This commit is contained in:
Kagami Sascha Rosylight 2023-04-02 10:41:43 +02:00
parent 049dbfeb66
commit 39526d0225
4 changed files with 8 additions and 8 deletions

View File

@ -1,6 +1,5 @@
import dns from 'node:dns/promises';
import { Inject, Injectable } from '@nestjs/common';
import Provider, { type Adapter, type Account, AdapterPayload } from 'oidc-provider';
import fastifyMiddie, { IncomingMessageExtended } from '@fastify/middie';
import { JSDOM } from 'jsdom';
import parseLinkHeader from 'parse-link-header';
@ -429,8 +428,6 @@ export class OAuth2ProviderService {
});
});
// oidc-provider provides many more endpoints for OpenID support and there's
// no way to turn it off.
// For now only allow the basic OAuth endpoints, to start small and evaluate
// this feature for some time, given that this is security related.
fastify.get<{ Querystring: OAuthRequestQuery }>('/oauth/authorize', async (request, reply) => {
@ -451,6 +448,8 @@ export class OAuth2ProviderService {
reply.header('Cache-Control', 'no-store');
return await reply.view('oauth', {
transactionId: oauth2?.transactionID,
clientId: oauth2?.client,
scope: oauth2?.req.scope.join(' '),
});
});
fastify.post('/oauth/decision', async () => { });

View File

@ -7,4 +7,3 @@ block meta
meta(name='misskey:oauth:transaction-id' content=transactionId)
meta(name='misskey:oauth:client-id' content=clientId)
meta(name='misskey:oauth:scope' content=scope)
meta(name='misskey:oauth:redirection-uri' content=redirectionUri)

View File

@ -5,6 +5,7 @@
:class="[$style.root, { [$style.inline]: inline, [$style.primary]: primary, [$style.gradate]: gradate, [$style.danger]: danger, [$style.rounded]: rounded, [$style.full]: full, [$style.small]: small, [$style.large]: large, [$style.transparent]: transparent, [$style.asLike]: asLike }]"
:type="type"
:name="name"
:value="value"
@click="emit('click', $event)"
@mousedown="onMousedown"
>
@ -46,6 +47,7 @@ const props = defineProps<{
transparent?: boolean;
asLike?: boolean;
name?: string;
value?: string;
}>();
const emit = defineEmits<{

View File

@ -4,18 +4,18 @@
<MkSpacer :content-max="800">
<div v-if="$i">
<div v-if="_permissions.length > 0">
<p v-if="name">{{ $t('_auth.permission', { name }) }}</p>
<p v-if="name">{{ i18n.t('_auth.permission', { name }) }}</p>
<p v-else>{{ i18n.ts._auth.permissionAsk }}</p>
<ul>
<li v-for="p in _permissions" :key="p">{{ $t(`_permissions.${p}`) }}</li>
<li v-for="p in _permissions" :key="p">{{ i18n.t(`_permissions.${p}`) }}</li>
</ul>
</div>
<div v-if="name">{{ $t('_auth.shareAccess', { name }) }}</div>
<div v-if="name">{{ i18n.t('_auth.shareAccess', { name }) }}</div>
<div v-else>{{ i18n.ts._auth.shareAccessAsk }}</div>
<form :class="$style.buttons" action="/oauth/decision" accept-charset="utf-8" method="post">
<input name="login_token" type="hidden" :value="$i.token"/>
<input name="transaction_id" type="hidden" :value="transactionIdMeta?.content"/>
<MkButton inline name="cancel">{{ i18n.ts.cancel }}</MkButton>
<MkButton inline name="cancel" value="cancel">{{ i18n.ts.cancel }}</MkButton>
<MkButton inline primary>{{ i18n.ts.accept }}</MkButton>
</form>
</div>