server/plugins/openid/index.ts

import { Hooks, Plugin } from "@versia/kit";
import { z } from "zod";
import authorizeRoute from "./routes/authorize";
import tokenRevokeRoute from "./routes/oauth/revoke";
import tokenRoute from "./routes/oauth/token";
import ssoRoute from "./routes/sso";
import ssoIdRoute from "./routes/sso/:id/index";

const plugin = new Plugin(
    z.object({
        forced: z.boolean().default(false),
        allow_registration: z.boolean().default(true),
        providers: z
            .array(
                z.object({
                    name: z.string().min(1),
                    id: z.string().min(1),
                    url: z.string().min(1),
                    client_id: z.string().min(1),
                    client_secret: z.string().min(1),
                    icon: z.string().min(1).optional(),
                }),
            )
            .default([]),
        keys: z.object({
            public: z
                .string()
                .min(1)
                .transform(async (v) => {
                    try {
                        return await crypto.subtle.importKey(
                            "spki",
                            Buffer.from(v, "base64"),
                            "Ed25519",
                            true,
                            ["verify"],
                        );
                    } catch {
                        throw new Error(
                            "Public key at oidc.keys.public is invalid",
                        );
                    }
                }),
            private: z
                .string()
                .min(1)
                .transform(async (v) => {
                    try {
                        return await crypto.subtle.importKey(
                            "pkcs8",
                            Buffer.from(v, "base64"),
                            "Ed25519",
                            true,
                            ["sign"],
                        );
                    } catch {
                        throw new Error(
                            "Private key at oidc.keys.private is invalid",
                        );
                    }
                }),
        }),
    }),
);

// Test hook for screenshots
plugin.registerHandler(Hooks.Response, (req) => {
    console.info("Request received:", req);
    return req;
});

authorizeRoute(plugin);
ssoRoute(plugin);
ssoIdRoute(plugin);
tokenRoute(plugin);
tokenRevokeRoute(plugin);

export type PluginType = typeof plugin;
export default plugin;
refactor(api): :recycle: Move all SSO account linking endpoint logic to OpenID plugin 2024-09-25 12:31:35 +02:00			`import { Hooks, Plugin } from "@versia/kit";`
refactor(plugin): :recycle: Move parts of OpenID logic to plugin 2024-08-29 20:32:04 +02:00			`import { z } from "zod";`
			`import authorizeRoute from "./routes/authorize";`
refactor(api): :recycle: Move token endpoint to OpenID plugin, add revoke endpoint 2024-09-30 13:42:12 +02:00			`import tokenRevokeRoute from "./routes/oauth/revoke";`
			`import tokenRoute from "./routes/oauth/token";`
refactor(api): :recycle: Move /api/v1/sso to OpenID plugin 2024-09-24 14:42:39 +02:00			`import ssoRoute from "./routes/sso";`
refactor(api): :recycle: Move all SSO account linking endpoint logic to OpenID plugin 2024-09-25 12:31:35 +02:00			`import ssoIdRoute from "./routes/sso/:id/index";`
refactor(plugin): :recycle: Move parts of OpenID logic to plugin 2024-08-29 20:32:04 +02:00
refactor(api): :recycle: Move all SSO account linking endpoint logic to OpenID plugin 2024-09-25 12:31:35 +02:00			`const plugin = new Plugin(`
refactor(plugin): :recycle: Move parts of OpenID logic to plugin 2024-08-29 20:32:04 +02:00			`z.object({`
			`forced: z.boolean().default(false),`
			`allow_registration: z.boolean().default(true),`
			`providers: z`
			`.array(`
			`z.object({`
			`name: z.string().min(1),`
			`id: z.string().min(1),`
			`url: z.string().min(1),`
			`client_id: z.string().min(1),`
			`client_secret: z.string().min(1),`
			`icon: z.string().min(1).optional(),`
			`}),`
			`)`
			`.default([]),`
			`keys: z.object({`
			`public: z`
			`.string()`
			`.min(1)`
			`.transform(async (v) => {`
			`try {`
			`return await crypto.subtle.importKey(`
			`"spki",`
			`Buffer.from(v, "base64"),`
			`"Ed25519",`
			`true,`
			`["verify"],`
			`);`
			`} catch {`
			`throw new Error(`
			`"Public key at oidc.keys.public is invalid",`
			`);`
			`}`
			`}),`
			`private: z`
			`.string()`
			`.min(1)`
			`.transform(async (v) => {`
			`try {`
			`return await crypto.subtle.importKey(`
			`"pkcs8",`
			`Buffer.from(v, "base64"),`
			`"Ed25519",`
			`true,`
			`["sign"],`
			`);`
			`} catch {`
			`throw new Error(`
			`"Private key at oidc.keys.private is invalid",`
			`);`
			`}`
			`}),`
			`}),`
			`}),`
			`);`

refactor(api): :recycle: Move token endpoint to OpenID plugin, add revoke endpoint 2024-09-30 13:42:12 +02:00			`// Test hook for screenshots`
refactor(plugin): :recycle: Move parts of OpenID logic to plugin 2024-08-29 20:32:04 +02:00			`plugin.registerHandler(Hooks.Response, (req) => {`
			`console.info("Request received:", req);`
			`return req;`
			`});`
refactor(api): :recycle: Move token endpoint to OpenID plugin, add revoke endpoint 2024-09-30 13:42:12 +02:00
refactor(plugin): :recycle: Move parts of OpenID logic to plugin 2024-08-29 20:32:04 +02:00			`authorizeRoute(plugin);`
refactor(api): :recycle: Move /api/v1/sso to OpenID plugin 2024-09-24 14:42:39 +02:00			`ssoRoute(plugin);`
refactor(api): :recycle: Move all SSO account linking endpoint logic to OpenID plugin 2024-09-25 12:31:35 +02:00			`ssoIdRoute(plugin);`
refactor(api): :recycle: Move token endpoint to OpenID plugin, add revoke endpoint 2024-09-30 13:42:12 +02:00			`tokenRoute(plugin);`
			`tokenRevokeRoute(plugin);`
refactor(plugin): :recycle: Move parts of OpenID logic to plugin 2024-08-29 20:32:04 +02:00
			`export type PluginType = typeof plugin;`
			`export default plugin;`