RegisterServerAuthenticatedResult,
RegisterServerAuthPassOptions,
RegisterServerExternalAuthenticatedResult
-} from '@shared/models/plugins/register-server-auth.model'
+} from '@server/types/plugins/register-server-auth.model'
import * as express from 'express'
import * as OAuthServer from 'express-oauth-server'
+import { HttpStatusCode } from '@shared/core-utils/miscs/http-error-codes'
const oAuthServer = new OAuthServer({
useErrorHandler: true,
accessTokenLifetime: OAUTH_LIFETIME.ACCESS_TOKEN,
refreshTokenLifetime: OAUTH_LIFETIME.REFRESH_TOKEN,
+ allowExtendedTokenAttributes: true,
continueMiddleware: true,
model: require('./oauth-model')
})
const token = res.locals.oauth.token
res.locals.explicitLogout = true
- await revokeToken(token)
+ const result = await revokeToken(token)
// FIXME: uncomment when https://github.com/oauthjs/node-oauth2-server/pull/289 is released
// oAuthServer.revoke(req, res, err => {
// }
// })
- return res.json()
+ return res.json(result)
}
async function onExternalUserAuthenticated (options: {
const obj = authBypassTokens.get(req.body.externalAuthToken)
if (!obj) {
logger.error('Cannot authenticate user with unknown bypass token')
- return res.sendStatus(400)
+ return res.sendStatus(HttpStatusCode.BAD_REQUEST_400)
}
const { expires, user, authName, npmName } = obj
const now = new Date()
if (now.getTime() > expires.getTime()) {
logger.error('Cannot authenticate user with an expired external auth token')
- return res.sendStatus(400)
+ return res.sendStatus(HttpStatusCode.BAD_REQUEST_400)
}
if (user.username !== req.body.username) {
logger.error('Cannot authenticate user %s with invalid username %s.', req.body.username)
- return res.sendStatus(400)
+ return res.sendStatus(HttpStatusCode.BAD_REQUEST_400)
}
// Bypass oauth library validation
projects / github / Chocobozzz / PeerTube.git / blobdiff