aboutsummaryrefslogblamecommitdiffhomepage
path: root/server/models/oauth/oauth-token.ts
blob: 6bc6cf27c6fcf6bd5ef0f44c7565456eaeb13f2c (plain) (tree) 
b49f22d8f

f201a7499

d175a6f7a

f201a7499











b49f22d8f

da854ddd5

b49f22d8f

91411dba9

b49f22d8f

91411dba9

b49f22d8f

3fd3ab2d3



a15871560

3fd3ab2d3


a15871560

3fd3ab2d3



e307e4fce

3fd3ab2d3

2f372a865

d48ff09d2

91411dba9

d48ff09d2


3acc50844

91411dba9

d48ff09d2


3acc50844

91411dba9

d48ff09d2


91411dba9

3acc50844

91411dba9



5c6d985fa

3acc50844

91411dba9



d48ff09d2



3acc50844

d48ff09d2

3acc50844

3fd3ab2d3



feb4bdfd9

3fd3ab2d3


feb4bdfd9


3fd3ab2d3








feb4bdfd9

3fd3ab2d3


b49f22d8f

feb4bdfd9

3fd3ab2d3



e02643f32

3fd3ab2d3



e02643f32

3fd3ab2d3



69b0a27cb

3fd3ab2d3



69b0a27cb

e1c550311



3fd3ab2d3











feb4bdfd9

feb4bdfd9




3fd3ab2d3

319d072e8

3fd3ab2d3





319d072e8

319d072e8




3fd3ab2d3

feb4bdfd9

f201a7499

d175a6f7a

f201a7499




e307e4fce








3fd3ab2d3



e307e4fce

3fd3ab2d3




e307e4fce











716adfaed

e307e4fce







feb4bdfd9


b49f22d8f

3fd3ab2d3



d48ff09d2

3fd3ab2d3

2f372a865

3acc50844



453e83ea5

69b0a27cb

453e83ea5

3acc50844

feb4bdfd9


b49f22d8f

3fd3ab2d3


e307e4fce

d48ff09d2

3fd3ab2d3

feb4bdfd9

91411dba9

d48ff09d2


e307e4fce

453e83ea5


d48ff09d2

feb4bdfd9

f8b8c36b2

e69219184

f8b8c36b2



e69219184


f8b8c36b2




2f372a865

1

2

3

4
5
6
7
8
9
10
11
12
13
14

15

16

17

18

19

20

21

22
23
24

25

26
27

28

29
30
31

32

33

34

35

36

37
38

39

40

41
42

43

44

45
46

47

48

49
50
51

52

53

54
55
56

57
58
59

60

61

62

63
64
65

66

67
68

69
70

71
72
73
74
75
76
77
78

79

80
81

82

83

84
85
86

87

88
89
90

91

92
93
94

95

96
97
98

99

100
101
102

103
104
105
106
107
108
109
110
111
112
113

114

115
116
117
118

119

120

121
122
123
124
125

126

127
128
129
130

131

132

133

134

135
136
137
138

139
140
141
142
143
144
145
146

147
148
149

150

151
152
153
154

155
156
157
158
159
160
161
162
163
164
165

166

167
168
169
170
171
172
173

174
175

176

177
178
179

180

181

182

183
184
185

186

187

188

189

190
191

192

193
194

195

196

197

198

199

200
201

202

203
204

205

206

207

208

209
210
211

212
213

214
215
216
217

218

                                       
        
               










                             
                                                                        
                                             
                                                         
                                                 
                                           
                                                 
                                                 


                              
                             

              
   


              
                        
 
 
                 
                         

 
                
                           

              
                                    
                       

                  
                                 
                                           


                           
                                            
                                             


                              


           
     
   
   


                          
     

                                 

      







                                 
     

   
                                            
 


                     
 


                            
 


                      
 


                             
 


                  










                               
                 



                       
                 
 




                                      
                 



                       
                                  
 
              
               



                                                    







                                                    


                                                                    
                    



                                   










                                                                                 
                                               






                                                                           

   
                                                                                    


                                
       
     
 


                                                      
                                                   
 
                                                                             
                            

   
                                                                                            

                   
                    
       
     
 
                                                      

                      
                                    

                                                         
        
   
 
                                                            


                   

                    



                                         
 
import { Transaction } from 'sequelize'
import {
  AfterDestroy,
  AfterUpdate,
  AllowNull,
  BelongsTo,
  Column,
  CreatedAt,
  ForeignKey,
  Model,
  Scopes,
  Table,
  UpdatedAt
} from 'sequelize-typescript'
import { MOAuthTokenUser } from '@server/types/models/oauth/oauth-token'
import { logger } from '../../helpers/logger'
import { clearCacheByToken } from '../../lib/oauth-model'
import { AccountModel } from '../account/account'
import { UserModel } from '../account/user'
import { ActorModel } from '../activitypub/actor'
import { OAuthClientModel } from './oauth-client'

export type OAuthTokenInfo = {
  refreshToken: string
  refreshTokenExpiresAt: Date
  client: {
    id: number
  }
  user: {
    id: number
  }
  token: MOAuthTokenUser
}

enum ScopeNames {
  WITH_USER = 'WITH_USER'
}

@Scopes(() => ({
  [ScopeNames.WITH_USER]: {
    include: [
      {
        model: UserModel.unscoped(),
        required: true,
        include: [
          {
            attributes: [ 'id' ],
            model: AccountModel.unscoped(),
            required: true,
            include: [
              {
                attributes: [ 'id', 'url' ],
                model: ActorModel.unscoped(),
                required: true
              }
            ]
          }
        ]
      }
    ]
  }
}))
@Table({
  tableName: 'oAuthToken',
  indexes: [
    {
      fields: [ 'refreshToken' ],
      unique: true
    },
    {
      fields: [ 'accessToken' ],
      unique: true
    },
    {
      fields: [ 'userId' ]
    },
    {
      fields: [ 'oAuthClientId' ]
    }
  ]
})
export class OAuthTokenModel extends Model {

  @AllowNull(false)
  @Column
  accessToken: string

  @AllowNull(false)
  @Column
  accessTokenExpiresAt: Date

  @AllowNull(false)
  @Column
  refreshToken: string

  @AllowNull(false)
  @Column
  refreshTokenExpiresAt: Date

  @Column
  authName: string

  @CreatedAt
  createdAt: Date

  @UpdatedAt
  updatedAt: Date

  @ForeignKey(() => UserModel)
  @Column
  userId: number

  @BelongsTo(() => UserModel, {
    foreignKey: {
      allowNull: false
    },
    onDelete: 'cascade'
  })
  User: UserModel

  @ForeignKey(() => OAuthClientModel)
  @Column
  oAuthClientId: number

  @BelongsTo(() => OAuthClientModel, {
    foreignKey: {
      allowNull: false
    },
    onDelete: 'cascade'
  })
  OAuthClients: OAuthClientModel[]

  @AfterUpdate
  @AfterDestroy
  static removeTokenCache (token: OAuthTokenModel) {
    return clearCacheByToken(token.accessToken)
  }

  static loadByRefreshToken (refreshToken: string) {
    const query = {
      where: { refreshToken }
    }

    return OAuthTokenModel.findOne(query)
  }

  static getByRefreshTokenAndPopulateClient (refreshToken: string) {
    const query = {
      where: {
        refreshToken
      },
      include: [ OAuthClientModel ]
    }

    return OAuthTokenModel.scope(ScopeNames.WITH_USER)
                          .findOne(query)
                          .then(token => {
                            if (!token) return null

                            return {
                              refreshToken: token.refreshToken,
                              refreshTokenExpiresAt: token.refreshTokenExpiresAt,
                              client: {
                                id: token.oAuthClientId
                              },
                              user: token.User,
                              token
                            } as OAuthTokenInfo
                          })
                          .catch(err => {
                            logger.error('getRefreshToken error.', { err })
                            throw err
                          })
  }

  static getByTokenAndPopulateUser (bearerToken: string): Promise<MOAuthTokenUser> {
    const query = {
      where: {
        accessToken: bearerToken
      }
    }

    return OAuthTokenModel.scope(ScopeNames.WITH_USER)
                          .findOne(query)
                          .then(token => {
                            if (!token) return null

                            return Object.assign(token, { user: token.User })
                          })
  }

  static getByRefreshTokenAndPopulateUser (refreshToken: string): Promise<MOAuthTokenUser> {
    const query = {
      where: {
        refreshToken
      }
    }

    return OAuthTokenModel.scope(ScopeNames.WITH_USER)
      .findOne(query)
      .then(token => {
        if (!token) return undefined

        return Object.assign(token, { user: token.User })
      })
  }

  static deleteUserToken (userId: number, t?: Transaction) {
    const query = {
      where: {
        userId
      },
      transaction: t
    }

    return OAuthTokenModel.destroy(query)
  }
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-18 04:29:45 +0000