From dad1529b69dd6ea063d851e690522f0dfc069f14 Mon Sep 17 00:00:00 2001 From: Siddharth Tiwari Date: Fri, 6 Oct 2023 17:52:33 +0530 Subject: [PATCH] fix: added all auth url in oathkeeper (#3299) * fix: added all auth url in ory * fix: bats-test * fix: response type in auth, consistent response 'res.send' --------- Co-authored-by: Siddharth --- core/api/dev/ory/oathkeeper_rules.yaml | 2 +- core/api/src/servers/authorization/index.ts | 20 ++++++++++---------- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/core/api/dev/ory/oathkeeper_rules.yaml b/core/api/dev/ory/oathkeeper_rules.yaml index 3012828088..70c318656f 100644 --- a/core/api/dev/ory/oathkeeper_rules.yaml +++ b/core/api/dev/ory/oathkeeper_rules.yaml @@ -2,7 +2,7 @@ upstream: url: "http://bats-tests:4012" match: - url: "<(http|https)>://<[a-zA-Z0-9-.:]+>/auth/<(clearCookies|login|logout|email/code|email/login|totp/validate|email/login/cookie)>" + url: "<(http|https)>://<[a-zA-Z0-9-.:]+>/auth/<(clearCookies|login|logout|email/code|email/login|totp/validate|email/login/cookie|phone/captcha|phone/code|phone/login)>" methods: ["GET", "POST", "OPTIONS"] authenticators: - handler: anonymous diff --git a/core/api/src/servers/authorization/index.ts b/core/api/src/servers/authorization/index.ts index 12167467c9..b1336e536d 100644 --- a/core/api/src/servers/authorization/index.ts +++ b/core/api/src/servers/authorization/index.ts @@ -424,23 +424,24 @@ authRouter.post("/email/login/cookie", async (req: Request, res: Response) => { authRouter.post("/phone/captcha", async (req: Request, res: Response) => { const result = await registerCaptchaGeetest() - if (result instanceof Error) return res.json({ error: "error creating challenge" }) + if (result instanceof Error) { + return res.status(500).send({ error: "error creating challenge" }) + } const { success, gt, challenge, newCaptcha } = result - return { + return res.send({ result: { id: gt, challengeCode: challenge, newCaptcha, failbackMode: success === 0, }, - } + }) }) authRouter.post("/phone/code", async (req: Request, res: Response) => { const ip = req.originalIp - const phoneRaw = req.body.phone const challengeCodeRaw = req.body.challengeCode const validationCodeRaw = req.body.validationCode @@ -451,7 +452,7 @@ authRouter.post("/phone/code", async (req: Request, res: Response) => { return res.status(400).send({ error: "missing inputs" }) const phone = checkedToPhoneNumber(phoneRaw) - if (phone instanceof Error) return res.status(400).send("invalid phone") + if (phone instanceof Error) return res.status(400).send({ error: "invalid phone" }) const geetestChallenge = challengeCodeRaw const geetestValidate = validationCodeRaw @@ -466,25 +467,24 @@ authRouter.post("/phone/code", async (req: Request, res: Response) => { channel, }) - if (result instanceof Error) return res.status(400).json({ error: result }) + if (result instanceof Error) return res.status(400).send({ error: result }) - return res.json({ + return res.send({ success: true, }) }) authRouter.post("/phone/login", async (req: Request, res: Response) => { const ip = req.originalIp - const codeRaw = req.body.code const phoneRaw = req.body.phone if (!codeRaw || !phoneRaw) { return res.status(400).send({ error: "missing inputs" }) } const code = validOneTimeAuthCodeValue(codeRaw) - if (code instanceof Error) return res.status(400).send("invalid code") + if (code instanceof Error) return res.status(400).send({ error: "invalid code" }) const phone = checkedToPhoneNumber(phoneRaw) - if (phone instanceof Error) return res.status(400).send("invalid phone") + if (phone instanceof Error) return res.status(400).send({ error: "invalid phone" }) const loginResp = await Authentication.loginWithPhoneToken({ phone,