verify.ts

import { jsonError } from "../../common.js";
import { getBanList } from "../../roblox-open-cloud.js";

export async function onRequestGet(context: RequestContext) {
  const code = new URL(context.request.url).searchParams.get("code");

  if (!code) return jsonError("Missing code", 400);

  const dataTransferData = (await context.env.DATA.get(
    `datatransfer_${context.data.data_transfer_id}`,
    { type: "json" },
  )) as { [k: string]: any } | null;

  if (!dataTransferData)
    return jsonError("No transfer exists with that ID", 404);

  const exchangeReq = await fetch("https://apis.roblox.com/oauth/v1/token", {
    body: `code=${code}&grant_type=authorization_code`,
    headers: {
      authorization: `Basic ${
        btoa(context.env.ROBLOX_OAUTH_ID) +
        ":" +
        context.env.ROBLOX_OAUTH_SECRET
      }`,
      "content-type": "application/x-www-form-urlencoded",
    },
    method: "POST",
  });

  if (!exchangeReq.ok) return jsonError("Failed to redeem code", 500);

  const { id_token } = (await exchangeReq.json()) as { id_token: string };

  const { name, preferred_username, sub } = JSON.parse(
    atob(id_token.replaceAll("-", "+").replaceAll("_", "/")),
  );

  if (!preferred_username) return jsonError("Username missing", 500);

  const userObj = {
    displayName: name,
    id: parseInt(sub),
    name: preferred_username,
  };

  let redirectLocation = "/data-transfer/complete";

  if (dataTransferData.oldUser) {
    let banList;

    try {
      banList = (await getBanList(context)) as {
        [k: string]: { BanType: number };
      };
    } catch {
      return jsonError("Failed to create data transfer request", 500);
    }

    if (banList[userObj.id].BanType)
      return new Response(null, {
        headers: {
          location: redirectLocation,
        },
        status: 302,
      });

    dataTransferData.newUser = userObj;

    await fetch(
      `https://api.trello.com/1/cards?key=${context.env.TRELLO_API_KEY}&token=${context.env.TRELLO_API_TOKEN}`,
      {
        body: JSON.stringify({
          desc: `${dataTransferData.oldUser.name} -> ${userObj.name}\n${dataTransferData.oldUser.id} -> ${userObj.id}\nNO MODMAIL TICKET - WEBSITE FORM SUBMISSION`,
          idList: context.env.TRELLO_LIST_ID,
          name: `${dataTransferData.oldUser.name} | Data Transfer`,
        }),
        headers: {
          "content-type": "application/json",
        },
        method: "POST",
      },
    );
  } else {
    dataTransferData.oldUser = userObj;
    redirectLocation = "/data-transfer/destination-account";
  }

  return new Response(null, {
    headers: {
      location: redirectLocation,
    },
    status: 302,
  });
}
	import { jsonError } from "../../common.js";
	import { getBanList } from "../../roblox-open-cloud.js";

	export async function onRequestGet(context: RequestContext) {
	const code = new URL(context.request.url).searchParams.get("code");

	if (!code) return jsonError("Missing code", 400);

	const dataTransferData = (await context.env.DATA.get(
	`datatransfer_${context.data.data_transfer_id}`,
	{ type: "json" },
	)) as { [k: string]: any } \| null;

	if (!dataTransferData)
	return jsonError("No transfer exists with that ID", 404);

	const exchangeReq = await fetch("https://apis.roblox.com/oauth/v1/token", {
	body: `code=${code}&grant_type=authorization_code`,
	headers: {
	authorization: `Basic ${
	btoa(context.env.ROBLOX_OAUTH_ID) +
	":" +
	context.env.ROBLOX_OAUTH_SECRET
	}`,
	"content-type": "application/x-www-form-urlencoded",
	},
	method: "POST",
	});

	if (!exchangeReq.ok) return jsonError("Failed to redeem code", 500);

	const { id_token } = (await exchangeReq.json()) as { id_token: string };

	const { name, preferred_username, sub } = JSON.parse(
	atob(id_token.replaceAll("-", "+").replaceAll("_", "/")),
	);

	if (!preferred_username) return jsonError("Username missing", 500);

	const userObj = {
	displayName: name,
	id: parseInt(sub),
	name: preferred_username,
	};

	let redirectLocation = "/data-transfer/complete";

	if (dataTransferData.oldUser) {
	let banList;

	try {
	banList = (await getBanList(context)) as {
	[k: string]: { BanType: number };
	};
	} catch {
	return jsonError("Failed to create data transfer request", 500);
	}

	if (banList[userObj.id].BanType)
	return new Response(null, {
	headers: {
	location: redirectLocation,
	},
	status: 302,
	});

	dataTransferData.newUser = userObj;

	await fetch(
	`https://api.trello.com/1/cards?key=${context.env.TRELLO_API_KEY}&token=${context.env.TRELLO_API_TOKEN}`,
	{
	body: JSON.stringify({
	desc: `${dataTransferData.oldUser.name} -> ${userObj.name}\n${dataTransferData.oldUser.id} -> ${userObj.id}\nNO MODMAIL TICKET - WEBSITE FORM SUBMISSION`,
	idList: context.env.TRELLO_LIST_ID,
	name: `${dataTransferData.oldUser.name} \| Data Transfer`,
	}),
	headers: {
	"content-type": "application/json",
	},
	method: "POST",
	},
	);
	} else {
	dataTransferData.oldUser = userObj;
	redirectLocation = "/data-transfer/destination-account";
	}

	return new Response(null, {
	headers: {
	location: redirectLocation,
	},
	status: 302,
	});
	}