agw/overleaf-cep
1
0
Fork 0
mirror of https://github.com/yu-i-i/overleaf-cep.git synced 2026-06-09 00:59:02 +02:00
Code Issues Packages Projects Releases Wiki Activity

Configure PKCE support in OAuth clients (#25300)

Browse Source 
This flag will control whether or not a particular client is allowed to
use PKCE instead of a client secret when requesting an access token.

GitOrigin-RevId: b9471112a485233308410e0cb7f20e20a613a971
This commit is contained in:
Eric Mc Sween
2025-05-08 11:13:59 -04:00
committed by Copybot
parent 35adaf19b6
commit c07eb86765
1 changed files with 26 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
services/web/scripts/oauth/register_client.mjs
+26 -1
View File
@@ -34,31 +34,45 @@ async function upsertApplication(opts) {
const key = { id: opts.id }
const defaults = {}
const updates = {}
if (opts.name != null) {
updates.name = opts.name
}
if (opts.secret != null) {
updates.clientSecret = hashSecret(opts.secret)
}
if (opts.grants != null) {
updates.grants = opts.grants
} else {
defaults.grants = []
}
if (opts.scopes != null) {
updates.scopes = opts.scopes
} else {
defaults.scopes = []
}
if (opts.redirectUris != null) {
updates.redirectUris = opts.redirectUris
} else {
defaults.redirectUris = []
}
if (opts.mongoId != null) {
defaults._id = new ObjectId(opts.mongoId)
}
if (opts.enablePkce) {
updates.pkceEnabled = true
}
if (opts.disablePkce) {
updates.pkceEnabled = false
}
await db.oauthApplications.updateOne(
key,
{
@@ -71,17 +85,24 @@ async function upsertApplication(opts) {
function parseArgs() {
const args = minimist(process.argv.slice(2), {
boolean: ['help'],
boolean: ['help', 'enable-pkce', 'disable-pkce'],
})
if (args.help) {
usage()
process.exit(0)
}
if (args._.length !== 1) {
usage()
process.exit(1)
}
if (args['enable-pkce'] && args['disable-pkce']) {
console.error('Options --enable-pkce and --disable-pkce are exclusive')
process.exit(1)
}
return {
id: args._[0],
mongoId: args['mongo-id'],
@@ -90,6 +111,8 @@ function parseArgs() {
scopes: toArray(args.scope),
grants: toArray(args.grant),
redirectUris: toArray(args['redirect-uri']),
enablePkce: args['enable-pkce'],
disablePkce: args['disable-pkce'],
}
}
@@ -105,6 +128,8 @@ Options:
--grant Accepted grant type (can be given more than once)
--redirect-uri Accepted redirect URI (can be given more than once)
--mongo-id Mongo ID to use if the configuration is created (optional)
--enable-pkce Enable PKCE
--disable-pkce Disable PKCE
`)
}