macchiato
/
server
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: macchiato:3f09fab2ef61c8c25f0159a77b56bb8e2871374d
Branches Tags
macchiato:shared-server
..
compare: macchiato:939fb83119096613a598b8aa83dbe63dc3ba7723
Branches Tags
macchiato:shared-server

No commits in common. '3f09fab2ef61c8c25f0159a77b56bb8e2871374d' and '939fb83119096613a598b8aa83dbe63dc3ba7723' have entirely different histories.
3f09fab2ef ... 939fb83119

3 changed files with 16 additions and 113 deletions
Show Stats

84
auth.js
Unescape Escape View File

@ -2,7 +2,7 @@ import * as cookie from 'https://deno.land/std@0.188.0/http/cookie.ts'
export class Auth { export class Auth {
constructor({ constructor({
basePath, baseUrl,
remoteBaseUrl, remoteBaseUrl,
giteaAppBaseUrl, giteaAppBaseUrl,
giteaApiBaseUrl, giteaApiBaseUrl,
@ -10,7 +10,7 @@ export class Auth {
giteaClientId, giteaClientId,
giteaClientSecret giteaClientSecret
}) { }) {
this.basePath = basePath this.baseUrl = baseUrl
this.remoteBaseUrl = remoteBaseUrl this.remoteBaseUrl = remoteBaseUrl
this.giteaAppBaseUrl = giteaAppBaseUrl this.giteaAppBaseUrl = giteaAppBaseUrl
this.giteaApiBaseUrl = giteaApiBaseUrl this.giteaApiBaseUrl = giteaApiBaseUrl
@ -50,10 +50,8 @@ export class Auth {
Location: url Location: url
}) })
cookie.setCookie(headers, { cookie.setCookie(headers, {
...this.cookieSettings,
name: 'oauth.gitea.state', name: 'oauth.gitea.state',
value: state, value: state,
maxAge: 600,
}) })
event.respondWith(new Response('', { event.respondWith(new Response('', {
headers, headers,
@ -68,19 +66,6 @@ export class Auth {
) )
} }
get userinfoEndpoint() {
return (
this.giteaAppBaseUrl +
'/login/oauth/userinfo'
)
}
get cookieSettings() {
return {
path: `${this.basePath}/api`,
}
}
async getToken(code) { async getToken(code) {
const resp = await fetch(this.tokenEndpoint, { const resp = await fetch(this.tokenEndpoint, {
method: 'POST', method: 'POST',
@ -101,17 +86,14 @@ export class Auth {
saveTokens(headers, data) { saveTokens(headers, data) {
cookie.setCookie(headers, { cookie.setCookie(headers, {
...this.cookieSettings,
name: 'oauth.gitea.accessToken', name: 'oauth.gitea.accessToken',
value: data.access_token, value: data.access_token,
}) })
cookie.setCookie(headers, { cookie.setCookie(headers, {
...this.cookieSettings,
name: 'oauth.gitea.refreshToken', name: 'oauth.gitea.refreshToken',
value: data.refresh_token, value: data.refresh_token,
}) })
cookie.setCookie(headers, { cookie.setCookie(headers, {
...this.cookieSettings,
name: 'oauth.gitea.expires', name: 'oauth.gitea.expires',
value: String( value: String(
Math.floor(new Date().valueOf() / 1000) + Math.floor(new Date().valueOf() / 1000) +
@ -158,7 +140,7 @@ export class Auth {
grant_type: 'refresh_token', grant_type: 'refresh_token',
}) })
}) })
return resp.ok return await resp.json()
} }
async refresh(event) { async refresh(event) {
@ -166,8 +148,7 @@ export class Auth {
const cookies = cookie.getCookies( const cookies = cookie.getCookies(
event.request.headers event.request.headers
) )
const token = cookies['oauth.gitea.refreshToken'] const data = await this.refreshToken(body)
const data = await this.refreshToken(token)
this.saveTokens(headers, data) this.saveTokens(headers, data)
event.respondWith( event.respondWith(
new Response(JSON.stringify({}), {headers}) new Response(JSON.stringify({}), {headers})
@ -176,12 +157,12 @@ export class Auth {
async serve(event) { async serve(event) {
const {pathname} = new URL(event.request.url) const {pathname} = new URL(event.request.url)
const b = this.basePath const u = this.baseUrl
if (pathname === `${b}/api/auth`) { if (pathname === `${u}/api/auth`) {
await this.redirect(event) await this.redirect(event)
} else if (pathname === `${b}/api/auth/callback`) { } else if (pathname === `${u}/api/auth/callback`) {
await this.callback(event) await this.callback(event)
} else if (pathname === `${b}/api/auth/refresh`) { } else if (pathname === `${u}/api/auth/refresh`) {
await this.refresh(event) await this.refresh(event)
} else { } else {
event.respondWith(new Response( event.respondWith(new Response(
@ -189,53 +170,4 @@ export class Auth {
)) ))
} }
} }
async userInfo(token) {
const resp = await fetch(this.userinfoEndpoint, {
method: 'GET',
headers: {
Accept: 'application/json',
'Content-Type': 'application/json',
Authorization: `Bearer ${token}`,
},
})
return {
resp,
json: await resp.json()
}
}
async requireAuth(event) {
const headers = new Headers()
const cookies = cookie.getCookies(
event.request.headers
)
const token = cookies['oauth.gitea.accessToken']
if (!token) {
event.respondWith(Response.json(
{error: 'Token missing'}, {status: 401}
))
return
}
const {resp, json} = await this.userInfo(token)
if (!resp.ok) {
const refresh = cookies['oauth.gitea.refreshToken']
if (refresh) {
const data = await this.refreshToken(token)
this.saveTokens(headers, data)
const token = data.access_token
if (token) {
const {resp, json} = await this.userInfo(token)
return {
allow: resp.ok,
headers,
}
}
}
}
return {
allow: resp.ok,
headers,
}
}
} }

38
server.js
Unescape Escape View File

@ -1,6 +1,5 @@
import { Auth } from "./auth.js" import { Auth } from "./auth.js"
import { Frontend } from "./frontend.js" import { Frontend } from "./frontend.js"
import { Storage } from "./storage.js"
export class Server { export class Server {
async getEnv(variables) { async getEnv(variables) {
@ -32,7 +31,7 @@ export class Server {
'GITEA_CLIENT_SECRET', 'GITEA_CLIENT_SECRET',
]) ])
this.port = env.PORT ?? 3000 this.port = env.PORT ?? 3000
this.basePath = env.BASE_PATH ?? '/macchiato' this.baseUrl = env.BASE_URL ?? '/macchiato'
this.remoteBaseUrl = env.REMOTE_BASE_URL this.remoteBaseUrl = env.REMOTE_BASE_URL
this.giteaAppBaseUrl = ( this.giteaAppBaseUrl = (
env.GITEA_APP_BASE_URL ?? 'http://gitea:3000' env.GITEA_APP_BASE_URL ?? 'http://gitea:3000'
@ -50,7 +49,7 @@ export class Server {
await this.configure() await this.configure()
} }
this.auth = new Auth({ this.auth = new Auth({
basePath: this.basePath, baseUrl: this.baseUrl,
remoteBaseUrl: this.remoteBaseUrl, remoteBaseUrl: this.remoteBaseUrl,
giteaAppBaseUrl: this.giteaAppBaseUrl, giteaAppBaseUrl: this.giteaAppBaseUrl,
giteaApiBaseUrl: this.giteaApiBaseUrl, giteaApiBaseUrl: this.giteaApiBaseUrl,
@ -62,7 +61,6 @@ export class Server {
appBaseUrl: this.giteaAppBaseUrl, appBaseUrl: this.giteaAppBaseUrl,
apiBaseUrl: this.giteaApiBaseUrl, apiBaseUrl: this.giteaApiBaseUrl,
}) })
this.storage = new Storage()
await Promise.all([ await Promise.all([
...([ ...([
'loader', 'loader',
@ -76,26 +74,14 @@ export class Server {
].map(repo => ( ].map(repo => (
server.frontend.loadRepo( server.frontend.loadRepo(
'macchiato', 'macchiato',
repo.split('#')[0], repo,
{ {srcPath: [], destPath: [repo]}
srcPath: [],
destPath: [repo],
...(
repo.includes('#') ?
{ref: repo.split('#')[1]} :
{}
),
}
) )
))), ))),
server.frontend.loadRepo( server.frontend.loadRepo(
'macchiato', 'macchiato',
'pages', 'pages',
{ {srcPath: [], destPath: []}
srcPath: [],
destPath: [],
ref: 'shared-server',
},
), ),
server.frontend.loadRepo( server.frontend.loadRepo(
'macchiato', 'macchiato',
@ -103,7 +89,7 @@ export class Server {
{ {
srcPath: [], srcPath: [],
destPath: ['server'], destPath: ['server'],
ref: 'shared-server', ref: 'shared-server'
} }
), ),
]) ])
@ -126,17 +112,9 @@ export class Server {
} }
async serveRequest(event) { async serveRequest(event) {
const {pathname: p} = new URL(event.request.url) const {pathname} = new URL(event.request.url)
const base = this.basePath if (pathname.startsWith(`${this.baseUrl}/api/auth`)) {
if (p.startsWith(`${base}/api/auth`)) {
await this.auth.serve(event) await this.auth.serve(event)
} else if (p.startsWith(`${base}/api/storage`)) {
const {allow, headers} = (
await this.auth.requireAuth(event)
)
if (allow) {
await this.storage.serve(event, headers)
}
} else { } else {
await this.frontend.serve(event) await this.frontend.serve(event)
} }

7
storage.js
Unescape Escape View File

@ -1,7 +0,0 @@
export class Storage {
async serve(event) {
event.respondWith(new Response(
'Not Found', {status: 404}
))
}
}
Write Preview
Loading…
Cancel
Save