OAuthProvider
This file defines the OAuthProvider
class, which handles Discord OAuth2 authentication and API requests for the @sodacore/core
Discord integration. It provides methods for initiating authorization, accepting OAuth callbacks, refreshing tokens, retrieving user information, and making custom API requests.
Features
- OAuth2 Authorization: Initiates and handles the Discord OAuth2 authorization flow.
- Token Management: Handles token exchange, refresh, and storage.
- User Info Retrieval: Fetches authenticated user information from Discord.
- Custom API Requests: Allows authenticated requests to any Discord API endpoint.
- Error Handling & Logging: Logs errors and authorization issues using the injected logger.
- Dependency Injection: Uses
@Provide
and@Inject
decorators for DI integration.
Usage
import OAuthProvider from './provider/oauth';
const oauth = new OAuthProvider();
// Redirect user to Discord for authorization
const redirectResponse = oauth.doAuthorisation('/callback', 'optional-state');
// Handle OAuth callback
const tokenResult = await oauth.doAccept(queryParams, '/callback', 'optional-state');
// Refresh an access token
const refreshed = await oauth.refreshToken('refresh_token_here');
// Get user info
const user = await oauth.getUser('access_token_here');
// Make a custom API request
const data = await oauth.getCustom('guilds', 'access_token_here');
API
Methods
async onInit(): Promise<void>
Checks if all required OAuth configuration is present and enables SSO if so.
doAuthorisation(redirectUrl: string, state?: string): Response
Redirects the user to the Discord OAuth2 authorization URL.
async doAccept(query: URLSearchParams, redirectUrl: string, state?: string): Promise<ITokenResult | false>
Handles the OAuth2 callback, exchanges the code for tokens, and returns the token result or false
on error.
async refreshToken(refreshToken: string): Promise<ITokenResult | null>
Refreshes the access token using a refresh token.
async getUser<T = Record<string, any>>(accessToken: string): Promise<T | null>
Fetches the authenticated user's information from Discord.
async getCustom(apiPath: string, accessToken: string): Promise<any>
Makes an authenticated request to a custom Discord API endpoint.
Private Methods
canUseSso(): boolean
Returns true
if SSO is properly configured and enabled.
getUrl(redirectUri: string, state?: string): string
Builds the Discord OAuth2 authorization URL with the given redirect URI and optional state.
How It Works
- Initialization: Checks for required OAuth configuration and enables SSO if valid.
- Authorization: Redirects users to Discord's OAuth2 endpoint for authentication.
- Token Exchange: Handles the callback, validates state, exchanges the code for tokens, and logs errors if any.
- Token Refresh: Allows refreshing of access tokens using a refresh token.
- User & API Access: Provides methods to fetch user info and make custom API requests using the access token.
Notes
- Requires Discord OAuth2 credentials (
clientId
,clientSecret
,baseUrl
,scopes
) to be set in the config. - All errors and authorization issues are logged using the injected logger.
- Designed to be used as a provider within the Sodacore dependency injection system.