OAuth token endpoint: support formData

2023-04-30 14:13:27 -05:00 · 2023-04-30 14:13:27 -05:00 · e26b540246
parent 81357fa1e3
commit e26b540246
3 changed files with 45 additions and 25 deletions
--- a/src/api/oauth.ts
+++ b/src/api/oauth.ts
@ -1,5 +1,6 @@
-import { validator, z } from '@/deps.ts';
+import { z } from '@/deps.ts';
 import { AppController } from '@/app.ts';
+import { parseBody } from '@/utils.ts';

 const passwordGrantSchema = z.object({
  grant_type: z.literal('password'),
@ -16,30 +17,27 @@ const createTokenSchema = z.discriminatedUnion('grant_type', [
  codeGrantSchema,
 ]);

-const createTokenController = validator('json', (value, c) => {
-  const result = createTokenSchema.safeParse(value);
+const createTokenController: AppController = async (c) => {
+  const body = await parseBody(c.req.raw);
+  const data = createTokenSchema.parse(body);

-  if (result.success) {
-    switch (result.data.grant_type) {
-      case 'password':
-        return c.json({
-          access_token: result.data.password,
-          token_type: 'Bearer',
-          scope: 'read write follow push',
-          created_at: Math.floor(new Date().getTime() / 1000),
-        });
-      case 'authorization_code':
-        return c.json({
-          access_token: result.data.code,
-          token_type: 'Bearer',
-          scope: 'read write follow push',
-          created_at: Math.floor(new Date().getTime() / 1000),
-        });
-    }
+  switch (data.grant_type) {
+    case 'password':
+      return c.json({
+        access_token: data.password,
+        token_type: 'Bearer',
+        scope: 'read write follow push',
+        created_at: Math.floor(new Date().getTime() / 1000),
+      });
+    case 'authorization_code':
+      return c.json({
+        access_token: data.code,
+        token_type: 'Bearer',
+        scope: 'read write follow push',
+        created_at: Math.floor(new Date().getTime() / 1000),
+      });
  }
-
-  return c.json({ error: 'Invalid request' }, 400);
-});
+};

 /** Display the OAuth form. */
 const oauthController: AppController = (c) => {
--- a/src/deps.ts
+++ b/src/deps.ts
@ -21,3 +21,4 @@ export {
  signEvent as getSignature,
 } from 'npm:nostr-tools@^1.10.1';
 export { findReplyTag } from 'https://gitlab.com/soapbox-pub/mostr/-/raw/c67064aee5ade5e01597c6d23e22e53c628ef0e2/src/nostr/tags.ts';
+export { parseFormData } from 'npm:formdata-helper@^0.3.0';
--- a/src/utils.ts
+++ b/src/utils.ts
@ -1,4 +1,4 @@
-import { Context, getPublicKey, nip19, nip21 } from '@/deps.ts';
+import { Context, getPublicKey, nip19, nip21, parseFormData } from '@/deps.ts';
 import { type Event } from '@/event.ts';

 /** Get the current time in Nostr format. */
@ -75,4 +75,25 @@ function parseNip05(value: string): Nip05 {
  };
 }

-export { bech32ToPubkey, eventDateComparator, getKeys, isBech32, isNostrId, type Nip05, nostrNow, parseNip05 };
+/** Parse request body to JSON, depending on the content-type of the request. */
+async function parseBody(req: Request): Promise<unknown> {
+  switch (req.headers.get('content-type')?.split(';')[0]) {
+    case 'multipart/form-data':
+    case 'application/x-www-form-urlencoded':
+      return parseFormData(await req.formData());
+    case 'application/json':
+      return req.json();
+  }
+}
+
+export {
+  bech32ToPubkey,
+  eventDateComparator,
+  getKeys,
+  isBech32,
+  isNostrId,
+  type Nip05,
+  nostrNow,
+  parseBody,
+  parseNip05,
+};