mirrors/barkey
1
0
Fork 0
mirror of https://codeberg.org/yeentown/barkey.git synced 2025-07-07 20:44:34 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

improve type checks in POST /api/v1/apps endpoint

Browse source
This commit is contained in:
Hazelnoot 2025-05-06 13:08:40 -04:00
parent 317f5602fe
commit 7cd181df71
2 changed files with 14 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
packages/backend/src/server/api/mastodon/endpoints/apps.ts
View file

@ -47,9 +47,9 @@ const writeScope = [
export interface AuthPayload {
scopes?: string | string[],
redirect_uris?: string,
client_name?: string,
website?: string,
redirect_uris?: string | string[],
client_name?: string | string[],
website?: string | string[],
}
// Not entirely right, but it gets TypeScript to work so *shrug*
@ -66,7 +66,10 @@ export class ApiAppsMastodon {
const body = _request.body ?? _request.query;
if (!body.scopes) return reply.code(400).send({ error: 'BAD_REQUEST', error_description: 'Missing required payload "scopes"' });
if (!body.redirect_uris) return reply.code(400).send({ error: 'BAD_REQUEST', error_description: 'Missing required payload "redirect_uris"' });
if (Array.isArray(body.redirect_uris)) return reply.code(400).send({ error: 'BAD_REQUEST', error_description: 'Invalid payload "redirect_uris": only one value is allowed' });
if (!body.client_name) return reply.code(400).send({ error: 'BAD_REQUEST', error_description: 'Missing required payload "client_name"' });
if (Array.isArray(body.client_name)) return reply.code(400).send({ error: 'BAD_REQUEST', error_description: 'Invalid payload "client_name": only one value is allowed' });
if (Array.isArray(body.website)) return reply.code(400).send({ error: 'BAD_REQUEST', error_description: 'Invalid payload "website": only one value is allowed' });
let scope = body.scopes;
if (typeof scope === 'string') {
@ -87,12 +90,10 @@ export class ApiAppsMastodon {
}
}
const red = body.redirect_uris;
const client = this.clientService.getClient(_request);
const appData = await client.registerApp(body.client_name, {
scopes: Array.from(pushScope),
redirect_uris: red,
redirect_uri: body.redirect_uris,
website: body.website,
});
@ -100,7 +101,7 @@ export class ApiAppsMastodon {
id: Math.floor(Math.random() * 100).toString(),
name: appData.name,
website: body.website,
redirect_uri: red,
redirect_uri: body.redirect_uris,
client_id: Buffer.from(appData.url || '').toString('base64'),
client_secret: appData.clientSecret,
};

12
packages/megalodon/src/misskey.ts
View file

@ -39,9 +39,9 @@ export default class Misskey implements MegalodonInterface {
public async registerApp(
client_name: string,
options: Partial<{ scopes: Array<string>; redirect_uris: string; website: string }> = {
options: Partial<{ scopes: Array<string>; redirect_uri: string; website: string }> = {
scopes: MisskeyAPI.DEFAULT_SCOPE,
redirect_uris: this.baseUrl
redirect_uri: this.baseUrl
}
): Promise<OAuth.AppData> {
return this.createApp(client_name, options).then(async appData => {
@ -62,12 +62,12 @@ export default class Misskey implements MegalodonInterface {
*/
public async createApp(
client_name: string,
options: Partial<{ scopes: Array<string>; redirect_uris: string; website: string }> = {
options: Partial<{ scopes: Array<string>; redirect_uri: string; website: string }> = {
scopes: MisskeyAPI.DEFAULT_SCOPE,
redirect_uris: this.baseUrl
redirect_uri: this.baseUrl
}
): Promise<OAuth.AppData> {
const redirect_uris = options.redirect_uris || this.baseUrl
const redirect_uri = options.redirect_uri || this.baseUrl
const scopes = options.scopes || MisskeyAPI.DEFAULT_SCOPE
const params: {
@ -79,7 +79,7 @@ export default class Misskey implements MegalodonInterface {
name: client_name,
description: '',
permission: scopes,
callbackUrl: redirect_uris
callbackUrl: redirect_uri
}
/**