feat(api): ✨ Add support for urn:ietf:wg:oauth:2.0:oob oauth redirect URI

2026-01-26 04:06:01 +01:00 · 2024-05-12 12:24:15 -10:00 · 2024-05-12 12:24:15 -10:00 · 3f9ec0bc80
parent e07337340d
commit 3f9ec0bc80
2 changed files with 18 additions and 9 deletions
--- a/server/api/api/v1/apps/index.ts
+++ b/server/api/api/v1/apps/index.ts
@ -22,7 +22,12 @@ export const meta = applyConfig({
 export const schemas = {
    form: z.object({
        client_name: z.string().trim().min(1).max(100),
-        redirect_uris: z.string().min(0).max(2000).url(),
+        redirect_uris: z
+            .string()
+            .min(0)
+            .max(2000)
+            .url()
+            .or(z.literal("urn:ietf:wg:oauth:2.0:oob")),
        scopes: z.string().min(1).max(200),
        website: z.string().min(0).max(2000).url().optional(),
    }),
--- a/server/api/oauth/authorize/index.ts
+++ b/server/api/oauth/authorize/index.ts
@ -37,7 +37,11 @@ export const schemas = {
    }),
    form: z.object({
        scope: z.string().optional(),
-        redirect_uri: z.string().url().optional(),
+        redirect_uri: z
+            .string()
+            .url()
+            .optional()
+            .or(z.literal("urn:ietf:wg:oauth:2.0:oob")),
        response_type: z.enum([
            "code",
            "token",
@ -178,7 +182,7 @@ export default (app: Hono) =>
                return returnError(
                    body,
                    "invalid_request",
-                    "Redirect URI is required for code flow",
+                    "Redirect URI is required for code flow (can be urn:ietf:wg:oauth:2.0:oob)",
                );

            /* if (asksCode && !code_challenge)
@ -212,9 +216,6 @@ export default (app: Hono) =>
                    "Redirect URI does not match client_id",
                );

-            /* if (application.slate !== slate)
-                return returnError("invalid_request", "Invalid slate"); */
-
            // Validate scopes, they can either be equal or a subset of the application's scopes
            const applicationScopes = application.scopes.split(" ");

@ -295,14 +296,17 @@ export default (app: Hono) =>
            });

            // Redirect to the client
-            const redirectUri = new URL(
-                redirect_uri ?? application.redirectUri,
-            );
+            const redirectUri =
+                redirect_uri === "urn:ietf:wg:oauth:2.0:oob"
+                    ? new URL("/oauth/code", config.http.base_url)
+                    : new URL(redirect_uri ?? application.redirectUri);

            const searchParams = new URLSearchParams({
                code: code,
            });

+            if (state) searchParams.append("state", state);
+
            return response(null, 302, {
                Location: `${redirectUri.origin}${
                    redirectUri.pathname