164 lines
4.3 KiB
JavaScript
164 lines
4.3 KiB
JavaScript
/**
|
|
* OAuth Proxy Server for Challonge API
|
|
*
|
|
* This server handles OAuth token exchange and refresh for the Challonge API.
|
|
* It keeps client_secret secure by running on the backend.
|
|
*
|
|
* Usage:
|
|
* Development: node server/oauth-proxy.js
|
|
* Production: Deploy with Docker (see docker-compose.production.yml)
|
|
*/
|
|
|
|
import 'dotenv/config';
|
|
import express from 'express';
|
|
import cors from 'cors';
|
|
import fetch from 'node-fetch';
|
|
import gamemasterRouter from './gamemaster-api.js';
|
|
import { validateOrExit, getConfig } from './utils/env-validator.js';
|
|
import logger, { requestLogger, errorLogger } from './utils/logger.js';
|
|
import {
|
|
setupGracefulShutdown,
|
|
createHealthCheckMiddleware
|
|
} from './utils/graceful-shutdown.js';
|
|
|
|
// Validate environment variables
|
|
validateOrExit();
|
|
|
|
// Get validated configuration
|
|
const config = getConfig();
|
|
|
|
const app = express();
|
|
|
|
// Middleware
|
|
app.use(cors({ origin: config.cors.origin }));
|
|
app.use(express.json());
|
|
app.use(requestLogger);
|
|
|
|
// Mount API routes
|
|
app.use('/api/gamemaster', gamemasterRouter);
|
|
|
|
/**
|
|
* Exchange authorization code for access token
|
|
* POST /oauth/token
|
|
*/
|
|
app.post('/oauth/token', async (req, res) => {
|
|
if (!config.challonge.configured) {
|
|
logger.warn('OAuth token request received but Challonge not configured');
|
|
return res.status(503).json({
|
|
error: 'Challonge OAuth not configured',
|
|
message:
|
|
'Set CHALLONGE_CLIENT_ID and CHALLONGE_CLIENT_SECRET environment variables'
|
|
});
|
|
}
|
|
|
|
const { code } = req.body;
|
|
|
|
if (!code) {
|
|
logger.warn('OAuth token request missing authorization code');
|
|
return res.status(400).json({ error: 'Missing authorization code' });
|
|
}
|
|
|
|
try {
|
|
logger.debug('Exchanging authorization code for access token');
|
|
const response = await fetch('https://api.challonge.com/oauth/token', {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded'
|
|
},
|
|
body: new URLSearchParams({
|
|
grant_type: 'authorization_code',
|
|
client_id: config.challonge.clientId,
|
|
client_secret: config.challonge.clientSecret,
|
|
code: code,
|
|
redirect_uri: config.challonge.redirectUri
|
|
})
|
|
});
|
|
|
|
const data = await response.json();
|
|
|
|
if (!response.ok) {
|
|
logger.error('Token exchange failed', { status: response.status, data });
|
|
return res.status(response.status).json(data);
|
|
}
|
|
|
|
logger.info('Token exchange successful');
|
|
res.json(data);
|
|
} catch (error) {
|
|
logger.error('Token exchange error', { error: error.message });
|
|
res.status(500).json({
|
|
error: 'Token exchange failed',
|
|
message: error.message
|
|
});
|
|
}
|
|
});
|
|
|
|
/**
|
|
* Refresh access token
|
|
* POST /oauth/refresh
|
|
*/
|
|
app.post('/oauth/refresh', async (req, res) => {
|
|
if (!hasChallongeAuth) {
|
|
return res.status(503).json({
|
|
error: 'Challonge OAuth not configured',
|
|
message:
|
|
'Set CHALLONGE_CLIENT_ID and CHALLONGE_CLIENT_SECRET environment variables'
|
|
});
|
|
}
|
|
|
|
const { refresh_token } = req.body;
|
|
|
|
if (!refresh_token) {
|
|
return res.status(400).json({ error: 'Missing refresh token' });
|
|
}
|
|
|
|
try {
|
|
const response = await fetch('https://api.challonge.com/oauth/token', {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded'
|
|
},
|
|
body: new URLSearchParams({
|
|
grant_type: 'refresh_token',
|
|
client_id: CLIENT_ID,
|
|
client_secret: CLIENT_SECRET,
|
|
refresh_token: refresh_token
|
|
})
|
|
});
|
|
|
|
const data = await response.json();
|
|
|
|
if (!response.ok) {
|
|
console.error('Token refresh failed:', data);
|
|
return res.status(response.status).json(data);
|
|
}
|
|
|
|
console.log('✅ Token refresh successful');
|
|
res.json(data);
|
|
} catch (error) {
|
|
console.error('Token refresh error:', error);
|
|
res.status(500).json({
|
|
error: 'Token refresh failed',
|
|
message: error.message
|
|
});
|
|
}
|
|
});
|
|
|
|
/**
|
|
* Health check endpoint
|
|
* GET /health
|
|
*/
|
|
app.get('/health', (req, res) => {
|
|
res.json({
|
|
status: 'ok',
|
|
service: 'oauth-proxy',
|
|
configured: !!(CLIENT_ID && CLIENT_SECRET)
|
|
});
|
|
});
|
|
|
|
app.listen(PORT, () => {
|
|
console.log(`🔐 OAuth Proxy Server running on http://localhost:${PORT}`);
|
|
console.log(`📝 Client ID: ${CLIENT_ID}`);
|
|
console.log(`🔗 Redirect URI: ${REDIRECT_URI}`);
|
|
console.log('\n✅ Ready to handle OAuth requests');
|
|
});
|