feat(MiAuth): アクセストークンの発行に失敗した場合コールバックに遷移しないようにする

TeamNijimiss · Dec 15, 2024 · 8003596 · 8003596
1 parent a2e033d
commit 8003596
Show file tree

Hide file tree

Showing 2 changed files with 20 additions and 11 deletions.
diff --git a/packages/backend/src/server/api/endpoints/miauth/gen-token.ts b/packages/backend/src/server/api/endpoints/miauth/gen-token.ts
@@ -10,6 +10,7 @@ import { IdService } from '@/core/IdService.js';
 import { secureRndstr } from '@/misc/secure-rndstr.js';
 import { DI } from '@/di-symbols.js';
 import { RoleService } from '@/core/RoleService.js';
+import { ApiError } from '../../error.js';
 
 export const meta = {
 	tags: ['auth'],
@@ -28,6 +29,14 @@ export const meta = {
 			},
 		},
 	},
+
+	errors: {
+		tooManyAccessTokens: {
+			message: 'Too many access tokens',
+			code: 'TOO_MANY_ACCESS_TOKENS',
+			id: 'eb37e2f9-5475-46c3-805a-803805e81d3f',
+		},
+	},
 } as const;
 
 export const paramDef = {
@@ -56,7 +65,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
 		super(meta, paramDef, async (ps, me) => {
 			const currentCount = await accessTokensRepository.countBy({ userId: me.id });
 			if (currentCount >= (await this.roleService.getUserPolicies(me.id)).accessTokenLimit) {
-				throw new Error('Too many access tokens');
+				throw new ApiError(meta.errors.tooManyAccessTokens);
 			}
 
 			// Generate access token

diff --git a/packages/frontend/src/pages/miauth.vue b/packages/frontend/src/pages/miauth.vue
@@ -59,18 +59,18 @@ async function onAccept(token: string) {
 		name: props.name,
 		iconUrl: props.icon,
 		permission: _permissions.value,
-	}, token).catch(() => {
+	}, token).then(() => {
+		if (props.callback && props.callback !== '') {
+			const cbUrl = new URL(props.callback);
+			if (['javascript:', 'file:', 'data:', 'mailto:', 'tel:', 'vbscript:'].includes(cbUrl.protocol)) throw new Error('invalid url');
+			cbUrl.searchParams.set('session', props.session);
+			location.href = cbUrl.toString();
+		} else {
+			authRoot.value?.showUI('success');
+		}
+	}).catch(() => {
 		authRoot.value?.showUI('failed');
 	});
-
-	if (props.callback && props.callback !== '') {
-		const cbUrl = new URL(props.callback);
-		if (['javascript:', 'file:', 'data:', 'mailto:', 'tel:', 'vbscript:'].includes(cbUrl.protocol)) throw new Error('invalid url');
-		cbUrl.searchParams.set('session', props.session);
-		location.href = cbUrl.toString();
-	} else {
-		authRoot.value?.showUI('success');
-	}
 }
 
 function onDeny() {