Mizah/mizzkey
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

spec(OAuth2): クライアント情報のDiscoveryの対応していないクライアントでも認証できるように (MisskeyIO#443)

Browse source
This commit is contained in:
まっちゃとーにゅ 2024-02-12 11:35:19 +09:00 committed by GitHub
parent dea2e3183f
commit bb4583f0be
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
22 changed files with 969 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

90
packages/backend/src/server/api/endpoints/admin/indie-auth/create.ts Normal file
View file

@ -0,0 +1,90 @@
/*
* SPDX-FileCopyrightText: syuilo and other misskey contributors
* SPDX-License-Identifier: AGPL-3.0-only
*/
import { Inject, Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { IndieAuthClientsRepository } from '@/models/_.js';
import { DI } from '@/di-symbols.js';
import { ModerationLogService } from '@/core/ModerationLogService.js';
export const meta = {
tags: ['admin'],
requireCredential: true,
requireModerator: true,
kind: 'write:admin:indie-auth',
res: {
type: 'object',
optional: false, nullable: false,
properties: {
id: {
type: 'string',
optional: false, nullable: false,
},
createdAt: {
type: 'string',
optional: false, nullable: false,
format: 'date-time',
},
name: {
type: 'string',
optional: false, nullable: true,
},
redirectUris: {
type: 'array',
optional: false, nullable: false,
items: {
type: 'string',
optional: false, nullable: false,
},
},
},
},
} as const;
export const paramDef = {
type: 'object',
properties: {
id: { type: 'string', minLength: 1 },
name: { type: 'string', nullable: true },
redirectUris: {
type: 'array', minItems: 1,
items: { type: 'string' },
},
},
required: ['id'],
} as const;
@Injectable()
export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export
constructor(
@Inject(DI.indieAuthClientsRepository)
private indieAuthClientsRepository: IndieAuthClientsRepository,
private moderationLogService: ModerationLogService,
) {
super(meta, paramDef, async (ps, me) => {
const indieAuthClient = await this.indieAuthClientsRepository.insert({
id: ps.id,
createdAt: new Date(),
name: ps.name,
redirectUris: ps.redirectUris,
}).then(r => this.indieAuthClientsRepository.findOneByOrFail({ id: r.identifiers[0].id }));
this.moderationLogService.log(me, 'createIndieAuthClient', {
clientId: indieAuthClient.id,
client: indieAuthClient,
});
return {
id: indieAuthClient.id,
createdAt: indieAuthClient.createdAt.toISOString(),
name: indieAuthClient.name,
redirectUris: indieAuthClient.redirectUris,
};
});
}
}

58
packages/backend/src/server/api/endpoints/admin/indie-auth/delete.ts Normal file
View file

@ -0,0 +1,58 @@
/*
* SPDX-FileCopyrightText: syuilo and other misskey contributors
* SPDX-License-Identifier: AGPL-3.0-only
*/
import { Inject, Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { IndieAuthClientsRepository } from '@/models/_.js';
import { DI } from '@/di-symbols.js';
import { ModerationLogService } from '@/core/ModerationLogService.js';
import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: true,
requireModerator: true,
kind: 'write:admin:indie-auth',
errors: {
noSuchIndieAuthClient: {
message: 'No such client',
code: 'NO_SUCH_CLIENT',
id: '02c4e690-af0c-4dc9-9f2f-c436c3b2782d',
},
},
} as const;
export const paramDef = {
type: 'object',
properties: {
id: { type: 'string' },
},
required: ['id'],
} as const;
@Injectable()
export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export
constructor(
@Inject(DI.indieAuthClientsRepository)
private indieAuthClientsRepository: IndieAuthClientsRepository,
private moderationLogService: ModerationLogService,
) {
super(meta, paramDef, async (ps, me) => {
const client = await this.indieAuthClientsRepository.findOneBy({ id: ps.id });
if (client == null) throw new ApiError(meta.errors.noSuchIndieAuthClient);
await this.indieAuthClientsRepository.delete(client.id);
this.moderationLogService.log(me, 'deleteIndieAuthClient', {
clientId: client.id,
client: client,
});
});
}
}

75
packages/backend/src/server/api/endpoints/admin/indie-auth/list.ts Normal file
View file

@ -0,0 +1,75 @@
/*
* SPDX-FileCopyrightText: syuilo and other misskey contributors
* SPDX-License-Identifier: AGPL-3.0-only
*/
import { Inject, Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { IndieAuthClientsRepository } from '@/models/_.js';
import { DI } from '@/di-symbols.js';
export const meta = {
tags: ['admin'],
requireCredential: true,
requireModerator: true,
kind: 'read:admin:indie-auth',
res: {
type: 'array',
optional: false, nullable: false,
items: {
type: 'object',
optional: false, nullable: false,
properties: {
id: {
type: 'string',
optional: false, nullable: false,
},
createdAt: {
type: 'string',
optional: false, nullable: false,
format: 'date-time',
},
name: {
type: 'string',
optional: false, nullable: true,
},
redirectUris: {
type: 'array',
optional: false, nullable: false,
items: { type: 'string' },
},
},
},
},
} as const;
export const paramDef = {
type: 'object',
properties: {
limit: { type: 'integer', minimum: 1, maximum: 100, default: 10 },
offset: { type: 'integer', default: 0 },
},
required: [],
} as const;
@Injectable()
export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export
constructor(
@Inject(DI.indieAuthClientsRepository)
private indieAuthClientsRepository: IndieAuthClientsRepository,
) {
super(meta, paramDef, async (ps, me) => {
const query = this.indieAuthClientsRepository.createQueryBuilder('client');
const clients = await query.offset(ps.offset).limit(ps.limit).getMany();
return clients.map(client => ({
id: client.id,
createdAt: client.createdAt.toISOString(),
name: client.name,
redirectUris: client.redirectUris,
}));
});
}
}

69
packages/backend/src/server/api/endpoints/admin/indie-auth/update.ts Normal file
View file

@ -0,0 +1,69 @@
/*
* SPDX-FileCopyrightText: syuilo and other misskey contributors
* SPDX-License-Identifier: AGPL-3.0-only
*/
import { Inject, Injectable } from '@nestjs/common';
import { Endpoint } from '@/server/api/endpoint-base.js';
import type { IndieAuthClientsRepository } from '@/models/_.js';
import { DI } from '@/di-symbols.js';
import { ModerationLogService } from '@/core/ModerationLogService.js';
import { ApiError } from '../../../error.js';
export const meta = {
tags: ['admin'],
requireCredential: true,
requireModerator: true,
kind: 'write:admin:indie-auth',
errors: {
noSuchIndieAuthClient: {
message: 'No such client',
code: 'NO_SUCH_CLIENT',
id: 'd4f9440a-45aa-495c-af66-b4d1e339d4fc',
},
},
} as const;
export const paramDef = {
type: 'object',
properties: {
id: { type: 'string', minLength: 1 },
name: { type: 'string', nullable: true },
redirectUris: {
type: 'array', minItems: 1,
items: { type: 'string' },
},
},
required: ['id'],
} as const;
@Injectable()
export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-disable-line import/no-default-export
constructor(
@Inject(DI.indieAuthClientsRepository)
private indieAuthClientsRepository: IndieAuthClientsRepository,
private moderationLogService: ModerationLogService,
) {
super(meta, paramDef, async (ps, me) => {
const client = await this.indieAuthClientsRepository.findOneBy({ id: ps.id });
if (client == null) throw new ApiError(meta.errors.noSuchIndieAuthClient);
await this.indieAuthClientsRepository.update(client.id, {
name: ps.name,
redirectUris: ps.redirectUris,
});
const updatedClient = await this.indieAuthClientsRepository.findOneByOrFail({ id: client.id });
this.moderationLogService.log(me, 'updateIndieAuthClient', {
clientId: client.id,
before: client,
after: updatedClient,
});
});
}
}