From 2fae63fe15359432f7b79d18ff36cb2c0561f23c Mon Sep 17 00:00:00 2001
From: Mar0xy <marie@kaifa.ch>
Date: Thu, 16 Nov 2023 20:04:19 +0100
Subject: [PATCH] upd: add multipart support to oauth/token

---
 .../src/server/oauth/OAuth2ProviderService.ts     | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/packages/backend/src/server/oauth/OAuth2ProviderService.ts b/packages/backend/src/server/oauth/OAuth2ProviderService.ts
index 63df4217e..a7c9a3cc1 100644
--- a/packages/backend/src/server/oauth/OAuth2ProviderService.ts
+++ b/packages/backend/src/server/oauth/OAuth2ProviderService.ts
@@ -10,6 +10,7 @@ import { v4 as uuid } from 'uuid';
 /* import { kinds } from '@/misc/api-permissions.js';
 import type { Config } from '@/config.js';
 import { DI } from '@/di-symbols.js'; */
+import multer from 'fastify-multer';
 import { bindThis } from '@/decorators.js';
 import type { FastifyInstance } from 'fastify';
 
@@ -24,8 +25,8 @@ function getClient(BASE_URL: string, authorization: string | undefined): Megalod
 @Injectable()
 export class OAuth2ProviderService {
 	constructor(
-		/* @Inject(DI.config)
-		private config: Config, */
+		@Inject(DI.config)
+		private config: Config,
 	) { }
 
 	@bindThis
@@ -46,6 +47,14 @@ export class OAuth2ProviderService {
 			});
 		}); */
 
+		const upload = multer({
+			storage: multer.diskStorage({}),
+			limits: {
+				fileSize: this.config.maxFileSize || 262144000,
+				files: 1,
+			},
+		});
+
 		fastify.addHook('onRequest', (request, reply, done) => {
 			reply.header('Access-Control-Allow-Origin', '*');
 			done();
@@ -89,7 +98,7 @@ export class OAuth2ProviderService {
 			);
 		});
 
-		fastify.post('/oauth/token', async (request, reply) => {
+		fastify.post('/oauth/token', { preHandler: upload.none() }, async (request, reply) => {
 			const body: any = request.body || request.query;
 			if (body.grant_type === "client_credentials") {
 				const ret = {