From 6dac1b9213ddab95000c2bde1564fb088a600695 Mon Sep 17 00:00:00 2001 From: Asa <26807394+a01sa01to@users.noreply.github.com> Date: Fri, 6 Dec 2024 22:29:45 +0900 Subject: [PATCH 1/3] =?UTF-8?q?feat:=20verify-token=20=E6=99=82=E3=81=AB?= =?UTF-8?q?=20`read:basic=5Finfo`=20scope=20=E3=81=82=E3=82=8C=E3=81=B0?= =?UTF-8?q?=E5=9F=BA=E6=9C=AC=E7=9A=84=E3=81=AA=E6=83=85=E5=A0=B1=E3=82=92?= =?UTF-8?q?=E6=B8=A1=E3=81=99?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- webapp/api/oauth/verifyToken.ts | 13 +++++++++++-- webapp/db/seed.sql | 2 ++ webapp/repository/idp.ts | 5 +++-- 3 files changed, 16 insertions(+), 4 deletions(-) diff --git a/webapp/api/oauth/verifyToken.ts b/webapp/api/oauth/verifyToken.ts index d977e9c..bbbb7e5 100644 --- a/webapp/api/oauth/verifyToken.ts +++ b/webapp/api/oauth/verifyToken.ts @@ -1,6 +1,7 @@ import { zValidator } from '@hono/zod-validator' import { Hono } from 'hono' import { HonoEnv } from 'load-context' +import { IUserInfo } from 'repository/idp' import { z } from 'zod' const app = new Hono() @@ -19,6 +20,7 @@ interface ValidResponseType { user_id: string expires_at: number scopes: string[] + user_info?: IUserInfo } interface InvalidResponseType { @@ -79,13 +81,20 @@ app.post( return c.json(INVALID_REQUEST_RESPONSE, 404) } - return c.json({ + const res: ValidResponseType = { valid: true, client: tokenInfo.client, user_id: tokenInfo.user_id, expires_at: tokenInfo.access_token_expires_at.getTime(), scopes: tokenInfo.scopes.map(s => s.scope.name), - }) + } + + if (res.scopes.includes('read:basic_info')) { + const user = await c.var.idpClient.findUserById(res.user_id) + if (user) res.user_info = user + } + + return c.json(res) }, ) diff --git a/webapp/db/seed.sql b/webapp/db/seed.sql index 119fbfe..0f0c133 100644 --- a/webapp/db/seed.sql +++ b/webapp/db/seed.sql @@ -2,3 +2,5 @@ -- https://orm.drizzle.team/docs/kit-seed-data INSERT OR IGNORE INTO `oauth_provider` (`id`, `name`) VALUES (1, "GitHub") + +INSERT OR IGNORE INTO `scope` (`id`, `name`, `description`) VALUES (1, "read:basic_info", "あなたのユーザー名やユーザー ID、プロフィール画像を読み取ります。") diff --git a/webapp/repository/idp.ts b/webapp/repository/idp.ts index ae9902a..171324e 100644 --- a/webapp/repository/idp.ts +++ b/webapp/repository/idp.ts @@ -1,10 +1,11 @@ +/* eslint-disable sort-exports/sort-exports */ // saitamau-maximum/id の db/schema.ts 参照 -interface IUserInfo { +export interface IUserInfo { id: string display_name: string profile_image_url: string | null } -interface IOauthConnection { +export interface IOauthConnection { user_id: string provider_id: number provider_user_id: string From b8c321ae3c13034ae58667b0892a0d24f874e064 Mon Sep 17 00:00:00 2001 From: Asa <26807394+a01sa01to@users.noreply.github.com> Date: Fri, 6 Dec 2024 22:49:02 +0900 Subject: [PATCH 2/3] =?UTF-8?q?refactor:=20scope=20=E3=82=92=20constants?= =?UTF-8?q?=20=E3=81=AB?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- webapp/api/oauth/verifyToken.ts | 8 +++++--- webapp/constants/scope.ts | 3 +++ 2 files changed, 8 insertions(+), 3 deletions(-) create mode 100644 webapp/constants/scope.ts diff --git a/webapp/api/oauth/verifyToken.ts b/webapp/api/oauth/verifyToken.ts index bbbb7e5..7b4f9ce 100644 --- a/webapp/api/oauth/verifyToken.ts +++ b/webapp/api/oauth/verifyToken.ts @@ -1,9 +1,11 @@ import { zValidator } from '@hono/zod-validator' import { Hono } from 'hono' -import { HonoEnv } from 'load-context' -import { IUserInfo } from 'repository/idp' import { z } from 'zod' +import { readScope } from '../../constants/scope' +import { HonoEnv } from '../../load-context' +import { IUserInfo } from '../../repository/idp' + const app = new Hono() // 仕様はここ参照: https://github.com/saitamau-maximum/auth/issues/43 @@ -89,7 +91,7 @@ app.post( scopes: tokenInfo.scopes.map(s => s.scope.name), } - if (res.scopes.includes('read:basic_info')) { + if (res.scopes.includes(readScope.basic_info)) { const user = await c.var.idpClient.findUserById(res.user_id) if (user) res.user_info = user } diff --git a/webapp/constants/scope.ts b/webapp/constants/scope.ts new file mode 100644 index 0000000..b324d39 --- /dev/null +++ b/webapp/constants/scope.ts @@ -0,0 +1,3 @@ +export const readScope = { + basic_info: 'read:basic_info', +} From d9a5de0520491f4da9e6db24ea192d95cc9dd406 Mon Sep 17 00:00:00 2001 From: Asa <26807394+a01sa01to@users.noreply.github.com> Date: Fri, 6 Dec 2024 22:54:42 +0900 Subject: [PATCH 3/3] rename --- webapp/api/oauth/verifyToken.ts | 4 ++-- webapp/constants/scope.ts | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/webapp/api/oauth/verifyToken.ts b/webapp/api/oauth/verifyToken.ts index 7b4f9ce..7710439 100644 --- a/webapp/api/oauth/verifyToken.ts +++ b/webapp/api/oauth/verifyToken.ts @@ -2,7 +2,7 @@ import { zValidator } from '@hono/zod-validator' import { Hono } from 'hono' import { z } from 'zod' -import { readScope } from '../../constants/scope' +import { READ_SCOPES } from '../../constants/scope' import { HonoEnv } from '../../load-context' import { IUserInfo } from '../../repository/idp' @@ -91,7 +91,7 @@ app.post( scopes: tokenInfo.scopes.map(s => s.scope.name), } - if (res.scopes.includes(readScope.basic_info)) { + if (res.scopes.includes(READ_SCOPES.BASIC_INFO)) { const user = await c.var.idpClient.findUserById(res.user_id) if (user) res.user_info = user } diff --git a/webapp/constants/scope.ts b/webapp/constants/scope.ts index b324d39..3efdfea 100644 --- a/webapp/constants/scope.ts +++ b/webapp/constants/scope.ts @@ -1,3 +1,3 @@ -export const readScope = { - basic_info: 'read:basic_info', +export const READ_SCOPES = { + BASIC_INFO: 'read:basic_info', }