mirror of
https://github.com/outline/outline.git
synced 2026-06-13 11:25:03 +03:00
Tom Moor
a06671e8ce
This PR contains the necessary work to make Outline an OAuth provider including: - OAuth app registration - OAuth app management - Private / public apps (Public in cloud only) - Full OAuth 2.0 spec compatible authentication flow - Granular scopes - User token management screen in settings - Associated API endpoints for programatic access
37 lines
1.1 KiB
TypeScript
37 lines
1.1 KiB
TypeScript
import { Op } from "sequelize";
|
|
import { OAuthAuthentication, OAuthClient, User } from "@server/models";
|
|
import { OAuthClientEvent, Event as TEvent } from "@server/types";
|
|
import BaseProcessor from "./BaseProcessor";
|
|
|
|
export default class OAuthClientUnpublishedProcessor extends BaseProcessor {
|
|
static applicableEvents: TEvent["name"][] = ["oauthClients.update"];
|
|
|
|
async perform(event: OAuthClientEvent) {
|
|
if (
|
|
event.changes?.previous.published === true &&
|
|
event.changes.attributes.published === false
|
|
) {
|
|
const oauthClient = await OAuthClient.findByPk(event.modelId, {
|
|
rejectOnEmpty: true,
|
|
});
|
|
const users = await User.findAll({
|
|
attributes: ["id"],
|
|
where: {
|
|
teamId: oauthClient.teamId,
|
|
},
|
|
});
|
|
const userIds = users.map((user) => user.id);
|
|
|
|
// Revoke access for all users except any that are in the same team
|
|
await OAuthAuthentication.destroy({
|
|
where: {
|
|
oauthClientId: event.modelId,
|
|
userId: {
|
|
[Op.notIn]: userIds,
|
|
},
|
|
},
|
|
});
|
|
}
|
|
}
|
|
}
|