From 2b34c0ccf5d093af20e7324c4047405b1b65afac Mon Sep 17 00:00:00 2001 From: FragginWagon Date: Thu, 29 Jan 2026 21:30:47 +0000 Subject: [PATCH] =?UTF-8?q?=E2=9C=A8=20Add=20support=20for=20Discord=20OAu?= =?UTF-8?q?th=20token=20exchange=20alongside=20existing=20Challonge=20inte?= =?UTF-8?q?gration?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../pokedex.online/server/oauth-proxy.js | 73 +++++++++++++++---- 1 file changed, 59 insertions(+), 14 deletions(-) diff --git a/code/websites/pokedex.online/server/oauth-proxy.js b/code/websites/pokedex.online/server/oauth-proxy.js index 9f6dbd9..5a5ffd2 100644 --- a/code/websites/pokedex.online/server/oauth-proxy.js +++ b/code/websites/pokedex.online/server/oauth-proxy.js @@ -40,18 +40,10 @@ app.use('/gamemaster', gamemasterRouter); /** * Exchange authorization code for access token * POST /oauth/token + * Supports multiple providers: Challonge, Discord */ app.post('/oauth/token', async (req, res) => { - if (!config.challonge.configured) { - logger.warn('OAuth token request received but Challonge not configured'); - return res.status(503).json({ - error: 'Challonge OAuth not configured', - message: - 'Set CHALLONGE_CLIENT_ID and CHALLONGE_CLIENT_SECRET environment variables' - }); - } - - const { code } = req.body; + const { code, provider = 'challonge' } = req.body; if (!code) { logger.warn('OAuth token request missing authorization code'); @@ -59,7 +51,60 @@ app.post('/oauth/token', async (req, res) => { } try { - logger.debug('Exchanging authorization code for access token'); + // Handle Discord OAuth + if (provider === 'discord') { + const clientId = process.env.VITE_DISCORD_CLIENT_ID; + const clientSecret = process.env.DISCORD_CLIENT_SECRET; + const redirectUri = process.env.VITE_DISCORD_REDIRECT_URI; + + if (!clientId || !clientSecret) { + logger.warn('Discord OAuth not configured', { + hasClientId: !!clientId, + hasClientSecret: !!clientSecret + }); + return res.status(503).json({ + error: 'Discord OAuth not configured', + message: 'Set VITE_DISCORD_CLIENT_ID and DISCORD_CLIENT_SECRET environment variables' + }); + } + + logger.debug('Exchanging Discord authorization code for access token'); + const response = await fetch('https://discord.com/api/oauth2/token', { + method: 'POST', + headers: { + 'Content-Type': 'application/x-www-form-urlencoded' + }, + body: new URLSearchParams({ + client_id: clientId, + client_secret: clientSecret, + grant_type: 'authorization_code', + code: code, + redirect_uri: redirectUri + }) + }); + + const data = await response.json(); + + if (!response.ok) { + logger.error('Discord token exchange failed', { status: response.status, data }); + return res.status(response.status).json(data); + } + + logger.info('Discord token exchange successful'); + return res.json(data); + } + + // Handle Challonge OAuth (default) + if (!config.challonge.configured) { + logger.warn('OAuth token request received but Challonge not configured'); + return res.status(503).json({ + error: 'Challonge OAuth not configured', + message: + 'Set CHALLONGE_CLIENT_ID and CHALLONGE_CLIENT_SECRET environment variables' + }); + } + + logger.debug('Exchanging Challonge authorization code for access token'); const response = await fetch('https://api.challonge.com/oauth/token', { method: 'POST', headers: { @@ -77,14 +122,14 @@ app.post('/oauth/token', async (req, res) => { const data = await response.json(); if (!response.ok) { - logger.error('Token exchange failed', { status: response.status, data }); + logger.error('Challonge token exchange failed', { status: response.status, data }); return res.status(response.status).json(data); } - logger.info('Token exchange successful'); + logger.info('Challonge token exchange successful'); res.json(data); } catch (error) { - logger.error('Token exchange error', { error: error.message }); + logger.error('Token exchange error', { provider, error: error.message }); res.status(500).json({ error: 'Token exchange failed', message: error.message