182 lines
5.0 KiB
JavaScript
182 lines
5.0 KiB
JavaScript
/**
|
|
* OAuth Proxy Server for Challonge API
|
|
*
|
|
* This server handles OAuth token exchange and refresh for the Challonge API.
|
|
* It keeps client_secret secure by running on the backend.
|
|
*
|
|
* Usage:
|
|
* Development: node server/oauth-proxy.js
|
|
* Production: Deploy with Docker (see docker-compose.production.yml)
|
|
*/
|
|
|
|
import 'dotenv/config';
|
|
import express from 'express';
|
|
import cors from 'cors';
|
|
import fetch from 'node-fetch';
|
|
import gamemasterRouter from './gamemaster-api.js';
|
|
import { validateOrExit, getConfig } from './utils/env-validator.js';
|
|
import logger, { requestLogger, errorLogger } from './utils/logger.js';
|
|
import {
|
|
setupGracefulShutdown,
|
|
createHealthCheckMiddleware
|
|
} from './utils/graceful-shutdown.js';
|
|
|
|
// Validate environment variables
|
|
validateOrExit();
|
|
|
|
// Get validated configuration
|
|
const config = getConfig();
|
|
|
|
const app = express();
|
|
|
|
// Middleware
|
|
app.use(cors({ origin: config.cors.origin }));
|
|
app.use(express.json());
|
|
app.use(requestLogger);
|
|
|
|
// Mount API routes
|
|
app.use('/api/gamemaster', gamemasterRouter);
|
|
|
|
/**
|
|
* Exchange authorization code for access token
|
|
* POST /oauth/token
|
|
*/
|
|
app.post('/oauth/token', async (req, res) => {
|
|
if (!config.challonge.configured) {
|
|
logger.warn('OAuth token request received but Challonge not configured');
|
|
return res.status(503).json({
|
|
error: 'Challonge OAuth not configured',
|
|
message:
|
|
'Set CHALLONGE_CLIENT_ID and CHALLONGE_CLIENT_SECRET environment variables'
|
|
});
|
|
}
|
|
|
|
const { code } = req.body;
|
|
|
|
if (!code) {
|
|
logger.warn('OAuth token request missing authorization code');
|
|
return res.status(400).json({ error: 'Missing authorization code' });
|
|
}
|
|
|
|
try {
|
|
logger.debug('Exchanging authorization code for access token');
|
|
const response = await fetch('https://api.challonge.com/oauth/token', {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded'
|
|
},
|
|
body: new URLSearchParams({
|
|
grant_type: 'authorization_code',
|
|
client_id: config.challonge.clientId,
|
|
client_secret: config.challonge.clientSecret,
|
|
code: code,
|
|
redirect_uri: config.challonge.redirectUri
|
|
})
|
|
});
|
|
|
|
const data = await response.json();
|
|
|
|
if (!response.ok) {
|
|
logger.error('Token exchange failed', { status: response.status, data });
|
|
return res.status(response.status).json(data);
|
|
}
|
|
|
|
logger.info('Token exchange successful');
|
|
res.json(data);
|
|
} catch (error) {
|
|
logger.error('Token exchange error', { error: error.message });
|
|
res.status(500).json({
|
|
error: 'Token exchange failed',
|
|
message: error.message
|
|
});
|
|
}
|
|
});
|
|
|
|
/**
|
|
* Refresh access token
|
|
* POST /oauth/refresh
|
|
*/
|
|
app.post('/oauth/refresh', async (req, res) => {
|
|
if (!config.challonge.configured) {
|
|
logger.warn('OAuth refresh request received but Challonge not configured');
|
|
return res.status(503).json({
|
|
error: 'Challonge OAuth not configured',
|
|
message:
|
|
'Set CHALLONGE_CLIENT_ID and CHALLONGE_CLIENT_SECRET environment variables'
|
|
});
|
|
}
|
|
|
|
const { refresh_token } = req.body;
|
|
|
|
if (!refresh_token) {
|
|
logger.warn('OAuth refresh request missing refresh token');
|
|
return res.status(400).json({ error: 'Missing refresh token' });
|
|
}
|
|
|
|
try {
|
|
logger.debug('Refreshing access token');
|
|
const response = await fetch('https://api.challonge.com/oauth/token', {
|
|
method: 'POST',
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded'
|
|
},
|
|
body: new URLSearchParams({
|
|
grant_type: 'refresh_token',
|
|
client_id: config.challonge.clientId,
|
|
client_secret: config.challonge.clientSecret,
|
|
refresh_token: refresh_token
|
|
})
|
|
});
|
|
|
|
const data = await response.json();
|
|
|
|
if (!response.ok) {
|
|
logger.error('Token refresh failed', { status: response.status, data });
|
|
return res.status(response.status).json(data);
|
|
}
|
|
|
|
logger.info('Token refresh successful');
|
|
res.json(data);
|
|
} catch (error) {
|
|
logger.error('Token refresh error', { error: error.message });
|
|
res.status(500).json({
|
|
error: 'Token refresh failed',
|
|
message: error.message
|
|
});
|
|
}
|
|
});
|
|
|
|
/**
|
|
* Health check endpoint (with graceful shutdown support)
|
|
* GET /health
|
|
*/
|
|
app.get('/health', createHealthCheckMiddleware());
|
|
|
|
// Error logging middleware (must be after routes)
|
|
app.use(errorLogger);
|
|
|
|
// Start server
|
|
const server = app.listen(config.port, () => {
|
|
logger.info('🔐 OAuth Proxy Server started', {
|
|
port: config.port,
|
|
nodeEnv: config.nodeEnv,
|
|
challongeConfigured: config.challonge.configured
|
|
});
|
|
|
|
if (!config.challonge.configured) {
|
|
logger.warn('⚠️ Challonge OAuth not configured - OAuth endpoints disabled');
|
|
logger.warn(' Set CHALLONGE_CLIENT_ID and CHALLONGE_CLIENT_SECRET to enable');
|
|
}
|
|
|
|
logger.info('✅ Ready to handle requests');
|
|
});
|
|
|
|
// Setup graceful shutdown
|
|
setupGracefulShutdown(server, {
|
|
timeout: 30000,
|
|
onShutdown: async () => {
|
|
logger.info('Running cleanup tasks...');
|
|
// Add any cleanup tasks here (close DB connections, etc.)
|
|
}
|
|
});
|