mirror of
https://github.com/danny-avila/LibreChat.git
synced 2025-09-22 08:12:00 +02:00
299cabd6ed
* 🔧 feat: Enhance logging configuration for production and debug environments * 🔒 feat: Implement encryption and decryption functions for sensitive values in ActionService with URL encoding/decoding * refactor: optimize action service for agent tools * refactor: optimize action processing for Assistants API * fix: handle case where agent is not found in loadAgent function * refactor: improve error handling in API calls by throwing new Error with logAxiosError output * chore: bump @librechat/agents to 2.3.95, fixes "Invalid tool call structure: No preceding AIMessage with tool_call_ids" * refactor: enhance error logging in logAxiosError function to include response status * refactor: remove unused useModelSelection hook from Endpoint * refactor: add support for assistants in useSelectorEffects hook * refactor: replace string easing with imported easings in Landing component * chore: remove duplicate translation * refactor: update model selection logic and improve localization for UI elements * refactor: replace endpoint value checks with helper functions for agents and assistants * refactor: optimize display value logic and utilize useMemo for performance improvements * refactor: clean up imports and optimize display/icon value logic in endpoint components, fix spec selection * refactor: enhance error logging in axios utility to include stack traces for better debugging * refactor: update logging configuration to use DEBUG_LOGGING and streamline log level handling * refactor: adjust className for export menu button to improve layout consistency and remove unused title prop from ShareButton * refactor: update import path for logAxiosError utility to improve module organization and clarity * refactor: implement debounced search value setter in ModelSelectorContext for improved performance
172 lines
5 KiB
JavaScript
172 lines
5 KiB
JavaScript
const axios = require('axios');
|
|
const { handleOAuthToken } = require('~/models/Token');
|
|
const { decryptV2 } = require('~/server/utils/crypto');
|
|
const { logAxiosError } = require('~/utils');
|
|
const { logger } = require('~/config');
|
|
|
|
/**
|
|
* Processes the access tokens and stores them in the database.
|
|
* @param {object} tokenData
|
|
* @param {string} tokenData.access_token
|
|
* @param {number} tokenData.expires_in
|
|
* @param {string} [tokenData.refresh_token]
|
|
* @param {number} [tokenData.refresh_token_expires_in]
|
|
* @param {object} metadata
|
|
* @param {string} metadata.userId
|
|
* @param {string} metadata.identifier
|
|
* @returns {Promise<void>}
|
|
*/
|
|
async function processAccessTokens(tokenData, { userId, identifier }) {
|
|
const { access_token, expires_in = 3600, refresh_token, refresh_token_expires_in } = tokenData;
|
|
if (!access_token) {
|
|
logger.error('Access token not found: ', tokenData);
|
|
throw new Error('Access token not found');
|
|
}
|
|
await handleOAuthToken({
|
|
identifier,
|
|
token: access_token,
|
|
expiresIn: expires_in,
|
|
userId,
|
|
});
|
|
|
|
if (refresh_token != null) {
|
|
logger.debug('Processing refresh token');
|
|
await handleOAuthToken({
|
|
token: refresh_token,
|
|
type: 'oauth_refresh',
|
|
userId,
|
|
identifier: `${identifier}:refresh`,
|
|
expiresIn: refresh_token_expires_in ?? null,
|
|
});
|
|
}
|
|
logger.debug('Access tokens processed');
|
|
}
|
|
|
|
/**
|
|
* Refreshes the access token using the refresh token.
|
|
* @param {object} fields
|
|
* @param {string} fields.userId - The ID of the user.
|
|
* @param {string} fields.client_url - The URL of the OAuth provider.
|
|
* @param {string} fields.identifier - The identifier for the token.
|
|
* @param {string} fields.refresh_token - The refresh token to use.
|
|
* @param {string} fields.encrypted_oauth_client_id - The client ID for the OAuth provider.
|
|
* @param {string} fields.encrypted_oauth_client_secret - The client secret for the OAuth provider.
|
|
* @returns {Promise<{
|
|
* access_token: string,
|
|
* expires_in: number,
|
|
* refresh_token?: string,
|
|
* refresh_token_expires_in?: number,
|
|
* }>}
|
|
*/
|
|
const refreshAccessToken = async ({
|
|
userId,
|
|
client_url,
|
|
identifier,
|
|
refresh_token,
|
|
encrypted_oauth_client_id,
|
|
encrypted_oauth_client_secret,
|
|
}) => {
|
|
try {
|
|
const oauth_client_id = await decryptV2(encrypted_oauth_client_id);
|
|
const oauth_client_secret = await decryptV2(encrypted_oauth_client_secret);
|
|
const params = new URLSearchParams({
|
|
client_id: oauth_client_id,
|
|
client_secret: oauth_client_secret,
|
|
grant_type: 'refresh_token',
|
|
refresh_token,
|
|
});
|
|
|
|
const response = await axios({
|
|
method: 'POST',
|
|
url: client_url,
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded',
|
|
Accept: 'application/json',
|
|
},
|
|
data: params.toString(),
|
|
});
|
|
await processAccessTokens(response.data, {
|
|
userId,
|
|
identifier,
|
|
});
|
|
logger.debug(`Access token refreshed successfully for ${identifier}`);
|
|
return response.data;
|
|
} catch (error) {
|
|
const message = 'Error refreshing OAuth tokens';
|
|
throw new Error(
|
|
logAxiosError({
|
|
message,
|
|
error,
|
|
}),
|
|
);
|
|
}
|
|
};
|
|
|
|
/**
|
|
* Handles the OAuth callback and exchanges the authorization code for tokens.
|
|
* @param {object} fields
|
|
* @param {string} fields.code - The authorization code returned by the provider.
|
|
* @param {string} fields.userId - The ID of the user.
|
|
* @param {string} fields.identifier - The identifier for the token.
|
|
* @param {string} fields.client_url - The URL of the OAuth provider.
|
|
* @param {string} fields.redirect_uri - The redirect URI for the OAuth provider.
|
|
* @param {string} fields.encrypted_oauth_client_id - The client ID for the OAuth provider.
|
|
* @param {string} fields.encrypted_oauth_client_secret - The client secret for the OAuth provider.
|
|
* @returns {Promise<{
|
|
* access_token: string,
|
|
* expires_in: number,
|
|
* refresh_token?: string,
|
|
* refresh_token_expires_in?: number,
|
|
* }>}
|
|
*/
|
|
const getAccessToken = async ({
|
|
code,
|
|
userId,
|
|
identifier,
|
|
client_url,
|
|
redirect_uri,
|
|
encrypted_oauth_client_id,
|
|
encrypted_oauth_client_secret,
|
|
}) => {
|
|
const oauth_client_id = await decryptV2(encrypted_oauth_client_id);
|
|
const oauth_client_secret = await decryptV2(encrypted_oauth_client_secret);
|
|
const params = new URLSearchParams({
|
|
code,
|
|
client_id: oauth_client_id,
|
|
client_secret: oauth_client_secret,
|
|
grant_type: 'authorization_code',
|
|
redirect_uri,
|
|
});
|
|
|
|
try {
|
|
const response = await axios({
|
|
method: 'POST',
|
|
url: client_url,
|
|
headers: {
|
|
'Content-Type': 'application/x-www-form-urlencoded',
|
|
Accept: 'application/json',
|
|
},
|
|
data: params.toString(),
|
|
});
|
|
|
|
await processAccessTokens(response.data, {
|
|
userId,
|
|
identifier,
|
|
});
|
|
logger.debug(`Access tokens successfully created for ${identifier}`);
|
|
return response.data;
|
|
} catch (error) {
|
|
const message = 'Error exchanging OAuth code';
|
|
throw new Error(
|
|
logAxiosError({
|
|
message,
|
|
error,
|
|
}),
|
|
);
|
|
}
|
|
};
|
|
|
|
module.exports = {
|
|
getAccessToken,
|
|
refreshAccessToken,
|
|
};
|