manifest
Version:
Self-hosted Manifest LLM router with embedded server, SQLite database, and dashboard
138 lines • 6.74 kB
JavaScript
;
var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) {
var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d;
if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc);
else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r;
return c > 3 && r && Object.defineProperty(target, key, r), r;
};
var __metadata = (this && this.__metadata) || function (k, v) {
if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v);
};
var __param = (this && this.__param) || function (paramIndex, decorator) {
return function (target, key) { decorator(target, key, paramIndex); }
};
var OpenaiOauthController_1;
Object.defineProperty(exports, "__esModule", { value: true });
exports.OpenaiOauthController = void 0;
const common_1 = require("@nestjs/common");
const crypto_1 = require("crypto");
const public_decorator_1 = require("../../common/decorators/public.decorator");
const current_user_decorator_1 = require("../../auth/current-user.decorator");
const openai_oauth_service_1 = require("./openai-oauth.service");
const resolve_agent_service_1 = require("../routing-core/resolve-agent.service");
const provider_service_1 = require("../routing-core/provider.service");
const provider_key_service_1 = require("../routing-core/provider-key.service");
let OpenaiOauthController = OpenaiOauthController_1 = class OpenaiOauthController {
oauthService;
resolveAgent;
providerKeyService;
providerService;
logger = new common_1.Logger(OpenaiOauthController_1.name);
constructor(oauthService, resolveAgent, providerKeyService, providerService) {
this.oauthService = oauthService;
this.resolveAgent = resolveAgent;
this.providerKeyService = providerKeyService;
this.providerService = providerService;
}
async authorize(agentName, user, req) {
if (!agentName) {
throw new common_1.HttpException('agentName query parameter is required', common_1.HttpStatus.BAD_REQUEST);
}
const agent = await this.resolveAgent.resolve(user.id, agentName);
const backendUrl = `${req.protocol}://${req.get('host')}`;
try {
const url = await this.oauthService.generateAuthorizationUrl(agent.id, user.id, backendUrl);
return { url };
}
catch (err) {
const message = err instanceof Error ? err.message : 'Failed to start OAuth callback server';
throw new common_1.HttpException(message, common_1.HttpStatus.SERVICE_UNAVAILABLE);
}
}
async revoke(agentName, user) {
if (!agentName) {
throw new common_1.HttpException('agentName query parameter is required', common_1.HttpStatus.BAD_REQUEST);
}
const agent = await this.resolveAgent.resolve(user.id, agentName);
const apiKey = await this.providerKeyService.getProviderApiKey(agent.id, 'openai', 'subscription');
if (apiKey) {
try {
const blob = JSON.parse(apiKey);
if (blob.t)
await this.oauthService.revokeToken(blob.t);
if (blob.r)
await this.oauthService.revokeToken(blob.r);
}
catch {
this.logger.warn('Could not parse OAuth token blob for revocation');
}
}
await this.providerService.removeProvider(agent.id, 'openai', 'subscription');
return { ok: true };
}
async callback(code, state, _user) {
if (!code || !state) {
throw new common_1.HttpException('code and state are required', common_1.HttpStatus.BAD_REQUEST);
}
try {
await this.oauthService.exchangeCode(state, code);
return { ok: true };
}
catch (err) {
const message = err instanceof Error ? err.message : 'Token exchange failed';
this.logger.error(`OAuth callback exchange failed: ${message}`);
throw new common_1.HttpException(message, common_1.HttpStatus.BAD_REQUEST);
}
}
done(ok, res) {
const success = ok === '1';
const nonce = (0, crypto_1.randomBytes)(16).toString('base64');
res.setHeader('Content-Type', 'text/html');
res.setHeader('Content-Security-Policy', `default-src 'none'; script-src 'nonce-${nonce}'`);
res.send((0, openai_oauth_service_1.oauthDoneHtml)(success, nonce));
}
};
exports.OpenaiOauthController = OpenaiOauthController;
__decorate([
(0, common_1.Get)('authorize'),
__param(0, (0, common_1.Query)('agentName')),
__param(1, (0, current_user_decorator_1.CurrentUser)()),
__param(2, (0, common_1.Req)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object, Object]),
__metadata("design:returntype", Promise)
], OpenaiOauthController.prototype, "authorize", null);
__decorate([
(0, common_1.Post)('revoke'),
__param(0, (0, common_1.Query)('agentName')),
__param(1, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object]),
__metadata("design:returntype", Promise)
], OpenaiOauthController.prototype, "revoke", null);
__decorate([
(0, common_1.Post)('callback'),
__param(0, (0, common_1.Body)('code')),
__param(1, (0, common_1.Body)('state')),
__param(2, (0, current_user_decorator_1.CurrentUser)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, String, Object]),
__metadata("design:returntype", Promise)
], OpenaiOauthController.prototype, "callback", null);
__decorate([
(0, common_1.Get)('done'),
(0, public_decorator_1.Public)(),
__param(0, (0, common_1.Query)('ok')),
__param(1, (0, common_1.Res)()),
__metadata("design:type", Function),
__metadata("design:paramtypes", [String, Object]),
__metadata("design:returntype", void 0)
], OpenaiOauthController.prototype, "done", null);
exports.OpenaiOauthController = OpenaiOauthController = OpenaiOauthController_1 = __decorate([
(0, common_1.Controller)('api/v1/oauth/openai'),
__metadata("design:paramtypes", [openai_oauth_service_1.OpenaiOauthService,
resolve_agent_service_1.ResolveAgentService,
provider_key_service_1.ProviderKeyService,
provider_service_1.ProviderService])
], OpenaiOauthController);
//# sourceMappingURL=openai-oauth.controller.js.map