fix: token endpoint not responding with proper data

boklisten · Jan 29, 2025 · a86b0c9 · a86b0c9
1 parent 2a27dc1
commit a86b0c9
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 54 deletions.
diff --git a/backend/app/controllers/auth/tokens_controller.ts b/backend/app/controllers/auth/tokens_controller.ts
@@ -3,46 +3,38 @@ import { HttpContext } from "@adonisjs/core/http";
 import RefreshTokenValidator from "#services/auth/token/refresh/refresh-token.validator";
 import TokenHandler from "#services/auth/token/token.handler";
 import BlResponseHandler from "#services/response/bl-response.handler";
-import { RefreshToken } from "#services/types/refresh-token";
 import { BlError } from "#shared/bl-error/bl-error";
 import { BlapiResponse } from "#shared/blapi-response/blapi-response";
 import { tokenValidator } from "#validators/token";
 
 export default class TokensController {
   async token(ctx: HttpContext) {
     const { refreshToken } = await ctx.request.validateUsing(tokenValidator);
-    RefreshTokenValidator.validate(refreshToken).then(
-      // @ts-expect-error fixme: auto ignored
-      (validatedRefreshToken: RefreshToken) => {
-        TokenHandler.createTokens(validatedRefreshToken.username).then(
-          (jwTokens: { accessToken: string; refreshToken: string }) => {
-            BlResponseHandler.sendResponse(
-              ctx,
-              new BlapiResponse([
-                { accessToken: jwTokens.accessToken },
-                { refreshToken: jwTokens.refreshToken },
-              ]),
-            );
-          },
-          (createTokenError: BlError) => {
-            BlResponseHandler.sendErrorResponse(
-              ctx,
-              new BlError("could not create tokens")
-                .store("oldRefreshToken", refreshToken)
-                .code(906)
-                .add(createTokenError),
-            );
-          },
+    const validatedRefreshToken =
+      await RefreshTokenValidator.validate(refreshToken);
+    try {
+      try {
+        const jwTokens = await TokenHandler.createTokens(
+          validatedRefreshToken["username"],
         );
-      },
-      (refreshTokenValidationError: BlError) => {
-        BlResponseHandler.sendErrorResponse(
+        return new BlapiResponse([
+          { accessToken: jwTokens.accessToken },
+          { refreshToken: jwTokens.refreshToken },
+        ]);
+      } catch (error) {
+        return BlResponseHandler.createErrorResponse(
           ctx,
-          new BlError("refreshToken not valid")
-            .code(909)
-            .add(refreshTokenValidationError),
+          new BlError("could not create tokens")
+            .store("oldRefreshToken", refreshToken)
+            .code(906)
+            .add(error as BlError),
         );
-      },
-    );
+      }
+    } catch (error) {
+      return BlResponseHandler.createErrorResponse(
+        ctx,
+        new BlError("refreshToken not valid").code(909).add(error as BlError),
+      );
+    }
   }
 }
diff --git a/backend/app/services/auth/token/refresh/refresh-token.validator.ts b/backend/app/services/auth/token/refresh/refresh-token.validator.ts
@@ -1,9 +1,9 @@
-import jwt from "jsonwebtoken";
+import jwt, { JwtPayload } from "jsonwebtoken";
 
 import { BlError } from "#shared/bl-error/bl-error";
 import env from "#start/env";
 
-function validate(refreshToken: string) {
+function validate(refreshToken: string): Promise<JwtPayload> {
   return new Promise((resolve, reject) => {
     try {
       jwt.verify(
@@ -12,7 +12,7 @@ function validate(refreshToken: string) {
         (error, payload) => {
           if (error)
             return reject(new BlError("could not validate token").code(909));
-          resolve(payload);
+          resolve(payload as JwtPayload);
         },
       );
     } catch (error) {

diff --git a/backend/app/services/response/bl-response.handler.ts b/backend/app/services/response/bl-response.handler.ts
@@ -4,46 +4,35 @@ import * as Sentry from "@sentry/node";
 import BlErrorHandler from "#services/bl-error/bl-error.handler";
 import { BlapiErrorResponse } from "#shared/blapi-response/blapi-error-response";
 import { BlapiResponse } from "#shared/blapi-response/blapi-response";
-import env from "#start/env";
 
 function sendResponse(ctx: HttpContext, blapiRes: BlapiResponse) {
   ctx.response.status(200);
   ctx.response.send(blapiRes);
 }
-
-function sendAuthTokens(
-  ctx: HttpContext,
-  accessToken: string,
-  refreshToken: string,
-  referer?: string,
-) {
-  const redirectUrl = `${
-    referer ?? env.get("CLIENT_URI")
-  }auth/token?access_token=${accessToken}&refresh_token=${refreshToken}`;
-  ctx.response.redirect(redirectUrl);
-}
-
-function sendErrorResponse(ctx: HttpContext, blError: unknown) {
+function createErrorResponse(ctx: HttpContext, blError: unknown) {
   const blapiErrorRes: BlapiErrorResponse =
     BlErrorHandler.createBlapiErrorResponse(blError);
 
   ctx.response.status(blapiErrorRes.httpStatus);
   if (blapiErrorRes.httpStatus === 200) {
-    sendResponse(ctx, new BlapiResponse(blapiErrorRes.data));
-    return;
+    return new BlapiResponse(blapiErrorRes.data);
   }
 
-  ctx.response.send(blapiErrorRes);
-
   // Send unknown errors to Sentry
   if (blapiErrorRes.httpStatus === 500) {
     Sentry.captureException(blError);
   }
+
+  return blapiErrorRes;
+}
+
+function sendErrorResponse(ctx: HttpContext, blError: unknown) {
+  ctx.response.send(createErrorResponse(ctx, blError));
 }
 
 const BlResponseHandler = {
   sendResponse,
-  sendAuthTokens,
   sendErrorResponse,
+  createErrorResponse,
 };
 export default BlResponseHandler;