From ffcc90bb95329cbb4b8f310e37024d417c216d8c Mon Sep 17 00:00:00 2001
From: David Luecke <daff@neyeon.com>
Date: Mon, 17 Jun 2024 17:25:23 -0700
Subject: [PATCH] fix(authentication-oauth): Allow POST oauth callbacks (#3497)

---
 packages/authentication-oauth/src/index.ts   | 21 +++++++++++++-------
 packages/authentication-oauth/src/service.ts | 20 +++++++++++++++----
 2 files changed, 30 insertions(+), 11 deletions(-)

diff --git a/packages/authentication-oauth/src/index.ts b/packages/authentication-oauth/src/index.ts
index f079dc6344..9d25b6f6c1 100644
--- a/packages/authentication-oauth/src/index.ts
+++ b/packages/authentication-oauth/src/index.ts
@@ -3,7 +3,7 @@ import { createDebug } from '@feathersjs/commons'
 import { resolveDispatch } from '@feathersjs/schema'
 
 import { OAuthStrategy, OAuthProfile } from './strategy'
-import { redirectHook, OAuthService } from './service'
+import { redirectHook, OAuthService, OAuthCallbackService } from './service'
 import { getGrantConfig, authenticationServiceOptions, OauthSetupSettings } from './utils'
 
 const debug = createDebug('@feathersjs/authentication-oauth')
@@ -34,16 +34,23 @@ export const oauth =
     const grantConfig = getGrantConfig(authService)
     const serviceOptions = authenticationServiceOptions(authService, oauthOptions)
     const servicePath = `${grantConfig.defaults.prefix || 'oauth'}/:provider`
+    const callbackServicePath = `${servicePath}/callback`
+    const oauthService = new OAuthService(authService, oauthOptions)
 
-    app.use(servicePath, new OAuthService(authService, oauthOptions), serviceOptions)
-
-    const oauthService = app.service(servicePath)
-
-    oauthService.hooks({
+    app.use(servicePath, oauthService, serviceOptions)
+    app.use(callbackServicePath, new OAuthCallbackService(oauthService), serviceOptions)
+    app.service(servicePath).hooks({
+      around: { all: [resolveDispatch(), redirectHook()] }
+    })
+    app.service(callbackServicePath).hooks({
       around: { all: [resolveDispatch(), redirectHook()] }
     })
 
-    if (typeof oauthService.publish === 'function') {
+    if (typeof app.service(servicePath).publish === 'function') {
       app.service(servicePath).publish(() => null)
     }
+
+    if (typeof app.service(callbackServicePath).publish === 'function') {
+      app.service(callbackServicePath).publish(() => null)
+    }
   }
diff --git a/packages/authentication-oauth/src/service.ts b/packages/authentication-oauth/src/service.ts
index c0f0c072b3..1ae575d6aa 100644
--- a/packages/authentication-oauth/src/service.ts
+++ b/packages/authentication-oauth/src/service.ts
@@ -178,10 +178,6 @@ export class OAuthService {
   async get(override: string, params: OAuthParams) {
     const result = await this.handler('GET', params, {}, override)
 
-    if (override === 'callback') {
-      return this.authenticate(params, result)
-    }
-
     return result
   }
 
@@ -189,3 +185,19 @@ export class OAuthService {
     return this.handler('POST', params, data)
   }
 }
+
+export class OAuthCallbackService {
+  constructor(public service: OAuthService) {}
+
+  async find(params: OAuthParams) {
+    const result = await this.service.handler('GET', params, {}, 'callback')
+
+    return this.service.authenticate(params, result)
+  }
+
+  async create(data: any, params: OAuthParams) {
+    const result = await this.service.handler('POST', params, data, 'callback')
+
+    return this.service.authenticate(params, result)
+  }
+}