resolve conflicts

packages/backend/src/server/oauth/OAuth2ProviderService.ts

@@ -12,7 +12,6 @@ import { kinds } from '@/misc/api-permissions.js';
 import { HttpRequestService } from '@/core/HttpRequestService.js';
 import type { FastifyInstance } from 'fastify';
 import fastifyCookie from '@fastify/cookie';
-import fastifySession from '@fastify/session';
 import type Redis from 'ioredis';
 import oauth2Pkce from 'oauth2orize-pkce';
 import { secureRndstr } from '@/misc/secure-rndstr.js';
@@ -28,7 +27,7 @@ import fastifyExpress from '@fastify/express';
 import crypto from 'node:crypto';
 import type { AccessTokensRepository, UsersRepository } from '@/models/index.js';
 import { IdService } from '@/core/IdService.js';
-import { UserCacheService } from '@/core/UserCacheService.js';
+import { CacheService } from '@/core/CacheService.js';
 import type { LocalUser } from '@/models/entities/User.js';
 
 // https://indieauth.spec.indieweb.org/#client-identifier
@@ -305,7 +304,7 @@ export class OAuth2ProviderService {
 		idService: IdService,
 		@Inject(DI.usersRepository)
 		private usersRepository: UsersRepository,
-		private userCacheService: UserCacheService,
+		private cacheService: CacheService,
 	) {
 		// this.#provider = new Provider(config.url, {
 		// 	clientAuthMethods: ['none'],
@@ -345,7 +344,7 @@ export class OAuth2ProviderService {
 				console.log('HIT grant code:', client, redirectUri, token, ares, areq);
 				const code = secureRndstr(32, true);
 
-				const user = await this.userCacheService.localUserByNativeTokenCache.fetch(token,
+				const user = await this.cacheService.localUserByNativeTokenCache.fetch(token,
 					() => this.usersRepository.findOneBy({ token }) as Promise<LocalUser | null>);
 				if (!user) {
 					throw new Error('No such user');

packages/backend/test/e2e/oauth.ts

@@ -1,11 +1,12 @@
 process.env.NODE_ENV = 'test';
 
 import * as assert from 'assert';
-import { port, signup, startServer } from '../utils.js';
+import { port, relativeFetch, signup, startServer } from '../utils.js';
 import type { INestApplicationContext } from '@nestjs/common';
 import { AuthorizationCode } from 'simple-oauth2';
 import pkceChallenge from 'pkce-challenge';
 import { JSDOM } from 'jsdom';
+import { api } from '../utils.js';
 
 const clientPort = port + 1;
 const redirect_uri = `http://127.0.0.1:${clientPort}/redirect`;
@@ -106,6 +107,19 @@ describe('OAuth', () => {
 		assert.strictEqual(typeof token.token.access_token, 'string');
 		assert.strictEqual(typeof token.token.refresh_token, 'string');
 		assert.strictEqual(token.token.token_type, 'Bearer');
+
+		const createResponse = await relativeFetch('api/notes/create', {
+			method: 'POST',
+			headers: {
+				Authorization: `Bearer ${token.token.access_token}`,
+				'Content-Type': 'application/json',
+			},
+			body: JSON.stringify({ text: 'test' }),
+		});
+		assert.strictEqual(createResponse.status, 200);
+
+		const createResponseBody: any = await createResponse.json();
+		assert.strictEqual(createResponseBody.createdNote.text, 'test');
 	});
 
 	test('Require PKCE', async () => {
@@ -171,4 +185,6 @@ describe('OAuth', () => {
 	// TODO: authorizing two users concurrently
 
 	// TODO: invalid redirect_uri (at authorize / at token)
+
+	// TODO: Wrong Authorization header (Not starts with Bearer / token is wrong)
 });

packages/backend/test/utils.ts

@@ -90,7 +90,7 @@ const request = async (path: string, params: any, me?: UserToken): Promise<{ sta
 	};
 };
 
-const relativeFetch = async (path: string, init?: RequestInit | undefined) => {
+export const relativeFetch = async (path: string, init?: RequestInit | undefined) => {
 	return await fetch(new URL(path, `http://127.0.0.1:${port}/`).toString(), init);
 };