Fix: OAuth 리다이렉트 URI 정규표현식

BSSM-BSM · May 18, 2022 · 000d01e · 000d01e
1 parent 1057b76
commit 000d01e
Show file tree

Hide file tree

Showing 3 changed files with 49 additions and 28 deletions.
diff --git a/src/api/oauth/oauth.controller.ts b/src/api/oauth/oauth.controller.ts
@@ -11,7 +11,7 @@ router.get('/authentication', loginCheck, async (req: express.Request, res: expr
         res.send(JSON.stringify(
             await service.authentication(
                 String(req.query.clientId),
-                String(req.query.redirectUri)
+                String(req.query.redirectURI)
             )
         ));
     } catch(err) {
@@ -26,7 +26,7 @@ router.post('/authorization', loginCheck, async (req: express.Request, res: expr
             await service.authorization(
                 user,
                 req.body.clientId,
-                req.body.redirectUri
+                req.body.redirectURI
             )
         ));
     } catch(err) {
@@ -70,7 +70,7 @@ router.post('/client', loginCheck, async (req: express.Request, res: express.Res
                 user,
                 req.body.domain,
                 req.body.serviceName,
-                req.body.redirectUri,
+                req.body.redirectURI,
                 req.body.scope
             )
         ));
@@ -89,4 +89,15 @@ router.get('/client', loginCheck, async (req: express.Request, res: express.Resp
         next(err);
     }
 })
+
+router.get('/scopeInfo', loginCheck, async (req: express.Request, res: express.Response, next: express.NextFunction) => {
+    try {
+        res.send(JSON.stringify(
+            service.getScopeInfo()
+        ));
+    } catch(err) {
+        next(err);
+    }
+})
+
 export = router;
diff --git a/src/api/oauth/oauth.service.ts b/src/api/oauth/oauth.service.ts
@@ -26,13 +26,13 @@ getScopeInfoList();
 
 const authentication = async (
     clientId: string,
-    redirectUri: string
+    redirectURI: string
 ) => {
     const clientInfo = await oauthClientReposiroty.getById(clientId);
     if (clientInfo === null) {
         throw new BadRequestException('Oauth Authentication Failed');
     }
-    if (clientInfo.redirectUri != redirectUri) {
+    if (clientInfo.redirectURI != redirectURI) {
         throw new BadRequestException('Oauth Authentication Failed');
     }
     const { domain, serviceName } = clientInfo;
@@ -52,7 +52,7 @@ const authentication = async (
 const authorization = async (
     user: User,
     clientId: string,
-    redirectUri: string
+    redirectURI: string
 ) => {
     if (!user.getIsLogin()) {
         throw new UnAuthorizedException();
@@ -61,14 +61,14 @@ const authorization = async (
     if (clientInfo === null) {
         throw new BadRequestException('Oauth Authentication Failed');
     }
-    if (clientInfo.redirectUri != redirectUri) {
+    if (clientInfo.redirectURI != redirectURI) {
         throw new BadRequestException('Oauth Authentication Failed');
     }
 
     const newAuthcode = crypto.randomBytes(16).toString('hex');
     await oauthAuthcodeReposiroty.createAuthcode(newAuthcode, clientId, user.getUser().code);
     return {
-        redirect: `${clientInfo.redirectUri}?code=${newAuthcode}`
+        redirect: `${clientInfo.redirectURI}?code=${newAuthcode}`
     }
 }
 
@@ -154,13 +154,13 @@ const createClient = async (
     user: User,
     domain: string,
     serviceName: string,
-    redirectUri: string,
-    scope: string
+    redirectURI: string,
+    scope: string | string[]
 ) => {
     if (!domain || domain.length > 63 || !domainCheck(domain)) {
         throw new BadRequestException('Domain is invalid');
     }
-    if (!redirectUri || redirectUri.length > 100 || !uriCheck(domain, redirectUri)) {
+    if (!redirectURI || redirectURI.length > 100 || !uriCheck(domain, redirectURI)) {
         throw new BadRequestException('Redirect uri is invalid');
     }
     if (!serviceName || serviceName.length < 2 || serviceName.length > 32) {
@@ -169,22 +169,22 @@ const createClient = async (
 
     let scopeList;
     try {
-        scopeList = JSON.parse(scope);
+        scopeList = (typeof scope == 'string')? JSON.parse(scope): scope;
         if (typeof scopeList != 'object' || !scopeList.length) {
-            throw new BadRequestException('Scope is invalid');
+            throw new BadRequestException('Scope is invalid1');
         }
     } catch (err) {
-        throw new BadRequestException('Scope is invalid');
+        throw new BadRequestException('Scope is invalid2');
     }
 
     const scopeListCheck = scopeList.filter((e: string) => scopeInfoList.some(scopeInfo => e == scopeInfo.info));
     if (scopeListCheck.length != scopeList.length) {
-        throw new BadRequestException('Scope is invalid');
+        throw new BadRequestException('Scope is invalid3');
     }
 
     const newClientId = crypto.randomBytes(4).toString('hex');
     const newClientSecret = crypto.randomBytes(16).toString('hex');
-    await oauthClientReposiroty.createClient(newClientId, newClientSecret, domain, serviceName, redirectUri, user.getUser().code);
+    await oauthClientReposiroty.createClient(newClientId, newClientSecret, domain, serviceName, redirectURI, user.getUser().code);
     await oauthScopeReposiroty.insertScope(newClientId, scopeListCheck, user.getUser().code);
 
     return {
@@ -194,12 +194,15 @@ const createClient = async (
 }
 
 const domainCheck = (str: string): boolean => {
-    const pattern = /^((([0-9]{1,3}.){3}[0-9]{1,3}|([0-9a-zA-Z\-]+\.)+[a-zA-Z]{2,6})?)$/;
+    if (str == 'localhost') {
+        return true;
+    }
+    const pattern = /^([0-9]{1,3}.){3}[0-9]{1,3}|([0-9a-zA-Z\-]+\.)+[a-zA-Z]{2,6}?$/;
     return pattern.test(str);
 }
 
 const uriCheck = (domain: string, str: string): boolean => {
-    const pattern = new RegExp(`((http(s?))\\:\\/\\/)(${domain})(:([1-6][0-5]{2}[0-3][0-5]|[1-9][0-9]{0,3}))?\\/.*`);
+    const pattern = new RegExp(`(https?\\:\\/\\/)(${domain})(\\:(6[0-5]{2}[0-3][0-5]|[1-5][0-9]{4}|[1-9][0-9]{0,3}))?\\/.*`);
     return pattern.test(str);
 }
 
@@ -211,7 +214,7 @@ const getClientList = async (
         clientSecret: string;
         domain: string;
         serviceName: string;
-        redirectUri: string;
+        redirectURI: string;
         scope?: {
             info: string;
             name: string;
@@ -242,11 +245,18 @@ const getClientList = async (
     }
 }
 
+const getScopeInfo = () => {
+    return {
+        scopeInfoList
+    }
+}
+
 export {
     authentication,
     authorization,
     getToken,
     getResource,
     createClient,
-    getClientList
+    getClientList,
+    getScopeInfo
 }
diff --git a/src/api/oauth/repository/client.repository.ts b/src/api/oauth/repository/client.repository.ts
@@ -7,15 +7,15 @@ const getById = async (
     clientSecret: string,
     domain: string,
     serviceName: string,
-    redirectUri: string,
+    redirectURI: string,
     usercode: number
 } | null> => {
-    const getQuery='SELECT client_secret clientSecret, domain, service_name serviceName, redirect_uri redirectUri, usercode FROM oauth_client WHERE client_id=?';
+    const getQuery='SELECT client_secret clientSecret, domain, service_name serviceName, redirect_uri redirectURI, usercode FROM oauth_client WHERE client_id=?';
     // SELECT 
     //     client_secret clientSecret, 
     //     domain, 
     //     service_name serviceName, 
-    //     redirect_uri redirectUri, 
+    //     redirect_uri redirectURI, 
     //     usercode 
     // FROM oauth_client 
     // WHERE client_id=?
@@ -38,15 +38,15 @@ const getByUsercode = async (
     clientSecret: string,
     domain: string,
     serviceName: string,
-    redirectUri: string,
+    redirectURI: string,
 }] | null> => {
-    const getQuery='SELECT client_id clientId, client_secret clientSecret, domain, service_name serviceName, redirect_uri redirectUri FROM oauth_client WHERE usercode=?';
+    const getQuery='SELECT client_id clientId, client_secret clientSecret, domain, service_name serviceName, redirect_uri redirectURI FROM oauth_client WHERE usercode=?';
     // SELECT 
     //     client_id clientId, 
     //     client_secret clientSecret, 
     //     domain, 
     //     service_name serviceName, 
-    //     redirect_uri redirectUri 
+    //     redirect_uri redirectURI 
     // FROM oauth_client 
     // WHERE usercode=?
     try {
@@ -66,7 +66,7 @@ const createClient = async (
     clientSecret: string,
     domain: string,
     serviceName: string,
-    redirectUri: string,
+    redirectURI: string,
     usercode: number
 ): Promise<void> => {
     const insertQuery='INSERT INTO oauth_client (client_id, client_secret, `domain`, service_name, redirect_uri, usercode) VALUES(?, ?, ?, ?, ?, ?)';
@@ -79,7 +79,7 @@ const createClient = async (
     //     usercode) 
     // VALUES(?, ?, ?, ?, ?, ?)
     try {
-        await pool.query(insertQuery, [clientId, clientSecret, domain, serviceName, redirectUri, usercode]);
+        await pool.query(insertQuery, [clientId, clientSecret, domain, serviceName, redirectURI, usercode]);
     } catch(err) {
         console.error(err);
         throw new InternalServerException();