feat: verify-token 時に read:basic_info scope あれば基本的な情報を渡す

webapp/api/oauth/verifyToken.ts

@@ -1,6 +1,7 @@
 import { zValidator } from '@hono/zod-validator'
 import { Hono } from 'hono'
 import { HonoEnv } from 'load-context'
+import { IUserInfo } from 'repository/idp'
 import { z } from 'zod'
 
 const app = new Hono<HonoEnv>()
@@ -19,6 +20,7 @@ interface ValidResponseType {
   user_id: string
   expires_at: number
   scopes: string[]
+  user_info?: IUserInfo
 }
 
 interface InvalidResponseType {
@@ -79,13 +81,20 @@ app.post(
       return c.json<InvalidResponseType>(INVALID_REQUEST_RESPONSE, 404)
     }
 
-    return c.json<ValidResponseType>({
+    const res: ValidResponseType = {
       valid: true,
       client: tokenInfo.client,
       user_id: tokenInfo.user_id,
       expires_at: tokenInfo.access_token_expires_at.getTime(),
       scopes: tokenInfo.scopes.map(s => s.scope.name),
-    })
+    }
+
+    if (res.scopes.includes('read:basic_info')) {
+      const user = await c.var.idpClient.findUserById(res.user_id)
+      if (user) res.user_info = user
+    }
+
+    return c.json<ValidResponseType>(res)
   },
 )
 

webapp/db/seed.sql

@@ -2,3 +2,5 @@
 -- https://orm.drizzle.team/docs/kit-seed-data
 
 INSERT OR IGNORE INTO `oauth_provider` (`id`, `name`) VALUES (1, "GitHub")
+
+INSERT OR IGNORE INTO `scope` (`id`, `name`, `description`) VALUES (1, "read:basic_info", "あなたのユーザー名やユーザー ID、プロフィール画像を読み取ります。")

webapp/repository/idp.ts

@@ -1,10 +1,11 @@
+/* eslint-disable sort-exports/sort-exports */
 // saitamau-maximum/id の db/schema.ts 参照
-interface IUserInfo {
+export interface IUserInfo {
   id: string
   display_name: string
   profile_image_url: string | null
 }
-interface IOauthConnection {
+export interface IOauthConnection {
   user_id: string
   provider_id: number
   provider_user_id: string