1 files changed, 0 insertions, 78 deletions
diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts
deleted file mode 100644
index 280595acc..000000000
--- a/server/middlewares/oauth.ts
+++ /dev/null
@@ -1,78 +0,0 @@
-import * as express from 'express'
-import { Socket } from 'socket.io'
-import { oAuthServer } from '@server/lib/auth'
-import { logger } from '../helpers/logger'
-import { getAccessToken } from '../lib/oauth-model'
-import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes'
-function authenticate (req: express.Request, res: express.Response, next: express.NextFunction, authenticateInQuery = false) {
-  const options = authenticateInQuery ? { allowBearerTokensInQueryString: true } : {}
-  oAuthServer.authenticate(options)(req, res, err => {
-    if (err) {
-      logger.warn('Cannot authenticate.', { err })
-      return res.status(err.status)
-        .json({
-          error: 'Token is invalid.',
-          code: err.name
-        })
-        .end()
-    }
-    res.locals.authenticated = true
-    return next()
-  })
-}
-function authenticateSocket (socket: Socket, next: (err?: any) => void) {
-  const accessToken = socket.handshake.query['accessToken']
-  logger.debug('Checking socket access token %s.', accessToken)
-  if (!accessToken) return next(new Error('No access token provided'))
-  if (typeof accessToken !== 'string') return next(new Error('Access token is invalid'))
-  getAccessToken(accessToken)
-    .then(tokenDB => {
-      const now = new Date()
-      if (!tokenDB || tokenDB.accessTokenExpiresAt < now || tokenDB.refreshTokenExpiresAt < now) {
-        return next(new Error('Invalid access token.'))
-      }
-      socket.handshake.auth.user = tokenDB.User
-      return next()
-    })
-    .catch(err => logger.error('Cannot get access token.', { err }))
-}
-function authenticatePromiseIfNeeded (req: express.Request, res: express.Response, authenticateInQuery = false) {
-  return new Promise<void>(resolve => {
-    // Already authenticated? (or tried to)
-    if (res.locals.oauth?.token.User) return resolve()
-    if (res.locals.authenticated === false) return res.sendStatus(HttpStatusCode.UNAUTHORIZED_401)
-    authenticate(req, res, () => resolve(), authenticateInQuery)
-  })
-}
-function optionalAuthenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
-  if (req.header('authorization')) return authenticate(req, res, next)
-  res.locals.authenticated = false
-  return next()
-}
-// ---------------------------------------------------------------------------
-export {
-  authenticate,
-  authenticateSocket,
-  authenticatePromiseIfNeeded,
-  optionalAuthenticate
-}

diff --git a/server/middlewares/oauth.ts b/server/middlewares/oauth.ts deleted file mode 100644 index 280595acc..000000000 --- a/server/middlewares/oauth.ts +++ /dev/null
@@ -1,78 +0,0 @@
1	import * as express from 'express'
2	import { Socket } from 'socket.io'
3	import { oAuthServer } from '@server/lib/auth'
4	import { logger } from '../helpers/logger'
5	import { getAccessToken } from '../lib/oauth-model'
6	import { HttpStatusCode } from '../../shared/core-utils/miscs/http-error-codes'
7
8	function authenticate (req: express.Request, res: express.Response, next: express.NextFunction, authenticateInQuery = false) {
9	const options = authenticateInQuery ? { allowBearerTokensInQueryString: true } : {}
10
11	oAuthServer.authenticate(options)(req, res, err => {
12	if (err) {
13	logger.warn('Cannot authenticate.', { err })
14
15	return res.status(err.status)
16	.json({
17	error: 'Token is invalid.',
18	code: err.name
19	})
20	.end()
21	}
22
23	res.locals.authenticated = true
24
25	return next()
26	})
27	}
28
29	function authenticateSocket (socket: Socket, next: (err?: any) => void) {
30	const accessToken = socket.handshake.query['accessToken']
31
32	logger.debug('Checking socket access token %s.', accessToken)
33
34	if (!accessToken) return next(new Error('No access token provided'))
35	if (typeof accessToken !== 'string') return next(new Error('Access token is invalid'))
36
37	getAccessToken(accessToken)
38	.then(tokenDB => {
39	const now = new Date()
40
41	if (!tokenDB \|\| tokenDB.accessTokenExpiresAt < now \|\| tokenDB.refreshTokenExpiresAt < now) {
42	return next(new Error('Invalid access token.'))
43	}
44
45	socket.handshake.auth.user = tokenDB.User
46
47	return next()
48	})
49	.catch(err => logger.error('Cannot get access token.', { err }))
50	}
51
52	function authenticatePromiseIfNeeded (req: express.Request, res: express.Response, authenticateInQuery = false) {
53	return new Promise<void>(resolve => {
54	// Already authenticated? (or tried to)
55	if (res.locals.oauth?.token.User) return resolve()
56
57	if (res.locals.authenticated === false) return res.sendStatus(HttpStatusCode.UNAUTHORIZED_401)
58
59	authenticate(req, res, () => resolve(), authenticateInQuery)
60	})
61	}
62
63	function optionalAuthenticate (req: express.Request, res: express.Response, next: express.NextFunction) {
64	if (req.header('authorization')) return authenticate(req, res, next)
65
66	res.locals.authenticated = false
67
68	return next()
69	}
70
71	// ---------------------------------------------------------------------------
72
73	export {
74	authenticate,
75	authenticateSocket,
76	authenticatePromiseIfNeeded,
77	optionalAuthenticate
78	}