@tinyrack/tinyauth-server 0.0.15 → 0.1.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist/entrypoints/app.d.ts +49 -2
- package/dist/entrypoints/app.d.ts.map +1 -1
- package/dist/entrypoints/app.js +5 -0
- package/dist/entrypoints/app.js.map +1 -1
- package/dist/entrypoints/database/postgres/postgres.d.ts.map +1 -1
- package/dist/entrypoints/database/postgres/postgres.js +1 -0
- package/dist/entrypoints/database/postgres/postgres.js.map +1 -1
- package/dist/entrypoints/database/sqlite/sqlite.d.ts.map +1 -1
- package/dist/entrypoints/database/sqlite/sqlite.js +1 -0
- package/dist/entrypoints/database/sqlite/sqlite.js.map +1 -1
- package/dist/entrypoints/identity-providers/apple.d.ts +1 -0
- package/dist/entrypoints/identity-providers/apple.d.ts.map +1 -1
- package/dist/entrypoints/identity-providers/apple.js +1 -0
- package/dist/entrypoints/identity-providers/apple.js.map +1 -1
- package/dist/entrypoints/identity-providers/generic-oauth.d.ts +2 -0
- package/dist/entrypoints/identity-providers/generic-oauth.d.ts.map +1 -1
- package/dist/entrypoints/identity-providers/generic-oauth.js +2 -0
- package/dist/entrypoints/identity-providers/generic-oauth.js.map +1 -1
- package/dist/lib/config/client.d.ts.map +1 -1
- package/dist/lib/config/client.js +5 -1
- package/dist/lib/config/client.js.map +1 -1
- package/dist/lib/config/identity-providers.d.ts +4 -0
- package/dist/lib/config/identity-providers.d.ts.map +1 -1
- package/dist/lib/config/identity-providers.js +25 -8
- package/dist/lib/config/identity-providers.js.map +1 -1
- package/dist/lib/config/resolved.d.ts +2 -0
- package/dist/lib/config/resolved.d.ts.map +1 -1
- package/dist/lib/config/url-policy.d.ts +4 -0
- package/dist/lib/config/url-policy.d.ts.map +1 -0
- package/dist/lib/config/url-policy.js +38 -0
- package/dist/lib/config/url-policy.js.map +1 -0
- package/dist/lib/pkce.d.ts.map +1 -1
- package/dist/lib/pkce.js +8 -1
- package/dist/lib/pkce.js.map +1 -1
- package/dist/middleware/csrf.d.ts +2 -0
- package/dist/middleware/csrf.d.ts.map +1 -0
- package/dist/middleware/csrf.js +51 -0
- package/dist/middleware/csrf.js.map +1 -0
- package/dist/middleware/session.d.ts.map +1 -1
- package/dist/middleware/session.js +2 -0
- package/dist/middleware/session.js.map +1 -1
- package/dist/repositories/revoked-token.repository.d.ts +20 -0
- package/dist/repositories/revoked-token.repository.d.ts.map +1 -1
- package/dist/repositories/revoked-token.repository.js +44 -1
- package/dist/repositories/revoked-token.repository.js.map +1 -1
- package/dist/routes/api/auth/passkey/verify/post.d.ts.map +1 -1
- package/dist/routes/api/auth/passkey/verify/post.js +1 -1
- package/dist/routes/api/auth/passkey/verify/post.js.map +1 -1
- package/dist/routes/api/index.d.ts +38 -0
- package/dist/routes/api/index.d.ts.map +1 -1
- package/dist/routes/api/oauth/_provider/authorize/get.d.ts.map +1 -1
- package/dist/routes/api/oauth/_provider/authorize/get.js +13 -1
- package/dist/routes/api/oauth/_provider/authorize/get.js.map +1 -1
- package/dist/routes/api/oauth/_provider/callback/get.d.ts +19 -0
- package/dist/routes/api/oauth/_provider/callback/get.d.ts.map +1 -1
- package/dist/routes/api/oauth/_provider/callback/get.js +19 -10
- package/dist/routes/api/oauth/_provider/callback/get.js.map +1 -1
- package/dist/routes/api/oauth/_provider/callback/post.d.ts +19 -0
- package/dist/routes/api/oauth/_provider/callback/post.d.ts.map +1 -1
- package/dist/routes/api/oauth/_provider/callback/post.js +49 -11
- package/dist/routes/api/oauth/_provider/callback/post.js.map +1 -1
- package/dist/routes/api/oauth/index.d.ts +38 -0
- package/dist/routes/api/oauth/index.d.ts.map +1 -1
- package/dist/routes/index.d.ts +47 -2
- package/dist/routes/index.d.ts.map +1 -1
- package/dist/routes/oauth/.well-known/openid-configuration/get.d.ts +4 -0
- package/dist/routes/oauth/.well-known/openid-configuration/get.d.ts.map +1 -1
- package/dist/routes/oauth/.well-known/openid-configuration/get.js +25 -2
- package/dist/routes/oauth/.well-known/openid-configuration/get.js.map +1 -1
- package/dist/routes/oauth/authorize/get.d.ts +2 -0
- package/dist/routes/oauth/authorize/get.d.ts.map +1 -1
- package/dist/routes/oauth/authorize/get.js +4 -0
- package/dist/routes/oauth/authorize/get.js.map +1 -1
- package/dist/routes/oauth/client-auth.d.ts +10 -0
- package/dist/routes/oauth/client-auth.d.ts.map +1 -0
- package/dist/routes/oauth/client-auth.js +57 -0
- package/dist/routes/oauth/client-auth.js.map +1 -0
- package/dist/routes/oauth/index.d.ts +9 -2
- package/dist/routes/oauth/index.d.ts.map +1 -1
- package/dist/routes/oauth/introspect/post.d.ts +1 -0
- package/dist/routes/oauth/introspect/post.d.ts.map +1 -1
- package/dist/routes/oauth/introspect/post.js +36 -12
- package/dist/routes/oauth/introspect/post.js.map +1 -1
- package/dist/routes/oauth/revoke/post.d.ts.map +1 -1
- package/dist/routes/oauth/revoke/post.js +30 -12
- package/dist/routes/oauth/revoke/post.js.map +1 -1
- package/dist/routes/oauth/token/post.d.ts +2 -2
- package/dist/routes/oauth/token/post.d.ts.map +1 -1
- package/dist/routes/oauth/token/post.js +32 -9
- package/dist/routes/oauth/token/post.js.map +1 -1
- package/dist/routes/oauth/userinfo/get.d.ts.map +1 -1
- package/dist/routes/oauth/userinfo/get.js +3 -0
- package/dist/routes/oauth/userinfo/get.js.map +1 -1
- package/dist/schemas/error.d.ts +75 -0
- package/dist/schemas/error.d.ts.map +1 -1
- package/dist/schemas/error.js +3 -0
- package/dist/schemas/error.js.map +1 -1
- package/dist/schemas/field.d.ts +1 -6
- package/dist/schemas/field.d.ts.map +1 -1
- package/dist/schemas/field.js +6 -3
- package/dist/schemas/field.js.map +1 -1
- package/dist/schemas/oauth.d.ts +1 -1
- package/dist/schemas/oauth.js +1 -1
- package/dist/schemas/oauth.js.map +1 -1
- package/dist/schemas/response.d.ts +1 -1
- package/dist/services/container.d.ts +2 -0
- package/dist/services/container.d.ts.map +1 -1
- package/dist/services/jwt.service.d.ts +6 -0
- package/dist/services/jwt.service.d.ts.map +1 -1
- package/dist/services/jwt.service.js +60 -34
- package/dist/services/jwt.service.js.map +1 -1
- package/dist/services/oauth-authorize.service.d.ts +5 -0
- package/dist/services/oauth-authorize.service.d.ts.map +1 -1
- package/dist/services/oauth-authorize.service.js +67 -9
- package/dist/services/oauth-authorize.service.js.map +1 -1
- package/dist/services/oauth-client.service.d.ts +3 -0
- package/dist/services/oauth-client.service.d.ts.map +1 -1
- package/dist/services/oauth-client.service.js +31 -0
- package/dist/services/oauth-client.service.js.map +1 -1
- package/dist/services/oauth-connect.service.d.ts +6 -8
- package/dist/services/oauth-connect.service.d.ts.map +1 -1
- package/dist/services/oauth-connect.service.js +158 -20
- package/dist/services/oauth-connect.service.js.map +1 -1
- package/dist/services/oauth-token.service.d.ts +11 -3
- package/dist/services/oauth-token.service.d.ts.map +1 -1
- package/dist/services/oauth-token.service.js +153 -50
- package/dist/services/oauth-token.service.js.map +1 -1
- package/dist/services/passkey.service.d.ts +1 -1
- package/dist/services/passkey.service.d.ts.map +1 -1
- package/dist/services/passkey.service.js +11 -3
- package/dist/services/passkey.service.js.map +1 -1
- package/package.json +1 -1
- package/public/assets/{index-KMvNrUPy.js → index-DaJe6s9D.js} +26 -26
- package/public/assets/{index-KMvNrUPy.js.map → index-DaJe6s9D.js.map} +1 -1
- package/public/index.html +1 -1
- package/readme.md +74 -25
|
@@ -44,6 +44,8 @@ export function sessionMiddleware(cookieSecret, isSecure) {
|
|
|
44
44
|
setUserSession(userSub, authenticatedAt) {
|
|
45
45
|
delete data.pending2FAUser;
|
|
46
46
|
delete data.pending2FASetup;
|
|
47
|
+
delete data.oauth;
|
|
48
|
+
delete data.passkey_challenge;
|
|
47
49
|
data.user = {
|
|
48
50
|
sub: userSub,
|
|
49
51
|
authenticated_at: authenticatedAt ?? Math.floor(Date.now() / 1000),
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/middleware/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AA8DpD,MAAM,UAAU,iBAAiB,CAAC,YAAoB,EAAE,QAAiB;IACvE,OAAO,gBAAgB,CAAa,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACpD,MAAM,WAAW,GAAG,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QAE5C,IAAI,WAAW,GAAgB,EAAE,CAAC;QAClC,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;YAC3D,IAAI,SAAS,EAAE,CAAC;gBACd,IAAI,CAAC;oBACH,iDAAiD;oBACjD,+CAA+C;oBAC/C,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAgB,CAAC;gBACrD,CAAC;gBAAC,MAAM,CAAC;oBACP,WAAW,GAAG,EAAE,CAAC;gBACnB,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,MAAM,IAAI,GAAgB,IAAI,KAAK,CAAC,WAAW,EAAE;YAC/C,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK;gBACrB,OAAO,GAAG,IAAI,CAAC;gBACf,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YAC1C,CAAC;YACD,cAAc,CAAC,MAAM,EAAE,IAAI;gBACzB,OAAO,GAAG,IAAI,CAAC;gBACf,OAAO,OAAO,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;YAC9C,CAAC;SACF,CAAC,CAAC;QAEH,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE;YACf,GAAG,CAA8B,GAAM;gBACrC,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;YACnB,CAAC;YACD,GAAG,CAA8B,GAAM,EAAE,KAAqB;gBAC5D,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACpB,CAAC;YACD,MAAM;gBACJ,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACpC,OAAO,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC;YACD,cAAc,CAAC,OAAe,EAAE,eAAwB;gBACtD,OAAO,IAAI,CAAC,cAAc,CAAC;gBAC3B,OAAO,IAAI,CAAC,eAAe,CAAC;gBAC5B,IAAI,CAAC,IAAI,GAAG;oBACV,GAAG,EAAE,OAAO;oBACZ,gBAAgB,EAAE,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;iBACnE,CAAC;YACJ,CAAC;YACD,oBAAoB,CAAC,OAAe,EAAE,eAAwB;gBAC5D,OAAO,IAAI,CAAC,IAAI,CAAC;gBACjB,OAAO,IAAI,CAAC,eAAe,CAAC;gBAC5B,IAAI,CAAC,cAAc,GAAG;oBACpB,GAAG,EAAE,OAAO;oBACZ,gBAAgB,EAAE,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;iBACnE,CAAC;YACJ,CAAC;YACD,yBAAyB,CAAC,OAAe;gBACvC,OAAO,IAAI,CAAC,IAAI,CAAC;gBACjB,OAAO,IAAI,CAAC,cAAc,CAAC;gBAC3B,IAAI,CAAC,eAAe,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;YAC1C,CAAC;YACD,iBAAiB;gBACf,OAAO,IAAI,CAAC,IAAI,CAAC;gBACjB,OAAO,IAAI,CAAC,cAAc,CAAC;gBAC3B,OAAO,IAAI,CAAC,eAAe,CAAC;YAC9B,CAAC;SACF,CAAC,CAAC;QAEH,MAAM,IAAI,EAAE,CAAC;QAEb,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;YACxE,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,SAAS,GAAG,MAAM,OAAO,CAC7B,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAC3B,YAAY,CACb,CAAC;gBACF,SAAS,CAAC,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE;oBACjC,IAAI,EAAE,GAAG;oBACT,QAAQ,EAAE,IAAI;oBACd,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE,KAAK;iBAChB,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,YAAY,CAAC,CAAC,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
1
|
+
{"version":3,"file":"session.js","sourceRoot":"","sources":["../../src/middleware/session.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACjE,OAAO,EAAE,gBAAgB,EAAE,MAAM,cAAc,CAAC;AAChD,OAAO,EAAE,OAAO,EAAE,OAAO,EAAE,MAAM,kBAAkB,CAAC;AA8DpD,MAAM,UAAU,iBAAiB,CAAC,YAAoB,EAAE,QAAiB;IACvE,OAAO,gBAAgB,CAAa,KAAK,EAAE,CAAC,EAAE,IAAI,EAAE,EAAE;QACpD,MAAM,WAAW,GAAG,SAAS,CAAC,CAAC,EAAE,SAAS,CAAC,CAAC;QAE5C,IAAI,WAAW,GAAgB,EAAE,CAAC;QAClC,IAAI,WAAW,EAAE,CAAC;YAChB,MAAM,SAAS,GAAG,MAAM,OAAO,CAAC,WAAW,EAAE,YAAY,CAAC,CAAC;YAC3D,IAAI,SAAS,EAAE,CAAC;gBACd,IAAI,CAAC;oBACH,iDAAiD;oBACjD,+CAA+C;oBAC/C,WAAW,GAAG,IAAI,CAAC,KAAK,CAAC,SAAS,CAAgB,CAAC;gBACrD,CAAC;gBAAC,MAAM,CAAC;oBACP,WAAW,GAAG,EAAE,CAAC;gBACnB,CAAC;YACH,CAAC;QACH,CAAC;QAED,IAAI,OAAO,GAAG,KAAK,CAAC;QACpB,MAAM,IAAI,GAAgB,IAAI,KAAK,CAAC,WAAW,EAAE;YAC/C,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK;gBACrB,OAAO,GAAG,IAAI,CAAC;gBACf,OAAO,OAAO,CAAC,GAAG,CAAC,MAAM,EAAE,IAAI,EAAE,KAAK,CAAC,CAAC;YAC1C,CAAC;YACD,cAAc,CAAC,MAAM,EAAE,IAAI;gBACzB,OAAO,GAAG,IAAI,CAAC;gBACf,OAAO,OAAO,CAAC,cAAc,CAAC,MAAM,EAAE,IAAI,CAAC,CAAC;YAC9C,CAAC;SACF,CAAC,CAAC;QAEH,CAAC,CAAC,GAAG,CAAC,SAAS,EAAE;YACf,GAAG,CAA8B,GAAM;gBACrC,OAAO,IAAI,CAAC,GAAG,CAAC,CAAC;YACnB,CAAC;YACD,GAAG,CAA8B,GAAM,EAAE,KAAqB;gBAC5D,IAAI,CAAC,GAAG,CAAC,GAAG,KAAK,CAAC;YACpB,CAAC;YACD,MAAM;gBACJ,KAAK,MAAM,GAAG,IAAI,MAAM,CAAC,IAAI,CAAC,IAAI,CAAC,EAAE,CAAC;oBACpC,OAAO,CAAC,cAAc,CAAC,IAAI,EAAE,GAAG,CAAC,CAAC;gBACpC,CAAC;YACH,CAAC;YACD,cAAc,CAAC,OAAe,EAAE,eAAwB;gBACtD,OAAO,IAAI,CAAC,cAAc,CAAC;gBAC3B,OAAO,IAAI,CAAC,eAAe,CAAC;gBAC5B,OAAO,IAAI,CAAC,KAAK,CAAC;gBAClB,OAAO,IAAI,CAAC,iBAAiB,CAAC;gBAC9B,IAAI,CAAC,IAAI,GAAG;oBACV,GAAG,EAAE,OAAO;oBACZ,gBAAgB,EAAE,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;iBACnE,CAAC;YACJ,CAAC;YACD,oBAAoB,CAAC,OAAe,EAAE,eAAwB;gBAC5D,OAAO,IAAI,CAAC,IAAI,CAAC;gBACjB,OAAO,IAAI,CAAC,eAAe,CAAC;gBAC5B,IAAI,CAAC,cAAc,GAAG;oBACpB,GAAG,EAAE,OAAO;oBACZ,gBAAgB,EAAE,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC;iBACnE,CAAC;YACJ,CAAC;YACD,yBAAyB,CAAC,OAAe;gBACvC,OAAO,IAAI,CAAC,IAAI,CAAC;gBACjB,OAAO,IAAI,CAAC,cAAc,CAAC;gBAC3B,IAAI,CAAC,eAAe,GAAG,EAAE,GAAG,EAAE,OAAO,EAAE,CAAC;YAC1C,CAAC;YACD,iBAAiB;gBACf,OAAO,IAAI,CAAC,IAAI,CAAC;gBACjB,OAAO,IAAI,CAAC,cAAc,CAAC;gBAC3B,OAAO,IAAI,CAAC,eAAe,CAAC;YAC9B,CAAC;SACF,CAAC,CAAC;QAEH,MAAM,IAAI,EAAE,CAAC;QAEb,IAAI,OAAO,EAAE,CAAC;YACZ,MAAM,OAAO,GAAG,MAAM,CAAC,MAAM,CAAC,WAAW,CAAC,CAAC,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,KAAK,SAAS,CAAC,CAAC;YACxE,IAAI,OAAO,EAAE,CAAC;gBACZ,MAAM,SAAS,GAAG,MAAM,OAAO,CAC7B,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAC3B,YAAY,CACb,CAAC;gBACF,SAAS,CAAC,CAAC,EAAE,SAAS,EAAE,SAAS,EAAE;oBACjC,IAAI,EAAE,GAAG;oBACT,QAAQ,EAAE,IAAI;oBACd,MAAM,EAAE,QAAQ;oBAChB,QAAQ,EAAE,KAAK;iBAChB,CAAC,CAAC;YACL,CAAC;iBAAM,CAAC;gBACN,YAAY,CAAC,CAAC,EAAE,SAAS,EAAE,EAAE,IAAI,EAAE,GAAG,EAAE,CAAC,CAAC;YAC5C,CAAC;QACH,CAAC;IACH,CAAC,CAAC,CAAC;AACL,CAAC"}
|
|
@@ -8,6 +8,7 @@ import type { IRevokedTokenEntity, TokenType } from '../entities/revoked-token.e
|
|
|
8
8
|
* by user/client combination.
|
|
9
9
|
*/
|
|
10
10
|
export declare class RevokedTokenRepository extends EntityRepository<IRevokedTokenEntity> {
|
|
11
|
+
private grantRevocationJti;
|
|
11
12
|
/**
|
|
12
13
|
* Revoke a single token by its JTI
|
|
13
14
|
*
|
|
@@ -21,6 +22,24 @@ export declare class RevokedTokenRepository extends EntityRepository<IRevokedTok
|
|
|
21
22
|
userSub: string;
|
|
22
23
|
expires_at: Date;
|
|
23
24
|
}): Promise<IRevokedTokenEntity>;
|
|
25
|
+
/**
|
|
26
|
+
* Revoke a single token only if it has not already been revoked.
|
|
27
|
+
*
|
|
28
|
+
* @returns true when this call created the revocation entry.
|
|
29
|
+
*/
|
|
30
|
+
revokeTokenOnce(params: {
|
|
31
|
+
jti: string;
|
|
32
|
+
token_type: TokenType;
|
|
33
|
+
clientId: string;
|
|
34
|
+
userSub: string;
|
|
35
|
+
expires_at: Date;
|
|
36
|
+
}): Promise<boolean>;
|
|
37
|
+
revokeGrant(params: {
|
|
38
|
+
grantId: string;
|
|
39
|
+
clientId: string;
|
|
40
|
+
userSub: string;
|
|
41
|
+
expires_at: Date;
|
|
42
|
+
}): Promise<IRevokedTokenEntity>;
|
|
24
43
|
/**
|
|
25
44
|
* Check if a token is revoked by its JTI
|
|
26
45
|
*
|
|
@@ -28,5 +47,6 @@ export declare class RevokedTokenRepository extends EntityRepository<IRevokedTok
|
|
|
28
47
|
* @returns true if the token is revoked
|
|
29
48
|
*/
|
|
30
49
|
isRevoked(jti: string): Promise<boolean>;
|
|
50
|
+
isGrantRevoked(grantId: string): Promise<boolean>;
|
|
31
51
|
}
|
|
32
52
|
//# sourceMappingURL=revoked-token.repository.d.ts.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"revoked-token.repository.d.ts","sourceRoot":"","sources":["../../src/repositories/revoked-token.repository.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"revoked-token.repository.d.ts","sourceRoot":"","sources":["../../src/repositories/revoked-token.repository.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAEjB,MAAM,iBAAiB,CAAC;AACzB,OAAO,KAAK,EACV,mBAAmB,EACnB,SAAS,EACV,MAAM,qCAAqC,CAAC;AAE7C;;;;;;GAMG;AACH,qBAAa,sBAAuB,SAAQ,gBAAgB,CAAC,mBAAmB,CAAC;IAC/E,OAAO,CAAC,kBAAkB;IAI1B;;;;;OAKG;IACG,WAAW,CAAC,MAAM,EAAE;QACxB,GAAG,EAAE,MAAM,CAAC;QACZ,UAAU,EAAE,SAAS,CAAC;QACtB,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,IAAI,CAAC;KAClB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAmBhC;;;;OAIG;IACG,eAAe,CAAC,MAAM,EAAE;QAC5B,GAAG,EAAE,MAAM,CAAC;QACZ,UAAU,EAAE,SAAS,CAAC;QACtB,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,IAAI,CAAC;KAClB,GAAG,OAAO,CAAC,OAAO,CAAC;IAyBd,WAAW,CAAC,MAAM,EAAE;QACxB,OAAO,EAAE,MAAM,CAAC;QAChB,QAAQ,EAAE,MAAM,CAAC;QACjB,OAAO,EAAE,MAAM,CAAC;QAChB,UAAU,EAAE,IAAI,CAAC;KAClB,GAAG,OAAO,CAAC,mBAAmB,CAAC;IAUhC;;;;;OAKG;IACG,SAAS,CAAC,GAAG,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;IAKxC,cAAc,CAAC,OAAO,EAAE,MAAM,GAAG,OAAO,CAAC,OAAO,CAAC;CAGxD"}
|
|
@@ -1,4 +1,4 @@
|
|
|
1
|
-
import { EntityRepository } from '@mikro-orm/core';
|
|
1
|
+
import { EntityRepository, UniqueConstraintViolationException, } from '@mikro-orm/core';
|
|
2
2
|
/**
|
|
3
3
|
* Repository for managing revoked tokens
|
|
4
4
|
*
|
|
@@ -7,6 +7,9 @@ import { EntityRepository } from '@mikro-orm/core';
|
|
|
7
7
|
* by user/client combination.
|
|
8
8
|
*/
|
|
9
9
|
export class RevokedTokenRepository extends EntityRepository {
|
|
10
|
+
grantRevocationJti(grantId) {
|
|
11
|
+
return `grant:${grantId}`;
|
|
12
|
+
}
|
|
10
13
|
/**
|
|
11
14
|
* Revoke a single token by its JTI
|
|
12
15
|
*
|
|
@@ -29,6 +32,43 @@ export class RevokedTokenRepository extends EntityRepository {
|
|
|
29
32
|
await this.getEntityManager().persist(entity).flush();
|
|
30
33
|
return entity;
|
|
31
34
|
}
|
|
35
|
+
/**
|
|
36
|
+
* Revoke a single token only if it has not already been revoked.
|
|
37
|
+
*
|
|
38
|
+
* @returns true when this call created the revocation entry.
|
|
39
|
+
*/
|
|
40
|
+
async revokeTokenOnce(params) {
|
|
41
|
+
const existing = await this.findOne({ jti: params.jti });
|
|
42
|
+
if (existing) {
|
|
43
|
+
return false;
|
|
44
|
+
}
|
|
45
|
+
const entity = this.create({
|
|
46
|
+
jti: params.jti,
|
|
47
|
+
token_type: params.token_type,
|
|
48
|
+
client: params.clientId,
|
|
49
|
+
user: params.userSub,
|
|
50
|
+
expires_at: params.expires_at,
|
|
51
|
+
});
|
|
52
|
+
try {
|
|
53
|
+
await this.getEntityManager().persist(entity).flush();
|
|
54
|
+
return true;
|
|
55
|
+
}
|
|
56
|
+
catch (error) {
|
|
57
|
+
if (error instanceof UniqueConstraintViolationException) {
|
|
58
|
+
return false;
|
|
59
|
+
}
|
|
60
|
+
throw error;
|
|
61
|
+
}
|
|
62
|
+
}
|
|
63
|
+
async revokeGrant(params) {
|
|
64
|
+
return this.revokeToken({
|
|
65
|
+
jti: this.grantRevocationJti(params.grantId),
|
|
66
|
+
token_type: 'refresh_token',
|
|
67
|
+
clientId: params.clientId,
|
|
68
|
+
userSub: params.userSub,
|
|
69
|
+
expires_at: params.expires_at,
|
|
70
|
+
});
|
|
71
|
+
}
|
|
32
72
|
/**
|
|
33
73
|
* Check if a token is revoked by its JTI
|
|
34
74
|
*
|
|
@@ -39,5 +79,8 @@ export class RevokedTokenRepository extends EntityRepository {
|
|
|
39
79
|
const count = await this.count({ jti });
|
|
40
80
|
return count > 0;
|
|
41
81
|
}
|
|
82
|
+
async isGrantRevoked(grantId) {
|
|
83
|
+
return this.isRevoked(this.grantRevocationJti(grantId));
|
|
84
|
+
}
|
|
42
85
|
}
|
|
43
86
|
//# sourceMappingURL=revoked-token.repository.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"revoked-token.repository.js","sourceRoot":"","sources":["../../src/repositories/revoked-token.repository.ts"],"names":[],"mappings":"AAAA,OAAO,
|
|
1
|
+
{"version":3,"file":"revoked-token.repository.js","sourceRoot":"","sources":["../../src/repositories/revoked-token.repository.ts"],"names":[],"mappings":"AAAA,OAAO,EACL,gBAAgB,EAChB,kCAAkC,GACnC,MAAM,iBAAiB,CAAC;AAMzB;;;;;;GAMG;AACH,MAAM,OAAO,sBAAuB,SAAQ,gBAAqC;IACvE,kBAAkB,CAAC,OAAe;QACxC,OAAO,SAAS,OAAO,EAAE,CAAC;IAC5B,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,WAAW,CAAC,MAMjB;QACC,2BAA2B;QAC3B,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;QACzD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,QAAQ,CAAC;QAClB,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YACzB,GAAG,EAAE,MAAM,CAAC,GAAG;YACf,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,MAAM,EAAE,MAAM,CAAC,QAAQ;YACvB,IAAI,EAAE,MAAM,CAAC,OAAO;YACpB,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC,CAAC;QAEH,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC;QACtD,OAAO,MAAM,CAAC;IAChB,CAAC;IAED;;;;OAIG;IACH,KAAK,CAAC,eAAe,CAAC,MAMrB;QACC,MAAM,QAAQ,GAAG,MAAM,IAAI,CAAC,OAAO,CAAC,EAAE,GAAG,EAAE,MAAM,CAAC,GAAG,EAAE,CAAC,CAAC;QACzD,IAAI,QAAQ,EAAE,CAAC;YACb,OAAO,KAAK,CAAC;QACf,CAAC;QAED,MAAM,MAAM,GAAG,IAAI,CAAC,MAAM,CAAC;YACzB,GAAG,EAAE,MAAM,CAAC,GAAG;YACf,UAAU,EAAE,MAAM,CAAC,UAAU;YAC7B,MAAM,EAAE,MAAM,CAAC,QAAQ;YACvB,IAAI,EAAE,MAAM,CAAC,OAAO;YACpB,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC,CAAC;QAEH,IAAI,CAAC;YACH,MAAM,IAAI,CAAC,gBAAgB,EAAE,CAAC,OAAO,CAAC,MAAM,CAAC,CAAC,KAAK,EAAE,CAAC;YACtD,OAAO,IAAI,CAAC;QACd,CAAC;QAAC,OAAO,KAAK,EAAE,CAAC;YACf,IAAI,KAAK,YAAY,kCAAkC,EAAE,CAAC;gBACxD,OAAO,KAAK,CAAC;YACf,CAAC;YACD,MAAM,KAAK,CAAC;QACd,CAAC;IACH,CAAC;IAED,KAAK,CAAC,WAAW,CAAC,MAKjB;QACC,OAAO,IAAI,CAAC,WAAW,CAAC;YACtB,GAAG,EAAE,IAAI,CAAC,kBAAkB,CAAC,MAAM,CAAC,OAAO,CAAC;YAC5C,UAAU,EAAE,eAAe;YAC3B,QAAQ,EAAE,MAAM,CAAC,QAAQ;YACzB,OAAO,EAAE,MAAM,CAAC,OAAO;YACvB,UAAU,EAAE,MAAM,CAAC,UAAU;SAC9B,CAAC,CAAC;IACL,CAAC;IAED;;;;;OAKG;IACH,KAAK,CAAC,SAAS,CAAC,GAAW;QACzB,MAAM,KAAK,GAAG,MAAM,IAAI,CAAC,KAAK,CAAC,EAAE,GAAG,EAAE,CAAC,CAAC;QACxC,OAAO,KAAK,GAAG,CAAC,CAAC;IACnB,CAAC;IAED,KAAK,CAAC,cAAc,CAAC,OAAe;QAClC,OAAO,IAAI,CAAC,SAAS,CAAC,IAAI,CAAC,kBAAkB,CAAC,OAAO,CAAC,CAAC,CAAC;IAC1D,CAAC;CACF"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/auth/passkey/verify/post.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;AAU5D,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;+
|
|
1
|
+
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/auth/passkey/verify/post.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;AAU5D,eAAO,MAAM,qBAAqB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;+BA2FjC,CAAC"}
|
|
@@ -62,7 +62,7 @@ export const authPasskeyVerifyPost = new Hono().post('/auth/passkey/verify', des
|
|
|
62
62
|
// differs from @simplewebauthn's AuthenticationResponseJSON due to
|
|
63
63
|
// exactOptionalPropertyTypes (userHandle?: string | undefined vs string).
|
|
64
64
|
const authResponse = body.response;
|
|
65
|
-
const passkeyUser = await passkeyService.verifyAuthentication(authResponse, challenge);
|
|
65
|
+
const passkeyUser = await passkeyService.verifyAuthentication(authResponse, challenge, pending2FA?.user.sub);
|
|
66
66
|
if (pending2FA && passkeyUser.sub !== pending2FA.user.sub) {
|
|
67
67
|
throw new e.PasskeyUserMismatch.Error();
|
|
68
68
|
}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../../../src/routes/api/auth/passkey/verify/post.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EACL,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,oCAAoC,CAAC;AAEvD,MAAM,CAAC,MAAM,qBAAqB,GAAG,IAAI,IAAI,EAAU,CAAC,IAAI,CAC1D,sBAAsB,EACtB,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;IACjB,QAAQ,EAAE,gBAAgB,CAAC,aAAa;IACxC,OAAO,EAAE,+BAA+B;IACxC,WAAW,EACT,8DAA8D;QAC9D,4CAA4C;QAC5C,mEAAmE;QACnE,uCAAuC;IACzC,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,EAAE;aACzD;YACD,WAAW,EAAE,SAAS;SACvB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,MAAM,CAAC;iBAC7C;aACF;YACD,WAAW,EACT,kEAAkE;SACrE;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,mBAAmB,CAAC,MAAM,CAAC;iBAC/C;aACF;YACD,WAAW,EAAE,uBAAuB;SACrC;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC;iBAC3C;aACF;YACD,WAAW,EAAE,mBAAmB;SACjC;KACF;CACF,CAAC,EACF,SAAS,CACP,MAAM,EACN,CAAC,CAAC,MAAM,CAAC;IACP,QAAQ,EAAE,CAAC,CAAC,0BAA0B;CACvC,CAAC,CACH,EACD,oBAAoB,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EACxC,sBAAsB,EAAE,EACxB,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC;IACrC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QACjC,MAAM,IAAI,CAAC,CAAC,iBAAiB,CAAC,KAAK,EAAE,CAAC;IACxC,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC;IAC9B,MAAM,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IAE9D,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,sBAAsB,CAAC;IAChD,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,wBAAwB,CAAC;IAEjD,+DAA+D;IAC/D,mEAAmE;IACnE,0EAA0E;IAC1E,MAAM,YAAY,GAAG,IAAI,CAAC,QAAsC,CAAC;IAEjE,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,oBAAoB,CAC3D,YAAY,EACZ,SAAS,
|
|
1
|
+
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../../../src/routes/api/auth/passkey/verify/post.ts"],"names":[],"mappings":"AACA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EACL,sBAAsB,EACtB,oBAAoB,GACrB,MAAM,mCAAmC,CAAC;AAC3C,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,oCAAoC,CAAC;AAEvD,MAAM,CAAC,MAAM,qBAAqB,GAAG,IAAI,IAAI,EAAU,CAAC,IAAI,CAC1D,sBAAsB,EACtB,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,IAAI,CAAC;IACjB,QAAQ,EAAE,gBAAgB,CAAC,aAAa;IACxC,OAAO,EAAE,+BAA+B;IACxC,WAAW,EACT,8DAA8D;QAC9D,4CAA4C;QAC5C,mEAAmE;QACnE,uCAAuC;IACzC,SAAS,EAAE;QACT,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE,EAAE,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,EAAE;aACzD;YACD,WAAW,EAAE,SAAS;SACvB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,iBAAiB,CAAC,MAAM,CAAC;iBAC7C;aACF;YACD,WAAW,EACT,kEAAkE;SACrE;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,mBAAmB,CAAC,MAAM,CAAC;iBAC/C;aACF;YACD,WAAW,EAAE,uBAAuB;SACrC;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,eAAe,CAAC,MAAM,CAAC;iBAC3C;aACF;YACD,WAAW,EAAE,mBAAmB;SACjC;KACF;CACF,CAAC,EACF,SAAS,CACP,MAAM,EACN,CAAC,CAAC,MAAM,CAAC;IACP,QAAQ,EAAE,CAAC,CAAC,0BAA0B;CACvC,CAAC,CACH,EACD,oBAAoB,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EACxC,sBAAsB,EAAE,EACxB,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC,MAAM,CAAC;IACrC,IAAI,CAAC,MAAM,CAAC,IAAI,CAAC,OAAO,CAAC,OAAO,EAAE,CAAC;QACjC,MAAM,IAAI,CAAC,CAAC,iBAAiB,CAAC,KAAK,EAAE,CAAC;IACxC,CAAC;IAED,MAAM,IAAI,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACjC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC;IAC9B,MAAM,EAAE,KAAK,EAAE,cAAc,EAAE,WAAW,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IAE9D,MAAM,UAAU,GAAG,CAAC,CAAC,GAAG,CAAC,sBAAsB,CAAC;IAChD,MAAM,SAAS,GAAG,CAAC,CAAC,GAAG,CAAC,wBAAwB,CAAC;IAEjD,+DAA+D;IAC/D,mEAAmE;IACnE,0EAA0E;IAC1E,MAAM,YAAY,GAAG,IAAI,CAAC,QAAsC,CAAC;IAEjE,MAAM,WAAW,GAAG,MAAM,cAAc,CAAC,oBAAoB,CAC3D,YAAY,EACZ,SAAS,EACT,UAAU,EAAE,IAAI,CAAC,GAAG,CACrB,CAAC;IAEF,IAAI,UAAU,IAAI,WAAW,CAAC,GAAG,KAAK,UAAU,CAAC,IAAI,CAAC,GAAG,EAAE,CAAC;QAC1D,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,MAAM,UAAU,GAAG,MAAM,KAAK,CAAC,IAAI,CAAC,WAAW,CAAC,WAAW,CAAC,GAAG,CAAC,CAAC;IACjE,MAAM,WAAW,GAAG,MAAM,WAAW,CAAC,uBAAuB,CAAC,UAAU,CAAC,CAAC;IAE1E,MAAM,QAAQ,GACZ,UAAU,EAAE,eAAe,IAAI,IAAI,CAAC,KAAK,CAAC,IAAI,CAAC,GAAG,EAAE,GAAG,IAAI,CAAC,CAAC;IAE/D,OAAO,CAAC,cAAc,CAAC,WAAW,CAAC,GAAG,EAAE,QAAQ,CAAC,CAAC;IAElD,OAAO,CAAC,CAAC,IAAI,CAAC,EAAE,IAAI,EAAE,WAAW,EAAE,EAAE,GAAG,CAAC,CAAC;AAC5C,CAAC,CACF,CAAC"}
|
|
@@ -886,6 +886,25 @@ export declare const apiRoutes: import("hono/hono-base").HonoBase<AppEnv, import
|
|
|
886
886
|
output: undefined;
|
|
887
887
|
outputFormat: "redirect";
|
|
888
888
|
status: 302;
|
|
889
|
+
} | {
|
|
890
|
+
input: {
|
|
891
|
+
param: {
|
|
892
|
+
provider: string;
|
|
893
|
+
};
|
|
894
|
+
} & {
|
|
895
|
+
query: {
|
|
896
|
+
code?: string | string[];
|
|
897
|
+
state?: string | string[];
|
|
898
|
+
error?: string | string[];
|
|
899
|
+
error_description?: string | string[];
|
|
900
|
+
};
|
|
901
|
+
};
|
|
902
|
+
output: {
|
|
903
|
+
code: any;
|
|
904
|
+
message: any;
|
|
905
|
+
};
|
|
906
|
+
outputFormat: "json";
|
|
907
|
+
status: any;
|
|
889
908
|
};
|
|
890
909
|
};
|
|
891
910
|
}, "/"> | import("hono/types").MergeSchemaPath<{
|
|
@@ -906,6 +925,25 @@ export declare const apiRoutes: import("hono/hono-base").HonoBase<AppEnv, import
|
|
|
906
925
|
output: undefined;
|
|
907
926
|
outputFormat: "redirect";
|
|
908
927
|
status: 302;
|
|
928
|
+
} | {
|
|
929
|
+
input: {
|
|
930
|
+
param: {
|
|
931
|
+
provider: string;
|
|
932
|
+
};
|
|
933
|
+
} & {
|
|
934
|
+
form: {
|
|
935
|
+
code?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
936
|
+
state?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
937
|
+
error?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
938
|
+
error_description?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
939
|
+
};
|
|
940
|
+
};
|
|
941
|
+
output: {
|
|
942
|
+
code: any;
|
|
943
|
+
message: any;
|
|
944
|
+
};
|
|
945
|
+
outputFormat: "json";
|
|
946
|
+
status: any;
|
|
909
947
|
};
|
|
910
948
|
};
|
|
911
949
|
}, "/"> | import("hono/types").MergeSchemaPath<{
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/routes/api/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAUnD,eAAO,MAAM,SAAS
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../src/routes/api/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,sBAAsB,CAAC;AAUnD,eAAO,MAAM,SAAS;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;wBAQI,CAAC"}
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/authorize/get.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"get.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/authorize/get.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;AAQ5D,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;qCA2FrC,CAAC"}
|
|
@@ -1,6 +1,8 @@
|
|
|
1
1
|
import { Hono } from 'hono';
|
|
2
|
+
import { setCookie } from 'hono/cookie';
|
|
2
3
|
import { describeRoute, resolver, validator } from 'hono-openapi';
|
|
3
4
|
import { z } from 'zod';
|
|
5
|
+
import { encrypt } from "../../../../../lib/crypto.js";
|
|
4
6
|
import { OPENAPI_SECURITY } from "../../../../../lib/openapi.js";
|
|
5
7
|
import { TAGS } from "../../../../../lib/swagger-tags.js";
|
|
6
8
|
import { verifyAuth } from "../../../../../middleware/auth.js";
|
|
@@ -43,7 +45,7 @@ export const oauthProviderAuthorizeGet = new Hono().get('/oauth/:provider/author
|
|
|
43
45
|
const { provider } = params;
|
|
44
46
|
const { mode, return_url } = query;
|
|
45
47
|
const session = c.var.session;
|
|
46
|
-
const { oauthConnectService } = c.var.services;
|
|
48
|
+
const { config, oauthConnectService } = c.var.services;
|
|
47
49
|
// Link mode requires authenticated user
|
|
48
50
|
if (mode === 'link') {
|
|
49
51
|
if (!c.var.verifiedUser) {
|
|
@@ -54,6 +56,16 @@ export const oauthProviderAuthorizeGet = new Hono().get('/oauth/:provider/author
|
|
|
54
56
|
const { url, sessionData } = await oauthConnectService.generateAuthorizationUrl(provider, mode, return_url);
|
|
55
57
|
// Store OAuth session data in secure session
|
|
56
58
|
session.set('oauth', sessionData);
|
|
59
|
+
const providerConfig = oauthConnectService.getProvider(provider);
|
|
60
|
+
if (providerConfig.response_mode === 'form_post') {
|
|
61
|
+
setCookie(c, 'oauth_state', await encrypt(JSON.stringify(sessionData), config.security.session_secret), {
|
|
62
|
+
path: `/api/oauth/${provider}/callback`,
|
|
63
|
+
httpOnly: true,
|
|
64
|
+
secure: true,
|
|
65
|
+
sameSite: 'None',
|
|
66
|
+
maxAge: 600,
|
|
67
|
+
});
|
|
68
|
+
}
|
|
57
69
|
// Redirect to OAuth provider
|
|
58
70
|
return c.redirect(url);
|
|
59
71
|
});
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get.js","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/authorize/get.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAC;AAC/D,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;AAEpD,MAAM,CAAC,MAAM,yBAAyB,GAAG,IAAI,IAAI,EAAU,CAAC,GAAG,CAC7D,4BAA4B,EAC5B,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC;IAC1B,QAAQ,EAAE,gBAAgB,CAAC,qBAAqB;IAChD,OAAO,EAAE,+BAA+B;IACxC,WAAW,EAAE,6DAA6D;IAC1E,SAAS,EAAE;QACT,GAAG,EAAE;YACH,WAAW,EAAE,4BAA4B;SAC1C;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC;iBACxC;aACF;YACD,WAAW,EAAE,cAAc;SAC5B;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC,MAAM,CAAC;iBACjD;aACF;YACD,WAAW,EAAE,0BAA0B;SACxC;KACF;CACF,CAAC,EACF,SAAS,CACP,OAAO,EACP,CAAC,CAAC,MAAM,CAAC;IACP,QAAQ,EAAE,CAAC,CAAC,YAAY;CACzB,CAAC,CACH,EACD,SAAS,CACP,OAAO,EACP,CAAC,CAAC,MAAM,CAAC;IACP,IAAI,EAAE,CAAC,CAAC,gBAAgB,CAAC,OAAO,CAAC,OAAO,CAAC;IACzC,UAAU,EAAE,CAAC,CAAC,SAAS,CAAC,QAAQ,EAAE;CACnC,CAAC,CACH,EACD,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC9B,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACpC,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAC5B,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,KAAK,CAAC;IACnC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC;IAC9B,MAAM,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;
|
|
1
|
+
{"version":3,"file":"get.js","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/authorize/get.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACxC,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,OAAO,EAAE,MAAM,8BAA8B,CAAC;AACvD,OAAO,EAAE,gBAAgB,EAAE,MAAM,+BAA+B,CAAC;AACjE,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,MAAM,mCAAmC,CAAC;AAC/D,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;AAEpD,MAAM,CAAC,MAAM,yBAAyB,GAAG,IAAI,IAAI,EAAU,CAAC,GAAG,CAC7D,4BAA4B,EAC5B,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC;IAC1B,QAAQ,EAAE,gBAAgB,CAAC,qBAAqB;IAChD,OAAO,EAAE,+BAA+B;IACxC,WAAW,EAAE,6DAA6D;IAC1E,SAAS,EAAE;QACT,GAAG,EAAE;YACH,WAAW,EAAE,4BAA4B;SAC1C;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,YAAY,CAAC,MAAM,CAAC;iBACxC;aACF;YACD,WAAW,EAAE,cAAc;SAC5B;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC,MAAM,CAAC;iBACjD;aACF;YACD,WAAW,EAAE,0BAA0B;SACxC;KACF;CACF,CAAC,EACF,SAAS,CACP,OAAO,EACP,CAAC,CAAC,MAAM,CAAC;IACP,QAAQ,EAAE,CAAC,CAAC,YAAY;CACzB,CAAC,CACH,EACD,SAAS,CACP,OAAO,EACP,CAAC,CAAC,MAAM,CAAC;IACP,IAAI,EAAE,CAAC,CAAC,gBAAgB,CAAC,OAAO,CAAC,OAAO,CAAC;IACzC,UAAU,EAAE,CAAC,CAAC,SAAS,CAAC,QAAQ,EAAE;CACnC,CAAC,CACH,EACD,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC9B,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,MAAM,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACpC,MAAM,KAAK,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACnC,MAAM,EAAE,QAAQ,EAAE,GAAG,MAAM,CAAC;IAC5B,MAAM,EAAE,IAAI,EAAE,UAAU,EAAE,GAAG,KAAK,CAAC;IACnC,MAAM,OAAO,GAAG,CAAC,CAAC,GAAG,CAAC,OAAO,CAAC;IAC9B,MAAM,EAAE,MAAM,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IAEvD,wCAAwC;IACxC,IAAI,IAAI,KAAK,MAAM,EAAE,CAAC;QACpB,IAAI,CAAC,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,CAAC;YACxB,MAAM,IAAI,CAAC,CAAC,YAAY,CAAC,KAAK,EAAE,CAAC;QACnC,CAAC;IACH,CAAC;IAED,8CAA8C;IAC9C,MAAM,EAAE,GAAG,EAAE,WAAW,EAAE,GACxB,MAAM,mBAAmB,CAAC,wBAAwB,CAChD,QAAQ,EACR,IAAI,EACJ,UAAU,CACX,CAAC;IAEJ,6CAA6C;IAC7C,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,WAAW,CAAC,CAAC;IAElC,MAAM,cAAc,GAAG,mBAAmB,CAAC,WAAW,CAAC,QAAQ,CAAC,CAAC;IACjE,IAAI,cAAc,CAAC,aAAa,KAAK,WAAW,EAAE,CAAC;QACjD,SAAS,CACP,CAAC,EACD,aAAa,EACb,MAAM,OAAO,CACX,IAAI,CAAC,SAAS,CAAC,WAAW,CAAC,EAC3B,MAAM,CAAC,QAAQ,CAAC,cAAc,CAC/B,EACD;YACE,IAAI,EAAE,cAAc,QAAQ,WAAW;YACvC,QAAQ,EAAE,IAAI;YACd,MAAM,EAAE,IAAI;YACZ,QAAQ,EAAE,MAAM;YAChB,MAAM,EAAE,GAAG;SACZ,CACF,CAAC;IACJ,CAAC;IAED,6BAA6B;IAC7B,OAAO,CAAC,CAAC,QAAQ,CAAC,GAAG,CAAC,CAAC;AACzB,CAAC,CACF,CAAC"}
|
|
@@ -17,6 +17,25 @@ export declare const oauthProviderCallbackGet: import("hono/hono-base").HonoBase
|
|
|
17
17
|
output: undefined;
|
|
18
18
|
outputFormat: "redirect";
|
|
19
19
|
status: 302;
|
|
20
|
+
} | {
|
|
21
|
+
input: {
|
|
22
|
+
param: {
|
|
23
|
+
provider: string;
|
|
24
|
+
};
|
|
25
|
+
} & {
|
|
26
|
+
query: {
|
|
27
|
+
code?: string | string[];
|
|
28
|
+
state?: string | string[];
|
|
29
|
+
error?: string | string[];
|
|
30
|
+
error_description?: string | string[];
|
|
31
|
+
};
|
|
32
|
+
};
|
|
33
|
+
output: {
|
|
34
|
+
code: any;
|
|
35
|
+
message: any;
|
|
36
|
+
};
|
|
37
|
+
outputFormat: "json";
|
|
38
|
+
status: any;
|
|
20
39
|
};
|
|
21
40
|
};
|
|
22
41
|
}, "/", "/oauth/:provider/callback">;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/get.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;
|
|
1
|
+
{"version":3,"file":"get.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/get.ts"],"names":[],"mappings":"AAGA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;AAQ5D,eAAO,MAAM,wBAAwB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;oCAoKpC,CAAC"}
|
|
@@ -3,7 +3,7 @@ import { describeRoute, resolver, validator } from 'hono-openapi';
|
|
|
3
3
|
import { z } from 'zod';
|
|
4
4
|
import { TAGS } from "../../../../../lib/swagger-tags.js";
|
|
5
5
|
import { verifyAuth, verifyOAuth } from "../../../../../middleware/auth.js";
|
|
6
|
-
import { e } from "../../../../../schemas/error.js";
|
|
6
|
+
import { e, TinyAuthError } from "../../../../../schemas/error.js";
|
|
7
7
|
import { f } from "../../../../../schemas/field.js";
|
|
8
8
|
import { r } from "../../../../../schemas/response.js";
|
|
9
9
|
export const oauthProviderCallbackGet = new Hono().get('/oauth/:provider/callback', describeRoute({
|
|
@@ -109,15 +109,24 @@ export const oauthProviderCallbackGet = new Hono().get('/oauth/:provider/callbac
|
|
|
109
109
|
if (!oauthSession) {
|
|
110
110
|
throw new e.OAuthSessionExpired.Error();
|
|
111
111
|
}
|
|
112
|
-
|
|
113
|
-
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
112
|
+
let result;
|
|
113
|
+
try {
|
|
114
|
+
result = await oauthConnectService.processOAuthCallback({
|
|
115
|
+
provider,
|
|
116
|
+
code,
|
|
117
|
+
state,
|
|
118
|
+
oauthSession,
|
|
119
|
+
userSub: c.var.verifiedUser?.user.sub,
|
|
120
|
+
requestUrl: c.req.url,
|
|
121
|
+
});
|
|
122
|
+
}
|
|
123
|
+
catch (err) {
|
|
124
|
+
session.set('oauth', undefined);
|
|
125
|
+
if (err instanceof TinyAuthError) {
|
|
126
|
+
return c.json(err.toJson(), err.status);
|
|
127
|
+
}
|
|
128
|
+
throw err;
|
|
129
|
+
}
|
|
121
130
|
session.set('oauth', undefined);
|
|
122
131
|
switch (result.action) {
|
|
123
132
|
case 'error_redirect':
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"get.js","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/get.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAC5E,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"get.js","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/get.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAC5E,OAAO,EAAE,CAAC,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,oCAAoC,CAAC;AAGvD,MAAM,CAAC,MAAM,wBAAwB,GAAG,IAAI,IAAI,EAAU,CAAC,GAAG,CAC5D,2BAA2B,EAC3B,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC;IAC1B,OAAO,EAAE,gBAAgB;IACzB,WAAW,EACT,mEAAmE;IACrE,SAAS,EAAE;QACT,GAAG,EAAE;YACH,WAAW,EAAE,UAAU;SACxB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC;iBAC1C;aACF;YACD,WAAW,EAAE,SAAS;SACvB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,kBAAkB,CAAC,MAAM;wBAC3B,CAAC,CAAC,mBAAmB,CAAC,MAAM;wBAC5B,CAAC,CAAC,mBAAmB,CAAC,MAAM;qBAC7B,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,qDAAqD;SACnE;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,qBAAqB,CAAC,MAAM;wBAC9B,CAAC,CAAC,2BAA2B,CAAC,MAAM;qBACrC,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,sDAAsD;SACpE;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC,MAAM,CAAC;iBACjD;aACF;YACD,WAAW,EAAE,0BAA0B;SACxC;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,kBAAkB,CAAC,MAAM;wBAC3B,CAAC,CAAC,yBAAyB,CAAC,MAAM;qBACnC,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,0CAA0C;SACxD;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,wBAAwB,CAAC,MAAM;wBACjC,CAAC,CAAC,mBAAmB,CAAC,MAAM;qBAC7B,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,2CAA2C;SACzD;KACF;CACF,CAAC,EACF,SAAS,CACP,OAAO,EACP,CAAC,CAAC,MAAM,CAAC;IACP,QAAQ,EAAE,CAAC,CAAC,YAAY;CACzB,CAAC,CACH,EACD,SAAS,CACP,OAAO,EACP,CAAC,CAAC,MAAM,CAAC;IACP,IAAI,EAAE,CAAC,CAAC,iBAAiB,CAAC,QAAQ,EAAE;IACpC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE;IACzB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACzC,CAAC,CACH,EACD,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC9B,WAAW,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC/B,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IACvE,MAAM,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC;IAC1B,MAAM,EAAE,MAAM,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IACvD,MAAM,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC;IAEzC,8BAA8B;IAC9B,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAChE,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAChD,IAAI,iBAAiB,EAAE,CAAC;YACtB,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,yBAAyB,EAAE,iBAAiB,CAAC,CAAC;QAC1E,CAAC;QACD,IAAI,YAAY,EAAE,SAAS,EAAE,CAAC;YAC5B,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,YAAY,CAAC,SAAS,CAAC,CAAC;QAChE,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAChC,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,+BAA+B;IAC/B,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACpB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,IAAI,MAA2B,CAAC;IAChC,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,mBAAmB,CAAC,oBAAoB,CAAC;YACtD,QAAQ;YACR,IAAI;YACJ,KAAK;YACL,YAAY;YACZ,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,GAAG;YACrC,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG;SACtB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAChC,IAAI,GAAG,YAAY,aAAa,EAAE,CAAC;YACjC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAEhC,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;QACtB,KAAK,gBAAgB;YACnB,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChC,KAAK,eAAe;YAClB,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACtC,KAAK,gBAAgB;YACnB,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChC,KAAK,sBAAsB;YACzB,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvC,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,KAAK,gBAAgB;YACnB,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvC,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,IAAI,UAAU,CAAC,CAAC;IACtD,CAAC;AACH,CAAC,CACF,CAAC"}
|
|
@@ -17,6 +17,25 @@ export declare const oauthProviderCallbackPost: import("hono/hono-base").HonoBas
|
|
|
17
17
|
output: undefined;
|
|
18
18
|
outputFormat: "redirect";
|
|
19
19
|
status: 302;
|
|
20
|
+
} | {
|
|
21
|
+
input: {
|
|
22
|
+
param: {
|
|
23
|
+
provider: string;
|
|
24
|
+
};
|
|
25
|
+
} & {
|
|
26
|
+
form: {
|
|
27
|
+
code?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
28
|
+
state?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
29
|
+
error?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
30
|
+
error_description?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
31
|
+
};
|
|
32
|
+
};
|
|
33
|
+
output: {
|
|
34
|
+
code: any;
|
|
35
|
+
message: any;
|
|
36
|
+
};
|
|
37
|
+
outputFormat: "json";
|
|
38
|
+
status: any;
|
|
20
39
|
};
|
|
21
40
|
};
|
|
22
41
|
}, "/", "/oauth/:provider/callback">;
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/post.ts"],"names":[],"mappings":"
|
|
1
|
+
{"version":3,"file":"post.d.ts","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/post.ts"],"names":[],"mappings":"AAIA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,+BAA+B,CAAC;AA4B5D,eAAO,MAAM,yBAAyB;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;oCAiLrC,CAAC"}
|
|
@@ -1,11 +1,22 @@
|
|
|
1
1
|
import { Hono } from 'hono';
|
|
2
|
+
import { deleteCookie, getCookie } from 'hono/cookie';
|
|
2
3
|
import { describeRoute, resolver, validator } from 'hono-openapi';
|
|
3
4
|
import { z } from 'zod';
|
|
5
|
+
import { decrypt } from "../../../../../lib/crypto.js";
|
|
4
6
|
import { TAGS } from "../../../../../lib/swagger-tags.js";
|
|
5
7
|
import { verifyAuth, verifyOAuth } from "../../../../../middleware/auth.js";
|
|
6
|
-
import { e } from "../../../../../schemas/error.js";
|
|
8
|
+
import { e, TinyAuthError } from "../../../../../schemas/error.js";
|
|
7
9
|
import { f } from "../../../../../schemas/field.js";
|
|
8
10
|
import { r } from "../../../../../schemas/response.js";
|
|
11
|
+
const OAuthStateCookieSchema = z
|
|
12
|
+
.object({
|
|
13
|
+
state: z.string(),
|
|
14
|
+
codeVerifier: z.string(),
|
|
15
|
+
providerId: z.string(),
|
|
16
|
+
mode: f.oauthConnectMode,
|
|
17
|
+
returnUrl: z.string().optional(),
|
|
18
|
+
})
|
|
19
|
+
.strict();
|
|
9
20
|
const OAuthProviderCallbackFormBody = z
|
|
10
21
|
.object({
|
|
11
22
|
code: f.authorizationCode.optional(),
|
|
@@ -91,7 +102,22 @@ export const oauthProviderCallbackPost = new Hono().post('/oauth/:provider/callb
|
|
|
91
102
|
const { code, state, error, error_description } = c.req.valid('form');
|
|
92
103
|
const { session } = c.var;
|
|
93
104
|
const { config, oauthConnectService } = c.var.services;
|
|
94
|
-
|
|
105
|
+
let oauthSession = c.var.verifiedOAuth;
|
|
106
|
+
const oauthStateCookiePath = `/api/oauth/${provider}/callback`;
|
|
107
|
+
if (!oauthSession) {
|
|
108
|
+
const oauthStateCookie = getCookie(c, 'oauth_state');
|
|
109
|
+
if (oauthStateCookie) {
|
|
110
|
+
const decrypted = await decrypt(oauthStateCookie, config.security.session_secret);
|
|
111
|
+
if (decrypted) {
|
|
112
|
+
try {
|
|
113
|
+
oauthSession = OAuthStateCookieSchema.parse(JSON.parse(decrypted));
|
|
114
|
+
}
|
|
115
|
+
catch {
|
|
116
|
+
oauthSession = undefined;
|
|
117
|
+
}
|
|
118
|
+
}
|
|
119
|
+
}
|
|
120
|
+
}
|
|
95
121
|
// Handle OAuth error response
|
|
96
122
|
if (error) {
|
|
97
123
|
const errorUrl = new URL('/login', config.server.public_origin);
|
|
@@ -103,6 +129,7 @@ export const oauthProviderCallbackPost = new Hono().post('/oauth/:provider/callb
|
|
|
103
129
|
errorUrl.searchParams.set('redirect', oauthSession.returnUrl);
|
|
104
130
|
}
|
|
105
131
|
session.set('oauth', undefined);
|
|
132
|
+
deleteCookie(c, 'oauth_state', { path: oauthStateCookiePath });
|
|
106
133
|
return c.redirect(errorUrl.toString());
|
|
107
134
|
}
|
|
108
135
|
// Validate required parameters
|
|
@@ -112,16 +139,27 @@ export const oauthProviderCallbackPost = new Hono().post('/oauth/:provider/callb
|
|
|
112
139
|
if (!oauthSession) {
|
|
113
140
|
throw new e.OAuthSessionExpired.Error();
|
|
114
141
|
}
|
|
115
|
-
|
|
116
|
-
|
|
117
|
-
|
|
118
|
-
|
|
119
|
-
|
|
120
|
-
|
|
121
|
-
|
|
122
|
-
|
|
123
|
-
|
|
142
|
+
let result;
|
|
143
|
+
try {
|
|
144
|
+
result = await oauthConnectService.processOAuthCallback({
|
|
145
|
+
provider,
|
|
146
|
+
code,
|
|
147
|
+
state,
|
|
148
|
+
oauthSession,
|
|
149
|
+
userSub: c.var.verifiedUser?.user.sub,
|
|
150
|
+
requestUrl: c.req.url,
|
|
151
|
+
});
|
|
152
|
+
}
|
|
153
|
+
catch (err) {
|
|
154
|
+
session.set('oauth', undefined);
|
|
155
|
+
deleteCookie(c, 'oauth_state', { path: oauthStateCookiePath });
|
|
156
|
+
if (err instanceof TinyAuthError) {
|
|
157
|
+
return c.json(err.toJson(), err.status);
|
|
158
|
+
}
|
|
159
|
+
throw err;
|
|
160
|
+
}
|
|
124
161
|
session.set('oauth', undefined);
|
|
162
|
+
deleteCookie(c, 'oauth_state', { path: oauthStateCookiePath });
|
|
125
163
|
switch (result.action) {
|
|
126
164
|
case 'error_redirect':
|
|
127
165
|
return c.redirect(result.url);
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAC5E,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;
|
|
1
|
+
{"version":3,"file":"post.js","sourceRoot":"","sources":["../../../../../../src/routes/api/oauth/_provider/callback/post.ts"],"names":[],"mappings":"AAAA,OAAO,EAAE,IAAI,EAAE,MAAM,MAAM,CAAC;AAC5B,OAAO,EAAE,YAAY,EAAE,SAAS,EAAE,MAAM,aAAa,CAAC;AACtD,OAAO,EAAE,aAAa,EAAE,QAAQ,EAAE,SAAS,EAAE,MAAM,cAAc,CAAC;AAClE,OAAO,EAAE,CAAC,EAAE,MAAM,KAAK,CAAC;AAExB,OAAO,EAAE,OAAO,EAAE,MAAM,8BAA8B,CAAC;AACvD,OAAO,EAAE,IAAI,EAAE,MAAM,oCAAoC,CAAC;AAC1D,OAAO,EAAE,UAAU,EAAE,WAAW,EAAE,MAAM,mCAAmC,CAAC;AAC5E,OAAO,EAAE,CAAC,EAAE,aAAa,EAAE,MAAM,iCAAiC,CAAC;AACnE,OAAO,EAAE,CAAC,EAAE,MAAM,iCAAiC,CAAC;AACpD,OAAO,EAAE,CAAC,EAAE,MAAM,oCAAoC,CAAC;AAGvD,MAAM,sBAAsB,GAAG,CAAC;KAC7B,MAAM,CAAC;IACN,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE;IACjB,YAAY,EAAE,CAAC,CAAC,MAAM,EAAE;IACxB,UAAU,EAAE,CAAC,CAAC,MAAM,EAAE;IACtB,IAAI,EAAE,CAAC,CAAC,gBAAgB;IACxB,SAAS,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACjC,CAAC;KACD,MAAM,EAAE,CAAC;AAEZ,MAAM,6BAA6B,GAAG,CAAC;KACpC,MAAM,CAAC;IACN,IAAI,EAAE,CAAC,CAAC,iBAAiB,CAAC,QAAQ,EAAE;IACpC,KAAK,EAAE,CAAC,CAAC,KAAK,CAAC,QAAQ,EAAE;IACzB,KAAK,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;IAC5B,iBAAiB,EAAE,CAAC,CAAC,MAAM,EAAE,CAAC,QAAQ,EAAE;CACzC,CAAC;KACD,QAAQ,CAAC,iCAAiC,CAAC,CAAC;AAE/C,MAAM,CAAC,MAAM,yBAAyB,GAAG,IAAI,IAAI,EAAU,CAAC,IAAI,CAC9D,2BAA2B,EAC3B,aAAa,CAAC;IACZ,IAAI,EAAE,CAAC,IAAI,CAAC,aAAa,CAAC;IAC1B,OAAO,EAAE,uBAAuB;IAChC,WAAW,EACT,gEAAgE;IAClE,SAAS,EAAE;QACT,GAAG,EAAE;YACH,WAAW,EAAE,UAAU;SACxB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC;iBAC1C;aACF;YACD,WAAW,EAAE,SAAS;SACvB;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,kBAAkB,CAAC,MAAM;wBAC3B,CAAC,CAAC,mBAAmB,CAAC,MAAM;wBAC5B,CAAC,CAAC,mBAAmB,CAAC,MAAM;qBAC7B,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,qDAAqD;SACnE;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,qBAAqB,CAAC,MAAM;wBAC9B,CAAC,CAAC,2BAA2B,CAAC,MAAM;qBACrC,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,sDAAsD;SACpE;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CAAC,CAAC,CAAC,qBAAqB,CAAC,MAAM,CAAC;iBACjD;aACF;YACD,WAAW,EAAE,0BAA0B;SACxC;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,kBAAkB,CAAC,MAAM;wBAC3B,CAAC,CAAC,yBAAyB,CAAC,MAAM;qBACnC,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,0CAA0C;SACxD;QACD,GAAG,EAAE;YACH,OAAO,EAAE;gBACP,kBAAkB,EAAE;oBAClB,MAAM,EAAE,QAAQ,CACd,CAAC,CAAC,KAAK,CAAC;wBACN,CAAC,CAAC,wBAAwB,CAAC,MAAM;wBACjC,CAAC,CAAC,mBAAmB,CAAC,MAAM;qBAC7B,CAAC,CACH;iBACF;aACF;YACD,WAAW,EAAE,2CAA2C;SACzD;KACF;CACF,CAAC,EACF,SAAS,CACP,OAAO,EACP,CAAC,CAAC,MAAM,CAAC;IACP,QAAQ,EAAE,CAAC,CAAC,YAAY;CACzB,CAAC,CACH,EACD,SAAS,CAAC,MAAM,EAAE,6BAA6B,CAAC,EAChD,UAAU,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC9B,WAAW,CAAC,EAAE,QAAQ,EAAE,IAAI,EAAE,CAAC,EAC/B,KAAK,EAAE,CAAC,EAAE,EAAE;IACV,MAAM,EAAE,QAAQ,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,OAAO,CAAC,CAAC;IAC1C,MAAM,EAAE,IAAI,EAAE,KAAK,EAAE,KAAK,EAAE,iBAAiB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,KAAK,CAAC,MAAM,CAAC,CAAC;IACtE,MAAM,EAAE,OAAO,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC;IAC1B,MAAM,EAAE,MAAM,EAAE,mBAAmB,EAAE,GAAG,CAAC,CAAC,GAAG,CAAC,QAAQ,CAAC;IACvD,IAAI,YAAY,GAAG,CAAC,CAAC,GAAG,CAAC,aAAa,CAAC;IACvC,MAAM,oBAAoB,GAAG,cAAc,QAAQ,WAAW,CAAC;IAE/D,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,gBAAgB,GAAG,SAAS,CAAC,CAAC,EAAE,aAAa,CAAC,CAAC;QACrD,IAAI,gBAAgB,EAAE,CAAC;YACrB,MAAM,SAAS,GAAG,MAAM,OAAO,CAC7B,gBAAgB,EAChB,MAAM,CAAC,QAAQ,CAAC,cAAc,CAC/B,CAAC;YACF,IAAI,SAAS,EAAE,CAAC;gBACd,IAAI,CAAC;oBACH,YAAY,GAAG,sBAAsB,CAAC,KAAK,CAAC,IAAI,CAAC,KAAK,CAAC,SAAS,CAAC,CAAC,CAAC;gBACrE,CAAC;gBAAC,MAAM,CAAC;oBACP,YAAY,GAAG,SAAS,CAAC;gBAC3B,CAAC;YACH,CAAC;QACH,CAAC;IACH,CAAC;IAED,8BAA8B;IAC9B,IAAI,KAAK,EAAE,CAAC;QACV,MAAM,QAAQ,GAAG,IAAI,GAAG,CAAC,QAAQ,EAAE,MAAM,CAAC,MAAM,CAAC,aAAa,CAAC,CAAC;QAChE,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,aAAa,EAAE,KAAK,CAAC,CAAC;QAChD,IAAI,iBAAiB,EAAE,CAAC;YACtB,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,yBAAyB,EAAE,iBAAiB,CAAC,CAAC;QAC1E,CAAC;QACD,IAAI,YAAY,EAAE,SAAS,EAAE,CAAC;YAC5B,QAAQ,CAAC,YAAY,CAAC,GAAG,CAAC,UAAU,EAAE,YAAY,CAAC,SAAS,CAAC,CAAC;QAChE,CAAC;QACD,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAChC,YAAY,CAAC,CAAC,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC,CAAC;QAC/D,OAAO,CAAC,CAAC,QAAQ,CAAC,QAAQ,CAAC,QAAQ,EAAE,CAAC,CAAC;IACzC,CAAC;IAED,+BAA+B;IAC/B,IAAI,CAAC,IAAI,IAAI,CAAC,KAAK,EAAE,CAAC;QACpB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,IAAI,CAAC,YAAY,EAAE,CAAC;QAClB,MAAM,IAAI,CAAC,CAAC,mBAAmB,CAAC,KAAK,EAAE,CAAC;IAC1C,CAAC;IAED,IAAI,MAA2B,CAAC;IAChC,IAAI,CAAC;QACH,MAAM,GAAG,MAAM,mBAAmB,CAAC,oBAAoB,CAAC;YACtD,QAAQ;YACR,IAAI;YACJ,KAAK;YACL,YAAY;YACZ,OAAO,EAAE,CAAC,CAAC,GAAG,CAAC,YAAY,EAAE,IAAI,CAAC,GAAG;YACrC,UAAU,EAAE,CAAC,CAAC,GAAG,CAAC,GAAG;SACtB,CAAC,CAAC;IACL,CAAC;IAAC,OAAO,GAAG,EAAE,CAAC;QACb,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;QAChC,YAAY,CAAC,CAAC,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC,CAAC;QAC/D,IAAI,GAAG,YAAY,aAAa,EAAE,CAAC;YACjC,OAAO,CAAC,CAAC,IAAI,CAAC,GAAG,CAAC,MAAM,EAAE,EAAE,GAAG,CAAC,MAAM,CAAC,CAAC;QAC1C,CAAC;QACD,MAAM,GAAG,CAAC;IACZ,CAAC;IAED,OAAO,CAAC,GAAG,CAAC,OAAO,EAAE,SAAS,CAAC,CAAC;IAChC,YAAY,CAAC,CAAC,EAAE,aAAa,EAAE,EAAE,IAAI,EAAE,oBAAoB,EAAE,CAAC,CAAC;IAE/D,QAAQ,MAAM,CAAC,MAAM,EAAE,CAAC;QACtB,KAAK,gBAAgB;YACnB,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChC,KAAK,eAAe;YAClB,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,CAAC,CAAC;QACtC,KAAK,gBAAgB;YACnB,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,GAAG,CAAC,CAAC;QAChC,KAAK,sBAAsB;YACzB,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvC,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,QAAQ,CAAC,CAAC;QACrC,KAAK,gBAAgB;YACnB,OAAO,CAAC,cAAc,CAAC,MAAM,CAAC,OAAO,CAAC,CAAC;YACvC,OAAO,CAAC,CAAC,QAAQ,CAAC,MAAM,CAAC,SAAS,IAAI,UAAU,CAAC,CAAC;IACtD,CAAC;AACH,CAAC,CACF,CAAC"}
|
|
@@ -35,6 +35,25 @@ export declare const oauthRoutes: import("hono/hono-base").HonoBase<AppEnv, impo
|
|
|
35
35
|
output: undefined;
|
|
36
36
|
outputFormat: "redirect";
|
|
37
37
|
status: 302;
|
|
38
|
+
} | {
|
|
39
|
+
input: {
|
|
40
|
+
param: {
|
|
41
|
+
provider: string;
|
|
42
|
+
};
|
|
43
|
+
} & {
|
|
44
|
+
query: {
|
|
45
|
+
code?: string | string[];
|
|
46
|
+
state?: string | string[];
|
|
47
|
+
error?: string | string[];
|
|
48
|
+
error_description?: string | string[];
|
|
49
|
+
};
|
|
50
|
+
};
|
|
51
|
+
output: {
|
|
52
|
+
code: any;
|
|
53
|
+
message: any;
|
|
54
|
+
};
|
|
55
|
+
outputFormat: "json";
|
|
56
|
+
status: any;
|
|
38
57
|
};
|
|
39
58
|
};
|
|
40
59
|
}, "/"> | import("hono/types").MergeSchemaPath<{
|
|
@@ -55,6 +74,25 @@ export declare const oauthRoutes: import("hono/hono-base").HonoBase<AppEnv, impo
|
|
|
55
74
|
output: undefined;
|
|
56
75
|
outputFormat: "redirect";
|
|
57
76
|
status: 302;
|
|
77
|
+
} | {
|
|
78
|
+
input: {
|
|
79
|
+
param: {
|
|
80
|
+
provider: string;
|
|
81
|
+
};
|
|
82
|
+
} & {
|
|
83
|
+
form: {
|
|
84
|
+
code?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
85
|
+
state?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
86
|
+
error?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
87
|
+
error_description?: import("hono/types").ParsedFormValue | import("hono/types").ParsedFormValue[];
|
|
88
|
+
};
|
|
89
|
+
};
|
|
90
|
+
output: {
|
|
91
|
+
code: any;
|
|
92
|
+
message: any;
|
|
93
|
+
};
|
|
94
|
+
outputFormat: "json";
|
|
95
|
+
status: any;
|
|
58
96
|
};
|
|
59
97
|
};
|
|
60
98
|
}, "/"> | import("hono/types").MergeSchemaPath<{
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/routes/api/oauth/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAMtD,eAAO,MAAM,WAAW
|
|
1
|
+
{"version":3,"file":"index.d.ts","sourceRoot":"","sources":["../../../../src/routes/api/oauth/index.ts"],"names":[],"mappings":"AACA,OAAO,KAAK,EAAE,MAAM,EAAE,MAAM,yBAAyB,CAAC;AAMtD,eAAO,MAAM,WAAW;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;kBAIU,CAAC"}
|