UNPKG

manifest

Version:

Self-hosted Manifest LLM router with embedded server, SQLite database, and dashboard

138 lines 6.74 kB
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; var __metadata = (this && this.__metadata) || function (k, v) { if (typeof Reflect === "object" && typeof Reflect.metadata === "function") return Reflect.metadata(k, v); }; var __param = (this && this.__param) || function (paramIndex, decorator) { return function (target, key) { decorator(target, key, paramIndex); } }; var OpenaiOauthController_1; Object.defineProperty(exports, "__esModule", { value: true }); exports.OpenaiOauthController = void 0; const common_1 = require("@nestjs/common"); const crypto_1 = require("crypto"); const public_decorator_1 = require("../../common/decorators/public.decorator"); const current_user_decorator_1 = require("../../auth/current-user.decorator"); const openai_oauth_service_1 = require("./openai-oauth.service"); const resolve_agent_service_1 = require("../routing-core/resolve-agent.service"); const provider_service_1 = require("../routing-core/provider.service"); const provider_key_service_1 = require("../routing-core/provider-key.service"); let OpenaiOauthController = OpenaiOauthController_1 = class OpenaiOauthController { oauthService; resolveAgent; providerKeyService; providerService; logger = new common_1.Logger(OpenaiOauthController_1.name); constructor(oauthService, resolveAgent, providerKeyService, providerService) { this.oauthService = oauthService; this.resolveAgent = resolveAgent; this.providerKeyService = providerKeyService; this.providerService = providerService; } async authorize(agentName, user, req) { if (!agentName) { throw new common_1.HttpException('agentName query parameter is required', common_1.HttpStatus.BAD_REQUEST); } const agent = await this.resolveAgent.resolve(user.id, agentName); const backendUrl = `${req.protocol}://${req.get('host')}`; try { const url = await this.oauthService.generateAuthorizationUrl(agent.id, user.id, backendUrl); return { url }; } catch (err) { const message = err instanceof Error ? err.message : 'Failed to start OAuth callback server'; throw new common_1.HttpException(message, common_1.HttpStatus.SERVICE_UNAVAILABLE); } } async revoke(agentName, user) { if (!agentName) { throw new common_1.HttpException('agentName query parameter is required', common_1.HttpStatus.BAD_REQUEST); } const agent = await this.resolveAgent.resolve(user.id, agentName); const apiKey = await this.providerKeyService.getProviderApiKey(agent.id, 'openai', 'subscription'); if (apiKey) { try { const blob = JSON.parse(apiKey); if (blob.t) await this.oauthService.revokeToken(blob.t); if (blob.r) await this.oauthService.revokeToken(blob.r); } catch { this.logger.warn('Could not parse OAuth token blob for revocation'); } } await this.providerService.removeProvider(agent.id, 'openai', 'subscription'); return { ok: true }; } async callback(code, state, _user) { if (!code || !state) { throw new common_1.HttpException('code and state are required', common_1.HttpStatus.BAD_REQUEST); } try { await this.oauthService.exchangeCode(state, code); return { ok: true }; } catch (err) { const message = err instanceof Error ? err.message : 'Token exchange failed'; this.logger.error(`OAuth callback exchange failed: ${message}`); throw new common_1.HttpException(message, common_1.HttpStatus.BAD_REQUEST); } } done(ok, res) { const success = ok === '1'; const nonce = (0, crypto_1.randomBytes)(16).toString('base64'); res.setHeader('Content-Type', 'text/html'); res.setHeader('Content-Security-Policy', `default-src 'none'; script-src 'nonce-${nonce}'`); res.send((0, openai_oauth_service_1.oauthDoneHtml)(success, nonce)); } }; exports.OpenaiOauthController = OpenaiOauthController; __decorate([ (0, common_1.Get)('authorize'), __param(0, (0, common_1.Query)('agentName')), __param(1, (0, current_user_decorator_1.CurrentUser)()), __param(2, (0, common_1.Req)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, Object, Object]), __metadata("design:returntype", Promise) ], OpenaiOauthController.prototype, "authorize", null); __decorate([ (0, common_1.Post)('revoke'), __param(0, (0, common_1.Query)('agentName')), __param(1, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, Object]), __metadata("design:returntype", Promise) ], OpenaiOauthController.prototype, "revoke", null); __decorate([ (0, common_1.Post)('callback'), __param(0, (0, common_1.Body)('code')), __param(1, (0, common_1.Body)('state')), __param(2, (0, current_user_decorator_1.CurrentUser)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, String, Object]), __metadata("design:returntype", Promise) ], OpenaiOauthController.prototype, "callback", null); __decorate([ (0, common_1.Get)('done'), (0, public_decorator_1.Public)(), __param(0, (0, common_1.Query)('ok')), __param(1, (0, common_1.Res)()), __metadata("design:type", Function), __metadata("design:paramtypes", [String, Object]), __metadata("design:returntype", void 0) ], OpenaiOauthController.prototype, "done", null); exports.OpenaiOauthController = OpenaiOauthController = OpenaiOauthController_1 = __decorate([ (0, common_1.Controller)('api/v1/oauth/openai'), __metadata("design:paramtypes", [openai_oauth_service_1.OpenaiOauthService, resolve_agent_service_1.ResolveAgentService, provider_key_service_1.ProviderKeyService, provider_service_1.ProviderService]) ], OpenaiOauthController); //# sourceMappingURL=openai-oauth.controller.js.map