remove redundant function calls

This commit is contained in:
Kagami Sascha Rosylight 2023-06-24 03:45:15 +02:00
parent cb2089981a
commit ca7c3c6063
1 changed files with 3 additions and 5 deletions

View File

@ -327,12 +327,12 @@ export class OAuth2ProviderService {
return [accessToken, undefined, { scope: granted.scopes.join(' ') }]; return [accessToken, undefined, { scope: granted.scopes.join(' ') }];
})().then(args => done(null, ...args ?? []), err => done(err)); })().then(args => done(null, ...args ?? []), err => done(err));
})); }));
this.#server.serializeClient((client, done) => done(null, client));
this.#server.deserializeClient((id, done) => done(null, id));
} }
@bindThis @bindThis
public async createServer(fastify: FastifyInstance): Promise<void> { public async createServer(fastify: FastifyInstance): Promise<void> {
// https://datatracker.ietf.org/doc/html/rfc8414.html
// https://indieauth.spec.indieweb.org/#indieauth-server-metadata
fastify.get('/.well-known/oauth-authorization-server', async (_request, reply) => { fastify.get('/.well-known/oauth-authorization-server', async (_request, reply) => {
reply.send({ reply.send({
issuer: this.config.url, issuer: this.config.url,
@ -347,8 +347,6 @@ export class OAuth2ProviderService {
}); });
}); });
// For now only allow the basic OAuth endpoints, to start small and evaluate
// this feature for some time, given that this is security related.
fastify.get('/oauth/authorize', async (request, reply) => { fastify.get('/oauth/authorize', async (request, reply) => {
const oauth2 = (request.raw as MiddlewareRequest).oauth2; const oauth2 = (request.raw as MiddlewareRequest).oauth2;
if (!oauth2) { if (!oauth2) {
@ -401,7 +399,7 @@ export class OAuth2ProviderService {
// Find client information from the remote. // Find client information from the remote.
const clientInfo = await discoverClientInformation(this.httpRequestService, clientUrl.href); const clientInfo = await discoverClientInformation(this.httpRequestService, clientUrl.href);
// Require an explicit list of redirect_uris per // Require the redirect URI to be included in an explicit list, per
// https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics#section-4.1.3 // https://datatracker.ietf.org/doc/html/draft-ietf-oauth-security-topics#section-4.1.3
if (!clientInfo.redirectUris.includes(redirectURI)) { if (!clientInfo.redirectUris.includes(redirectURI)) {
throw new AuthorizationError('Invalid redirect_uri', 'invalid_request'); throw new AuthorizationError('Invalid redirect_uri', 'invalid_request');