resolve conflicts

This commit is contained in:
Kagami Sascha Rosylight 2023-04-07 10:06:07 +02:00
parent 179640af30
commit 2f566e4173
3 changed files with 21 additions and 6 deletions

View File

@ -12,7 +12,6 @@ import { kinds } from '@/misc/api-permissions.js';
import { HttpRequestService } from '@/core/HttpRequestService.js';
import type { FastifyInstance } from 'fastify';
import fastifyCookie from '@fastify/cookie';
import fastifySession from '@fastify/session';
import type Redis from 'ioredis';
import oauth2Pkce from 'oauth2orize-pkce';
import { secureRndstr } from '@/misc/secure-rndstr.js';
@ -28,7 +27,7 @@ import fastifyExpress from '@fastify/express';
import crypto from 'node:crypto';
import type { AccessTokensRepository, UsersRepository } from '@/models/index.js';
import { IdService } from '@/core/IdService.js';
import { UserCacheService } from '@/core/UserCacheService.js';
import { CacheService } from '@/core/CacheService.js';
import type { LocalUser } from '@/models/entities/User.js';
// https://indieauth.spec.indieweb.org/#client-identifier
@ -305,7 +304,7 @@ export class OAuth2ProviderService {
idService: IdService,
@Inject(DI.usersRepository)
private usersRepository: UsersRepository,
private userCacheService: UserCacheService,
private cacheService: CacheService,
) {
// this.#provider = new Provider(config.url, {
// clientAuthMethods: ['none'],
@ -345,7 +344,7 @@ export class OAuth2ProviderService {
console.log('HIT grant code:', client, redirectUri, token, ares, areq);
const code = secureRndstr(32, true);
const user = await this.userCacheService.localUserByNativeTokenCache.fetch(token,
const user = await this.cacheService.localUserByNativeTokenCache.fetch(token,
() => this.usersRepository.findOneBy({ token }) as Promise<LocalUser | null>);
if (!user) {
throw new Error('No such user');

View File

@ -1,11 +1,12 @@
process.env.NODE_ENV = 'test';
import * as assert from 'assert';
import { port, signup, startServer } from '../utils.js';
import { port, relativeFetch, signup, startServer } from '../utils.js';
import type { INestApplicationContext } from '@nestjs/common';
import { AuthorizationCode } from 'simple-oauth2';
import pkceChallenge from 'pkce-challenge';
import { JSDOM } from 'jsdom';
import { api } from '../utils.js';
const clientPort = port + 1;
const redirect_uri = `http://127.0.0.1:${clientPort}/redirect`;
@ -106,6 +107,19 @@ describe('OAuth', () => {
assert.strictEqual(typeof token.token.access_token, 'string');
assert.strictEqual(typeof token.token.refresh_token, 'string');
assert.strictEqual(token.token.token_type, 'Bearer');
const createResponse = await relativeFetch('api/notes/create', {
method: 'POST',
headers: {
Authorization: `Bearer ${token.token.access_token}`,
'Content-Type': 'application/json',
},
body: JSON.stringify({ text: 'test' }),
});
assert.strictEqual(createResponse.status, 200);
const createResponseBody: any = await createResponse.json();
assert.strictEqual(createResponseBody.createdNote.text, 'test');
});
test('Require PKCE', async () => {
@ -171,4 +185,6 @@ describe('OAuth', () => {
// TODO: authorizing two users concurrently
// TODO: invalid redirect_uri (at authorize / at token)
// TODO: Wrong Authorization header (Not starts with Bearer / token is wrong)
});

View File

@ -90,7 +90,7 @@ const request = async (path: string, params: any, me?: UserToken): Promise<{ sta
};
};
const relativeFetch = async (path: string, init?: RequestInit | undefined) => {
export const relativeFetch = async (path: string, init?: RequestInit | undefined) => {
return await fetch(new URL(path, `http://127.0.0.1:${port}/`).toString(), init);
};