chore: ⬆️ Upgrade dependencies

2025-12-06 08:28:19 +01:00 · 2024-10-11 15:40:54 +02:00 · 2024-10-11 15:40:54 +02:00 · 7f17074d16
parent 7cdbb8ba6f
commit 7f17074d16
4 changed files with 79 additions and 84 deletions
--- a/bun.lockb
+++ b/bun.lockb
--- a/drizzle/db.ts
+++ b/drizzle/db.ts
@ -32,8 +32,10 @@ export const db =
        ? withReplicas(
              drizzle(primaryDb, { schema }),
              replicas.map((r) => drizzle(r, { schema })) as [
-                  NodePgDatabase<typeof schema>,
-                  ...NodePgDatabase<typeof schema>[],
+                  // biome-ignore lint/style/useNamingConvention: <explanation>
+                  NodePgDatabase<typeof schema> & { $client: Pool },
+                  // biome-ignore lint/style/useNamingConvention: <explanation>
+                  ...(NodePgDatabase<typeof schema> & { $client: Pool })[],
              ],
          )
        : drizzle(primaryDb, { schema });
--- a/package.json
+++ b/package.json
@ -77,7 +77,7 @@
    },
    "devDependencies": {
        "@biomejs/biome": "^1.9.3",
-        "@types/bun": "^1.1.10",
+        "@types/bun": "^1.1.11",
        "@types/cli-progress": "^3.11.6",
        "@types/cli-table": "^0.3.4",
        "@types/html-to-text": "^9.0.4",
@ -87,10 +87,10 @@
        "@types/mime-types": "^2.1.4",
        "@types/pg": "^8.11.10",
        "@types/qs": "^6.9.16",
-        "drizzle-kit": "^0.24.2",
-        "oclif": "^4.15.5",
+        "drizzle-kit": "^0.25.0",
+        "oclif": "^4.15.6",
        "ts-prune": "^0.10.3",
-        "typescript": "^5.6.2",
+        "typescript": "^5.6.3",
        "zod-to-json-schema": "^3.23.3"
    },
    "peerDependencies": {
@ -99,7 +99,7 @@
    "dependencies": {
        "@bradenmacdonald/s3-lite-client": "npm:@jsr/bradenmacdonald__s3-lite-client",
        "@hackmd/markdown-it-task-lists": "^2.1.4",
-        "@hono/hono": "npm:@jsr/hono__hono@4.6.3",
+        "@hono/hono": "npm:@jsr/hono__hono@4.6.4",
        "@hono/prometheus": "^1.0.1",
        "@hono/swagger-ui": "^0.4.1",
        "@hono/zod-openapi": "^0.16.4",
@ -108,27 +108,27 @@
        "@json2csv/plainjs": "^7.0.6",
        "@logtape/logtape": "npm:@jsr/logtape__logtape@0.6.3",
        "@oclif/core": "^4.0.27",
-        "@sentry/bun": "^8.33.1",
+        "@sentry/bun": "^8.34.0",
        "@tufjs/canonical-json": "^2.0.0",
        "@versia/client": "^0.1.0",
        "@versia/federation": "^0.1.1-rc.4",
        "@versia/kit": "workspace:*",
        "altcha-lib": "^1.1.0",
        "blurhash": "^2.0.5",
-        "bullmq": "^5.16.0",
+        "bullmq": "^5.19.0",
        "c12": "^2.0.1",
        "chalk": "^5.3.0",
        "cli-progress": "^3.12.0",
        "cli-table": "^0.3.11",
        "confbox": "^0.1.8",
-        "drizzle-orm": "^0.33.0",
+        "drizzle-orm": "^0.34.1",
        "extract-zip": "^2.0.1",
-        "hono": "npm:@jsr/hono__hono@4.6.3",
+        "hono": "npm:@jsr/hono__hono@4.6.4",
        "html-to-text": "^9.0.5",
        "ioredis": "^5.4.1",
        "ip-matching": "^2.1.2",
        "iso-639-1": "^3.1.3",
-        "jose": "^5.9.3",
+        "jose": "^5.9.4",
        "linkify-html": "^4.1.3",
        "linkify-string": "^4.1.3",
        "linkifyjs": "^4.1.3",
@ -138,7 +138,7 @@
        "markdown-it-container": "^4.0.0",
        "markdown-it-toc-done-right": "^4.2.0",
        "mime-types": "^2.1.35",
-        "oauth4webapi": "^2.17.0",
+        "oauth4webapi": "^3.0.0",
        "ora": "^8.1.0",
        "pg": "^8.13.0",
        "prom-client": "^15.1.3",
--- a/plugins/openid/utils.ts
+++ b/plugins/openid/utils.ts
@ -1,14 +1,15 @@
 import { db } from "@versia/kit/db";
 import {
+    type AuthorizationResponseError,
    type AuthorizationServer,
-    type OAuth2Error,
-    type OpenIDTokenEndpointResponse,
+    ClientSecretPost,
+    type ResponseBodyError,
+    type TokenEndpointResponse,
    authorizationCodeGrantRequest,
    discoveryRequest,
    expectNoState,
    getValidatedIdTokenClaims,
-    isOAuth2Error,
-    processAuthorizationCodeOpenIDResponse,
+    processAuthorizationCodeResponse,
    processDiscoveryResponse,
    processUserInfoResponse,
    userInfoRequest,
@ -47,14 +48,12 @@ const getAuthServer = (issuerUrl: URL): Promise<AuthorizationServer> => {
 const getParameters = (
    authServer: AuthorizationServer,
    clientId: string,
-    clientSecret: string,
    currentUrl: URL,
-): URLSearchParams | OAuth2Error => {
+): URLSearchParams => {
    return validateAuthResponse(
        authServer,
        {
            client_id: clientId,
-            client_secret: clientSecret,
        },
        currentUrl,
        expectNoState,
@ -73,8 +72,8 @@ const getOIDCResponse = (
        authServer,
        {
            client_id: clientId,
-            client_secret: clientSecret,
        },
+        ClientSecretPost(clientSecret),
        parameters,
        redirectUri,
        codeVerifier,
@ -84,14 +83,12 @@ const getOIDCResponse = (
 const processOIDCResponse = (
    authServer: AuthorizationServer,
    clientId: string,
-    clientSecret: string,
    oidcResponse: Response,
-): Promise<OpenIDTokenEndpointResponse | OAuth2Error> => {
-    return processAuthorizationCodeOpenIDResponse(
+): Promise<TokenEndpointResponse> => {
+    return processAuthorizationCodeResponse(
        authServer,
        {
            client_id: clientId,
-            client_secret: clientSecret,
        },
        oidcResponse,
    );
@ -100,7 +97,6 @@ const processOIDCResponse = (
 const getUserInfo = (
    authServer: AuthorizationServer,
    clientId: string,
-    clientSecret: string,
    accessToken: string,
    sub: string,
 ) => {
@ -108,7 +104,6 @@ const getUserInfo = (
        authServer,
        {
            client_id: clientId,
-            client_secret: clientSecret,
        },
        accessToken,
    ).then(
@ -117,7 +112,6 @@ const getUserInfo = (
                authServer,
                {
                    client_id: clientId,
-                    client_secret: clientId,
                },
                sub,
                res,
@ -146,6 +140,7 @@ export const automaticOidcFlow = async (
        return errorFn("invalid_request", "Invalid flow", null);
    }

+    try {
        const issuerUrl = new URL(issuer.url);

        const authServer = await getAuthServer(issuerUrl);
@ -153,18 +148,9 @@ export const automaticOidcFlow = async (
        const parameters = await getParameters(
            authServer,
            issuer.client_id,
-        issuer.client_secret,
            currentUrl,
        );

-    if (isOAuth2Error(parameters)) {
-        return errorFn(
-            parameters.error,
-            parameters.error_description || "",
-            flow.application,
-        );
-    }
-
        const oidcResponse = await getOIDCResponse(
            authServer,
            issuer.client_id,
@ -177,21 +163,21 @@ export const automaticOidcFlow = async (
        const result = await processOIDCResponse(
            authServer,
            issuer.client_id,
-        issuer.client_secret,
            oidcResponse,
        );

-    if (isOAuth2Error(result)) {
-        return errorFn(
-            result.error,
-            result.error_description || "",
-            flow.application,
-        );
-    }
-
        const { access_token } = result;

        const claims = getValidatedIdTokenClaims(result);
+
+        if (!claims) {
+            return errorFn(
+                "invalid_request",
+                "Invalid claims",
+                flow.application,
+            );
+        }
+
        const { sub } = claims;

        // Validate `sub`
@ -199,7 +185,6 @@ export const automaticOidcFlow = async (
        const userInfo = await getUserInfo(
            authServer,
            issuer.client_id,
-        issuer.client_secret,
            access_token,
            sub,
        );
@ -209,4 +194,12 @@ export const automaticOidcFlow = async (
            flow,
            claims,
        };
+    } catch (e) {
+        const error = e as ResponseBodyError | AuthorizationResponseError;
+        return errorFn(
+            error.error,
+            error.error_description || "",
+            flow.application,
+        );
+    }
 };