remove redundant function calls
This commit is contained in:
parent
cb2089981a
commit
ca7c3c6063
|
@ -327,12 +327,12 @@ export class OAuth2ProviderService {
|
||||||
return [accessToken, undefined, { scope: granted.scopes.join(' ') }];
|
return [accessToken, undefined, { scope: granted.scopes.join(' ') }];
|
||||||
})().then(args => done(null, ...args ?? []), err => done(err));
|
})().then(args => done(null, ...args ?? []), err => done(err));
|
||||||
}));
|
}));
|
||||||
this.#server.serializeClient((client, done) => done(null, client));
|
|
||||||
this.#server.deserializeClient((id, done) => done(null, id));
|
|
||||||
}
|
}
|
||||||
|
|
||||||
@bindThis
|
@bindThis
|
||||||
public async createServer(fastify: FastifyInstance): Promise<void> {
|
public async createServer(fastify: FastifyInstance): Promise<void> {
|
||||||
|
// https://datatracker.ietf.org/doc/html/rfc8414.html
|
||||||
|
// https://indieauth.spec.indieweb.org/#indieauth-server-metadata
|
||||||
fastify.get('/.well-known/oauth-authorization-server', async (_request, reply) => {
|
fastify.get('/.well-known/oauth-authorization-server', async (_request, reply) => {
|
||||||
reply.send({
|
reply.send({
|
||||||
issuer: this.config.url,
|
issuer: this.config.url,
|
||||||
|
@ -347,8 +347,6 @@ export class OAuth2ProviderService {
|
||||||
});
|
});
|
||||||
});
|
});
|
||||||
|
|
||||||
// For now only allow the basic OAuth endpoints, to start small and evaluate
|
|
||||||
// this feature for some time, given that this is security related.
|
|
||||||
fastify.get('/oauth/authorize', async (request, reply) => {
|
fastify.get('/oauth/authorize', async (request, reply) => {
|
||||||
const oauth2 = (request.raw as MiddlewareRequest).oauth2;
|
const oauth2 = (request.raw as MiddlewareRequest).oauth2;
|
||||||
if (!oauth2) {
|
if (!oauth2) {
|
||||||
|
@ -401,7 +399,7 @@ export class OAuth2ProviderService {
|
||||||
// Find client information from the remote.
|
// Find client information from the remote.
|
||||||
const clientInfo = await discoverClientInformation(this.httpRequestService, clientUrl.href);
|
const clientInfo = await discoverClientInformation(this.httpRequestService, clientUrl.href);
|
||||||
|
|
||||||
// Require an explicit list of redirect_uris per
|
// Require the redirect URI to be included in an explicit list, per
|
||||||
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics#section-4.1.3
|
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics#section-4.1.3
|
||||||
if (!clientInfo.redirectUris.includes(redirectURI)) {
|
if (!clientInfo.redirectUris.includes(redirectURI)) {
|
||||||
throw new AuthorizationError('Invalid redirect_uri', 'invalid_request');
|
throw new AuthorizationError('Invalid redirect_uri', 'invalid_request');
|
||||||
|
|
Loading…
Reference in a new issue