Skip to content

Commit b4927bc

Browse files
ntanis-devntanis-dev
committed
proxy mode in connector for easier debugging & oauth state validation
1 parent 491cc64 commit b4927bc

1 file changed

Lines changed: 22 additions & 3 deletions

File tree

src/library/connector.js

Lines changed: 22 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -5,9 +5,22 @@ import constants from './constants'
55
import logger from './logger'
66

77
import {
8-
fetch
8+
fetch,
9+
ProxyAgent
910
} from 'undici'
1011

12+
import {
13+
v4
14+
} from 'uuid'
15+
16+
const proxyAgent = false ? new ProxyAgent({
17+
uri: 'http://127.0.0.1:8000',
18+
19+
requestTls: {
20+
rejectUnauthorized: false
21+
}
22+
}) : undefined
23+
1124
class Connector extends EventEmitter {
1225
#accessToken = null
1326
#refreshToken = null
@@ -19,6 +32,7 @@ class Connector extends EventEmitter {
1932
#setup = false
2033
#faked = false
2134
#error = false
35+
#state = null
2236

2337
#setSetup(state) {
2438
this.#setup = state
@@ -28,6 +42,7 @@ class Connector extends EventEmitter {
2842
async #refreshAccessToken() {
2943
const response = await fetch('https://accounts.spotify.com/api/token', {
3044
method: 'POST',
45+
dispatcher: proxyAgent,
3146

3247
body: new URLSearchParams({
3348
refresh_token: this.#refreshToken,
@@ -54,6 +69,7 @@ class Connector extends EventEmitter {
5469

5570
let response = await fetch(`https://api.spotify.com/v1/${path}`, {
5671
...options,
72+
dispatcher: proxyAgent,
5773

5874
headers: {
5975
...options.headers,
@@ -66,6 +82,7 @@ class Connector extends EventEmitter {
6682

6783
response = await fetch(`https://api.spotify.com/v1/${path}`, {
6884
...options,
85+
dispatcher: proxyAgent,
6986

7087
headers: {
7188
...options.headers,
@@ -126,10 +143,11 @@ class Connector extends EventEmitter {
126143
root: './bin/setup'
127144
})
128145
}
129-
else if (req.query.code && (!this.#setup) && this.#clientId && this.#clientSecret)
146+
else if (req.query.code && req.query.state === this.#state && (!this.#setup) && this.#clientId && this.#clientSecret)
130147
try {
131148
const response = await fetch('https://accounts.spotify.com/api/token', {
132149
method: 'POST',
150+
dispatcher: proxyAgent,
133151

134152
body: new URLSearchParams({
135153
code: req.query.code,
@@ -187,7 +205,8 @@ class Connector extends EventEmitter {
187205
} else {
188206
this.#clientId = req.body.clientId
189207
this.#clientSecret = req.body.clientSecret
190-
res.redirect(`https://accounts.spotify.com/authorize?response_type=code&client_id=${this.#clientId}&scope=${encodeURIComponent(constants.CONNECTOR_DEFAULT_SCOPES.join(' '))}&redirect_uri=${encodeURIComponent(`http://127.0.0.1:${this.#port}`)}`);
208+
this.#state = v4()
209+
res.redirect(`https://accounts.spotify.com/authorize?response_type=code&client_id=${this.#clientId}&scope=${encodeURIComponent(constants.CONNECTOR_DEFAULT_SCOPES.join(' '))}&redirect_uri=${encodeURIComponent(`http://127.0.0.1:${this.#port}`)}&state=${this.#state}`);
191210
}
192211
})
193212

0 commit comments

Comments
 (0)