2022-03-09 18:37:04 +00:00
|
|
|
import { Inject, Injectable } from '@nestjs/common';
|
2022-03-20 14:50:12 +00:00
|
|
|
import { DeleteResult, Repository } from 'typeorm';
|
|
|
|
import { User } from '../user/user.entity';
|
2022-03-09 18:37:04 +00:00
|
|
|
import { OAuth2ClientAuthorization } from './oauth2-client-authorization.entity';
|
|
|
|
import {
|
|
|
|
OAuth2ClientURL,
|
|
|
|
OAuth2ClientURLType,
|
|
|
|
} from './oauth2-client-url.entity';
|
|
|
|
import { OAuth2Client } from './oauth2-client.entity';
|
|
|
|
|
|
|
|
@Injectable()
|
|
|
|
export class OAuth2ClientService {
|
|
|
|
constructor(
|
|
|
|
@Inject('CLIENT_REPOSITORY')
|
|
|
|
private clientRepository: Repository<OAuth2Client>,
|
|
|
|
@Inject('CLIENT_URL_REPOSITORY')
|
|
|
|
private clientUrlRepository: Repository<OAuth2ClientURL>,
|
|
|
|
@Inject('CLIENT_AUTHORIZATION_REPOSITORY')
|
|
|
|
private clientAuthRepository: Repository<OAuth2ClientAuthorization>,
|
|
|
|
) {}
|
|
|
|
|
2022-03-20 14:50:12 +00:00
|
|
|
public async hasAuthorized(
|
|
|
|
userId: number,
|
|
|
|
clientId: string,
|
|
|
|
scope: string[],
|
|
|
|
): Promise<boolean> {
|
|
|
|
const authorization = await this.clientAuthRepository.findOne({
|
|
|
|
where: {
|
|
|
|
user: {
|
|
|
|
id: userId,
|
|
|
|
},
|
|
|
|
client: {
|
|
|
|
client_id: clientId,
|
|
|
|
},
|
|
|
|
},
|
|
|
|
relations: ['user', 'client'],
|
|
|
|
});
|
|
|
|
|
|
|
|
if (!authorization) {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Scopes must have been allowed
|
|
|
|
const splitScope = authorization.scope.split(' ');
|
|
|
|
if (scope.every((item) => splitScope.includes(item))) {
|
|
|
|
return true;
|
|
|
|
}
|
|
|
|
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
|
|
|
|
public async createAuthorization(
|
|
|
|
user: User,
|
|
|
|
client: OAuth2Client,
|
|
|
|
scope: string[],
|
|
|
|
): Promise<OAuth2ClientAuthorization> {
|
|
|
|
const existing = await this.clientAuthRepository.findOne({
|
|
|
|
where: {
|
|
|
|
user,
|
|
|
|
client,
|
|
|
|
},
|
|
|
|
relations: ['user', 'client'],
|
|
|
|
});
|
|
|
|
|
|
|
|
if (existing) {
|
|
|
|
const splitScope = existing.scope.split(' ');
|
|
|
|
scope.forEach((item) => {
|
|
|
|
if (!splitScope.includes(item)) {
|
|
|
|
splitScope.push(item);
|
|
|
|
}
|
|
|
|
});
|
|
|
|
existing.scope = splitScope.join(' ');
|
|
|
|
await this.clientAuthRepository.save(existing);
|
|
|
|
return existing;
|
|
|
|
}
|
|
|
|
|
|
|
|
const authorization = new OAuth2ClientAuthorization();
|
|
|
|
authorization.user = user;
|
|
|
|
authorization.client = client;
|
|
|
|
authorization.scope = scope.join(' ');
|
|
|
|
await this.clientAuthRepository.insert(authorization);
|
|
|
|
return authorization;
|
|
|
|
}
|
|
|
|
|
|
|
|
public async getAuthorizations(
|
|
|
|
user: User,
|
|
|
|
): Promise<OAuth2ClientAuthorization[]> {
|
|
|
|
return this.clientAuthRepository.find({
|
|
|
|
relations: ['user', 'client', 'client.urls'],
|
|
|
|
where: { user },
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
|
|
|
public async revokeAuthorization(
|
|
|
|
auth: OAuth2ClientAuthorization,
|
|
|
|
): Promise<OAuth2ClientAuthorization> {
|
|
|
|
console.log(auth);
|
|
|
|
return this.clientAuthRepository.remove(auth);
|
|
|
|
}
|
|
|
|
|
|
|
|
public async getAuthorization(
|
|
|
|
user: User,
|
|
|
|
authId: number,
|
|
|
|
): Promise<OAuth2ClientAuthorization> {
|
|
|
|
return this.clientAuthRepository.findOne({
|
|
|
|
where: {
|
|
|
|
user,
|
|
|
|
id: authId,
|
|
|
|
},
|
|
|
|
relations: ['user'],
|
|
|
|
});
|
|
|
|
}
|
|
|
|
|
2022-03-09 18:37:04 +00:00
|
|
|
public async getById(id: string | number): Promise<OAuth2Client> {
|
|
|
|
let client: OAuth2Client;
|
|
|
|
|
|
|
|
if (typeof id === 'string') {
|
2022-08-17 19:48:20 +00:00
|
|
|
client = await this.clientRepository.findOne({
|
|
|
|
where: { client_id: id },
|
|
|
|
relations: ['urls', 'picture'],
|
|
|
|
});
|
2022-03-09 18:37:04 +00:00
|
|
|
} else {
|
2022-08-17 19:48:20 +00:00
|
|
|
client = await this.clientRepository.findOne({
|
|
|
|
where: { id },
|
|
|
|
relations: ['urls', 'picture'],
|
|
|
|
});
|
2022-03-09 18:37:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
return client;
|
|
|
|
}
|
|
|
|
|
|
|
|
public async getClientURLs(
|
|
|
|
id: string,
|
|
|
|
type?: OAuth2ClientURLType,
|
|
|
|
): Promise<OAuth2ClientURL[]> {
|
2022-03-16 18:37:50 +00:00
|
|
|
return this.clientUrlRepository.find({
|
|
|
|
where: {
|
|
|
|
client: { client_id: id },
|
|
|
|
type,
|
|
|
|
},
|
|
|
|
relations: ['client'],
|
|
|
|
});
|
2022-03-09 18:37:04 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
public async checkRedirectURI(id: string, url: string): Promise<boolean> {
|
2022-08-17 19:48:20 +00:00
|
|
|
return !!(await this.clientUrlRepository.findOne({
|
|
|
|
where: {
|
2022-03-16 18:37:50 +00:00
|
|
|
client: { client_id: id },
|
|
|
|
url,
|
|
|
|
type: OAuth2ClientURLType.REDIRECT_URI,
|
|
|
|
},
|
2022-08-17 19:48:20 +00:00
|
|
|
relations: ['client'],
|
|
|
|
}));
|
2022-03-09 18:37:04 +00:00
|
|
|
}
|
|
|
|
}
|