IcyNetwork/sso-core
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check inactive OAuth2 clients

Browse Source
This commit is contained in:
Evert Prants 2024-06-08 10:04:02 +03:00
parent 88c4dedceb
commit 5171f1fc0f
Signed by: evert
GPG Key ID: 1688DA83D222D0B5
5 changed files with 17 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/lib/server/oauth2/controller/authorization.ts
View File

@ -80,7 +80,7 @@ export class OAuth2AuthorizationController {
// console.debug('Parameter grant_type is', grantTypes.join(' ')); // console.debug('Parameter grant_type is', grantTypes.join(' '));
const client = await OAuth2Clients.fetchById(clientId); const client = await OAuth2Clients.fetchById(clientId);
if (!client) { if (!client || client.activated === 0) {
throw new InvalidClient('Client not found'); throw new InvalidClient('Client not found');
} }

3
src/lib/server/oauth2/controller/bearer.ts
View File

@ -1,3 +1,4 @@
import { ApiUtils } from '$lib/server/api-utils';
import { AccessDenied } from '../error'; import { AccessDenied } from '../error';
import { OAuth2AccessTokens, type OAuth2AccessToken } from '../model'; import { OAuth2AccessTokens, type OAuth2AccessToken } from '../model';
@ -28,7 +29,7 @@ export class OAuth2BearerController {
} else if (url?.searchParams.has('access_token')) { } else if (url?.searchParams.has('access_token')) {
token = url.searchParams.get('access_token') as string; token = url.searchParams.get('access_token') as string;
} else { } else {
const body = await request.json().catch(() => ({})); const body = await ApiUtils.getJsonOrFormBody(request);
if (!body.access_token) { if (!body.access_token) {
throw new AccessDenied('Bearer token not found'); throw new AccessDenied('Bearer token not found');
} }

2
src/lib/server/oauth2/controller/introspection.ts
View File

@ -44,7 +44,7 @@ export class OAuth2IntrospectionController {
const client = await OAuth2Clients.fetchById(clientId); const client = await OAuth2Clients.fetchById(clientId);
if (!client) { if (!client || client.activated === 0) {
throw new InvalidClient('Client not found'); throw new InvalidClient('Client not found');
} }

2
src/lib/server/oauth2/controller/token.ts
View File

@ -56,7 +56,7 @@ export class OAuth2TokenController {
const client = await OAuth2Clients.fetchById(clientId); const client = await OAuth2Clients.fetchById(clientId);
if (!client) { if (!client || client.activated === 0) {
throw new InvalidClient('Client not found'); throw new InvalidClient('Client not found');
} }

12
src/lib/server/oauth2/model/tokens.ts
View File

@ -165,6 +165,10 @@ export class OAuth2Codes {
} }
const client = await OAuth2Clients.fetchById(find.clientId as number); const client = await OAuth2Clients.fetchById(find.clientId as number);
if (!client || client.activated === 0) {
return undefined;
}
return { return {
...find, ...find,
clientIdPub: client.client_id, clientIdPub: client.client_id,
@ -227,6 +231,10 @@ export class OAuth2AccessTokens {
} }
const client = await OAuth2Clients.fetchById(find.clientId as number); const client = await OAuth2Clients.fetchById(find.clientId as number);
if (!client || client.activated === 0) {
return undefined;
}
return { return {
...find, ...find,
clientIdPub: client.client_id clientIdPub: client.client_id
@ -291,6 +299,10 @@ export class OAuth2RefreshTokens {
} }
const client = await OAuth2Clients.fetchById(find.clientId as number); const client = await OAuth2Clients.fetchById(find.clientId as number);
if (!client || client.activated === 0) {
return undefined;
}
return { return {
...find, ...find,
clientIdPub: client.client_id clientIdPub: client.client_id