diff --git a/crates/core/database/src/models/users/rocket.rs b/crates/core/database/src/models/users/rocket.rs index 32f5b61f..7ea83614 100644 --- a/crates/core/database/src/models/users/rocket.rs +++ b/crates/core/database/src/models/users/rocket.rs @@ -43,6 +43,7 @@ impl<'r> FromRequest<'r> for User { ) .ok()?; + // access the scope required for the route stored in the request local cache set via `OAuth2Scoped` let required_scope: v0::OAuth2Scope = request.local_cache(|| None::) .as_ref() .copied()? diff --git a/crates/core/database/src/util/oauth2/rocket.rs b/crates/core/database/src/util/oauth2/rocket.rs index 3f952389..ecee5719 100644 --- a/crates/core/database/src/util/oauth2/rocket.rs +++ b/crates/core/database/src/util/oauth2/rocket.rs @@ -46,7 +46,7 @@ impl<'r, Scope: OAuth2Scope> OpenApiFromRequest<'r> for OAuth2Scoped { } }, revolt_okapi::map! { - "OAuth2".to_owned() => vec![Scope::NAME.to_owned()] + "OAuth2".to_owned() => vec![Scope::MODEL.to_string()] }, )) } diff --git a/crates/core/database/src/util/oauth2/scopes.rs b/crates/core/database/src/util/oauth2/scopes.rs index 1d93b247..36f9d36e 100644 --- a/crates/core/database/src/util/oauth2/scopes.rs +++ b/crates/core/database/src/util/oauth2/scopes.rs @@ -5,23 +5,25 @@ pub struct OAuth2Scoped { } pub trait OAuth2Scope { - const NAME: &'static str; const SCOPE: crate::OAuth2Scope; + const MODEL: revolt_models::v0::OAuth2Scope; } macro_rules! define_oauth2_scope { - ($struct_name:ident, $name:literal) => { + ($struct_name:ident) => { pub struct $struct_name; impl OAuth2Scope for $struct_name { - const NAME: &'static str = $name; const SCOPE: crate::OAuth2Scope = crate::OAuth2Scope::$struct_name; + const MODEL: revolt_models::v0::OAuth2Scope = revolt_models::v0::OAuth2Scope::$struct_name; } }; } -define_oauth2_scope!(ReadIdentify, "read:identify"); -define_oauth2_scope!(ReadServers, "read:servers"); -define_oauth2_scope!(WriteFiles, "write:files"); -define_oauth2_scope!(Events, "events"); -define_oauth2_scope!(Full, "full"); +// This must match the OAuth2Scope enum +// TODO: automatically sync this +define_oauth2_scope!(ReadIdentify); +define_oauth2_scope!(ReadServers); +define_oauth2_scope!(WriteFiles); +define_oauth2_scope!(Events); +define_oauth2_scope!(Full); diff --git a/crates/delta/src/routes/oauth2/token.rs b/crates/delta/src/routes/oauth2/token.rs index 0db01be2..c2349116 100644 --- a/crates/delta/src/routes/oauth2/token.rs +++ b/crates/delta/src/routes/oauth2/token.rs @@ -106,11 +106,8 @@ pub async fn token( let authorized_bot_id = AuthorizedBotId { bot: claims.client_id.clone(), user: claims.sub.clone() }; let auth_bot = db.fetch_authorized_bot(&authorized_bot_id).await; - println!("{auth_bot:?}"); if auth_bot.is_err_and(|err| err.error_type == ErrorType::NotFound) { - println!("inserting"); - db.insert_authorized_bot(&AuthorizedBot { id: authorized_bot_id, created_at: Timestamp::now_utc(),