Skip to content

Commit f5295b5

Browse files
author
Lasim
committed
feat(backend): Implement OAuth2 consent flow with detailed consent management
- Added consent route to handle GET and POST requests for OAuth2 consent. - Implemented consent details retrieval including user and client information. - Created schemas for request and response validation using Zod. - Integrated authorization service to manage authorization requests and codes. - Added error handling for various scenarios including user authentication and request validation. - Implemented token route for exchanging authorization codes and refreshing tokens. - Developed authorization service to validate clients, redirect URIs, and manage authorization requests. - Introduced cleanup service to periodically remove expired tokens and authorization codes. - Enhanced token service to generate and verify access and refresh tokens securely.
1 parent 3ad4ab6 commit f5295b5

File tree

24 files changed

+4985
-98
lines changed

24 files changed

+4985
-98
lines changed

services/backend/api-spec.json

Lines changed: 615 additions & 23 deletions
Large diffs are not rendered by default.

services/backend/api-spec.yaml

Lines changed: 450 additions & 25 deletions
Large diffs are not rendered by default.

services/backend/drizzle/migrations_sqlite/0001_goofy_exodus.sql

Lines changed: 41 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,41 @@
1+
CREATE TABLE `oauth_access_tokens` (
2+
`id` text PRIMARY KEY NOT NULL,
3+
`user_id` text NOT NULL,
4+
`client_id` text NOT NULL,
5+
`scope` text NOT NULL,
6+
`token_hash` text NOT NULL,
7+
`created_at` integer NOT NULL,
8+
`expires_at` integer NOT NULL,
9+
FOREIGN KEY (`user_id`) REFERENCES `authUser`(`id`) ON UPDATE no action ON DELETE cascade
10+
);
11+
--> statement-breakpoint
12+
CREATE UNIQUE INDEX `oauth_access_tokens_token_hash_unique` ON `oauth_access_tokens` (`token_hash`);--> statement-breakpoint
13+
CREATE TABLE `oauth_authorization_codes` (
14+
`id` text PRIMARY KEY NOT NULL,
15+
`user_id` text NOT NULL,
16+
`client_id` text NOT NULL,
17+
`redirect_uri` text NOT NULL,
18+
`scope` text NOT NULL,
19+
`state` text NOT NULL,
20+
`code_challenge` text NOT NULL,
21+
`code_challenge_method` text NOT NULL,
22+
`code` text NOT NULL,
23+
`used` integer DEFAULT false NOT NULL,
24+
`created_at` integer NOT NULL,
25+
`expires_at` integer NOT NULL,
26+
FOREIGN KEY (`user_id`) REFERENCES `authUser`(`id`) ON UPDATE no action ON DELETE cascade
27+
);
28+
--> statement-breakpoint
29+
CREATE UNIQUE INDEX `oauth_authorization_codes_code_unique` ON `oauth_authorization_codes` (`code`);--> statement-breakpoint
30+
CREATE TABLE `oauth_refresh_tokens` (
31+
`id` text PRIMARY KEY NOT NULL,
32+
`user_id` text NOT NULL,
33+
`client_id` text NOT NULL,
34+
`token_hash` text NOT NULL,
35+
`used` integer DEFAULT false NOT NULL,
36+
`created_at` integer NOT NULL,
37+
`expires_at` integer NOT NULL,
38+
FOREIGN KEY (`user_id`) REFERENCES `authUser`(`id`) ON UPDATE no action ON DELETE cascade
39+
);
40+
--> statement-breakpoint
41+
CREATE UNIQUE INDEX `oauth_refresh_tokens_token_hash_unique` ON `oauth_refresh_tokens` (`token_hash`);

0 commit comments

Comments
 (0)