Refactor auth flow

Reimplement some node-oauth2-server methods to remove hacky code needed by our external
login workflow

4 files changed, 14 insertions, 16 deletions

diff --git a/server/middlewares/oauth.ts b/server/middlewares/auth.ts
index 280595acc..f38373624 100644
--- a/server/middlewares/oauth.ts
+++ b/server/middlewares/auth.ts
@@ -1,15 +1,19 @@
 import * as express from 'express'
 import { Socket } from 'socket.io'
-import { oAuthServer } from '@server/lib/auth'
-import { logger } from '../helpers/logger'
-import { getAccessToken } from '../lib/oauth-model'
+import { getAccessToken } from '@server/lib/auth/oauth-model'
 import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes'
+import { logger } from '../helpers/logger'
+import { handleOAuthAuthenticate } from '../lib/auth/oauth'
 
 function authenticate (req: express.Request, res: express.Response, next: express.NextFunction, authenticateInQuery = false) {
-  const options = authenticateInQuery ? { allowBearerTokensInQueryString: true } : {}
+  handleOAuthAuthenticate(req, res, authenticateInQuery)
+    .then((token: any) => {
+      res.locals.oauth = { token }
+      res.locals.authenticated = true
 
-  oAuthServer.authenticate(options)(req, res, err => {
-    if (err) {
+      return next()
+    })
+    .catch(err => {
       logger.warn('Cannot authenticate.', { err })
 
       return res.status(err.status)
@@ -17,13 +21,7 @@ function authenticate (req: express.Request, res: express.Response, next: expres
           error: 'Token is invalid.',
           code: err.name
         })
-        .end()
-    }
-
-    res.locals.authenticated = true
-
-    return next()
-  })
+    })
 }
 
 function authenticateSocket (socket: Socket, next: (err?: any) => void) {
diff --git a/server/middlewares/index.ts b/server/middlewares/index.ts
index b758a8586..3e280e16f 100644
--- a/server/middlewares/index.ts
+++ b/server/middlewares/index.ts
@@ -1,7 +1,7 @@
 export * from './validators'
 export * from './activitypub'
 export * from './async'
-export * from './oauth'
+export * from './auth'
 export * from './pagination'
 export * from './servers'
 export * from './sort'
diff --git a/server/middlewares/validators/videos/video-playlists.ts b/server/middlewares/validators/videos/video-playlists.ts
index 0fba4f5fd..c872d045e 100644
--- a/server/middlewares/validators/videos/video-playlists.ts
+++ b/server/middlewares/validators/videos/video-playlists.ts
@@ -29,7 +29,7 @@ import { doesVideoChannelIdExist, doesVideoExist, doesVideoPlaylistExist, VideoP
 import { CONSTRAINTS_FIELDS } from '../../../initializers/constants'
 import { VideoPlaylistElementModel } from '../../../models/video/video-playlist-element'
 import { MVideoPlaylist } from '../../../types/models/video/video-playlist'
-import { authenticatePromiseIfNeeded } from '../../oauth'
+import { authenticatePromiseIfNeeded } from '../../auth'
 import { areValidationErrors } from '../utils'
 
 const videoPlaylistsAddValidator = getCommonPlaylistEditAttributes().concat([
diff --git a/server/middlewares/validators/videos/videos.ts b/server/middlewares/validators/videos/videos.ts
index 37cc07b94..4d31d3dcb 100644
--- a/server/middlewares/validators/videos/videos.ts
+++ b/server/middlewares/validators/videos/videos.ts
@@ -54,7 +54,7 @@ import { isLocalVideoAccepted } from '../../../lib/moderation'
 import { Hooks } from '../../../lib/plugins/hooks'
 import { AccountModel } from '../../../models/account/account'
 import { VideoModel } from '../../../models/video/video'
-import { authenticatePromiseIfNeeded } from '../../oauth'
+import { authenticatePromiseIfNeeded } from '../../auth'
 import { areValidationErrors } from '../utils'
 
 const videosAddValidator = getCommonVideoEditAttributes().concat([