changes
This commit is contained in:
parent
2305b97364
commit
799f50ea08
@ -2,7 +2,7 @@ import * as toml from 'toml';
|
|||||||
import { resolve } from 'path';
|
import { resolve } from 'path';
|
||||||
import { readFile } from 'fs/promises';
|
import { readFile } from 'fs/promises';
|
||||||
import { Configuration } from './config.interfaces';
|
import { Configuration } from './config.interfaces';
|
||||||
import { FactoryProvider, ValueProvider } from '@nestjs/common';
|
import { FactoryProvider, Logger, ValueProvider } from '@nestjs/common';
|
||||||
|
|
||||||
const CONFIG_ENV = process.env.NODE_ENV === 'production' ? 'prod' : 'dev';
|
const CONFIG_ENV = process.env.NODE_ENV === 'production' ? 'prod' : 'dev';
|
||||||
const CONFIG_FILENAME = process.env.CONFIG || `config.${CONFIG_ENV}.toml`;
|
const CONFIG_FILENAME = process.env.CONFIG || `config.${CONFIG_ENV}.toml`;
|
||||||
@ -71,7 +71,7 @@ export const configProviders = [
|
|||||||
...JSON.parse(JSON.stringify(toml.parse(file))),
|
...JSON.parse(JSON.stringify(toml.parse(file))),
|
||||||
};
|
};
|
||||||
} catch (e: unknown) {
|
} catch (e: unknown) {
|
||||||
console.error('Failed to load configuration:', (e as Error).message);
|
Logger.error('Failed to load configuration:', (e as Error).message);
|
||||||
return defaultConfig;
|
return defaultConfig;
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
|
@ -73,9 +73,9 @@ export class OAuth2Service {
|
|||||||
public clientService: OAuth2ClientService,
|
public clientService: OAuth2ClientService,
|
||||||
public tokenService: OAuth2TokenService,
|
public tokenService: OAuth2TokenService,
|
||||||
) {
|
) {
|
||||||
// if (process.env.NODE_ENV === 'development') {
|
if (!!process.env.DEBUG_OAUTH2) {
|
||||||
// this.oauth.logger.setLogLevel('debug');
|
this.oauth.logger.setLogLevel('debug');
|
||||||
// }
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
public splitScope(scope: string | string[]): string[] {
|
public splitScope(scope: string | string[]): string[] {
|
||||||
|
@ -1,5 +1,5 @@
|
|||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable } from '@nestjs/common';
|
||||||
import { Repository } from 'typeorm';
|
import { Raw, Repository } from 'typeorm';
|
||||||
import { OAuth2Client } from '../oauth2-client/oauth2-client.entity';
|
import { OAuth2Client } from '../oauth2-client/oauth2-client.entity';
|
||||||
import { User } from '../user/user.entity';
|
import { User } from '../user/user.entity';
|
||||||
import { OAuth2Token, OAuth2TokenType } from './oauth2-token.entity';
|
import { OAuth2Token, OAuth2TokenType } from './oauth2-token.entity';
|
||||||
@ -78,6 +78,12 @@ export class OAuth2TokenService {
|
|||||||
});
|
});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
public async wipeExpiredTokens() {
|
||||||
|
await this.tokenRepository.delete({
|
||||||
|
expires_at: Raw((alias) => `${alias} < NOW()`),
|
||||||
|
});
|
||||||
|
}
|
||||||
|
|
||||||
public async remove(token: OAuth2Token): Promise<void> {
|
public async remove(token: OAuth2Token): Promise<void> {
|
||||||
await this.tokenRepository.remove(token);
|
await this.tokenRepository.remove(token);
|
||||||
}
|
}
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
import { Inject, Injectable } from '@nestjs/common';
|
import { Inject, Injectable, Logger } from '@nestjs/common';
|
||||||
import { readFile, unlink } from 'fs/promises';
|
import { readFile, unlink } from 'fs/promises';
|
||||||
import { imageSize } from 'image-size';
|
import { imageSize } from 'image-size';
|
||||||
import { join } from 'path';
|
import { join } from 'path';
|
||||||
@ -57,7 +57,7 @@ export class UploadService {
|
|||||||
try {
|
try {
|
||||||
await unlink(path);
|
await unlink(path);
|
||||||
} catch (e: unknown) {
|
} catch (e: unknown) {
|
||||||
console.error('Failed to unlink avatar file:', (e as Error).stack);
|
Logger.error('Failed to unlink avatar file:', (e as Error).stack);
|
||||||
}
|
}
|
||||||
|
|
||||||
await this.uploadRepository.remove(upload);
|
await this.uploadRepository.remove(upload);
|
||||||
|
@ -14,7 +14,6 @@ import { Scope } from 'src/decorators/scope.decorator';
|
|||||||
import { CurrentUser } from 'src/decorators/user.decorator';
|
import { CurrentUser } from 'src/decorators/user.decorator';
|
||||||
import { OAuth2Guard } from 'src/guards/oauth2.guard';
|
import { OAuth2Guard } from 'src/guards/oauth2.guard';
|
||||||
import { ConfigurationService } from 'src/modules/config/config.service';
|
import { ConfigurationService } from 'src/modules/config/config.service';
|
||||||
import { JWTService } from 'src/modules/jwt/jwt.service';
|
|
||||||
import { User } from 'src/modules/objects/user/user.entity';
|
import { User } from 'src/modules/objects/user/user.entity';
|
||||||
import { OAuth2Service } from '../../oauth2/oauth2.service';
|
import { OAuth2Service } from '../../oauth2/oauth2.service';
|
||||||
|
|
||||||
@ -24,7 +23,6 @@ export class OAuth2Controller {
|
|||||||
constructor(
|
constructor(
|
||||||
private _service: OAuth2Service,
|
private _service: OAuth2Service,
|
||||||
private _config: ConfigurationService,
|
private _config: ConfigurationService,
|
||||||
private _jwt: JWTService,
|
|
||||||
) {}
|
) {}
|
||||||
|
|
||||||
// These requests are just passed straight on to the provider controller
|
// These requests are just passed straight on to the provider controller
|
||||||
@ -119,11 +117,4 @@ export class OAuth2Controller {
|
|||||||
|
|
||||||
return userData;
|
return userData;
|
||||||
}
|
}
|
||||||
|
|
||||||
@Get('jwks')
|
|
||||||
getJWKS() {
|
|
||||||
return {
|
|
||||||
keys: [this._jwt.jwks],
|
|
||||||
};
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
@ -1,12 +1,16 @@
|
|||||||
import { Controller, Get, Redirect, Res } from '@nestjs/common';
|
import { Controller, Get, Redirect, Res } from '@nestjs/common';
|
||||||
import { Response } from 'express';
|
import { Response } from 'express';
|
||||||
import { ConfigurationService } from '../config/config.service';
|
import { ConfigurationService } from '../config/config.service';
|
||||||
|
import { JWTService } from '../jwt/jwt.service';
|
||||||
|
|
||||||
@Controller({
|
@Controller({
|
||||||
path: '/.well-known/',
|
path: '/.well-known/',
|
||||||
})
|
})
|
||||||
export class WellKnownController {
|
export class WellKnownController {
|
||||||
constructor(private config: ConfigurationService) {}
|
constructor(
|
||||||
|
private readonly config: ConfigurationService,
|
||||||
|
private readonly jwt: JWTService,
|
||||||
|
) {}
|
||||||
|
|
||||||
@Get('security.txt')
|
@Get('security.txt')
|
||||||
securityTXT(@Res({ passthrough: true }) res: Response) {
|
securityTXT(@Res({ passthrough: true }) res: Response) {
|
||||||
@ -28,6 +32,13 @@ Contact: mailto:evert@lunasqu.ee
|
|||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Get('jwks.json')
|
||||||
|
getJWKS() {
|
||||||
|
return {
|
||||||
|
keys: [this.jwt.jwks],
|
||||||
|
};
|
||||||
|
}
|
||||||
|
|
||||||
@Get('openid-configuration')
|
@Get('openid-configuration')
|
||||||
openidConfiguration() {
|
openidConfiguration() {
|
||||||
const base = this.config.get<string>('app.base_url');
|
const base = this.config.get<string>('app.base_url');
|
||||||
@ -35,7 +46,7 @@ Contact: mailto:evert@lunasqu.ee
|
|||||||
issuer: this.config.get('jwt.issuer'),
|
issuer: this.config.get('jwt.issuer'),
|
||||||
authorization_endpoint: `${base}/oauth2/authorize`,
|
authorization_endpoint: `${base}/oauth2/authorize`,
|
||||||
token_endpoint: `${base}/oauth2/token`,
|
token_endpoint: `${base}/oauth2/token`,
|
||||||
jwks_uri: `${base}/oauth2/jwks`,
|
jwks_uri: `${base}/.well-known/jwks.json`,
|
||||||
userinfo_endpoint: `${base}/api/user`,
|
userinfo_endpoint: `${base}/api/user`,
|
||||||
introspection_endpoint: `${base}/oauth2/introspect`,
|
introspection_endpoint: `${base}/oauth2/introspect`,
|
||||||
response_types_supported: ['code', 'id_token'],
|
response_types_supported: ['code', 'id_token'],
|
||||||
|
@ -1,2 +1,3 @@
|
|||||||
div.logo-container
|
.logo-container
|
||||||
|
a(href="/", aria-label="Icy Network Home")
|
||||||
img(src="/public/image/icynet-icon.svg", alt="Icy Network")
|
img(src="/public/image/icynet-icon.svg", alt="Icy Network")
|
||||||
|
Reference in New Issue
Block a user