add proxy routes, webauthn bug fix

src/mailProxy/mailProxy.route.ts

@@ -0,0 +1,39 @@
+import { FastifyInstance } from "fastify";
+import { $mail, ProxyRequest } from "./mailProxy.schema";
+import { getOutlookTokens } from "./mailProxy.service";
+import axios from "axios";
+
+export async function mailProxyRoutes(fastify: FastifyInstance) {
+  fastify.post(
+    "/",
+    {
+      schema: {
+        body: $mail("proxyRequest"),
+      },
+      config: { requiredClaims: ["mail:all"] },
+      preHandler: [fastify.authorize],
+    },
+    async (req, res) => {
+      const input = req.body as ProxyRequest;
+
+      try {
+        const tokens = await getOutlookTokens(input.email);
+        if (!tokens) return res.code(404).send({ error: "resource not found" });
+
+        const result = await axios({
+          url: input.url,
+          method: input.method,
+          headers: {
+            Authorization: "Bearer " + tokens.access_token,
+          },
+          data: input.body,
+          validateStatus: () => true,
+        });
+
+        return res.code(result.status).send(result.data);
+      } catch (err) {
+        return err;
+      }
+    }
+  );
+}

src/mailProxy/mailProxy.schema.ts

@@ -0,0 +1,34 @@
+import { buildJsonSchemas } from "fastify-zod";
+import mongoose from "mongoose";
+import { z } from "zod";
+
+export const mailModel = mongoose.model(
+  "oauth",
+  new mongoose.Schema({
+    email: {
+      type: String,
+      unique: true,
+      required: true,
+    },
+    access_token: String,
+    expiry: Date,
+    refresh_token: String,
+  }),
+  "oauth"
+);
+
+const proxyRequest = z.object({
+  email: z.string().email(),
+  url: z.string(),
+  method: z.enum(["GET", "POST", "PATCH", "DELETE"]),
+  body: z.any(),
+});
+
+export type ProxyRequest = z.infer<typeof proxyRequest>;
+
+export const { schemas: mailSchemas, $ref: $mail } = buildJsonSchemas(
+  {
+    proxyRequest,
+  },
+  { $id: "mail" }
+);

src/mailProxy/mailProxy.service.ts

@@ -0,0 +1,48 @@
+import qs from "qs";
+import axios from "axios";
+import { mailModel } from "./mailProxy.schema";
+
+export async function getOutlookTokens(email: string) {
+  let tokens = await mailModel.findOne({ email: email });
+
+  if (!tokens) {
+    return null;
+  } else {
+    const date = new Date();
+    const expiry = new Date(tokens.expiry);
+
+    if (expiry > date) {
+      return tokens.access_token;
+    } else {
+      try {
+        let res = await axios({
+          url: "https://login.microsoftonline.com/common/oauth2/v2.0/token",
+          method: "POST",
+          headers: {
+            "Content-Type": "application/x-www-form-urlencoded",
+          },
+          data: qs.stringify({
+            client_id: process.env.MAIL_CLIENT_ID,
+            scope: process.env.MAIL_SCOPE,
+            refresh_token: tokens.refresh_token,
+            redirect_uri: process.env.MAIL_REDIRECT_URI,
+            grant_type: "refresh_token",
+            client_secret: process.env.MAIL_CLIENT_SECRET,
+          }),
+        });
+
+        let expiresAt = new Date(Date.now() + res.data.expires_in * 1000);
+
+        await mailModel.findByIdAndUpdate(tokens._id, {
+          expiry: expiresAt,
+          refresh_token: res.data.refresh_token,
+          access_token: res.data.access_token,
+        });
+
+        return res.data.access_token;
+      } catch (err) {
+        throw new Error("error fetching tokens");
+      }
+    }
+  }
+}