd,CAAC;AACH,CAAC;AAED,SAAS,qBAAqB,CAAC,KAAa;IAC1C,OAAO,IAAI,eAAe,CAAC,SAAS,KAAK,EAAE,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC,IAAI,EAAE,CAAC;AAClE,CAAC"}
|
|
@@ -50,9 +50,9 @@ export declare const oauthApplicationRoutes: import("hono/hono-base").HonoBase<A
|
|
|
50
50
|
input: {
|
|
51
51
|
form: {
|
|
52
52
|
grant_type: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
53
|
-
client_id: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
54
53
|
code?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
55
54
|
redirect_uri?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
55
|
+
client_id?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
56
56
|
client_secret?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
57
57
|
code_verifier?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
58
58
|
refresh_token?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../src/routes/oauth/introspect/post.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;
|
|
1
|
+
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../src/routes/oauth/introspect/post.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAoBtD,eAAO,MAAM,cAAc;;;;;;;;;;;;;;;;;;;;;;;;;sBAqG1B,CAAC"}
|
|
@@ -5,6 +5,7 @@ import { TAGS } from "../../../lib/swagger-tags.js";
|
|
|
5
5
|
import { e } from "../../../schemas/error.js";
|
|
6
6
|
import { f } from "../../../schemas/field.js";
|
|
7
7
|
import { r } from "../../../schemas/response.js";
|
|
8
|
+
import { parseBasicClientCredentials, setBasicClientAuthChallengeIfInvalidClientCredentials, throwInvalidClientCredentialsWithBasicChallenge, } from '../client-auth.js';
|
|
8
9
|
const IntrospectionRequestBody = z
|
|
9
10
|
.object({
|
|
10
11
|
token: f.token,
|
|
@@ -49,21 +50,44 @@ export const introspectPost = new Hono().post('/introspect', describeRoute({
|
|
|
49
50
|
}), validator('form', IntrospectionRequestBody), async (c) => {
|
|
50
51
|
const body = c.req.valid('form');
|
|
51
52
|
const { oauthClientService, oauthTokenService } = c.var.services;
|
|
52
|
-
|
|
53
|
-
|
|
54
|
-
|
|
55
|
-
|
|
56
|
-
|
|
53
|
+
const authorizationHeader = c.req.header('authorization');
|
|
54
|
+
const basicCredentials = parseBasicClientCredentials(authorizationHeader);
|
|
55
|
+
if (basicCredentials === null) {
|
|
56
|
+
throwInvalidClientCredentialsWithBasicChallenge(c);
|
|
57
|
+
}
|
|
58
|
+
if (basicCredentials && body.client_secret) {
|
|
59
|
+
throwInvalidClientCredentialsWithBasicChallenge(c);
|
|
60
|
+
}
|
|
61
|
+
if (basicCredentials && body.client_id) {
|
|
62
|
+
if (basicCredentials.clientId !== body.client_id) {
|
|
63
|
+
throwInvalidClientCredentialsWithBasicChallenge(c);
|
|
64
|
+
}
|
|
65
|
+
}
|
|
66
|
+
const clientId = basicCredentials?.clientId ?? body.client_id;
|
|
67
|
+
if (!clientId) {
|
|
68
|
+
throw new e.InvalidClientCredentials.Error();
|
|
69
|
+
}
|
|
70
|
+
const client = await oauthClientService.findByClientId(clientId);
|
|
71
|
+
if (!client.enabled) {
|
|
72
|
+
throw new e.OAuthClientDisabled.Error();
|
|
73
|
+
}
|
|
74
|
+
const clientSecret = basicCredentials?.clientSecret ?? body.client_secret;
|
|
75
|
+
try {
|
|
76
|
+
if (!clientSecret) {
|
|
77
|
+
throw new e.InvalidClientCredentials.Error();
|
|
57
78
|
}
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
61
|
-
|
|
62
|
-
|
|
79
|
+
const isValidClientSecret = await oauthClientService.verifyClientSecret(clientId, clientSecret);
|
|
80
|
+
if (!isValidClientSecret) {
|
|
81
|
+
throw new e.InvalidClientCredentials.Error();
|
|
82
|
+
}
|
|
83
|
+
}
|
|
84
|
+
catch (err) {
|
|
85
|
+
if (authorizationHeader) {
|
|
86
|
+
setBasicClientAuthChallengeIfInvalidClientCredentials(c, err);
|
|
63
87
|
}
|
|
88
|
+
throw err;
|
|
64
89
|
}
|
|
65
|
-
|
|
66
|
-
const result = await oauthTokenService.introspectToken(body.token, body.token_type_hint);
|
|
90
|
+
const result = await oauthTokenService.introspectToken(body.token, body.token_type_hint, clientId);
|
|
67
91
|
return c.json(result, 200);
|
|
68
92
|
});
|
|
69
93
|
//# sourceMappingURL=post.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../src/routes/oauth/introspect/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,8BAA8B,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,8BAA8B,CAAC;
|
|
1
|
+
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../src/routes/oauth/introspect/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,8BAA8B,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,8BAA8B,CAAC;AACjD,OAAO,EACL,2BAA2B,EAC3B,qDAAqD,EACrD,+CAA+C,GAChD,MAAM,mBAAmB,CAAC;AAE3B,MAAM,wBAAwB,GAAG,CAAC;KAC/B,MAAM,CAAC;IACN,KAAK,EAAE,CAAC,CAAC,KAAK;IACd,eAAe,EAAE,CAAC,CAAC,aAAa,CAAC,QAAQ,EAAE;IAC3C,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE;IAChC,aAAa,EAAE,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE;CACzC,CAAC;KACD,QAAQ,CAAC,4CAA4C,CAAC,CAAC;AAE1D,MAAM,CAAC,MAAM,cAAc,GAAG,IAAI,IAAI,EAAU,CAAC,IAAI,CACnD,aAAa,EACb,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;IACnB,OAAO,EAAE,qBAAqB;IAC9B,WAAW,EACT,gFAAgF;IAClF,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC;iBAC1C;aACF;YACD,WAAW,EAAE,SAAS;SACvB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,mBAAmB,CAAC,MAAM;wBAC5B,CAAC,CAAC,mBAAmB,CAAC,MAAM;qBAC7B,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,oCAAoC;SAClD;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,wBAAwB,CAAC,MAAM,CAAC;iBACpD;aACF;YACD,WAAW,EAAE,4BAA4B;SAC1C;KACF;CACF,CAAC,EACF,SAAS,CAAC,MAAM,EAAE,wBAAwB,CAAC,EAC3C,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IACjE,MAAM,mBAAmB,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IAC1D,MAAM,gBAAgB,GAAG,2BAA2B,CAAC,mBAAmB,CAAC,CAAC;IAE1E,IAAI,gBAAgB,KAAK,IAAI,EAAE,CAAC;QAC9B,+CAA+C,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,IAAI,gBAAgB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QAC3C,+CAA+C,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,IAAI,gBAAgB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACvC,IAAI,gBAAgB,CAAC,QAAQ,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;YACjD,+CAA+C,CAAC,CAAC,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,gBAAgB,EAAE,QAAQ,IAAI,IAAI,CAAC,SAAS,CAAC;IAC9D,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,CAAC,CAAC,wBAAwB,CAAC,KAAK,EAAE,CAAC;IAC/C,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IAEjE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,MAAM,YAAY,GAAG,gBAAgB,EAAE,YAAY,IAAI,IAAI,CAAC,aAAa,CAAC;IAE1E,IAAI,CAAC;QACH,IAAI,CAAC,YAAY,EAAE,CAAC;YAClB,MAAM,IAAI,CAAC,CAAC,wBAAwB,CAAC,KAAK,EAAE,CAAC;QAC/C,CAAC;QAED,MAAM,mBAAmB,GAAG,MAAM,kBAAkB,CAAC,kBAAkB,CACrE,QAAQ,EACR,YAAY,CACb,CAAC;QAEF,IAAI,CAAC,mBAAmB,EAAE,CAAC;YACzB,MAAM,IAAI,CAAC,CAAC,wBAAwB,CAAC,KAAK,EAAE,CAAC;QAC/C,CAAC;IACH,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,mBAAmB,EAAE,CAAC;YACxB,qDAAqD,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,eAAe,CACpD,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,eAAe,EACpB,QAAQ,CACT,CAAC;IAEF,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;AAC7B,CAAC,CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../src/routes/oauth/revoke/post.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;
|
|
1
|
+
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../src/routes/oauth/revoke/post.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAmBtD;;GAEG;AACH,eAAO,MAAM,UAAU;;;;;;;;;;;;;;;;kBAmGtB,CAAC"}
|
|
@@ -4,6 +4,7 @@ import { z } from 'zod';
|
|
|
4
4
|
import { TAGS } from "../../../lib/swagger-tags.js";
|
|
5
5
|
import { e } from "../../../schemas/error.js";
|
|
6
6
|
import { f } from "../../../schemas/field.js";
|
|
7
|
+
import { parseBasicClientCredentials, setBasicClientAuthChallengeIfInvalidClientCredentials, throwInvalidClientCredentialsWithBasicChallenge, } from '../client-auth.js';
|
|
7
8
|
const RevokeRequestBody = z
|
|
8
9
|
.object({
|
|
9
10
|
token: f.token,
|
|
@@ -53,21 +54,38 @@ export const revokePost = new Hono().post('/revoke', describeRoute({
|
|
|
53
54
|
}), validator('form', RevokeRequestBody), async (c) => {
|
|
54
55
|
const body = c.req.valid('form');
|
|
55
56
|
const { oauthClientService, oauthTokenService } = c.var.services;
|
|
56
|
-
|
|
57
|
-
|
|
58
|
-
|
|
59
|
-
|
|
60
|
-
|
|
57
|
+
const authorizationHeader = c.req.header('authorization');
|
|
58
|
+
const basicCredentials = parseBasicClientCredentials(authorizationHeader);
|
|
59
|
+
if (basicCredentials === null) {
|
|
60
|
+
throwInvalidClientCredentialsWithBasicChallenge(c);
|
|
61
|
+
}
|
|
62
|
+
if (basicCredentials && body.client_secret) {
|
|
63
|
+
throwInvalidClientCredentialsWithBasicChallenge(c);
|
|
64
|
+
}
|
|
65
|
+
if (basicCredentials && body.client_id) {
|
|
66
|
+
if (basicCredentials.clientId !== body.client_id) {
|
|
67
|
+
throwInvalidClientCredentialsWithBasicChallenge(c);
|
|
61
68
|
}
|
|
62
|
-
|
|
63
|
-
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
69
|
+
}
|
|
70
|
+
const clientId = basicCredentials?.clientId ?? body.client_id;
|
|
71
|
+
if (!clientId) {
|
|
72
|
+
throw new e.InvalidClientCredentials.Error();
|
|
73
|
+
}
|
|
74
|
+
const client = await oauthClientService.findByClientId(clientId);
|
|
75
|
+
if (!client.enabled) {
|
|
76
|
+
throw new e.OAuthClientDisabled.Error();
|
|
77
|
+
}
|
|
78
|
+
const clientSecret = basicCredentials?.clientSecret ?? body.client_secret;
|
|
79
|
+
try {
|
|
80
|
+
await oauthClientService.validateClientSecretIfRequired(clientId, clientSecret);
|
|
81
|
+
}
|
|
82
|
+
catch (err) {
|
|
83
|
+
if (authorizationHeader) {
|
|
84
|
+
setBasicClientAuthChallengeIfInvalidClientCredentials(c, err);
|
|
67
85
|
}
|
|
86
|
+
throw err;
|
|
68
87
|
}
|
|
69
|
-
|
|
70
|
-
await oauthTokenService.revokeToken(body.token, body.token_type_hint);
|
|
88
|
+
await oauthTokenService.revokeToken(body.token, body.token_type_hint, clientId);
|
|
71
89
|
return c.json({}, 200);
|
|
72
90
|
});
|
|
73
91
|
//# sourceMappingURL=post.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../src/routes/oauth/revoke/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,8BAA8B,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;
|
|
1
|
+
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../src/routes/oauth/revoke/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,8BAA8B,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EACL,2BAA2B,EAC3B,qDAAqD,EACrD,+CAA+C,GAChD,MAAM,mBAAmB,CAAC;AAE3B,MAAM,iBAAiB,GAAG,CAAC;KACxB,MAAM,CAAC;IACN,KAAK,EAAE,CAAC,CAAC,KAAK;IACd,eAAe,EAAE,CAAC,CAAC,aAAa,CAAC,QAAQ,EAAE;IAC3C,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE;IAChC,aAAa,EAAE,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE;CACzC,CAAC;KACD,QAAQ,CAAC,yCAAyC,CAAC,CAAC;AAEvD;;GAEG;AACH,MAAM,CAAC,MAAM,UAAU,GAAG,IAAI,IAAI,EAAU,CAAC,IAAI,CAC/C,SAAS,EACT,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;IACnB,OAAO,EAAE,kBAAkB;IAC3B,WAAW,EACT,mFAAmF;IACrF,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC;yBACE,MAAM,CAAC,EAAE,CAAC;yBACV,QAAQ,CACP,0DAA0D,CAC3D,CACJ;iBACF;aACF;YACD,WAAW,EAAE,eAAe;SAC7B;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,mBAAmB,CAAC,MAAM;wBAC5B,CAAC,CAAC,mBAAmB,CAAC,MAAM;qBAC7B,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,oCAAoC;SAClD;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,wBAAwB,CAAC,MAAM,CAAC;iBACpD;aACF;YACD,WAAW,EAAE,4BAA4B;SAC1C;KACF;CACF,CAAC,EACF,SAAS,CAAC,MAAM,EAAE,iBAAiB,CAAC,EACpC,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IACjE,MAAM,mBAAmB,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IAC1D,MAAM,gBAAgB,GAAG,2BAA2B,CAAC,mBAAmB,CAAC,CAAC;IAE1E,IAAI,gBAAgB,KAAK,IAAI,EAAE,CAAC;QAC9B,+CAA+C,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,IAAI,gBAAgB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QAC3C,+CAA+C,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,IAAI,gBAAgB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACvC,IAAI,gBAAgB,CAAC,QAAQ,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;YACjD,+CAA+C,CAAC,CAAC,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,gBAAgB,EAAE,QAAQ,IAAI,IAAI,CAAC,SAAS,CAAC;IAC9D,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,CAAC,CAAC,wBAAwB,CAAC,KAAK,EAAE,CAAC;IAC/C,CAAC;IAED,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IAEjE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,MAAM,YAAY,GAAG,gBAAgB,EAAE,YAAY,IAAI,IAAI,CAAC,aAAa,CAAC;IAE1E,IAAI,CAAC;QACH,MAAM,kBAAkB,CAAC,8BAA8B,CACrD,QAAQ,EACR,YAAY,CACb,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,mBAAmB,EAAE,CAAC;YACxB,qDAAqD,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;IAED,MAAM,iBAAiB,CAAC,WAAW,CACjC,IAAI,CAAC,KAAK,EACV,IAAI,CAAC,eAAe,EACpB,QAAQ,CACT,CAAC;IAEF,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,EAAE,GAAG,CAAC,CAAC;AACzB,CAAC,CACF,CAAC"}
|
|
@@ -5,9 +5,9 @@ export declare const tokenPost: import("hono/hono-base").HonoBase<AppEnv, {
|
|
|
5
5
|
input: {
|
|
6
6
|
form: {
|
|
7
7
|
grant_type: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
8
|
-
client_id: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
9
8
|
code?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
10
9
|
redirect_uri?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
10
|
+
client_id?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
11
11
|
client_secret?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
12
12
|
code_verifier?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
13
13
|
refresh_token?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../src/routes/oauth/token/post.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;
|
|
1
|
+
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../src/routes/oauth/token/post.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAuBtD,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;iBA8HrB,CAAC"}
|
|
@@ -5,12 +5,13 @@ import { TAGS } from "../../../lib/swagger-tags.js";
|
|
|
5
5
|
import { e } from "../../../schemas/error.js";
|
|
6
6
|
import { f } from "../../../schemas/field.js";
|
|
7
7
|
import { r } from "../../../schemas/response.js";
|
|
8
|
+
import { parseBasicClientCredentials, setBasicClientAuthChallengeIfInvalidClientCredentials, throwInvalidClientCredentialsWithBasicChallenge, } from '../client-auth.js';
|
|
8
9
|
const TokenRequestBody = z
|
|
9
10
|
.object({
|
|
10
11
|
grant_type: f.grantType,
|
|
11
12
|
code: f.authorizationCode.optional(),
|
|
12
13
|
redirect_uri: f.redirectUri.optional(),
|
|
13
|
-
client_id: f.clientId,
|
|
14
|
+
client_id: f.clientId.optional(),
|
|
14
15
|
client_secret: f.clientSecret.optional(),
|
|
15
16
|
code_verifier: f.codeVerifier.optional(),
|
|
16
17
|
refresh_token: f.token.optional(),
|
|
@@ -55,17 +56,38 @@ export const tokenPost = new Hono().post('/token', describeRoute({
|
|
|
55
56
|
}), validator('form', TokenRequestBody), async (c) => {
|
|
56
57
|
const body = c.req.valid('form');
|
|
57
58
|
const { oauthClientService, oauthTokenService } = c.var.services;
|
|
59
|
+
const authorizationHeader = c.req.header('authorization');
|
|
60
|
+
const basicCredentials = parseBasicClientCredentials(authorizationHeader);
|
|
61
|
+
if (basicCredentials === null) {
|
|
62
|
+
throwInvalidClientCredentialsWithBasicChallenge(c);
|
|
63
|
+
}
|
|
64
|
+
if (basicCredentials && body.client_secret) {
|
|
65
|
+
throwInvalidClientCredentialsWithBasicChallenge(c);
|
|
66
|
+
}
|
|
67
|
+
if (basicCredentials && body.client_id) {
|
|
68
|
+
if (basicCredentials.clientId !== body.client_id) {
|
|
69
|
+
throwInvalidClientCredentialsWithBasicChallenge(c);
|
|
70
|
+
}
|
|
71
|
+
}
|
|
72
|
+
const clientId = basicCredentials?.clientId ?? body.client_id;
|
|
73
|
+
if (!clientId) {
|
|
74
|
+
throw new e.InvalidClientCredentials.Error();
|
|
75
|
+
}
|
|
58
76
|
// 1. Validate client
|
|
59
|
-
const client = await oauthClientService.findByClientId(
|
|
77
|
+
const client = await oauthClientService.findByClientId(clientId);
|
|
60
78
|
if (!client.enabled) {
|
|
61
79
|
throw new e.OAuthClientDisabled.Error();
|
|
62
80
|
}
|
|
63
|
-
// 2.
|
|
64
|
-
|
|
65
|
-
|
|
66
|
-
|
|
67
|
-
|
|
81
|
+
// 2. Confidential clients must authenticate; public clients must not.
|
|
82
|
+
const clientSecret = basicCredentials?.clientSecret ?? body.client_secret;
|
|
83
|
+
try {
|
|
84
|
+
await oauthClientService.validateClientSecretIfRequired(clientId, clientSecret);
|
|
85
|
+
}
|
|
86
|
+
catch (err) {
|
|
87
|
+
if (authorizationHeader) {
|
|
88
|
+
setBasicClientAuthChallengeIfInvalidClientCredentials(c, err);
|
|
68
89
|
}
|
|
90
|
+
throw err;
|
|
69
91
|
}
|
|
70
92
|
// 3. Handle grant type
|
|
71
93
|
if (body.grant_type === 'authorization_code') {
|
|
@@ -78,7 +100,7 @@ export const tokenPost = new Hono().post('/token', describeRoute({
|
|
|
78
100
|
const tokens = await oauthTokenService.exchangeAuthorizationCode({
|
|
79
101
|
code: body.code,
|
|
80
102
|
redirectUri: body.redirect_uri,
|
|
81
|
-
clientId
|
|
103
|
+
clientId,
|
|
82
104
|
codeVerifier: body.code_verifier ?? undefined,
|
|
83
105
|
});
|
|
84
106
|
return c.json(tokens, 200);
|
|
@@ -89,7 +111,7 @@ export const tokenPost = new Hono().post('/token', describeRoute({
|
|
|
89
111
|
}
|
|
90
112
|
const tokens = await oauthTokenService.refreshAccessToken({
|
|
91
113
|
refreshToken: body.refresh_token,
|
|
92
|
-
clientId
|
|
114
|
+
clientId,
|
|
93
115
|
});
|
|
94
116
|
return c.json(tokens, 200);
|
|
95
117
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../src/routes/oauth/token/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,8BAA8B,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,8BAA8B,CAAC;
|
|
1
|
+
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../src/routes/oauth/token/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,8BAA8B,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,2BAA2B,CAAC;AAC9C,OAAO,EAAE,CAAC,EAAE,MAAM,8BAA8B,CAAC;AACjD,OAAO,EACL,2BAA2B,EAC3B,qDAAqD,EACrD,+CAA+C,GAChD,MAAM,mBAAmB,CAAC;AAE3B,MAAM,gBAAgB,GAAG,CAAC;KACvB,MAAM,CAAC;IACN,UAAU,EAAE,CAAC,CAAC,SAAS;IACvB,IAAI,EAAE,CAAC,CAAC,iBAAiB,CAAC,QAAQ,EAAE;IACpC,YAAY,EAAE,CAAC,CAAC,WAAW,CAAC,QAAQ,EAAE;IACtC,SAAS,EAAE,CAAC,CAAC,QAAQ,CAAC,QAAQ,EAAE;IAChC,aAAa,EAAE,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE;IACxC,aAAa,EAAE,CAAC,CAAC,YAAY,CAAC,QAAQ,EAAE;IACxC,aAAa,EAAE,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE;CAClC,CAAC;KACD,QAAQ,CAAC,8BAA8B,CAAC,CAAC;AAE5C,MAAM,CAAC,MAAM,SAAS,GAAG,IAAI,IAAI,EAAU,CAAC,IAAI,CAC9C,QAAQ,EACR,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,MAAM,CAAC;IACnB,OAAO,EAAE,OAAO;IAChB,WAAW,EACT,mGAAmG;IACrG,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,aAAa,CAAC;iBAClC;aACF;YACD,WAAW,EAAE,SAAS;SACvB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,mBAAmB,CAAC,MAAM;wBAC5B,CAAC,CAAC,wBAAwB,CAAC,MAAM;wBACjC,CAAC,CAAC,kBAAkB,CAAC,MAAM;wBAC3B,CAAC,CAAC,mBAAmB,CAAC,MAAM;wBAC5B,CAAC,CAAC,oBAAoB,CAAC,MAAM;qBAC9B,CAAC,CACH;iBACF;aACF;YACD,WAAW,EACT,6EAA6E;SAChF;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,wBAAwB,CAAC,MAAM,CAAC;iBACpD;aACF;YACD,WAAW,EAAE,4BAA4B;SAC1C;KACF;CACF,CAAC,EACF,SAAS,CAAC,MAAM,EAAE,gBAAgB,CAAC,EACnC,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,EAAE,kBAAkB,EAAE,iBAAiB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IAEjE,MAAM,mBAAmB,GAAG,CAAC,CAAC,GAAG,CAAC,MAAM,CAAC,eAAe,CAAC,CAAC;IAC1D,MAAM,gBAAgB,GAAG,2BAA2B,CAAC,mBAAmB,CAAC,CAAC;IAE1E,IAAI,gBAAgB,KAAK,IAAI,EAAE,CAAC;QAC9B,+CAA+C,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,IAAI,gBAAgB,IAAI,IAAI,CAAC,aAAa,EAAE,CAAC;QAC3C,+CAA+C,CAAC,CAAC,CAAC,CAAC;IACrD,CAAC;IAED,IAAI,gBAAgB,IAAI,IAAI,CAAC,SAAS,EAAE,CAAC;QACvC,IAAI,gBAAgB,CAAC,QAAQ,KAAK,IAAI,CAAC,SAAS,EAAE,CAAC;YACjD,+CAA+C,CAAC,CAAC,CAAC,CAAC;QACrD,CAAC;IACH,CAAC;IAED,MAAM,QAAQ,GAAG,gBAAgB,EAAE,QAAQ,IAAI,IAAI,CAAC,SAAS,CAAC;IAC9D,IAAI,CAAC,QAAQ,EAAE,CAAC;QACd,MAAM,IAAI,CAAC,CAAC,wBAAwB,CAAC,KAAK,EAAE,CAAC;IAC/C,CAAC;IAED,qBAAqB;IACrB,MAAM,MAAM,GAAG,MAAM,kBAAkB,CAAC,cAAc,CAAC,QAAQ,CAAC,CAAC;IAEjE,IAAI,CAAC,MAAM,CAAC,OAAO,EAAE,CAAC;QACpB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,sEAAsE;IACtE,MAAM,YAAY,GAAG,gBAAgB,EAAE,YAAY,IAAI,IAAI,CAAC,aAAa,CAAC;IAE1E,IAAI,CAAC;QACH,MAAM,kBAAkB,CAAC,8BAA8B,CACrD,QAAQ,EACR,YAAY,CACb,CAAC;IACJ,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,IAAI,mBAAmB,EAAE,CAAC;YACxB,qDAAqD,CAAC,CAAC,EAAE,GAAG,CAAC,CAAC;QAChE,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;IAED,uBAAuB;IACvB,IAAI,IAAI,CAAC,UAAU,KAAK,oBAAoB,EAAE,CAAC;QAC7C,IAAI,CAAC,IAAI,CAAC,IAAI,EAAE,CAAC;YACf,MAAM,IAAI,CAAC,CAAC,wBAAwB,CAAC,KAAK,EAAE,CAAC;QAC/C,CAAC;QACD,IAAI,CAAC,IAAI,CAAC,YAAY,EAAE,CAAC;YACvB,MAAM,IAAI,CAAC,CAAC,kBAAkB,CAAC,KAAK,EAAE,CAAC;QACzC,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,yBAAyB,CAAC;YAC/D,IAAI,EAAE,IAAI,CAAC,IAAI;YACf,WAAW,EAAE,IAAI,CAAC,YAAY;YAC9B,QAAQ;YACR,YAAY,EAAE,IAAI,CAAC,aAAa,IAAI,SAAS;SAC9C,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,IAAI,IAAI,CAAC,UAAU,KAAK,eAAe,EAAE,CAAC;QACxC,IAAI,CAAC,IAAI,CAAC,aAAa,EAAE,CAAC;YACxB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;QAC1C,CAAC;QAED,MAAM,MAAM,GAAG,MAAM,iBAAiB,CAAC,kBAAkB,CAAC;YACxD,YAAY,EAAE,IAAI,CAAC,aAAa;YAChC,QAAQ;SACT,CAAC,CAAC;QAEH,OAAO,CAAC,CAAC,IAAI,CAAC,MAAM,EAAE,GAAG,CAAC,CAAC;IAC7B,CAAC;IAED,MAAM,IAAI,CAAC,CAAC,oBAAoB,CAAC,KAAK,EAAE,CAAC;AAC3C,CAAC,CACF,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"field.d.ts","sourceRoot":"","sources":["../../src/schemas/field.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAQxB,eAAO,MAAM,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
|
|
1
|
+
{"version":3,"file":"field.d.ts","sourceRoot":"","sources":["../../src/schemas/field.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAQxB,eAAO,MAAM,CAAC;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;IAmHZ;;;OAGG;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;CA4EJ,CAAC"}
|
package/dist/schemas/field.js
CHANGED
|
@@ -93,6 +93,10 @@ export const f = {
|
|
|
93
93
|
.string()
|
|
94
94
|
.min(1)
|
|
95
95
|
.max(2000)
|
|
96
|
+
.refine((value) => value.startsWith('/') &&
|
|
97
|
+
!value.startsWith('//') &&
|
|
98
|
+
!value.includes('\r') &&
|
|
99
|
+
!value.includes('\n'), { message: 'Return URL must be a local path' })
|
|
96
100
|
.describe('Return URL or path to redirect after completion'),
|
|
97
101
|
// i18n fields
|
|
98
102
|
languageCode: z
|