monkee.ch/monkeeShark
1
0
Fork 0
Code Pull requests Activity

tmp

Browse source
This commit is contained in:
Kagami Sascha Rosylight 2023-04-02 10:41:43 +02:00
parent 049dbfeb66
commit 39526d0225
4 changed files with 8 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
packages/backend/src/server/oauth/OAuth2ProviderService.ts
View file

@ -1,6 +1,5 @@
import dns from 'node:dns/promises'; import dns from 'node:dns/promises';
import { Inject, Injectable } from '@nestjs/common'; import { Inject, Injectable } from '@nestjs/common';
import Provider, { type Adapter, type Account, AdapterPayload } from 'oidc-provider';
import fastifyMiddie, { IncomingMessageExtended } from '@fastify/middie'; import fastifyMiddie, { IncomingMessageExtended } from '@fastify/middie';
import { JSDOM } from 'jsdom'; import { JSDOM } from 'jsdom';
import parseLinkHeader from 'parse-link-header'; import parseLinkHeader from 'parse-link-header';
@ -429,8 +428,6 @@ export class OAuth2ProviderService {
}); });
}); });
// oidc-provider provides many more endpoints for OpenID support and there's
// no way to turn it off.
// For now only allow the basic OAuth endpoints, to start small and evaluate // For now only allow the basic OAuth endpoints, to start small and evaluate
// this feature for some time, given that this is security related. // this feature for some time, given that this is security related.
fastify.get<{ Querystring: OAuthRequestQuery }>('/oauth/authorize', async (request, reply) => { fastify.get<{ Querystring: OAuthRequestQuery }>('/oauth/authorize', async (request, reply) => {
@ -451,6 +448,8 @@ export class OAuth2ProviderService {
reply.header('Cache-Control', 'no-store'); reply.header('Cache-Control', 'no-store');
return await reply.view('oauth', { return await reply.view('oauth', {
transactionId: oauth2?.transactionID, transactionId: oauth2?.transactionID,
clientId: oauth2?.client,
scope: oauth2?.req.scope.join(' '),
}); });
}); });
fastify.post('/oauth/decision', async () => { }); fastify.post('/oauth/decision', async () => { });

1
packages/backend/src/server/web/views/oauth.pug
View file

@ -7,4 +7,3 @@ block meta
meta(name='misskey:oauth:transaction-id' content=transactionId) meta(name='misskey:oauth:transaction-id' content=transactionId)
meta(name='misskey:oauth:client-id' content=clientId) meta(name='misskey:oauth:client-id' content=clientId)
meta(name='misskey:oauth:scope' content=scope) meta(name='misskey:oauth:scope' content=scope)
meta(name='misskey:oauth:redirection-uri' content=redirectionUri)

2
packages/frontend/src/components/MkButton.vue
View file

@ -5,6 +5,7 @@
:class="[$style.root, { [$style.inline]: inline, [$style.primary]: primary, [$style.gradate]: gradate, [$style.danger]: danger, [$style.rounded]: rounded, [$style.full]: full, [$style.small]: small, [$style.large]: large, [$style.transparent]: transparent, [$style.asLike]: asLike }]" :class="[$style.root, { [$style.inline]: inline, [$style.primary]: primary, [$style.gradate]: gradate, [$style.danger]: danger, [$style.rounded]: rounded, [$style.full]: full, [$style.small]: small, [$style.large]: large, [$style.transparent]: transparent, [$style.asLike]: asLike }]"
:type="type" :type="type"
:name="name" :name="name"
:value="value"
@click="emit('click', $event)" @click="emit('click', $event)"
@mousedown="onMousedown" @mousedown="onMousedown"
> >
@ -46,6 +47,7 @@ const props = defineProps<{
transparent?: boolean; transparent?: boolean;
asLike?: boolean; asLike?: boolean;
name?: string; name?: string;
value?: string;
}>(); }>();
const emit = defineEmits<{ const emit = defineEmits<{

8
packages/frontend/src/pages/oauth.vue
View file

@ -4,18 +4,18 @@
<MkSpacer :content-max="800"> <MkSpacer :content-max="800">
<div v-if="$i"> <div v-if="$i">
<div v-if="_permissions.length > 0"> <div v-if="_permissions.length > 0">
<p v-if="name">{{ $t('_auth.permission', { name }) }}</p> <p v-if="name">{{ i18n.t('_auth.permission', { name }) }}</p>
<p v-else>{{ i18n.ts._auth.permissionAsk }}</p> <p v-else>{{ i18n.ts._auth.permissionAsk }}</p>
<ul> <ul>
<li v-for="p in _permissions" :key="p">{{ $t(`_permissions.${p}`) }}</li> <li v-for="p in _permissions" :key="p">{{ i18n.t(`_permissions.${p}`) }}</li>
</ul> </ul>
</div> </div>
<div v-if="name">{{ $t('_auth.shareAccess', { name }) }}</div> <div v-if="name">{{ i18n.t('_auth.shareAccess', { name }) }}</div>
<div v-else>{{ i18n.ts._auth.shareAccessAsk }}</div> <div v-else>{{ i18n.ts._auth.shareAccessAsk }}</div>
<form :class="$style.buttons" action="/oauth/decision" accept-charset="utf-8" method="post"> <form :class="$style.buttons" action="/oauth/decision" accept-charset="utf-8" method="post">
<input name="login_token" type="hidden" :value="$i.token"/> <input name="login_token" type="hidden" :value="$i.token"/>
<input name="transaction_id" type="hidden" :value="transactionIdMeta?.content"/> <input name="transaction_id" type="hidden" :value="transactionIdMeta?.content"/>
<MkButton inline name="cancel">{{ i18n.ts.cancel }}</MkButton> <MkButton inline name="cancel" value="cancel">{{ i18n.ts.cancel }}</MkButton>
<MkButton inline primary>{{ i18n.ts.accept }}</MkButton> <MkButton inline primary>{{ i18n.ts.accept }}</MkButton>
</form> </form>
</div> </div>