Merge pull request #2305 from automatisch/create-oauth-clients

fix: Do not create oauth clients for non-supported apps
2025-01-23 11:34:15 +01:00
parent e686d3b067 ede745495d
commit 3961bb12cd
3 changed files with 53 additions and 3 deletions
--- a/packages/backend/src/controllers/api/v1/admin/apps/create-oauth-client.ee.js
+++ b/packages/backend/src/controllers/api/v1/admin/apps/create-oauth-client.ee.js
@@ -6,9 +6,9 @@ export default async (request, response) => {
    .findOne({ key: request.params.appKey })
    .throwIfNotFound();

-  const oauthClient = await appConfig
-    .$relatedQuery('oauthClients')
-    .insert(oauthClientParams(request));
+  const oauthClient = await appConfig.createOAuthClient(
+    oauthClientParams(request)
+  );

  renderObject(response, oauthClient, { status: 201 });
 };
--- a/packages/backend/src/controllers/api/v1/admin/apps/create-oauth-client.ee.test.js
+++ b/packages/backend/src/controllers/api/v1/admin/apps/create-oauth-client.ee.test.js
@@ -48,6 +48,34 @@ describe('POST /api/v1/admin/apps/:appKey/oauth-clients', () => {
    expect(response.body).toMatchObject(expectedPayload);
  });

+  it('should throw validation error for app that does not support oauth connections', async () => {
+    await createAppConfig({
+      key: 'deepl',
+    });
+
+    const oauthClient = {
+      active: true,
+      appKey: 'deepl',
+      name: 'First auth client',
+      formattedAuthDefaults: {
+        clientid: 'sample client ID',
+        clientSecret: 'sample client secret',
+        instanceUrl: 'https://deepl.com',
+        oAuthRedirectUrl: 'http://localhost:3001/app/deepl/connection/add',
+      },
+    };
+
+    const response = await request(app)
+      .post('/api/v1/admin/apps/deepl/oauth-clients')
+      .set('Authorization', token)
+      .send(oauthClient)
+      .expect(422);
+
+    expect(response.body.errors).toMatchObject({
+      app: ['This app does not support OAuth clients!'],
+    });
+  });
+
  it('should return not found response for not existing app config', async () => {
    const oauthClient = {
      active: true,
--- a/packages/backend/src/models/app-config.js
+++ b/packages/backend/src/models/app-config.js
@@ -1,6 +1,7 @@
 import App from './app.js';
 import OAuthClient from './oauth-client.js';
 import Base from './base.js';
+import { ValidationError } from 'objection';

 class AppConfig extends Base {
  static tableName = 'app_configs';
@@ -39,6 +40,27 @@ class AppConfig extends Base {

    return await App.findOneByKey(this.key);
  }
+
+  async createOAuthClient(params) {
+    const supportsOauthClients = (await this.getApp())?.auth?.generateAuthUrl
+      ? true
+      : false;
+
+    if (!supportsOauthClients) {
+      throw new ValidationError({
+        data: {
+          app: [
+            {
+              message: 'This app does not support OAuth clients!',
+            },
+          ],
+        },
+        type: 'ModelValidation',
+      });
+    }
+
+    return await this.$relatedQuery('oauthClients').insert(params);
+  }
 }

 export default AppConfig;