From df3597872283a93907797b1cddcf6cca0a52707d Mon Sep 17 00:00:00 2001 From: uku Date: Tue, 4 Feb 2025 14:33:52 +0100 Subject: [PATCH] feat(deps): update to arctic 3 --- bun.lock | 4 ++-- package.json | 2 +- src/lib/auth/index.ts | 1 + src/routes/login/+server.ts | 10 +++++++--- src/routes/login/callback/+server.ts | 2 +- 5 files changed, 12 insertions(+), 7 deletions(-) diff --git a/bun.lock b/bun.lock index 18b5957..08e0697 100644 --- a/bun.lock +++ b/bun.lock @@ -7,7 +7,7 @@ "@fontsource-variable/inter": "^5.1.1", "@oslojs/crypto": "^1.0.1", "@oslojs/encoding": "^1.1.0", - "arctic": "^2.3.4", + "arctic": "^3.2.2", "destr": "^2.0.3", "leaflet": "^1.9.4", "leaflet-defaulticon-compatibility": "^0.1.2", @@ -248,7 +248,7 @@ "ansi-styles": ["ansi-styles@4.3.0", "", { "dependencies": { "color-convert": "^2.0.1" } }, "sha512-zbB9rCJAT1rbjiVDb2hqKFHNYLxgtk8NURxZ3IZwD3F6NtxbXZQCnnSi1Lkx+IDohdPlFp222wVALIheZJQSEg=="], - "arctic": ["arctic@2.3.4", "", { "dependencies": { "@oslojs/crypto": "1.0.1", "@oslojs/encoding": "1.1.0", "@oslojs/jwt": "0.2.0" } }, "sha512-+p30BOWsctZp+CVYCt7oAean/hWGW42sH5LAcRQX56ttEkFJWbzXBhmSpibbzwSJkRrotmsA+oAoJoVsU0f5xA=="], + "arctic": ["arctic@3.2.2", "", { "dependencies": { "@oslojs/crypto": "1.0.1", "@oslojs/encoding": "1.1.0", "@oslojs/jwt": "0.2.0" } }, "sha512-wypdE8NnUOMbxsKtKGn57pEtt47EBvwVOFutGVmOPEHfg4nizOfVwl+yWpp7cUCkZJptuHh7hJixsrUhMOpusw=="], "argparse": ["argparse@2.0.1", "", {}, "sha512-8+9WqebbFzpX9OR+Wa6O29asIogeRMzcGtAINdpMHHyAg10f05aSFVBbcEqGf/PXw1EjAZ+q2/bEBg3DvurK3Q=="], diff --git a/package.json b/package.json index 3a855ea..a43173a 100644 --- a/package.json +++ b/package.json @@ -15,7 +15,7 @@ "@fontsource-variable/inter": "^5.1.1", "@oslojs/crypto": "^1.0.1", "@oslojs/encoding": "^1.1.0", - "arctic": "^2.3.4", + "arctic": "^3.2.2", "destr": "^2.0.3", "leaflet": "^1.9.4", "leaflet-defaulticon-compatibility": "^0.1.2" diff --git a/src/lib/auth/index.ts b/src/lib/auth/index.ts index 654eb66..9c9ec77 100644 --- a/src/lib/auth/index.ts +++ b/src/lib/auth/index.ts @@ -16,5 +16,6 @@ export interface User { export interface CookieData { state: string; + codeVerifier: string; next: string; } diff --git a/src/routes/login/+server.ts b/src/routes/login/+server.ts index 12361bf..ce250b9 100644 --- a/src/routes/login/+server.ts +++ b/src/routes/login/+server.ts @@ -1,14 +1,18 @@ import { redirect } from "@sveltejs/kit"; -import { generateState } from "arctic"; +import { generateCodeVerifier, generateState } from "arctic"; import { discord } from "$lib/auth/discord"; import type { RequestHandler } from "./$types"; import type { CookieData } from "$lib/auth"; export const GET: RequestHandler = async ({ cookies, url }) => { - const cookie: CookieData = { state: generateState(), next: url.searchParams.get("next") ?? "/" }; + const cookie: CookieData = { + state: generateState(), + codeVerifier: generateCodeVerifier(), + next: url.searchParams.get("next") ?? "/", + }; const scopes = ["identify"]; - const authUrl = discord.createAuthorizationURL(cookie.state, scopes); + const authUrl = discord.createAuthorizationURL(cookie.state, cookie.codeVerifier, scopes); cookies.set("discord_oauth_state", JSON.stringify(cookie), { path: "/", diff --git a/src/routes/login/callback/+server.ts b/src/routes/login/callback/+server.ts index ceb1a81..9fb6838 100644 --- a/src/routes/login/callback/+server.ts +++ b/src/routes/login/callback/+server.ts @@ -25,7 +25,7 @@ export const GET: RequestHandler = async ({ platform, url, cookies, fetch }) => let tokens: OAuth2Tokens; try { - tokens = await discord.validateAuthorizationCode(code); + tokens = await discord.validateAuthorizationCode(code, cookie.codeVerifier); } catch (e) { if (e instanceof OAuth2RequestError) { error(400, e.message);