From 46deb55586b32859546a40c086c89ff914e13046 Mon Sep 17 00:00:00 2001 From: Dominik Kropp Date: Thu, 1 Aug 2024 13:58:53 +0100 Subject: [PATCH] Add support for OAuth 2.0 State --- package.json | 2 +- src/index.ts | 33 ++++++++++++++++++++------------- 2 files changed, 21 insertions(+), 14 deletions(-) diff --git a/package.json b/package.json index e063a3d..e6b89cb 100644 --- a/package.json +++ b/package.json @@ -8,7 +8,7 @@ "clean": "rm -rf dist", "build": "tsc", "fix": "npx prettier src --write", - "prepare": "yarn fix && yarn clean && yarn build", + "prepare": "npm run fix && npm run clean && npm run build", "test": "vitest" }, "exports": { diff --git a/src/index.ts b/src/index.ts index 5cb49f1..4e0240f 100644 --- a/src/index.ts +++ b/src/index.ts @@ -132,6 +132,19 @@ function oAuthPluginServer( const sub = options.subField?.name || 'sub' const oAuthStrategyCount = (incoming.custom?.oAuthStrategyCount || 0) + 1 const strategyName = `oauth2-${oAuthStrategyCount}` + const sessionMiddleware = session( + options.sessionOptions ?? { + resave: false, + saveUninitialized: false, + secret: + process.env.PAYLOAD_SECRET || + log('Missing process.env.PAYLOAD_SECRET') || + 'unsafe', + store: options.databaseUri + ? MongoStore.create({ mongoUrl: options.databaseUri }) + : undefined, + } + ) if (options.clientID) { // Validate paths, they must be unique @@ -252,6 +265,12 @@ function oAuthPluginServer( }, }, endpoints: (incoming.endpoints || []).concat([ + { + path: authorizePath, + method: 'get', + root: true, + handler: sessionMiddleware, + }, { path: authorizePath, method: 'get', @@ -262,19 +281,7 @@ function oAuthPluginServer( path: callbackPath, method: 'get', root: true, - handler: session( - options.sessionOptions ?? { - resave: false, - saveUninitialized: false, - secret: - process.env.PAYLOAD_SECRET || - log('Missing process.env.PAYLOAD_SECRET') || - 'unsafe', - store: options.databaseUri - ? MongoStore.create({ mongoUrl: options.databaseUri }) - : undefined, - } - ), + handler: sessionMiddleware, }, { path: callbackPath,