From 4a5239e5aa2ae4467da130fbb6bf44e178fed3a0 Mon Sep 17 00:00:00 2001 From: simonredfern Date: Tue, 2 Dec 2025 01:11:17 +0100 Subject: [PATCH] OAuth2 tweaks --- server/controllers/RequestController.ts | 9 +++++++++ server/controllers/UserController.ts | 2 ++ server/middlewares/OAuth2CallbackMiddleware.ts | 15 +++++++++++++++ 3 files changed, 26 insertions(+) diff --git a/server/controllers/RequestController.ts b/server/controllers/RequestController.ts index fadc61e..1802460 100644 --- a/server/controllers/RequestController.ts +++ b/server/controllers/RequestController.ts @@ -45,8 +45,17 @@ export class OBPController { const path = request.query.path const oauthConfig = session['clientConfig'] + // Debug logging + console.log('RequestController.get - Path:', path) + console.log('RequestController.get - Has session:', !!session) + console.log('RequestController.get - Has clientConfig:', !!oauthConfig) + console.log('RequestController.get - Has oauth2:', !!oauthConfig?.oauth2) + console.log('RequestController.get - Has accessToken:', !!oauthConfig?.oauth2?.accessToken) + console.log('RequestController.get - Session keys:', Object.keys(session || {})) + // Check if user is authenticated if (!oauthConfig || !oauthConfig.oauth2?.accessToken) { + console.log('RequestController.get - User not authenticated') return response.status(401).json({ code: 401, message: 'OBP-20001: User not logged in. Authentication is required!' diff --git a/server/controllers/UserController.ts b/server/controllers/UserController.ts index 120bed0..80c26fb 100644 --- a/server/controllers/UserController.ts +++ b/server/controllers/UserController.ts @@ -61,6 +61,8 @@ export class UserController { delete session['oauth2_token_timestamp'] delete session['oauth2_user_info'] delete session['oauth2_user'] + delete session['clientConfig'] + delete session['opeyConfig'] // Destroy the session completely session.destroy((err: any) => { diff --git a/server/middlewares/OAuth2CallbackMiddleware.ts b/server/middlewares/OAuth2CallbackMiddleware.ts index 3c878ef..e71f69b 100644 --- a/server/middlewares/OAuth2CallbackMiddleware.ts +++ b/server/middlewares/OAuth2CallbackMiddleware.ts @@ -263,6 +263,21 @@ export default class OAuth2CallbackMiddleware implements ExpressMiddlewareInterf console.log('OAuth2CallbackMiddleware: Fetching user info') const userInfo = await this.oauth2Service.getUserInfo(tokens.accessToken) + // Debug: Decode access token to see what user ID OBP-API will see + try { + const accessTokenDecoded: any = jwt.decode(tokens.accessToken) + console.log('\n\n========================================') + console.log('🔍 ACCESS TOKEN DECODED - THIS IS WHAT OBP-API SEES') + console.log('========================================') + console.log(' sub (user ID):', accessTokenDecoded?.sub) + console.log(' email:', accessTokenDecoded?.email) + console.log(' preferred_username:', accessTokenDecoded?.preferred_username) + console.log(' Full payload:', JSON.stringify(accessTokenDecoded, null, 2)) + console.log('========================================\n\n') + } catch (error) { + console.warn('OAuth2CallbackMiddleware: Failed to decode access token:', error) + } + // Store tokens in session session['oauth2_access_token'] = tokens.accessToken session['oauth2_refresh_token'] = tokens.refreshToken || null