guh

server/api/oauth/authorize/index.ts

@@ -0,0 +1,25 @@
+import { MatchedRoute } from "bun";
+
+/**
+ * Returns an HTML login form
+ */
+export default async (
+	req: Request,
+	matchedRoute: MatchedRoute
+): Promise<Response> => {
+	const html = Bun.file("./pages/login.html");
+	const css = Bun.file("./pages/uno.css");
+	return new Response(
+		(await html.text())
+			.replace(
+				"{{URL}}",
+				`/auth/login?redirect_uri=${matchedRoute.query.redirect_uri}&response_type=${matchedRoute.query.response_type}&client_id=${matchedRoute.query.client_id}&scopes=${matchedRoute.query.scopes}`
+			)
+			.replace("{{STYLES}}", `<style>${await css.text()}</style>`),
+		{
+			headers: {
+				"Content-Type": "text/html",
+			},
+		}
+	);
+};

server/api/oauth/token/index.ts

@@ -0,0 +1,45 @@
+import { parseRequest } from "@request";
+import { errorResponse, jsonResponse } from "@response";
+import { Token } from "~database/entities/Token";
+
+/**
+ * Allows getting token from OAuth code
+ */
+export default async (req: Request): Promise<Response> => {
+	const { grant_type, code, redirect_uri, client_id, client_secret, scope } =
+		await parseRequest<{
+			grant_type: string;
+			code: string;
+			redirect_uri: string;
+			client_id: string;
+			client_secret: string;
+			scope: string;
+		}>(req);
+
+	if (grant_type !== "authorization_code")
+		return errorResponse(
+			"Invalid grant type (try 'authorization_code')",
+			400
+		);
+
+	// Get associated token
+	const token = await Token.findOneBy({
+		code,
+		application: {
+			client_id,
+			secret: client_secret,
+			redirect_uris: redirect_uri,
+		},
+		scope: scope?.replaceAll("+", " "),
+	});
+
+	if (!token)
+		return errorResponse("Invalid access token or client credentials", 401);
+
+	return jsonResponse({
+		access_token: token.access_token,
+		token_type: token.token_type,
+		scope: token.scope,
+		created_at: token.created_at,
+	});
+};