Update Discord dependencies

2025-02-11 13:04:40 +13:00
parent 984d4362a5
commit 8e0c15476c
5 changed files with 32 additions and 55 deletions
--- a/package-lock.json
+++ b/package-lock.json
@@ -23,7 +23,8 @@
        "ansi-colors": "^4.1.3",
        "better-sqlite3": "^11.1.2",
        "chunk-text": "^2.0.1",
-        "cloudstorm": "^0.10.10",
+        "cloudstorm": "^0.11.2",
+        "discord-api-types": "^0.37.119",
        "domino": "^2.1.6",
        "enquirer": "^2.4.1",
        "entities": "^5.0.0",
@@ -35,7 +36,7 @@
        "minimist": "^1.2.8",
        "prettier-bytes": "^1.0.4",
        "sharp": "^0.33.4",
-        "snowtransfer": "^0.10.5",
+        "snowtransfer": "^0.11.0",
        "stream-mime-type": "^1.0.2",
        "try-to-catch": "^3.0.1",
        "uqr": "^0.1.2",
@@ -47,7 +48,6 @@
        "@types/node": "^18.16.0",
        "c8": "^10.1.2",
        "cross-env": "^7.0.3",
-        "discord-api-types": "^0.37.60",
        "supertape": "^10.4.0"
      },
      "engines": {
@@ -1411,16 +1411,15 @@
      }
    },
    "node_modules/cloudstorm": {
-      "version": "0.10.11",
-      "resolved": "https://registry.npmjs.org/cloudstorm/-/cloudstorm-0.10.11.tgz",
-      "integrity": "sha512-A3lN0o404la7ryWIxN73gW2ehC0RO4h0yCA2grtOtPh8rNTd6+R2U4llyJlb61HlyOFrEVJ7AbOoFblVSmkrtw==",
-      "license": "MIT",
+      "version": "0.11.2",
+      "resolved": "https://registry.npmjs.org/cloudstorm/-/cloudstorm-0.11.2.tgz",
+      "integrity": "sha512-LuKey+nTp5fEGH5TdCxCUWSG1VMcXKV57rsFvGi/XLpdPT1LUTlc5TmCONAaKzy2uZFJm9EG+iIB2Vq+uBqgog==",
      "dependencies": {
-        "discord-api-types": "^0.37.98",
-        "snowtransfer": "^0.10.7"
+        "discord-api-types": "^0.37.119",
+        "snowtransfer": "^0.11.0"
      },
      "engines": {
-        "node": ">=14.8.0"
+        "node": ">=16.15.0"
      }
    },
    "node_modules/color": {
@@ -1599,10 +1598,9 @@
      }
    },
    "node_modules/discord-api-types": {
-      "version": "0.37.101",
-      "resolved": "https://registry.npmjs.org/discord-api-types/-/discord-api-types-0.37.101.tgz",
-      "integrity": "sha512-2wizd94t7G3A8U5Phr3AiuL4gSvhqistDwWnlk1VLTit8BI1jWUncFqFQNdPbHqS3661+Nx/iEyIwtVjPuBP3w==",
-      "license": "MIT"
+      "version": "0.37.119",
+      "resolved": "https://registry.npmjs.org/discord-api-types/-/discord-api-types-0.37.119.tgz",
+      "integrity": "sha512-WasbGFXEB+VQWXlo6IpW3oUv73Yuau1Ig4AZF/m13tXcTKnMpc/mHjpztIlz4+BM9FG9BHQkEXiPto3bKduQUg=="
    },
    "node_modules/doctypes": {
      "version": "1.1.0",
@@ -2714,16 +2712,14 @@
      }
    },
    "node_modules/snowtransfer": {
-      "version": "0.10.7",
-      "resolved": "https://registry.npmjs.org/snowtransfer/-/snowtransfer-0.10.7.tgz",
-      "integrity": "sha512-lXUYp6jOou0DI8uFl3Dh78KD1gVa3dNbUt2TK6RW39mHenAR6XpoPoydUNXCWvdxi6uGU6zQ1yNICZpKjF6wMA==",
-      "license": "MIT",
+      "version": "0.11.0",
+      "resolved": "https://registry.npmjs.org/snowtransfer/-/snowtransfer-0.11.0.tgz",
+      "integrity": "sha512-07rvRnCtXdL/E3PmKTS/zHVlIIIWizKh7YzsUxN2bmX1Fr5odFgZ08J0/dE1YL6XmsbpmEB2r4LBAfdCGzKs7w==",
      "dependencies": {
-        "discord-api-types": "^0.37.98",
-        "undici": "^6.19.8"
+        "discord-api-types": "^0.37.119"
      },
      "engines": {
-        "node": ">=14.18.0"
+        "node": ">=16.15.0"
      }
    },
    "node_modules/source-map": {
@@ -3143,15 +3139,6 @@
      "integrity": "sha512-Ql87qFHB3s/De2ClA9e0gsnS6zXG27SkTiSJwjCc9MebbfapQfuPzumMIUMi38ezPZVNFcHI9sUIepeQfw8J8Q==",
      "license": "MIT"
    },
-    "node_modules/undici": {
-      "version": "6.21.1",
-      "resolved": "https://registry.npmjs.org/undici/-/undici-6.21.1.tgz",
-      "integrity": "sha512-q/1rj5D0/zayJB2FraXdaWxbhWiNKDvu8naDT2dl1yTlvJp4BLtOcp2a5BvgGNQpYYJzau7tf1WgKv3b+7mqpQ==",
-      "license": "MIT",
-      "engines": {
-        "node": ">=18.17"
-      }
-    },
    "node_modules/undici-types": {
      "version": "5.26.5",
      "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-5.26.5.tgz",
--- a/package.json
+++ b/package.json
@@ -32,7 +32,8 @@
    "ansi-colors": "^4.1.3",
    "better-sqlite3": "^11.1.2",
    "chunk-text": "^2.0.1",
-    "cloudstorm": "^0.10.10",
+    "cloudstorm": "^0.11.2",
+    "discord-api-types": "^0.37.119",
    "domino": "^2.1.6",
    "enquirer": "^2.4.1",
    "entities": "^5.0.0",
@@ -44,7 +45,7 @@
    "minimist": "^1.2.8",
    "prettier-bytes": "^1.0.4",
    "sharp": "^0.33.4",
-    "snowtransfer": "^0.10.5",
+    "snowtransfer": "^0.11.0",
    "stream-mime-type": "^1.0.2",
    "try-to-catch": "^3.0.1",
    "uqr": "^0.1.2",
@@ -56,7 +57,6 @@
    "@types/node": "^18.16.0",
    "c8": "^10.1.2",
    "cross-env": "^7.0.3",
-    "discord-api-types": "^0.37.60",
    "supertape": "^10.4.0"
  },
  "scripts": {
--- a/readme.md
+++ b/readme.md
@@ -164,7 +164,7 @@ To get into the rooms on your Matrix account, use the `/invite [your mxid here]`

 ## Dependency justification

-Total transitive production dependencies: 144
+Total transitive production dependencies: 143

 ### <font size="+2">🦕</font>

@@ -188,6 +188,7 @@ Total transitive production dependencies: 144
 * (0) ansi-colors: Helps with interactive prompting for the initial setup, and it's already pulled in by enquirer.
 * (1) chunk-text: It does what I want.
 * (0) cloudstorm: Discord gateway library with bring-your-own-caching that I trust.
+* (0) discord-api-types: Bitfields needed at runtime and types needed for development.
 * (0) domino: DOM implementation that's already pulled in by turndown.
 * (1) enquirer: Interactive prompting for the initial setup rather than forcing users to edit YAML non-interactively.
 * (0) entities: Looks fine. No dependencies.
@@ -198,7 +199,7 @@ Total transitive production dependencies: 144
 * (0) lru-cache: For holding unused nonce in memory and letting them be overwritten later if never used.
 * (0) minimist: It's already pulled in by better-sqlite3->prebuild-install.
 * (0) prettier-bytes: It does what I want and has no dependencies.
-* (2) snowtransfer: Discord API library with bring-your-own-caching that I trust.
+* (0) snowtransfer: Discord API library with bring-your-own-caching that I trust.
 * (0) try-to-catch: Not strictly necessary, but it's already pulled in by supertape, so I may as well.
 * (0) uqr: QR code SVG generator. Used on the website to scan in an invite link.
 * (0) xxhash-wasm: Used where cryptographically secure hashing is not required.
--- a/scripts/setup.js
+++ b/scripts/setup.js
@@ -180,7 +180,7 @@ function defineEchoHandler() {
 				process.stdout.write(magenta(" checking, please wait..."))
 				try {
 					snow = new SnowTransfer(token)
-					client = await snow.requestHandler.request(`/applications/@me`, {}, "get")
+					client = await snow.requestHandler.request(`/applications/@me`, {}, "get", "json")
 					return true
 				} catch (e) {
 					return e.message
@@ -197,7 +197,7 @@ function defineEchoHandler() {
 				message: "Press Enter when you've enabled them",
 				validate: async token => {
 					process.stdout.write(magenta("checking, please wait..."))
-					client = await snow.requestHandler.request(`/applications/@me`, {}, "get")
+					client = await snow.requestHandler.request(`/applications/@me`, {}, "get", "json")
 					if (client.flags & mandatoryIntentFlags) {
 						return true
 					} else {
@@ -225,7 +225,7 @@ function defineEchoHandler() {
 				message: "Press Enter when you've added it",
 				validate: async token => {
 					process.stdout.write(magenta("checking, please wait..."))
-					client = await snow.requestHandler.request(`/applications/@me`, {}, "get")
+					client = await snow.requestHandler.request(`/applications/@me`, {}, "get", "json")
 					if (client.redirect_uris.includes(expectedUri)) {
 						return true
 					} else {
--- a/src/web/routes/oauth.js
+++ b/src/web/routes/oauth.js
@@ -3,11 +3,11 @@
 const {z} = require("zod")
 const {randomUUID} = require("crypto")
 const {defineEventHandler, getValidatedQuery, sendRedirect, createError} = require("h3")
-const {SnowTransfer} = require("snowtransfer")
+const {SnowTransfer, tokenless} = require("snowtransfer")
 const DiscordTypes = require("discord-api-types/v10")
 const getRelativePath = require("get-relative-path")

-const {as, db, sync} = require("../../passthrough")
+const {discord, as, db, sync} = require("../../passthrough")
 const {id} = require("../../../addbot")
 /** @type {import("../auth")} */
 const auth = sync.require("../auth")
@@ -59,21 +59,10 @@ as.router.get("/oauth", defineEventHandler(async event => {
 	if (!savedState) throw createError({status: 400, message: "Missing state", data: "Missing saved state parameter. Please try again, and make sure you have cookies enabled."})
 	if (savedState != parsedQuery.data.state) return tryAgain()

-	const res = await fetch("https://discord.com/api/oauth2/token", {
-		method: "post",
-		body: new URLSearchParams({
-			grant_type: "authorization_code",
-			client_id: id,
-			client_secret: reg.ooye.discord_client_secret,
-			redirect_uri,
-			code: parsedQuery.data.code
-		})
-	})
-	const root = await res.json()
-
-	const parsedToken = schema.token.safeParse(root)
-	if (!res.ok || !parsedToken.success) {
-		throw createError({status: 502, message: "Invalid token response", data: `Discord completed OAuth, but returned this instead of an OAuth access token: ${JSON.stringify(root)}`})
+	const oauthResult = await tokenless.getOauth2Token(id, redirect_uri, reg.ooye.discord_client_secret, parsedQuery.data.code)
+	const parsedToken = schema.token.safeParse(oauthResult)
+	if (!parsedToken.success) {
+		throw createError({status: 502, message: "Invalid token response", data: `Discord completed OAuth, but returned this instead of an OAuth access token: ${JSON.stringify(oauthResult)}`})
 	}

 	const userID = Buffer.from(parsedToken.data.access_token.split(".")[0], "base64").toString()