versia-pub/server
2
0
Fork 0
mirror of https://github.com/versia-pub/server.git synced 2025-12-06 08:28:19 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

fix(api): 🐛 Fix incorrect OAuth changes

Browse source
This commit is contained in:
Jesse Wierzbinski 2024-05-06 08:40:26 +00:00
parent d5076590c6
commit ddab167018
No known key found for this signature in database
5 changed files with 26 additions and 27 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
server/api/api/v2/filters/:id/index.ts
View file

@ -1,4 +1,4 @@
import { applyConfig, auth, qs } from "@api";
import { applyConfig, auth, handleZodError, qs } from "@api";
import { zValidator } from "@hono/zod-validator";
import { errorResponse, jsonResponse } from "@response";
import { and, eq, inArray } from "drizzle-orm";
@ -71,8 +71,8 @@ export default (app: Hono) =>
meta.allowedMethods,
meta.route,
qs(),
zValidator("param", schemas.param),
zValidator("form", schemas.form),
zValidator("param", schemas.param, handleZodError),
zValidator("form", schemas.form, handleZodError),
auth(meta.auth),
async (context) => {
const { user } = context.req.valid("header");

4
server/api/api/v2/media/index.ts
View file

@ -1,4 +1,4 @@
import { applyConfig, auth } from "@api";
import { applyConfig, auth, handleZodError } from "@api";
import { zValidator } from "@hono/zod-validator";
import { errorResponse, jsonResponse } from "@response";
import { encode } from "blurhash";
@ -42,7 +42,7 @@ export default (app: Hono) =>
app.on(
meta.allowedMethods,
meta.route,
zValidator("form", schemas.form),
zValidator("form", schemas.form, handleZodError),
auth(meta.auth),
async (context) => {
const { file, thumbnail, description, focus } =

4
server/api/api/v2/search/index.ts
View file

@ -1,4 +1,4 @@
import { applyConfig, auth } from "@api";
import { applyConfig, auth, handleZodError } from "@api";
import { zValidator } from "@hono/zod-validator";
import { dualLogger } from "@loggers";
import { MeiliIndexType, meilisearch } from "@meilisearch";
@ -45,7 +45,7 @@ export default (app: Hono) =>
app.on(
meta.allowedMethods,
meta.route,
zValidator("query", schemas.query),
zValidator("query", schemas.query, handleZodError),
auth(meta.auth),
async (context) => {
const { user: self } = context.req.valid("header");

8
server/api/oauth/authorize/index.ts
View file

@ -34,6 +34,8 @@ export const schemas = {
.int()
.optional()
.default(60 * 60 * 24 * 7),
}),
form: z.object({
scope: z.string().optional(),
redirect_uri: z.string().url().optional(),
response_type: z.enum([
@ -75,6 +77,7 @@ export default (app: Hono) =>
meta.allowedMethods,
meta.route,
zValidator("query", schemas.query, handleZodError),
zValidator("form", schemas.form, handleZodError),
async (context) => {
const {
scope,
@ -84,8 +87,9 @@ export default (app: Hono) =>
state,
code_challenge,
code_challenge_method,
} = context.req.valid("query");
const body = context.req.valid("query");
} = context.req.valid("form");
const body = context.req.valid("form");
const cookie = context.req.header("Cookie");

31
tests/oauth.test.ts
View file

@ -112,25 +112,20 @@ describe("POST /api/auth/login/", () => {
describe("GET /oauth/authorize/", () => {
test("should get a code", async () => {
const response = await sendTestRequest(
new Request(
new URL(
`/oauth/authorize?${new URLSearchParams({
client_id,
client_secret,
redirect_uri: "https://example.com",
response_type: "code",
scope: "read write",
max_age: "604800",
})}`,
base_url,
),
{
method: "POST",
headers: {
Cookie: `jwt=${jwt}`,
},
new Request(new URL(`/oauth/authorize`, base_url), {
method: "POST",
headers: {
Cookie: `jwt=${jwt}`,
},
),
body: new URLSearchParams({
client_id,
client_secret,
redirect_uri: "https://example.com",
response_type: "code",
scope: "read write",
max_age: "604800",
}),
}),
);
expect(response.status).toBe(302);