summary refs log tree commit diff
path: root/src/api/routes/oauth2/authorize.ts
diff options
context:
space:
mode:
Diffstat (limited to 'src/api/routes/oauth2/authorize.ts')
-rw-r--r--src/api/routes/oauth2/authorize.ts230
1 files changed, 136 insertions, 94 deletions
diff --git a/src/api/routes/oauth2/authorize.ts b/src/api/routes/oauth2/authorize.ts
index ee4b6eaf..7ae6fa84 100644
--- a/src/api/routes/oauth2/authorize.ts
+++ b/src/api/routes/oauth2/authorize.ts
@@ -32,110 +32,152 @@ const router = Router();
 
 // TODO: scopes, other oauth types
 
-router.get("/", route({}), async (req: Request, res: Response) => {
-	// const { client_id, scope, response_type, redirect_url } = req.query;
-	const { client_id } = req.query;
-
-	const app = await Application.findOne({
-		where: {
-			id: client_id as string,
+router.get(
+	"/",
+	route({
+		responses: {
+			// TODO: I really didn't feel like typing all of it out
+			200: {},
+			400: {
+				body: "APIErrorResponse",
+			},
+			404: {
+				body: "APIErrorResponse",
+			},
 		},
-		relations: ["bot"],
-	});
+	}),
+	async (req: Request, res: Response) => {
+		// const { client_id, scope, response_type, redirect_url } = req.query;
+		const { client_id } = req.query;
 
-	// TODO: use DiscordApiErrors
-	// findOneOrFail throws code 404
-	if (!app) throw DiscordApiErrors.UNKNOWN_APPLICATION;
-	if (!app.bot) throw DiscordApiErrors.OAUTH2_APPLICATION_BOT_ABSENT;
+		const app = await Application.findOne({
+			where: {
+				id: client_id as string,
+			},
+			relations: ["bot"],
+		});
 
-	const bot = app.bot;
-	delete app.bot;
+		// TODO: use DiscordApiErrors
+		// findOneOrFail throws code 404
+		if (!app) throw DiscordApiErrors.UNKNOWN_APPLICATION;
+		if (!app.bot) throw DiscordApiErrors.OAUTH2_APPLICATION_BOT_ABSENT;
 
-	const user = await User.findOneOrFail({
-		where: {
-			id: req.user_id,
-			bot: false,
-		},
-		select: ["id", "username", "avatar", "discriminator", "public_flags"],
-	});
+		const bot = app.bot;
+		delete app.bot;
 
-	const guilds = await Member.find({
-		where: {
-			user: {
+		const user = await User.findOneOrFail({
+			where: {
 				id: req.user_id,
+				bot: false,
 			},
-		},
-		relations: ["guild", "roles"],
-		// eslint-disable-next-line @typescript-eslint/ban-ts-comment
-		//@ts-ignore
-		// prettier-ignore
-		select: ["guild.id", "guild.name", "guild.icon", "guild.mfa_level", "guild.owner_id", "roles.id"],
-	});
-
-	const guildsWithPermissions = guilds.map((x) => {
-		const perms =
-			x.guild.owner_id === user.id
-				? new Permissions(Permissions.FLAGS.ADMINISTRATOR)
-				: Permissions.finalPermission({
-						user: {
-							id: user.id,
-							roles: x.roles?.map((x) => x.id) || [],
-						},
-						guild: {
-							roles: x?.roles || [],
-						},
-				  });
-
-		return {
-			id: x.guild.id,
-			name: x.guild.name,
-			icon: x.guild.icon,
-			mfa_level: x.guild.mfa_level,
-			permissions: perms.bitfield.toString(),
-		};
-	});
-
-	return res.json({
-		guilds: guildsWithPermissions,
-		user: {
-			id: user.id,
-			username: user.username,
-			avatar: user.avatar,
-			avatar_decoration: null, // TODO
-			discriminator: user.discriminator,
-			public_flags: user.public_flags,
-		},
-		application: {
-			id: app.id,
-			name: app.name,
-			icon: app.icon,
-			description: app.description,
-			summary: app.summary,
-			type: app.type,
-			hook: app.hook,
-			guild_id: null, // TODO support guilds
-			bot_public: app.bot_public,
-			bot_require_code_grant: app.bot_require_code_grant,
-			verify_key: app.verify_key,
-			flags: app.flags,
-		},
-		bot: {
-			id: bot.id,
-			username: bot.username,
-			avatar: bot.avatar,
-			avatar_decoration: null, // TODO
-			discriminator: bot.discriminator,
-			public_flags: bot.public_flags,
-			bot: true,
-			approximated_guild_count: 0, // TODO
-		},
-		authorized: false,
-	});
-});
+			select: [
+				"id",
+				"username",
+				"avatar",
+				"discriminator",
+				"public_flags",
+			],
+		});
+
+		const guilds = await Member.find({
+			where: {
+				user: {
+					id: req.user_id,
+				},
+			},
+			relations: ["guild", "roles"],
+			// eslint-disable-next-line @typescript-eslint/ban-ts-comment
+			//@ts-ignore
+			// prettier-ignore
+			select: ["guild.id", "guild.name", "guild.icon", "guild.mfa_level", "guild.owner_id", "roles.id"],
+		});
+
+		const guildsWithPermissions = guilds.map((x) => {
+			const perms =
+				x.guild.owner_id === user.id
+					? new Permissions(Permissions.FLAGS.ADMINISTRATOR)
+					: Permissions.finalPermission({
+							user: {
+								id: user.id,
+								roles: x.roles?.map((x) => x.id) || [],
+							},
+							guild: {
+								roles: x?.roles || [],
+							},
+					  });
+
+			return {
+				id: x.guild.id,
+				name: x.guild.name,
+				icon: x.guild.icon,
+				mfa_level: x.guild.mfa_level,
+				permissions: perms.bitfield.toString(),
+			};
+		});
+
+		return res.json({
+			guilds: guildsWithPermissions,
+			user: {
+				id: user.id,
+				username: user.username,
+				avatar: user.avatar,
+				avatar_decoration: null, // TODO
+				discriminator: user.discriminator,
+				public_flags: user.public_flags,
+			},
+			application: {
+				id: app.id,
+				name: app.name,
+				icon: app.icon,
+				description: app.description,
+				summary: app.summary,
+				type: app.type,
+				hook: app.hook,
+				guild_id: null, // TODO support guilds
+				bot_public: app.bot_public,
+				bot_require_code_grant: app.bot_require_code_grant,
+				verify_key: app.verify_key,
+				flags: app.flags,
+			},
+			bot: {
+				id: bot.id,
+				username: bot.username,
+				avatar: bot.avatar,
+				avatar_decoration: null, // TODO
+				discriminator: bot.discriminator,
+				public_flags: bot.public_flags,
+				bot: true,
+				approximated_guild_count: 0, // TODO
+			},
+			authorized: false,
+		});
+	},
+);
 
 router.post(
 	"/",
-	route({ requestBody: "ApplicationAuthorizeSchema" }),
+	route({
+		requestBody: "ApplicationAuthorizeSchema",
+		query: {
+			client_id: {
+				type: "string",
+			},
+		},
+		responses: {
+			200: {
+				body: "OAuthAuthorizeResponse",
+			},
+			400: {
+				body: "APIErrorResponse",
+			},
+			403: {
+				body: "APIErrorResponse",
+			},
+			404: {
+				body: "APIErrorResponse",
+			},
+		},
+	}),
 	async (req: Request, res: Response) => {
 		const body = req.body as ApplicationAuthorizeSchema;
 		// const { client_id, scope, response_type, redirect_url } = req.query;