Skip to content

OAuthProvider

This file defines the OAuthProvider class, which handles Discord OAuth2 authentication and API requests for the @sodacore/core Discord integration. It provides methods for initiating authorization, accepting OAuth callbacks, refreshing tokens, retrieving user information, and making custom API requests.


Features

  • OAuth2 Authorization: Initiates and handles the Discord OAuth2 authorization flow.
  • Token Management: Handles token exchange, refresh, and storage.
  • User Info Retrieval: Fetches authenticated user information from Discord.
  • Custom API Requests: Allows authenticated requests to any Discord API endpoint.
  • Error Handling & Logging: Logs errors and authorization issues using the injected logger.
  • Dependency Injection: Uses @Provide and @Inject decorators for DI integration.

Usage

typescript
import OAuthProvider from './provider/oauth';

const oauth = new OAuthProvider();

// Redirect user to Discord for authorization
const redirectResponse = oauth.doAuthorisation('/callback', 'optional-state');

// Handle OAuth callback
const tokenResult = await oauth.doAccept(queryParams, '/callback', 'optional-state');

// Refresh an access token
const refreshed = await oauth.refreshToken('refresh_token_here');

// Get user info
const user = await oauth.getUser('access_token_here');

// Make a custom API request
const data = await oauth.getCustom('guilds', 'access_token_here');

API

Methods

async onInit(): Promise<void>

Checks if all required OAuth configuration is present and enables SSO if so.

doAuthorisation(redirectUrl: string, state?: string): Response

Redirects the user to the Discord OAuth2 authorization URL.

async doAccept(query: URLSearchParams, redirectUrl: string, state?: string): Promise<ITokenResult | false>

Handles the OAuth2 callback, exchanges the code for tokens, and returns the token result or false on error.

async refreshToken(refreshToken: string): Promise<ITokenResult | null>

Refreshes the access token using a refresh token.

async getUser<T = Record<string, any>>(accessToken: string): Promise<T | null>

Fetches the authenticated user's information from Discord.

async getCustom(apiPath: string, accessToken: string): Promise<any>

Makes an authenticated request to a custom Discord API endpoint.


Private Methods

canUseSso(): boolean

Returns true if SSO is properly configured and enabled.

getUrl(redirectUri: string, state?: string): string

Builds the Discord OAuth2 authorization URL with the given redirect URI and optional state.


How It Works

  1. Initialization: Checks for required OAuth configuration and enables SSO if valid.
  2. Authorization: Redirects users to Discord's OAuth2 endpoint for authentication.
  3. Token Exchange: Handles the callback, validates state, exchanges the code for tokens, and logs errors if any.
  4. Token Refresh: Allows refreshing of access tokens using a refresh token.
  5. User & API Access: Provides methods to fetch user info and make custom API requests using the access token.

Notes

  • Requires Discord OAuth2 credentials (clientId, clientSecret, baseUrl, scopes) to be set in the config.
  • All errors and authorization issues are logged using the injected logger.
  • Designed to be used as a provider within the Sodacore dependency injection system.

Released under the Apache-2.0 License.