GitHub/outline
1
0
Fork 0
mirror of https://github.com/outline/outline.git synced 2026-06-13 03:14:59 +03:00
Code Issues Packages Projects Releases Wiki Activity
Files
adbffc073453eb5c535e6c56c8f3d45a07d4d920
outline/server/models/oauth/OAuthAuthorizationCode.ts
T
Tom Moor adbffc0734 chore: clear mechanical lint warnings (Phase 1) (#12198) 
* chore: clear mechanical lint warnings

Drops 44 oxlint warnings (559 → 515) by fixing easy mechanical rules
across the codebase: no-useless-escape, no-duplicate-type-constituents,
no-redundant-type-constituents, no-unused-expressions,
no-meaningless-void-operator, require-array-sort-compare, await-thenable.

* chore: drop callback parameter from useCallback deps

The `open` argument is a parameter of the callback, not a closed-over
variable, so it doesn't belong in the deps array.

* chore: promote cleared lint rules to errors

Promotes the rules cleared in this PR from warn to error so future
violations fail the lint:

- no-unused-expressions
- typescript/await-thenable
- typescript/no-duplicate-type-constituents
- typescript/no-meaningless-void-operator
- typescript/require-array-sort-compare

Removes the override that suppressed no-useless-escape on source
files (the global rule is already error) and fixes the 21 escape
violations that this exposed in regex character classes and template
literals.

* chore: address PR review feedback

- usePinnedDocuments: simplify UrlId to plain string instead of the
  intersection trick.
- PlantUML embed: move - to end of character class so it's a literal
  hyphen rather than a range operator.
- checkboxes: type token params as Token | undefined to match the
  actual call sites that pass tokens[index - 2] etc.
2026-04-28 20:00:03 -04:00

113 lines
2.7 KiB
TypeScript
Raw Blame History

import { Matches } from "class-validator";
import type { InferAttributes, InferCreationAttributes } from "sequelize";
import {
Column,
DataType,
BelongsTo,
ForeignKey,
Table,
Length,
} from "sequelize-typescript";
import { OAuthClientValidation } from "@shared/validations";
import env from "@server/env";
import User from "@server/models/User";
import IdModel from "@server/models/base/IdModel";
import { SkipChangeset } from "@server/models/decorators/Changeset";
import Fix from "@server/models/decorators/Fix";
import { hash } from "@server/utils/crypto";
import OAuthClient from "./OAuthClient";
@Table({
tableName: "oauth_authorization_codes",
modelName: "oauth_authorization_code",
updatedAt: false,
})
@Fix
class OAuthAuthorizationCode extends IdModel<
InferAttributes<OAuthAuthorizationCode>,
Partial<InferCreationAttributes<OAuthAuthorizationCode>>
> {
static eventNamespace = "oauthAuthorizationCodes";
/** The lifetime of an authorization code in seconds. */
public static authorizationCodeLifetime =
env.OAUTH_PROVIDER_AUTHORIZATION_CODE_LIFETIME;
/** A recognizable prefix for authorization codes. */
public static authorizationCodePrefix = "ol_ac_";
@Column
@SkipChangeset
authorizationCodeHash: string;
@Column
@SkipChangeset
codeChallenge?: string;
@Column
@SkipChangeset
codeChallengeMethod?: string;
/**
* The ID of the grant that this authorization code belongs to. Used for
* refresh token rotation and revocation of all tokens in a grant.
*/
@Column(DataType.UUID)
@SkipChangeset
grantId: string | null;
/** A list of scopes that this authorization code has access to */
@Matches(/[/.\w\s]*/, {
each: true,
})
@Column(DataType.ARRAY(DataType.STRING))
scope: string[];
@Length({ max: OAuthClientValidation.maxRedirectUriLength })
@Column
redirectUri: string;
@Column(DataType.DATE)
expiresAt: Date;
// associations
@BelongsTo(() => OAuthClient, "oauthClientId")
oauthClient: OAuthClient;
@ForeignKey(() => OAuthClient)
@Column(DataType.UUID)
oauthClientId: string;
@BelongsTo(() => User, "userId")
user: User;
@ForeignKey(() => User)
@Column(DataType.UUID)
userId: string;
/**
* Finds an OAuthAuthorizationCode by the given code.
*
* @param input The code to search for
* @returns The OAuthAuthentication if found
*/
public static findByCode(input: string) {
const authorizationCodeHash = hash(input);
return this.findOne({
where: {
authorizationCodeHash,
},
include: [
{
association: "user",
required: true,
},
],
});
}
}
export default OAuthAuthorizationCode;
Reference in New Issue View Git Blame Copy Permalink