feat: support multiple redirect URLs per client

jsdelivr · Sep 2, 2024 · 0abdb48 · 0abdb48
1 parent 0c784dc
commit 0abdb48
Show file tree

Hide file tree

Showing 5 changed files with 7 additions and 7 deletions.
diff --git a/migrations/create-tables.js.sql b/migrations/create-tables.js.sql
@@ -11,7 +11,7 @@ CREATE TABLE `gp_apps` (
 	`date_updated` timestamp NULL DEFAULT NULL,
 	`name` varchar(255) DEFAULT NULL,
 	`secret` varchar(255) DEFAULT NULL,
-	`redirect_url` varchar(255) DEFAULT NULL,
+	`redirect_urls` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin CHECK (json_valid(`redirect_urls`)),
 	`grants` longtext CHARACTER SET utf8mb4 COLLATE utf8mb4_bin DEFAULT '\'[]\'' CHECK (json_valid(`grants`)),
 	`access_token_lifetime` int(11) DEFAULT NULL,
 	`refresh_token_lifetime` int(11) DEFAULT NULL,

diff --git a/seeds/test/index.ts b/seeds/test/index.ts
@@ -12,15 +12,15 @@ export const apps = [
 		user_created: users[0]!.id,
 		name: 'App One',
 		secret: null,
-		redirect_url: 'https://example.com/one/callback',
+		redirect_urls: JSON.stringify([ 'https://example.com/one/callback' ]),
 		grants: JSON.stringify([ 'authorization_code', 'refresh_token' ]),
 	},
 	{
 		id: 'b2a50a7e-6dc5-423d-864e-173ea690992e',
 		user_created: users[1]!.id,
 		name: 'App Two',
 		secret: 'secret2',
-		redirect_url: 'https://example.com/two/callback',
+		redirect_urls: JSON.stringify([ 'https://example.com/two/callback' ]),
 		grants: JSON.stringify([ 'authorization_code', 'refresh_token' ]),
 	},
 ];

diff --git a/src/oauth/model.ts b/src/oauth/model.ts
@@ -217,7 +217,7 @@ export default class OAuthModel implements AuthorizationCodeModel, RefreshTokenM
 			name: client.name,
 			secret: client.secret,
 			requestSecret: clientSecret,
-			redirectUris: client.redirect_url,
+			redirectUris: JSON.parse(client.redirect_urls) as string[],
 			grants: JSON.parse(client.grants) as string[],
 			...client.access_token_lifetime ? { accessTokenLifetime: client.access_token_lifetime } : {},
 			...client.refresh_token_lifetime ? { refreshTokenLifetime: client.refresh_token_lifetime } : {},

diff --git a/src/oauth/types.ts b/src/oauth/types.ts
@@ -30,7 +30,7 @@ export type ClientRow = {
 	id: string;
 	name: string;
 	secret: string | null;
-	redirect_url: string;
+	redirect_urls: string;
 	grants: string;
 	access_token_lifetime: number | null;
 	refresh_token_lifetime: number | null;

diff --git a/test/tests/integration/oauth.test.ts b/test/tests/integration/oauth.test.ts
@@ -41,7 +41,7 @@ describe('OAuth', () => {
 			.set(headers)
 			.query({
 				client_id: client.id,
-				redirect_uri: client.redirect_url,
+				redirect_uri: JSON.parse(client.redirect_urls)[0],
 				response_type: 'code',
 				scope: 'measurements',
 				state: 'someRandomState',
@@ -80,7 +80,7 @@ describe('OAuth', () => {
 				client_id: client.id,
 				client_secret: client.secret,
 				code: authorizationCode,
-				redirect_uri: client.redirect_url,
+				redirect_uri: JSON.parse(client.redirect_urls)[0],
 				grant_type: 'authorization_code',
 				code_verifier: codeVerifier,
 				...body,