kopia lustrzana https://github.com/cloudflare/wildebeest
69 wiersze
2.5 KiB
TypeScript
69 wiersze
2.5 KiB
TypeScript
import { ContextData } from 'wildebeest/backend/src/types/context'
|
|
import { cors } from 'wildebeest/backend/src/utils/cors'
|
|
import * as errors from 'wildebeest/backend/src/errors'
|
|
import type { JWK } from 'wildebeest/backend/src/webpush/jwk'
|
|
import type { Env } from 'wildebeest/backend/src/types/env'
|
|
import { createClient } from 'wildebeest/backend/src/mastodon/client'
|
|
import { VAPIDPublicKey } from 'wildebeest/backend/src/mastodon/subscription'
|
|
import { getVAPIDKeys } from 'wildebeest/backend/src/config'
|
|
import { readBody } from 'wildebeest/backend/src/utils/body'
|
|
import { type Database, getDatabase } from 'wildebeest/backend/src/database'
|
|
|
|
type AppsPost = {
|
|
redirect_uris: string
|
|
website: string
|
|
client_name: string
|
|
scopes: string
|
|
}
|
|
|
|
export const onRequest: PagesFunction<Env, any, ContextData> = async ({ request, env }) => {
|
|
return handleRequest(await getDatabase(env), request, getVAPIDKeys(env))
|
|
}
|
|
|
|
export async function handleRequest(db: Database, request: Request, vapidKeys: JWK) {
|
|
if (request.method !== 'POST') {
|
|
return errors.methodNotAllowed()
|
|
}
|
|
|
|
const body: AppsPost = await readBody<AppsPost>(request)
|
|
|
|
// Parameter validation according to https://github.com/mastodon/mastodon/blob/main/app/lib/application_extension.rb
|
|
if (body.client_name === undefined || body.client_name?.trim() === '') {
|
|
return errors.unprocessableEntity('client_name cannot be an empty string')
|
|
} else if (body.client_name?.length > 60) {
|
|
return errors.unprocessableEntity('client_name cannot exceed 60 characters')
|
|
} else if (body.redirect_uris === undefined || body.redirect_uris?.trim() === '') {
|
|
return errors.unprocessableEntity('redirect_uris cannot be an empty string')
|
|
} else if (body.redirect_uris?.length > 2000) {
|
|
return errors.unprocessableEntity('redirect_uris cannot exceed 2000 characters')
|
|
} else if (body.redirect_uris !== 'urn:ietf:wg:oauth:2.0:oob') {
|
|
try {
|
|
new URL('', body.redirect_uris)
|
|
} catch {
|
|
return errors.unprocessableEntity('redirect_uris must be a valid URI')
|
|
}
|
|
}
|
|
|
|
const client = await createClient(db, body.client_name, body.redirect_uris, body.website, body.scopes)
|
|
const vapidKey = VAPIDPublicKey(vapidKeys)
|
|
|
|
const res = {
|
|
name: body.client_name,
|
|
website: body.website,
|
|
redirect_uri: body.redirect_uris,
|
|
|
|
client_id: client.id,
|
|
client_secret: client.secret,
|
|
|
|
vapid_key: vapidKey,
|
|
|
|
// FIXME: stub value
|
|
id: '20',
|
|
}
|
|
const headers = {
|
|
...cors(),
|
|
'content-type': 'application/json; charset=utf-8',
|
|
}
|
|
return new Response(JSON.stringify(res), { headers })
|
|
}
|