Merge branch 'main' into provider-user-sessions

# Conflicts: # packages/@uppy/companion/src/server/controllers/refresh-token.js # packages/@uppy/companion/src/server/provider/index.js
transloadit · Sep 6, 2023 · 9f160f4 · 9f160f4
2 parents 8016a5d + 682ae7f
commit 9f160f4
Show file tree

Hide file tree

Showing 3 changed files with 19 additions and 3 deletions.
diff --git a/packages/@uppy/companion/src/server/controllers/refresh-token.js b/packages/@uppy/companion/src/server/controllers/refresh-token.js
@@ -9,6 +9,7 @@ async function refreshToken (req, res, next) {
   const { providerName } = req.params
 
   const { key: clientId, secret: clientSecret } = req.companion.options.providerOptions[providerName]
+  const { redirect_uri: redirectUri } = req.companion.providerGrantConfig
 
   const { providerUserSession } = req.companion
 
@@ -20,7 +21,7 @@ async function refreshToken (req, res, next) {
 
   try {
     const data = await req.companion.provider.refreshToken({
-      clientId, clientSecret, refreshToken: providerUserSession.refreshToken,
+      redirectUri, clientId, clientSecret, refreshToken: providerUserSession.refreshToken,
     })
 
     req.companion.providerUserSession = {

diff --git a/packages/@uppy/companion/src/server/provider/drive/index.js b/packages/@uppy/companion/src/server/provider/drive/index.js
@@ -176,7 +176,7 @@ class Drive extends Provider {
 
   async refreshToken ({ clientId, clientSecret, refreshToken }) {
     return this.#withErrorHandling('provider.drive.token.refresh.error', async () => {
-      const { access_token: accessToken } = await getOauthClient().post('token', { form: { refresh_token: refreshToken, grant_type: 'refresh_token', client_id: clientId, client_secret: clientSecret } }).json()
+      const { access_token: accessToken } = await getOauthClient().post('token', { responseType: 'json', form: { refresh_token: refreshToken, grant_type: 'refresh_token', client_id: clientId, client_secret: clientSecret } }).json()
       return { accessToken }
     })
   }
@@ -186,7 +186,10 @@ class Drive extends Provider {
       fn,
       tag,
       providerName: this.authProvider,
-      isAuthError: (response) => response.statusCode === 401,
+      isAuthError: (response) => (
+        response.statusCode === 401
+        || (response.statusCode === 400 && response.body?.error === 'invalid_grant') // Refresh token has expired or been revoked
+      ),
       getJsonErrorMessage: (body) => body?.error?.message,
     })
   }

diff --git a/packages/@uppy/companion/src/server/provider/onedrive/index.js b/packages/@uppy/companion/src/server/provider/onedrive/index.js
@@ -13,6 +13,10 @@ const getClient = ({ token }) => got.extend({
   },
 })
 
+const getOauthClient = () => got.extend({
+  prefixUrl: 'https://login.live.com',
+})
+
 const getRootPath = (query) => (query.driveId ? `drives/${query.driveId}` : 'me/drive')
 
 /**
@@ -81,9 +85,17 @@ class OneDrive extends Provider {
 
   // eslint-disable-next-line class-methods-use-this
   async logout () {
+    // apparently M$ doesn't support programmatic oauth2 revoke
     return { revoked: false, manual_revoke_url: 'https://account.live.com/consent/Manage' }
   }
 
+  async refreshToken ({ clientId, clientSecret, refreshToken, redirectUri }) {
+    return this.#withErrorHandling('provider.onedrive.token.refresh.error', async () => {
+      const { access_token: accessToken } = await getOauthClient().post('oauth20_token.srf', { responseType: 'json', form: { refresh_token: refreshToken, grant_type: 'refresh_token', client_id: clientId, client_secret: clientSecret, redirect_uri: redirectUri } }).json()
+      return { accessToken }
+    })
+  }
+
   async #withErrorHandling (tag, fn) {
     return withProviderErrorHandling({
       fn,