fix: pull request feedbacks

Author: ivan-dalmet

src/features/auth/PageOAuthCallback.tsx

@@ -1,6 +1,11 @@
 import React, { useEffect, useRef } from 'react';
 
-import { useParams, useRouter, useSearchParams } from 'next/navigation';
+import {
+  notFound,
+  useParams,
+  useRouter,
+  useSearchParams,
+} from 'next/navigation';
 import { useTranslation } from 'react-i18next';
 import { z } from 'zod';
 
@@ -17,7 +22,9 @@ export default function PageOAuthCallback() {
   const toastError = useToastError();
   const router = useRouter();
   const isTriggeredRef = useRef(false);
-  const params = z.object({ provider: zOAuthProvider() }).parse(useParams());
+  const params = z
+    .object({ provider: zOAuthProvider() })
+    .safeParse(useParams());
   const searchParams = z
     .object({ code: z.string(), state: z.string() })
     .safeParse({
@@ -43,10 +50,14 @@ export default function PageOAuthCallback() {
       if (isTriggeredRef.current) return;
       isTriggeredRef.current = true;
 
+      if (!(params.success && searchParams.success)) {
+        notFound();
+      }
+
       validateLogin.mutate({
-        provider: params.provider,
-        code: searchParams.data?.code ?? '',
-        state: searchParams.data?.state ?? '',
+        provider: params.data.provider,
+        code: searchParams.data.code,
+        state: searchParams.data.state,
         language: i18n.language,
       });
     };

src/server/config/oauth/providers/discord.ts

@@ -8,6 +8,7 @@ import { OAuthClient, getOAuthCallbackUrl } from '@/server/config/oauth/utils';
 const zDiscordUser = () =>
   z.object({
     id: z.string(),
+    username: z.string().nullish(),
     global_name: z.string().nullish(),
     email: z.string().email().nullish(),
     verified: z.boolean().nullish(),
@@ -29,7 +30,7 @@ export const discord: OAuthClient = {
     if (!discordClient) {
       throw new TRPCError({
         code: 'NOT_IMPLEMENTED',
-        message: 'Missing Discord environnement variables',
+        message: 'Missing Discord environment variables',
       });
     }
     return await discordClient.createAuthorizationURL(state, {
@@ -40,7 +41,7 @@ export const discord: OAuthClient = {
     if (!discordClient) {
       throw new TRPCError({
         code: 'NOT_IMPLEMENTED',
-        message: 'Missing Discord environnement variables',
+        message: 'Missing Discord environment variables',
       });
     }
     return discordClient.validateAuthorizationCode(code);
@@ -61,7 +62,7 @@ export const discord: OAuthClient = {
     }
 
     const userData = await userResponse.json();
-    ctx.logger.debug(userData);
+    ctx.logger.info('User data retrieved from Discord');
 
     ctx.logger.info('Parse the Discord user');
     const discordUser = zDiscordUser().safeParse(userData);
@@ -76,7 +77,7 @@ export const discord: OAuthClient = {
 
     return {
       id: discordUser.data.id,
-      name: discordUser.data.global_name,
+      name: discordUser.data.global_name ?? discordUser.data.username,
       email: discordUser.data.email,
       isEmailVerified: !!discordUser.data.verified,
       language: discordUser.data.locale,

src/server/config/oauth/providers/github.ts

@@ -34,7 +34,7 @@ export const github: OAuthClient = {
     if (!githubClient) {
       throw new TRPCError({
         code: 'NOT_IMPLEMENTED',
-        message: 'Missing GitHub environnement variables',
+        message: 'Missing GitHub environment variables',
       });
     }
     return await githubClient.createAuthorizationURL(state, {
@@ -45,7 +45,7 @@ export const github: OAuthClient = {
     if (!githubClient) {
       throw new TRPCError({
         code: 'NOT_IMPLEMENTED',
-        message: 'Missing GitHub environnement variables',
+        message: 'Missing GitHub environment variables',
       });
     }
     return githubClient.validateAuthorizationCode(code);
@@ -80,7 +80,7 @@ export const github: OAuthClient = {
     }
 
     const emailsData = await emailsResponse.json();
-    ctx.logger.debug(emailsData);
+    ctx.logger.info('Retrieved emails from GitHub');
 
     ctx.logger.info('Parse the GitHub user emails');
     const emails = zGitHubEmails().safeParse(emailsData);
@@ -98,7 +98,7 @@ export const github: OAuthClient = {
     const primaryEmail = emails.data?.find((email) => email.primary) ?? null;
 
     const userData = await userResponse.json();
-    ctx.logger.debug(userData);
+    ctx.logger.info('User data retrieved from GitHub');
 
     ctx.logger.info('Parse the GitHub user');
     const gitHubUser = zGitHubUser().safeParse(userData);

src/server/config/oauth/providers/google.ts

@@ -28,10 +28,15 @@ export const google: OAuthClient = {
     if (!googleClient) {
       throw new TRPCError({
         code: 'NOT_IMPLEMENTED',
-        message: 'Missing Google environnement variables',
+        message: 'Missing Google environment variables',
+      });
+    }
+    if (!codeVerifier) {
+      throw new TRPCError({
+        code: 'BAD_REQUEST',
+        message: 'Missing codeVerifier',
       });
     }
-    if (!codeVerifier) throw new Error('Missing codeVerifier');
     return await googleClient.createAuthorizationURL(state, codeVerifier, {
       scopes: ['email', 'profile'],
     });
@@ -40,7 +45,7 @@ export const google: OAuthClient = {
     if (!googleClient) {
       throw new TRPCError({
         code: 'NOT_IMPLEMENTED',
-        message: 'Missing Google environnement variables',
+        message: 'Missing Google environment variables',
       });
     }
     if (!codeVerifier) throw new Error('Missing codeVerifier');
@@ -65,7 +70,7 @@ export const google: OAuthClient = {
     }
 
     const userData = await userResponse.json();
-    ctx.logger.debug(userData);
+    ctx.logger.info('User data retrieved from Google');
 
     ctx.logger.info('Parse the Google user');
     const googleUser = zGoogleUser().safeParse(userData);

src/server/routers/oauth.tsx

@@ -96,10 +96,10 @@ export const oauthRouter = createTRPCRouter({
         oAuthProvider(input.provider).shouldUseCodeVerifier &&
         !codeVerifierFromCookie.data
       ) {
-        ctx.logger.warn('Missing oAuth codeVerifier');
+        ctx.logger.warn('Invalid or expired authorization request');
         throw new TRPCError({
           code: 'BAD_REQUEST',
-          message: 'Missing oAuth codeVerifier',
+          message: 'Invalid or expired authorization request',
         });
       }
 
@@ -176,16 +176,18 @@ export const oauthRouter = createTRPCRouter({
       }
 
       if (existingUser?.accountStatus === 'DISABLED') {
+        ctx.logger.info('Account is disabled');
         throw new TRPCError({
           code: 'UNAUTHORIZED',
-          message: 'Account is disabled',
+          message: 'Please verify your account to proceed',
         });
       }
 
       if (existingUser?.accountStatus === 'NOT_VERIFIED') {
+        ctx.logger.error('Account should not be NOT_VERIFIED at this point');
         throw new TRPCError({
-          code: 'INTERNAL_SERVER_ERROR',
-          message: 'Account should not be NOT_VERIFIED at this point',
+          code: 'UNAUTHORIZED',
+          message: 'Please verify your account to proceed',
         });
       }