diff --git a/packages/backend/src/server/oauth/OAuth2ProviderService.ts b/packages/backend/src/server/oauth/OAuth2ProviderService.ts index ffe2137cfe..7175fb6680 100644 --- a/packages/backend/src/server/oauth/OAuth2ProviderService.ts +++ b/packages/backend/src/server/oauth/OAuth2ProviderService.ts @@ -12,7 +12,6 @@ import { kinds } from '@/misc/api-permissions.js'; import { HttpRequestService } from '@/core/HttpRequestService.js'; import type { FastifyInstance } from 'fastify'; import fastifyCookie from '@fastify/cookie'; -import fastifySession from '@fastify/session'; import type Redis from 'ioredis'; import oauth2Pkce from 'oauth2orize-pkce'; import { secureRndstr } from '@/misc/secure-rndstr.js'; @@ -28,7 +27,7 @@ import fastifyExpress from '@fastify/express'; import crypto from 'node:crypto'; import type { AccessTokensRepository, UsersRepository } from '@/models/index.js'; import { IdService } from '@/core/IdService.js'; -import { UserCacheService } from '@/core/UserCacheService.js'; +import { CacheService } from '@/core/CacheService.js'; import type { LocalUser } from '@/models/entities/User.js'; // https://indieauth.spec.indieweb.org/#client-identifier @@ -305,7 +304,7 @@ export class OAuth2ProviderService { idService: IdService, @Inject(DI.usersRepository) private usersRepository: UsersRepository, - private userCacheService: UserCacheService, + private cacheService: CacheService, ) { // this.#provider = new Provider(config.url, { // clientAuthMethods: ['none'], @@ -345,7 +344,7 @@ export class OAuth2ProviderService { console.log('HIT grant code:', client, redirectUri, token, ares, areq); const code = secureRndstr(32, true); - const user = await this.userCacheService.localUserByNativeTokenCache.fetch(token, + const user = await this.cacheService.localUserByNativeTokenCache.fetch(token, () => this.usersRepository.findOneBy({ token }) as Promise); if (!user) { throw new Error('No such user'); diff --git a/packages/backend/test/e2e/oauth.ts b/packages/backend/test/e2e/oauth.ts index ab85e2910b..599190407e 100644 --- a/packages/backend/test/e2e/oauth.ts +++ b/packages/backend/test/e2e/oauth.ts @@ -1,11 +1,12 @@ process.env.NODE_ENV = 'test'; import * as assert from 'assert'; -import { port, signup, startServer } from '../utils.js'; +import { port, relativeFetch, signup, startServer } from '../utils.js'; import type { INestApplicationContext } from '@nestjs/common'; import { AuthorizationCode } from 'simple-oauth2'; import pkceChallenge from 'pkce-challenge'; import { JSDOM } from 'jsdom'; +import { api } from '../utils.js'; const clientPort = port + 1; const redirect_uri = `http://127.0.0.1:${clientPort}/redirect`; @@ -106,6 +107,19 @@ describe('OAuth', () => { assert.strictEqual(typeof token.token.access_token, 'string'); assert.strictEqual(typeof token.token.refresh_token, 'string'); assert.strictEqual(token.token.token_type, 'Bearer'); + + const createResponse = await relativeFetch('api/notes/create', { + method: 'POST', + headers: { + Authorization: `Bearer ${token.token.access_token}`, + 'Content-Type': 'application/json', + }, + body: JSON.stringify({ text: 'test' }), + }); + assert.strictEqual(createResponse.status, 200); + + const createResponseBody: any = await createResponse.json(); + assert.strictEqual(createResponseBody.createdNote.text, 'test'); }); test('Require PKCE', async () => { @@ -171,4 +185,6 @@ describe('OAuth', () => { // TODO: authorizing two users concurrently // TODO: invalid redirect_uri (at authorize / at token) + + // TODO: Wrong Authorization header (Not starts with Bearer / token is wrong) }); diff --git a/packages/backend/test/utils.ts b/packages/backend/test/utils.ts index 48947072e3..37c1474be4 100644 --- a/packages/backend/test/utils.ts +++ b/packages/backend/test/utils.ts @@ -90,7 +90,7 @@ const request = async (path: string, params: any, me?: UserToken): Promise<{ sta }; }; -const relativeFetch = async (path: string, init?: RequestInit | undefined) => { +export const relativeFetch = async (path: string, init?: RequestInit | undefined) => { return await fetch(new URL(path, `http://127.0.0.1:${port}/`).toString(), init); };