boredgame/src/lib/server/api/controllers/oauth.controller.ts

import 'reflect-metadata'
import { Controller } from '$lib/server/api/common/types/controller'
import { LuciaService } from '$lib/server/api/services/lucia.service'
import { OAuthService } from '$lib/server/api/services/oauth.service'
import { github, google } from '$lib/server/auth'
import { OAuth2RequestError } from 'arctic'
import { getCookie, setCookie } from 'hono/cookie'
import { TimeSpan } from 'oslo'
import { inject, injectable } from 'tsyringe'
import type {OAuthUser} from "$lib/server/api/common/types/oauth-user";

@injectable()
export class OAuthController extends Controller {
	constructor(
		@inject(LuciaService) private luciaService: LuciaService,
		@inject(OAuthService) private oauthService: OAuthService,
	) {
		super()
	}

	routes() {
		return this.controller
			.get('/github', async (c) => {
				try {
					const code = c.req.query('code')?.toString() ?? null
					const state = c.req.query('state')?.toString() ?? null
					const storedState = getCookie(c).github_oauth_state ?? null

					if (!code || !state || !storedState || state !== storedState) {
						return c.body(null, 400)
					}

					const tokens = await github.validateAuthorizationCode(code)
					const githubUserResponse = await fetch('https://api.github.com/user', {
						headers: {
							Authorization: `Bearer ${tokens.accessToken}`,
						},
					})
					const githubUser: GitHubUser = await githubUserResponse.json()

					const oAuthUser: OAuthUser = {
						sub: `${githubUser.id}`,
						username: githubUser.login,
						email: null
					}

					const userId = await this.oauthService.handleOAuthUser(oAuthUser, 'github')

					const session = await this.luciaService.lucia.createSession(userId, {})
					const sessionCookie = this.luciaService.lucia.createSessionCookie(session.id)

					setCookie(c, sessionCookie.name, sessionCookie.value, {
						path: sessionCookie.attributes.path,
						maxAge:
							sessionCookie?.attributes?.maxAge && sessionCookie?.attributes?.maxAge < new TimeSpan(365, 'd').seconds()
								? sessionCookie.attributes.maxAge
								: new TimeSpan(2, 'w').seconds(),
						domain: sessionCookie.attributes.domain,
						sameSite: sessionCookie.attributes.sameSite as any,
						secure: sessionCookie.attributes.secure,
						httpOnly: sessionCookie.attributes.httpOnly,
						expires: sessionCookie.attributes.expires,
					})

					return c.json({ message: 'ok' })
				} catch (error) {
					console.error(error)
					// the specific error message depends on the provider
					if (error instanceof OAuth2RequestError) {
						// invalid code
						return c.body(null, 400)
					}
					return c.body(null, 500)
				}
			})
			.get('/google', async (c) => {
				try {
					const code = c.req.query('code')?.toString() ?? null
					const state = c.req.query('state')?.toString() ?? null
					const storedState = getCookie(c).google_oauth_state ?? null
					const storedCodeVerifier = getCookie(c).google_oauth_code_verifier ?? null

					if (!code || !storedState || !storedCodeVerifier || state !== storedState) {
						return c.body(null, 400)
					}

					const tokens = await google.validateAuthorizationCode(code, storedCodeVerifier)
					const googleUserResponse = await fetch("https://openidconnect.googleapis.com/v1/userinfo", {
						headers: {
							Authorization: `Bearer ${tokens.accessToken}`,
						},
					})
					const googleUser: GoogleUser = await googleUserResponse.json()

					const oAuthUser: OAuthUser = {
						sub: googleUser.sub,
						given_name: googleUser.given_name,
						family_name: googleUser.family_name,
						picture: googleUser.picture,
						username: googleUser.email,
						email: googleUser.email,
						email_verified: googleUser.email_verified,
					}

					const userId = await this.oauthService.handleOAuthUser(oAuthUser, 'google')

					const session = await this.luciaService.lucia.createSession(userId, {})
					const sessionCookie = this.luciaService.lucia.createSessionCookie(session.id)

					setCookie(c, sessionCookie.name, sessionCookie.value, {
						path: sessionCookie.attributes.path,
						maxAge:
							sessionCookie?.attributes?.maxAge && sessionCookie?.attributes?.maxAge < new TimeSpan(365, 'd').seconds()
								? sessionCookie.attributes.maxAge
								: new TimeSpan(2, 'w').seconds(),
						domain: sessionCookie.attributes.domain,
						sameSite: sessionCookie.attributes.sameSite as any,
						secure: sessionCookie.attributes.secure,
						httpOnly: sessionCookie.attributes.httpOnly,
						expires: sessionCookie.attributes.expires,
					})

					return c.json({ message: 'ok' })
				} catch (error) {
					console.error(error)
					// the specific error message depends on the provider
					if (error instanceof OAuth2RequestError) {
						// invalid code
						return c.body(null, 400)
					}
					return c.body(null, 500)
				}
			})
	}
}

interface GitHubUser {
	id: number
	login: string
}

interface GoogleUser {
	sub: string
	name: string
	given_name: string
	family_name: string
	picture: string
	email: string
	email_verified: boolean
}
Adding OAuth for GitHub. 2024-09-16 16:07:22 +00:00			`import 'reflect-metadata'`
			`import { Controller } from '$lib/server/api/common/types/controller'`
			`import { LuciaService } from '$lib/server/api/services/lucia.service'`
			`import { OAuthService } from '$lib/server/api/services/oauth.service'`
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00			`import { github, google } from '$lib/server/auth'`
Adding OAuth for GitHub. 2024-09-16 16:07:22 +00:00			`import { OAuth2RequestError } from 'arctic'`
Fixing OAuth flows, passing code and state correctly to hono, and signing in with GitHub. 2024-09-18 00:32:26 +00:00			`import { getCookie, setCookie } from 'hono/cookie'`
			`import { TimeSpan } from 'oslo'`
Adding OAuth for GitHub. 2024-09-16 16:07:22 +00:00			`import { inject, injectable } from 'tsyringe'`
Add picture and email verified columns to the user, migrations, fixing OAuth with Google, creating types for OAuth 2024-09-21 00:25:51 +00:00			`import type {OAuthUser} from "$lib/server/api/common/types/oauth-user";`
Adding OAuth for GitHub. 2024-09-16 16:07:22 +00:00
			`@injectable()`
			`export class OAuthController extends Controller {`
			`constructor(`
			`@inject(LuciaService) private luciaService: LuciaService,`
Fixing OAuth flows, passing code and state correctly to hono, and signing in with GitHub. 2024-09-18 00:32:26 +00:00			`@inject(OAuthService) private oauthService: OAuthService,`
			`) {`
Adding OAuth for GitHub. 2024-09-16 16:07:22 +00:00			`super()`
			`}`

			`routes() {`
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00			`return this.controller`
			`.get('/github', async (c) => {`
			`try {`
			`const code = c.req.query('code')?.toString() ?? null`
			`const state = c.req.query('state')?.toString() ?? null`
			`const storedState = getCookie(c).github_oauth_state ?? null`
Fixing OAuth flows, passing code and state correctly to hono, and signing in with GitHub. 2024-09-18 00:32:26 +00:00
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00			`if (!code \|\| !state \|\| !storedState \|\| state !== storedState) {`
			`return c.body(null, 400)`
			`}`

			`const tokens = await github.validateAuthorizationCode(code)`
			`const githubUserResponse = await fetch('https://api.github.com/user', {`
			`headers: {`
			Authorization: `Bearer ${tokens.accessToken}`,
			`},`
			`})`
			`const githubUser: GitHubUser = await githubUserResponse.json()`

Add picture and email verified columns to the user, migrations, fixing OAuth with Google, creating types for OAuth 2024-09-21 00:25:51 +00:00			`const oAuthUser: OAuthUser = {`
			sub: `${githubUser.id}`,
			`username: githubUser.login,`
			`email: null`
			`}`

			`const userId = await this.oauthService.handleOAuthUser(oAuthUser, 'github')`
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00
			`const session = await this.luciaService.lucia.createSession(userId, {})`
			`const sessionCookie = this.luciaService.lucia.createSessionCookie(session.id)`

			`setCookie(c, sessionCookie.name, sessionCookie.value, {`
			`path: sessionCookie.attributes.path,`
			`maxAge:`
			`sessionCookie?.attributes?.maxAge && sessionCookie?.attributes?.maxAge < new TimeSpan(365, 'd').seconds()`
			`? sessionCookie.attributes.maxAge`
			`: new TimeSpan(2, 'w').seconds(),`
			`domain: sessionCookie.attributes.domain,`
			`sameSite: sessionCookie.attributes.sameSite as any,`
			`secure: sessionCookie.attributes.secure,`
			`httpOnly: sessionCookie.attributes.httpOnly,`
			`expires: sessionCookie.attributes.expires,`
			`})`

			`return c.json({ message: 'ok' })`
			`} catch (error) {`
			`console.error(error)`
			`// the specific error message depends on the provider`
			`if (error instanceof OAuth2RequestError) {`
			`// invalid code`
			`return c.body(null, 400)`
			`}`
			`return c.body(null, 500)`
Adding OAuth for GitHub. 2024-09-16 16:07:22 +00:00			`}`
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00			`})`
			`.get('/google', async (c) => {`
			`try {`
			`const code = c.req.query('code')?.toString() ?? null`
			`const state = c.req.query('state')?.toString() ?? null`
			`const storedState = getCookie(c).google_oauth_state ?? null`
			`const storedCodeVerifier = getCookie(c).google_oauth_code_verifier ?? null`

			`if (!code \|\| !storedState \|\| !storedCodeVerifier \|\| state !== storedState) {`
			`return c.body(null, 400)`
			`}`

			`const tokens = await google.validateAuthorizationCode(code, storedCodeVerifier)`
Add picture and email verified columns to the user, migrations, fixing OAuth with Google, creating types for OAuth 2024-09-21 00:25:51 +00:00			`const googleUserResponse = await fetch("https://openidconnect.googleapis.com/v1/userinfo", {`
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00			`headers: {`
			Authorization: `Bearer ${tokens.accessToken}`,
			`},`
			`})`
			`const googleUser: GoogleUser = await googleUserResponse.json()`
Fixing OAuth flows, passing code and state correctly to hono, and signing in with GitHub. 2024-09-18 00:32:26 +00:00
Add picture and email verified columns to the user, migrations, fixing OAuth with Google, creating types for OAuth 2024-09-21 00:25:51 +00:00			`const oAuthUser: OAuthUser = {`
			`sub: googleUser.sub,`
			`given_name: googleUser.given_name,`
			`family_name: googleUser.family_name,`
			`picture: googleUser.picture,`
			`username: googleUser.email,`
			`email: googleUser.email,`
			`email_verified: googleUser.email_verified,`
			`}`

			`const userId = await this.oauthService.handleOAuthUser(oAuthUser, 'google')`
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00
			`const session = await this.luciaService.lucia.createSession(userId, {})`
			`const sessionCookie = this.luciaService.lucia.createSessionCookie(session.id)`

			`setCookie(c, sessionCookie.name, sessionCookie.value, {`
			`path: sessionCookie.attributes.path,`
			`maxAge:`
			`sessionCookie?.attributes?.maxAge && sessionCookie?.attributes?.maxAge < new TimeSpan(365, 'd').seconds()`
			`? sessionCookie.attributes.maxAge`
			`: new TimeSpan(2, 'w').seconds(),`
			`domain: sessionCookie.attributes.domain,`
			`sameSite: sessionCookie.attributes.sameSite as any,`
			`secure: sessionCookie.attributes.secure,`
			`httpOnly: sessionCookie.attributes.httpOnly,`
			`expires: sessionCookie.attributes.expires,`
			`})`

			`return c.json({ message: 'ok' })`
			`} catch (error) {`
			`console.error(error)`
			`// the specific error message depends on the provider`
			`if (error instanceof OAuth2RequestError) {`
			`// invalid code`
			`return c.body(null, 400)`
			`}`
			`return c.body(null, 500)`
Fixing OAuth flows, passing code and state correctly to hono, and signing in with GitHub. 2024-09-18 00:32:26 +00:00			`}`
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00			`})`
Adding OAuth for GitHub. 2024-09-16 16:07:22 +00:00			`}`
			`}`

			`interface GitHubUser {`
Fixing OAuth flows, passing code and state correctly to hono, and signing in with GitHub. 2024-09-18 00:32:26 +00:00			`id: number`
			`login: string`
			`}`
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00
			`interface GoogleUser {`
Add picture and email verified columns to the user, migrations, fixing OAuth with Google, creating types for OAuth 2024-09-21 00:25:51 +00:00			`sub: string`
			`name: string`
			`given_name: string`
			`family_name: string`
			`picture: string`
			`email: string`
			`email_verified: boolean`
Adding license and starting google oauth. 2024-09-20 01:06:54 +00:00			`}`