From e0689143c4f0822704d1693f97f53f2fa525de4f Mon Sep 17 00:00:00 2001 From: Maieul BOYER Date: Sat, 25 Oct 2025 16:18:10 +0200 Subject: [PATCH] feat(oauth2): fixed small issues --- src/auth/src/oauth2.ts | 6 +++--- src/auth/src/routes/oauth2/callback.ts | 4 ++-- src/auth/src/routes/oauth2/login.ts | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/auth/src/oauth2.ts b/src/auth/src/oauth2.ts index e816cf1..5cd1eb9 100644 --- a/src/auth/src/oauth2.ts +++ b/src/auth/src/oauth2.ts @@ -251,7 +251,7 @@ export class CodeTokenRequest { isNullish(body) || !('access_token' in body) ) { - throw `response doesn't have an access body: ${JSON.stringify(body)}`; + throw `response doesn't have an access_token field: ${JSON.stringify(body)}`; } return body.access_token as string; @@ -295,7 +295,7 @@ export class Oauth2 { return secret.inline; } else { - throw 'invalid provider secret: not either env|inner in secret'; + throw 'invalid provider secret: not either env|inline in secret'; } } @@ -342,7 +342,7 @@ export class Oauth2 { ); const j = await req.json(); const v = Value.Parse(OpenIdManifest, j); - if (!('openid' in provider.scopes)) { + if (!provider.scopes.includes('openid')) { provider.scopes.push('openid'); } diff --git a/src/auth/src/routes/oauth2/callback.ts b/src/auth/src/routes/oauth2/callback.ts index 00575fa..f962827 100644 --- a/src/auth/src/routes/oauth2/callback.ts +++ b/src/auth/src/routes/oauth2/callback.ts @@ -18,10 +18,10 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise => { '/api/auth/oauth2/:provider/callback', async function(req, res) { const qs = (req.query as { [k: string]: string }); - if (isNullish(req.params.provider) || !(req.params.provider in this.oauth2)) { return `provider '${req.params.provider ?? 'none'}' doesn't exists`; } + if (isNullish(req.params.provider) || !(req.params.provider in this.oauth2)) { return `provider '${req.params.provider ?? 'none'}' doesn't exist`; } const provider = this.oauth2[req.params.provider]; if (!('code' in qs)) { return res.code(400).send('no code in querystring...'); } - if (!('pkce' in req.cookies) && isNullish(req.cookies.pkce)) { return res.code(400).send('no pkce cookies'); } + if (!('pkce' in req.cookies) || isNullish(req.cookies.pkce)) { return res.code(400).send('no pkce cookies'); } const code = new oauth2.AuthorizationCode(qs.code); const pkce = new oauth2.PkceVerifier(req.cookies.pkce!, 'S256'); const creq = provider.exchangeCode(code); diff --git a/src/auth/src/routes/oauth2/login.ts b/src/auth/src/routes/oauth2/login.ts index 0c41f3d..c0d9d1b 100644 --- a/src/auth/src/routes/oauth2/login.ts +++ b/src/auth/src/routes/oauth2/login.ts @@ -8,7 +8,7 @@ const route: FastifyPluginAsync = async (fastify, _opts): Promise => { fastify.get<{ Params: { provider?: string } }>( '/api/auth/oauth2/:provider/login', async function(req, res) { - if (isNullish(req.params.provider) || !(req.params.provider in this.oauth2)) { return `provider '${req.params.provider ?? 'none'}' doesn't exists`; } + if (isNullish(req.params.provider) || !(req.params.provider in this.oauth2)) { return `provider '${req.params.provider ?? 'none'}' doesn't exist`; } const provider = this.oauth2[req.params.provider]; const [challenge, verifier] = oauth2.PkceChallenge.new();