mirror of
https://git.joinsharkey.org/Sharkey/Sharkey.git
synced 2024-11-27 00:13:09 +02:00
generate the code later
This commit is contained in:
parent
0b3fd09bb0
commit
daa18efc99
2 changed files with 5 additions and 3 deletions
|
@ -238,14 +238,14 @@ export class OAuth2ProviderService {
|
||||||
used?: boolean,
|
used?: boolean,
|
||||||
}>(1000 * 60 * 5); // expires after 5m
|
}>(1000 * 60 * 5); // expires after 5m
|
||||||
|
|
||||||
// https://datatracker.ietf.org/doc/html/rfc7636.html
|
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics
|
||||||
|
// Authorization servers MUST support PKCE [RFC7636].
|
||||||
this.#server.grant(oauth2Pkce.extensions());
|
this.#server.grant(oauth2Pkce.extensions());
|
||||||
this.#server.grant(oauth2orize.grant.code({
|
this.#server.grant(oauth2orize.grant.code({
|
||||||
modes: getQueryMode(config.url),
|
modes: getQueryMode(config.url),
|
||||||
}, (client, redirectUri, token, ares, areq, locals, done) => {
|
}, (client, redirectUri, token, ares, areq, locals, done) => {
|
||||||
(async (): Promise<OmitFirstElement<Parameters<typeof done>>> => {
|
(async (): Promise<OmitFirstElement<Parameters<typeof done>>> => {
|
||||||
this.#logger.info(`Checking the user before sending authorization code to ${client.id}`);
|
this.#logger.info(`Checking the user before sending authorization code to ${client.id}`);
|
||||||
const code = secureRndstr(128, true);
|
|
||||||
|
|
||||||
if (!token) {
|
if (!token) {
|
||||||
throw new AuthorizationError('No user', 'invalid_request');
|
throw new AuthorizationError('No user', 'invalid_request');
|
||||||
|
@ -257,6 +257,8 @@ export class OAuth2ProviderService {
|
||||||
}
|
}
|
||||||
|
|
||||||
this.#logger.info(`Sending authorization code on behalf of user ${user.id} to ${client.id} through ${redirectUri}, with scope: [${areq.scope}]`);
|
this.#logger.info(`Sending authorization code on behalf of user ${user.id} to ${client.id} through ${redirectUri}, with scope: [${areq.scope}]`);
|
||||||
|
|
||||||
|
const code = secureRndstr(128, true);
|
||||||
grantCodeCache.set(code, {
|
grantCodeCache.set(code, {
|
||||||
clientId: client.id,
|
clientId: client.id,
|
||||||
userId: user.id,
|
userId: user.id,
|
||||||
|
|
|
@ -1,7 +1,7 @@
|
||||||
<template>
|
<template>
|
||||||
<MkStickyContainer>
|
<MkStickyContainer>
|
||||||
<template #header><MkPageHeader :actions="headerActions" :tabs="headerTabs"/></template>
|
<template #header><MkPageHeader :actions="headerActions" :tabs="headerTabs"/></template>
|
||||||
<MkSpacer :content-max="800">
|
<MkSpacer :contentMax="800">
|
||||||
<div v-if="$i">
|
<div v-if="$i">
|
||||||
<div v-if="_permissions.length > 0">
|
<div v-if="_permissions.length > 0">
|
||||||
<p v-if="name">{{ i18n.t('_auth.permission', { name }) }}</p>
|
<p v-if="name">{{ i18n.t('_auth.permission', { name }) }}</p>
|
||||||
|
|
Loading…
Reference in a new issue