diff --git a/src/api/oauth/oauth.controller.ts b/src/api/oauth/oauth.controller.ts index 7c924b3..b278524 100644 --- a/src/api/oauth/oauth.controller.ts +++ b/src/api/oauth/oauth.controller.ts @@ -7,9 +7,11 @@ import loginCheck from '@src/util/loginCheck'; router.get('/authentication', loginCheck, async (req: express.Request, res: express.Response, next: express.NextFunction) => { + const user = new User(jwt.verify(req.cookies.token).value); try { res.send(JSON.stringify( await service.authentication( + user, String(req.query.clientId), String(req.query.redirectURI) ) diff --git a/src/api/oauth/oauth.service.ts b/src/api/oauth/oauth.service.ts index 644d7e3..823a182 100644 --- a/src/api/oauth/oauth.service.ts +++ b/src/api/oauth/oauth.service.ts @@ -1,5 +1,5 @@ import express from 'express'; -import { BadRequestException, InternalServerException, NotFoundException, UnAuthorizedException } from '@src/util/exceptions'; +import { BadRequestException, NotFoundException, UnAuthorizedException } from '@src/util/exceptions'; import * as oauthClientReposiroty from '@src/api/oauth/repository/client.repository'; import * as oauthScopeReposiroty from '@src/api/oauth/repository/scope.repository'; import * as oauthScopeInfoReposiroty from '@src/api/oauth/repository/scopeInfo.repository'; @@ -25,6 +25,7 @@ const getScopeInfoList = async () => { getScopeInfoList(); const authentication = async ( + user: User, clientId: string, redirectURI: string ) => { @@ -41,8 +42,14 @@ const authentication = async ( if (scopeInfo === null) { throw new NotFoundException('Failed to load scope info'); } + if (await oauthTokenReposiroty.getByUsercodeAndClientId(user.getUser().code, clientId)) { + return { + authorized: true + } + } return { + authorized: false, domain, serviceName, scope: scopeInfoList.filter(e => scopeInfo.some(scope => scope.info == e.info)) @@ -91,6 +98,14 @@ const getToken = async ( } await oauthAuthcodeReposiroty.expireCode(authcode); + + const authorizedInfo = await oauthTokenReposiroty.getByUsercodeAndClientId(authcodeInfo.usercode, clientId); + if (authorizedInfo !== null) { + return { + token: authorizedInfo.token + } + } + const newToken = crypto.randomBytes(16).toString('hex'); await oauthTokenReposiroty.createToken(newToken, clientId, authcodeInfo.usercode); @@ -171,15 +186,15 @@ const createClient = async ( try { scopeList = (typeof scope == 'string')? JSON.parse(scope): scope; if (typeof scopeList != 'object' || !scopeList.length) { - throw new BadRequestException('Scope is invalid1'); + throw new BadRequestException('Scope is invalid'); } } catch (err) { - throw new BadRequestException('Scope is invalid2'); + throw new BadRequestException('Scope is invalid'); } const scopeListCheck = scopeList.filter((e: string) => scopeInfoList.some(scopeInfo => e == scopeInfo.info)); if (scopeListCheck.length != scopeList.length) { - throw new BadRequestException('Scope is invalid3'); + throw new BadRequestException('Scope is invalid'); } const newClientId = crypto.randomBytes(4).toString('hex'); diff --git a/src/api/oauth/repository/token.repository.ts b/src/api/oauth/repository/token.repository.ts index fe47b07..45c489c 100644 --- a/src/api/oauth/repository/token.repository.ts +++ b/src/api/oauth/repository/token.repository.ts @@ -25,6 +25,31 @@ const getByToken = async ( } } +const getByUsercodeAndClientId = async ( + usercode: number, + clientId: string +): Promise<{ + token: string +} | null> => { + const getQuery='SELECT token FROM oauth_token WHERE usercode=? AND client_id=?'; + // SELECT + // token + // FROM oauth_token + // WHERE + // usercode=? AND + // client_id=? + try { + const [rows] = await pool.query(getQuery, [usercode, clientId]); + if (rows.length) + return rows[0]; + else + return null; + } catch(err) { + console.error(err); + throw new InternalServerException(); + } +} + const createToken = async ( token: string, clientId: string, @@ -62,6 +87,7 @@ const expireCode = async ( export { getByToken, + getByUsercodeAndClientId, createToken, expireCode } \ No newline at end of file