backend/src/oauth/provider/discord.provider.ts

import { OAuthProvider, OAuthToken } from "./oauthProvider.interface";
import { OAuthCallbackDto } from "../dto/oauthCallback.dto";
import { OAuthSignInDto } from "../dto/oauthSignIn.dto";
import { ConfigService } from "../../config/config.service";
import { BadRequestException, Injectable } from "@nestjs/common";
import fetch from "node-fetch";

@Injectable()
export class DiscordProvider implements OAuthProvider<DiscordToken> {
  constructor(private config: ConfigService) {}

  getAuthEndpoint(state: string): Promise<string> {
    return Promise.resolve(
      "https://discord.com/api/oauth2/authorize?" +
        new URLSearchParams({
          client_id: this.config.get("oauth.discord-clientId"),
          redirect_uri:
            this.config.get("general.appUrl") + "/api/oauth/callback/discord",
          response_type: "code",
          state: state,
          scope: "identify email",
        }).toString(),
    );
  }

  private getAuthorizationHeader() {
    return (
      "Basic " +
      Buffer.from(
        this.config.get("oauth.discord-clientId") +
          ":" +
          this.config.get("oauth.discord-clientSecret"),
      ).toString("base64")
    );
  }

  async getToken(query: OAuthCallbackDto): Promise<OAuthToken<DiscordToken>> {
    const res = await fetch("https://discord.com/api/v10/oauth2/token", {
      method: "post",
      headers: {
        "Content-Type": "application/x-www-form-urlencoded",
        Authorization: this.getAuthorizationHeader(),
      },
      body: new URLSearchParams({
        code: query.code,
        grant_type: "authorization_code",
        redirect_uri:
          this.config.get("general.appUrl") + "/api/oauth/callback/discord",
      }),
    });
    const token: DiscordToken = await res.json();
    return {
      accessToken: token.access_token,
      refreshToken: token.refresh_token,
      expiresIn: token.expires_in,
      scope: token.scope,
      tokenType: token.token_type,
      rawToken: token,
    };
  }

  async getUserInfo(token: OAuthToken<DiscordToken>): Promise<OAuthSignInDto> {
    const res = await fetch("https://discord.com/api/v10/users/@me", {
      method: "get",
      headers: {
        Accept: "application/json",
        Authorization: `${token.tokenType || "Bearer"} ${token.accessToken}`,
      },
    });
    const user = (await res.json()) as DiscordUser;
    if (user.verified === false) {
      throw new BadRequestException("Unverified account.");
    }

    return {
      provider: "discord",
      providerId: user.id,
      providerUsername: user.global_name ?? user.username,
      email: user.email,
    };
  }
}

export interface DiscordToken {
  access_token: string;
  token_type: string;
  expires_in: number;
  refresh_token: string;
  scope: string;
}

export interface DiscordUser {
  id: string;
  username: string;
  global_name: string;
  email: string;
  verified: boolean;
}
feat(auth): add OAuth2 login (#276) * feat(auth): add OAuth2 login with GitHub and Google * chore(translations): add files for Japanese * fix(auth): fix link function for GitHub * feat(oauth): basic oidc implementation * feat(oauth): oauth guard * fix: disable image optimizations for logo to prevent caching issues with custom logos * fix: memory leak while downloading large files * chore(translations): update translations via Crowdin (#278) * New translations en-us.ts (Japanese) * New translations en-us.ts (Japanese) * New translations en-us.ts (Japanese) * release: 0.18.2 * doc(translations): Add Japanese README (#279) * Added Japanese README. * Added JAPANESE README link to README.md. * Updated Japanese README. * Updated Environment Variable Table. * updated zh-cn README. * feat(oauth): unlink account * refactor(oauth): make providers extensible * fix(oauth): fix discoveryUri error when toggle google-enabled * feat(oauth): add microsoft and discord as oauth provider * docs(oauth): update README.md * docs(oauth): update oauth2-guide.md * set password to null for new oauth users * New translations en-us.ts (Japanese) (#281) * chore(translations): add Polish files * fix(oauth): fix random username and password * feat(oauth): add totp * fix(oauth): fix totp throttle * fix(oauth): fix qrcode and remove comment * feat(oauth): add error page * fix(oauth): i18n of error page * feat(auth): add OAuth2 login * fix(auth): fix link function for GitHub * feat(oauth): basic oidc implementation * feat(oauth): oauth guard * feat(oauth): unlink account * refactor(oauth): make providers extensible * fix(oauth): fix discoveryUri error when toggle google-enabled * feat(oauth): add microsoft and discord as oauth provider * docs(oauth): update README.md * docs(oauth): update oauth2-guide.md * set password to null for new oauth users * fix(oauth): fix random username and password * feat(oauth): add totp * fix(oauth): fix totp throttle * fix(oauth): fix qrcode and remove comment * feat(oauth): add error page * fix(oauth): i18n of error page * refactor: return null instead of `false` in `getIdOfCurrentUser` functiom * feat: show original oauth error if available * refactor: run formatter * refactor(oauth): error message i18n * refactor(oauth): make OAuth token available someone may use it (to revoke token or get other info etc.) also improved the i18n message * chore(oauth): remove unused import * chore: add database migration * fix: missing python installation for nanoid --------- Co-authored-by: Elias Schneider <login@eliasschneider.com> Co-authored-by: ふうせん <10260662+fusengum@users.noreply.github.com> 2023-10-22 22:09:53 +08:00			`import { OAuthProvider, OAuthToken } from "./oauthProvider.interface";`
			`import { OAuthCallbackDto } from "../dto/oauthCallback.dto";`
			`import { OAuthSignInDto } from "../dto/oauthSignIn.dto";`
			`import { ConfigService } from "../../config/config.service";`
			`import { BadRequestException, Injectable } from "@nestjs/common";`
			`import fetch from "node-fetch";`

			`@Injectable()`
			`export class DiscordProvider implements OAuthProvider<DiscordToken> {`
			`constructor(private config: ConfigService) {}`

			`getAuthEndpoint(state: string): Promise<string> {`
			`return Promise.resolve(`
			`"https://discord.com/api/oauth2/authorize?" +`
			`new URLSearchParams({`
			`client_id: this.config.get("oauth.discord-clientId"),`
			`redirect_uri:`
			`this.config.get("general.appUrl") + "/api/oauth/callback/discord",`
			`response_type: "code",`
			`state: state,`
			`scope: "identify email",`
			`}).toString(),`
			`);`
			`}`

			`private getAuthorizationHeader() {`
			`return (`
			`"Basic " +`
			`Buffer.from(`
			`this.config.get("oauth.discord-clientId") +`
			`":" +`
			`this.config.get("oauth.discord-clientSecret"),`
			`).toString("base64")`
			`);`
			`}`

			`async getToken(query: OAuthCallbackDto): Promise<OAuthToken<DiscordToken>> {`
			`const res = await fetch("https://discord.com/api/v10/oauth2/token", {`
			`method: "post",`
			`headers: {`
			`"Content-Type": "application/x-www-form-urlencoded",`
			`Authorization: this.getAuthorizationHeader(),`
			`},`
			`body: new URLSearchParams({`
			`code: query.code,`
			`grant_type: "authorization_code",`
			`redirect_uri:`
			`this.config.get("general.appUrl") + "/api/oauth/callback/discord",`
			`}),`
			`});`
			`const token: DiscordToken = await res.json();`
			`return {`
			`accessToken: token.access_token,`
			`refreshToken: token.refresh_token,`
			`expiresIn: token.expires_in,`
			`scope: token.scope,`
			`tokenType: token.token_type,`
			`rawToken: token,`
			`};`
			`}`

			`async getUserInfo(token: OAuthToken<DiscordToken>): Promise<OAuthSignInDto> {`
fix(oauth): github and discord login error (#323) * fix(oauth): github and discord login error fixed #322, fixed #302 * feat(oauth): print log when ErrorPageException occurs * refactor(oauth): migrate to Logger * feat(oauth): add logger for OAuthExceptionFilter * docs(oauth): update oauth login docs 2023-11-12 03:25:05 +08:00			`const res = await fetch("https://discord.com/api/v10/users/@me", {`
			`method: "get",`
feat(auth): add OAuth2 login (#276) * feat(auth): add OAuth2 login with GitHub and Google * chore(translations): add files for Japanese * fix(auth): fix link function for GitHub * feat(oauth): basic oidc implementation * feat(oauth): oauth guard * fix: disable image optimizations for logo to prevent caching issues with custom logos * fix: memory leak while downloading large files * chore(translations): update translations via Crowdin (#278) * New translations en-us.ts (Japanese) * New translations en-us.ts (Japanese) * New translations en-us.ts (Japanese) * release: 0.18.2 * doc(translations): Add Japanese README (#279) * Added Japanese README. * Added JAPANESE README link to README.md. * Updated Japanese README. * Updated Environment Variable Table. * updated zh-cn README. * feat(oauth): unlink account * refactor(oauth): make providers extensible * fix(oauth): fix discoveryUri error when toggle google-enabled * feat(oauth): add microsoft and discord as oauth provider * docs(oauth): update README.md * docs(oauth): update oauth2-guide.md * set password to null for new oauth users * New translations en-us.ts (Japanese) (#281) * chore(translations): add Polish files * fix(oauth): fix random username and password * feat(oauth): add totp * fix(oauth): fix totp throttle * fix(oauth): fix qrcode and remove comment * feat(oauth): add error page * fix(oauth): i18n of error page * feat(auth): add OAuth2 login * fix(auth): fix link function for GitHub * feat(oauth): basic oidc implementation * feat(oauth): oauth guard * feat(oauth): unlink account * refactor(oauth): make providers extensible * fix(oauth): fix discoveryUri error when toggle google-enabled * feat(oauth): add microsoft and discord as oauth provider * docs(oauth): update README.md * docs(oauth): update oauth2-guide.md * set password to null for new oauth users * fix(oauth): fix random username and password * feat(oauth): add totp * fix(oauth): fix totp throttle * fix(oauth): fix qrcode and remove comment * feat(oauth): add error page * fix(oauth): i18n of error page * refactor: return null instead of `false` in `getIdOfCurrentUser` functiom * feat: show original oauth error if available * refactor: run formatter * refactor(oauth): error message i18n * refactor(oauth): make OAuth token available someone may use it (to revoke token or get other info etc.) also improved the i18n message * chore(oauth): remove unused import * chore: add database migration * fix: missing python installation for nanoid --------- Co-authored-by: Elias Schneider <login@eliasschneider.com> Co-authored-by: ふうせん <10260662+fusengum@users.noreply.github.com> 2023-10-22 22:09:53 +08:00			`headers: {`
			`Accept: "application/json",`
			Authorization: `${token.tokenType \|\| "Bearer"} ${token.accessToken}`,
			`},`
			`});`
			`const user = (await res.json()) as DiscordUser;`
			`if (user.verified === false) {`
			`throw new BadRequestException("Unverified account.");`
			`}`

			`return {`
			`provider: "discord",`
			`providerId: user.id,`
			`providerUsername: user.global_name ?? user.username,`
			`email: user.email,`
			`};`
			`}`
			`}`

			`export interface DiscordToken {`
			`access_token: string;`
			`token_type: string;`
			`expires_in: number;`
			`refresh_token: string;`
			`scope: string;`
			`}`

			`export interface DiscordUser {`
			`id: string;`
			`username: string;`
			`global_name: string;`
			`email: string;`
			`verified: boolean;`
			`}`