diff options
| author | Frank <[email protected]> | 2025-08-09 01:28:27 -0400 |
|---|---|---|
| committer | Frank <[email protected]> | 2025-08-09 01:28:27 -0400 |
| commit | 7446f5ad7b4c27ff1fa201bc48a67178ff10e7b7 (patch) | |
| tree | a445ad199a2c80bf54dcf582ebd0a03695035053 /cloud/function/src | |
| parent | 81a3e02474445bc4d22c7857d4c3b1f591c1cb56 (diff) | |
| download | opencode-7446f5ad7b4c27ff1fa201bc48a67178ff10e7b7.tar.gz opencode-7446f5ad7b4c27ff1fa201bc48a67178ff10e7b7.zip | |
wip gateway
Diffstat (limited to 'cloud/function/src')
| -rw-r--r-- | cloud/function/src/auth.ts | 58 |
1 files changed, 57 insertions, 1 deletions
diff --git a/cloud/function/src/auth.ts b/cloud/function/src/auth.ts index 5eacb7a72..fe31651e5 100644 --- a/cloud/function/src/auth.ts +++ b/cloud/function/src/auth.ts @@ -2,7 +2,9 @@ import { Resource } from "sst" import { z } from "zod" import { issuer } from "@openauthjs/openauth" import { createSubjects } from "@openauthjs/openauth/subject" +import { CodeProvider } from "@openauthjs/openauth/provider/code" import { GithubProvider } from "@openauthjs/openauth/provider/github" +import { GoogleOidcProvider } from "@openauthjs/openauth/provider/google" import { CloudflareStorage } from "@openauthjs/openauth/storage/cloudflare" import { Account } from "@opencode/cloud-core/account.js" @@ -30,6 +32,53 @@ export default { clientSecret: Resource.GITHUB_CLIENT_SECRET_CONSOLE.value, scopes: ["read:user", "user:email"], }), + google: GoogleOidcProvider({ + clientID: Resource.GOOGLE_CLIENT_ID.value, + scopes: ["openid", "email"], + }), + // email: CodeProvider({ + // async request(req, state, form, error) { + // console.log(state) + // const params = new URLSearchParams() + // if (error) { + // params.set("error", error.type) + // } + // if (state.type === "start") { + // return Response.redirect(process.env.AUTH_FRONTEND_URL + "/auth/email?" + params.toString(), 302) + // } + // + // if (state.type === "code") { + // return Response.redirect(process.env.AUTH_FRONTEND_URL + "/auth/code?" + params.toString(), 302) + // } + // + // return new Response("ok") + // }, + // async sendCode(claims, code) { + // const email = z.string().email().parse(claims.email) + // const cmd = new SendEmailCommand({ + // Destination: { + // ToAddresses: [email], + // }, + // FromEmailAddress: `SST <auth@${Resource.Email.sender}>`, + // Content: { + // Simple: { + // Body: { + // Html: { + // Data: `Your pin code is <strong>${code}</strong>`, + // }, + // Text: { + // Data: `Your pin code is ${code}`, + // }, + // }, + // Subject: { + // Data: "SST Console Pin Code: " + code, + // }, + // }, + // }, + // }) + // await ses.send(cmd) + // }, + // }), }, storage: CloudflareStorage({ namespace: env.AuthStorage, @@ -50,7 +99,14 @@ export default { }) const user = (await userResponse.json()) as { email: string } email = user.email - } else throw new Error("Unsupported provider") + } else if (response.provider === "google") { + if (!response.id.email_verified) throw new Error("Google email not verified") + email = response.id.email as string + } + //if (response.provider === "email") { + // email = response.claims.email + //} + else throw new Error("Unsupported provider") if (!email) throw new Error("No email found") |