From d210cba236609e3d4704888cb01e2241442c828b Mon Sep 17 00:00:00 2001 From: garrettmills Date: Thu, 28 Apr 2022 14:29:23 -0500 Subject: [PATCH] add oauth2 issue debugging and bump version --- package.json | 2 +- src/auth/server/OAuth2Server.ts | 23 ++++++++++++++++++++--- 2 files changed, 21 insertions(+), 4 deletions(-) diff --git a/package.json b/package.json index a69d00c..ba0a8a5 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "@extollo/lib", - "version": "0.9.36", + "version": "0.9.37", "description": "The framework library that lifts up your code.", "main": "lib/index.js", "types": "lib/index.d.ts", diff --git a/src/auth/server/OAuth2Server.ts b/src/auth/server/OAuth2Server.ts index 711cfc2..41f8d17 100644 --- a/src/auth/server/OAuth2Server.ts +++ b/src/auth/server/OAuth2Server.ts @@ -1,5 +1,5 @@ import {Controller} from '../../http/Controller' -import {Injectable} from '../../di' +import {Inject, Injectable} from '../../di' import {ResponseObject, Route} from '../../http/routing/Route' import {Request} from '../../http/lifecycle/Request' import {Session} from '../../http/session/Session' @@ -20,6 +20,7 @@ import {redirect} from '../../http/response/RedirectResponseFactory' import {AuthRequiredMiddleware} from '../middleware/AuthRequiredMiddleware' import {one} from '../../http/response/api' import {AuthenticatableRepository} from '../types' +import {Logging} from '../../service/Logging' export enum GrantType { Client = 'client_credentials', @@ -31,6 +32,9 @@ export const grantTypes: GrantType[] = [GrantType.Client, GrantType.Code, GrantT @Injectable() export class OAuth2Server extends Controller { + @Inject() + protected readonly logging!: Logging + public static routes(): void { Route.get('/oauth2/authorize') .alias('@oauth2:authorize') @@ -53,8 +57,7 @@ export class OAuth2Server extends Controller { } issue(request: Request, client: OAuth2Client): Awaitable { - const grant = request.safe('grant_type') - .in(grantTypes) + const grant = request.safe('grant_type').in(grantTypes) if ( grant === GrantType.Client ) { return this.issueFromClient(request, client) @@ -70,6 +73,13 @@ export class OAuth2Server extends Controller { const username = this.request.safe('username').string() const password = this.request.safe('password').string() + this.logging.verbose('Attempting password grant token issue...') + this.logging.verbose({ + scope, + username, + client, + }) + const userRepo = request.make(AuthenticatableRepository) const user = await userRepo.getByIdentifier(username) if ( !user || !(await user.validateCredential(password)) ) { @@ -121,9 +131,16 @@ export class OAuth2Server extends Controller { throw new HTTPError(HTTPStatus.BAD_REQUEST) } + this.logging.debug('Client auth parts:') + this.logging.debug(authParts) + const clientRepo = request.make(ClientRepository) const [clientId, clientSecret] = authParts const client = await clientRepo.find(clientId) + + this.logging.verbose('Client:') + this.logging.verbose(client) + if ( !client || client.secret !== clientSecret ) { throw new HTTPError(HTTPStatus.UNAUTHORIZED) }