]>
Commit | Line | Data |
---|---|---|
41fb13c3 | 1 | import express from 'express' |
9452d4fd | 2 | import { isTestOrDevInstance } from '@server/helpers/core-utils' |
d17c7b4e C |
3 | import { OAuthClientModel } from '@server/models/oauth/oauth-client' |
4 | import { HttpStatusCode, OAuthClientLocal } from '@shared/models' | |
da854ddd | 5 | import { logger } from '../../helpers/logger' |
6dd9de95 | 6 | import { CONFIG } from '../../initializers/config' |
e915cde3 | 7 | import { apiRateLimiter, asyncMiddleware, openapiOperationDoc } from '../../middlewares' |
e861452f | 8 | |
0a381679 | 9 | const oauthClientsRouter = express.Router() |
6606150c | 10 | |
e915cde3 C |
11 | oauthClientsRouter.use(apiRateLimiter) |
12 | ||
eb080476 | 13 | oauthClientsRouter.get('/local', |
1333ab1f | 14 | openapiOperationDoc({ operationId: 'getOAuthClient' }), |
eb080476 C |
15 | asyncMiddleware(getLocalClient) |
16 | ) | |
6606150c C |
17 | |
18 | // Get the client credentials for the PeerTube front end | |
eb080476 | 19 | async function getLocalClient (req: express.Request, res: express.Response, next: express.NextFunction) { |
65fcc311 C |
20 | const serverHostname = CONFIG.WEBSERVER.HOSTNAME |
21 | const serverPort = CONFIG.WEBSERVER.PORT | |
3737bbaf | 22 | let headerHostShouldBe = serverHostname |
6606150c C |
23 | if (serverPort !== 80 && serverPort !== 443) { |
24 | headerHostShouldBe += ':' + serverPort | |
25 | } | |
26 | ||
27 | // Don't make this check if this is a test instance | |
9452d4fd | 28 | if (!isTestOrDevInstance() && req.get('host') !== headerHostShouldBe) { |
b1233aa8 | 29 | logger.info('Getting client tokens for host %s is forbidden (expected %s).', req.get('host'), headerHostShouldBe) |
76148b27 RK |
30 | return res.fail({ |
31 | status: HttpStatusCode.FORBIDDEN_403, | |
32 | message: `Getting client tokens for host ${req.get('host')} is forbidden` | |
33 | }) | |
6606150c C |
34 | } |
35 | ||
3fd3ab2d | 36 | const client = await OAuthClientModel.loadFirstClient() |
eb080476 C |
37 | if (!client) throw new Error('No client available.') |
38 | ||
39 | const json: OAuthClientLocal = { | |
40 | client_id: client.clientId, | |
41 | client_secret: client.clientSecret | |
42 | } | |
43 | return res.json(json) | |
6606150c C |
44 | } |
45 | ||
46 | // --------------------------------------------------------------------------- | |
47 | ||
65fcc311 | 48 | export { |
0a381679 | 49 | oauthClientsRouter |
65fcc311 | 50 | } |