From 3f9ec0bc80fe7d030564779e5f30a6f048678c3f Mon Sep 17 00:00:00 2001
From: Jesse Wierzbinski <contact@cpluspatch.com>
Date: Sun, 12 May 2024 12:24:15 -1000
Subject: [PATCH] feat(api): :sparkles: Add support for
 urn:ietf:wg:oauth:2.0:oob oauth redirect URI

---
 server/api/api/v1/apps/index.ts     |  7 ++++++-
 server/api/oauth/authorize/index.ts | 20 ++++++++++++--------
 2 files changed, 18 insertions(+), 9 deletions(-)

diff --git a/server/api/api/v1/apps/index.ts b/server/api/api/v1/apps/index.ts
index 37b80324..a31aaaf2 100644
--- a/server/api/api/v1/apps/index.ts
+++ b/server/api/api/v1/apps/index.ts
@@ -22,7 +22,12 @@ export const meta = applyConfig({
 export const schemas = {
     form: z.object({
         client_name: z.string().trim().min(1).max(100),
-        redirect_uris: z.string().min(0).max(2000).url(),
+        redirect_uris: z
+            .string()
+            .min(0)
+            .max(2000)
+            .url()
+            .or(z.literal("urn:ietf:wg:oauth:2.0:oob")),
         scopes: z.string().min(1).max(200),
         website: z.string().min(0).max(2000).url().optional(),
     }),
diff --git a/server/api/oauth/authorize/index.ts b/server/api/oauth/authorize/index.ts
index 1bc027c9..46bffb8d 100644
--- a/server/api/oauth/authorize/index.ts
+++ b/server/api/oauth/authorize/index.ts
@@ -37,7 +37,11 @@ export const schemas = {
     }),
     form: z.object({
         scope: z.string().optional(),
-        redirect_uri: z.string().url().optional(),
+        redirect_uri: z
+            .string()
+            .url()
+            .optional()
+            .or(z.literal("urn:ietf:wg:oauth:2.0:oob")),
         response_type: z.enum([
             "code",
             "token",
@@ -178,7 +182,7 @@ export default (app: Hono) =>
                 return returnError(
                     body,
                     "invalid_request",
-                    "Redirect URI is required for code flow",
+                    "Redirect URI is required for code flow (can be urn:ietf:wg:oauth:2.0:oob)",
                 );
 
             /* if (asksCode && !code_challenge)
@@ -212,9 +216,6 @@ export default (app: Hono) =>
                     "Redirect URI does not match client_id",
                 );
 
-            /* if (application.slate !== slate)
-                return returnError("invalid_request", "Invalid slate"); */
-
             // Validate scopes, they can either be equal or a subset of the application's scopes
             const applicationScopes = application.scopes.split(" ");
 
@@ -295,14 +296,17 @@ export default (app: Hono) =>
             });
 
             // Redirect to the client
-            const redirectUri = new URL(
-                redirect_uri ?? application.redirectUri,
-            );
+            const redirectUri =
+                redirect_uri === "urn:ietf:wg:oauth:2.0:oob"
+                    ? new URL("/oauth/code", config.http.base_url)
+                    : new URL(redirect_uri ?? application.redirectUri);
 
             const searchParams = new URLSearchParams({
                 code: code,
             });
 
+            if (state) searchParams.append("state", state);
+
             return response(null, 302, {
                 Location: `${redirectUri.origin}${
                     redirectUri.pathname