Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: finish iaaa compat routes #101

Merged
merged 2 commits into from
May 22, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .yarn/versions/90bacf72.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
releases:
"@aoi-js/server": patch
37 changes: 15 additions & 22 deletions apps/server/src/routes/oauth/iaaaCompat.ts
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,8 @@ export const oauthIaaaCompatRoutes = defineRoutes(async (s) => {
'/svc/token/validate.do',
{
schema: {
description: 'See IAAA Guide V2.1 section 3.4.1 for details',
security: [],
querystring: T.Object({
remoteAddr: T.String({ maxLength: 45 }),
appId: T.UUID(),
Expand Down Expand Up @@ -44,40 +46,31 @@ export const oauthIaaaCompatRoutes = defineRoutes(async (s) => {
},
async (req) => {
const { remoteAddr, appId, token, msgAbs } = req.query
const { userId, tags } = req.verifyToken(token)
const tag = tags?.find((tag) => tag.startsWith(`.oauth.access_token.`))
if (!tag || appId !== tag.slice(20) || !UUID.isValid(appId)) {
return { success: false, errCode: '1', errMsg: '无效的appId' }
}

const app = await apps.findOne(
{ _id: new UUID(appId) },
{
projection: {
secret: 1,
'settings.enableIaaa': 1
}
}
{ projection: { secret: 1, 'settings.enableIaaa': 1 } }
)
if (!app || !app.settings.enableIaaa) {
return {
success: false,
errCode: '1',
errMsg: '未找到对应应用'
}
return { success: false, errCode: '1', errMsg: '未找到对应应用' }
}

const digest = md5(`appId=${appId}&remoteAddr=${remoteAddr}&token=${token}` + app.secret)
if (digest !== msgAbs) {
return {
success: false,
errCode: '2',
errMsg: '签名错误'
}
return { success: false, errCode: '1', errMsg: '签名错误' }
}

const user = await users.findOne(
{ _id: req.user.userId },
{ _id: new UUID(userId) },
{ projection: { profile: 1, 'authSources.iaaaInfo': 1 } }
)
if (!user || !user.authSources.iaaaInfo) {
return {
success: false,
errCode: '3',
errMsg: '用户未绑定身份'
}
return { success: false, errCode: '3', errMsg: '用户未绑定身份' }
}

return {
Expand Down
Loading