OAuth2 tweaks

Author: simonredfern

server/controllers/RequestController.ts

@@ -45,8 +45,17 @@ export class OBPController {
     const path = request.query.path
     const oauthConfig = session['clientConfig']
 
+    // Debug logging
+    console.log('RequestController.get - Path:', path)
+    console.log('RequestController.get - Has session:', !!session)
+    console.log('RequestController.get - Has clientConfig:', !!oauthConfig)
+    console.log('RequestController.get - Has oauth2:', !!oauthConfig?.oauth2)
+    console.log('RequestController.get - Has accessToken:', !!oauthConfig?.oauth2?.accessToken)
+    console.log('RequestController.get - Session keys:', Object.keys(session || {}))
+
     // Check if user is authenticated
     if (!oauthConfig || !oauthConfig.oauth2?.accessToken) {
+      console.log('RequestController.get - User not authenticated')
       return response.status(401).json({
         code: 401,
         message: 'OBP-20001: User not logged in. Authentication is required!'

server/controllers/UserController.ts

@@ -61,6 +61,8 @@ export class UserController {
     delete session['oauth2_token_timestamp']
     delete session['oauth2_user_info']
     delete session['oauth2_user']
+    delete session['clientConfig']
+    delete session['opeyConfig']
 
     // Destroy the session completely
     session.destroy((err: any) => {

server/middlewares/OAuth2CallbackMiddleware.ts

@@ -263,6 +263,21 @@ export default class OAuth2CallbackMiddleware implements ExpressMiddlewareInterf
       console.log('OAuth2CallbackMiddleware: Fetching user info')
       const userInfo = await this.oauth2Service.getUserInfo(tokens.accessToken)
 
+      // Debug: Decode access token to see what user ID OBP-API will see
+      try {
+        const accessTokenDecoded: any = jwt.decode(tokens.accessToken)
+        console.log('\n\n========================================')
+        console.log('🔍 ACCESS TOKEN DECODED - THIS IS WHAT OBP-API SEES')
+        console.log('========================================')
+        console.log('  sub (user ID):', accessTokenDecoded?.sub)
+        console.log('  email:', accessTokenDecoded?.email)
+        console.log('  preferred_username:', accessTokenDecoded?.preferred_username)
+        console.log('  Full payload:', JSON.stringify(accessTokenDecoded, null, 2))
+        console.log('========================================\n\n')
+      } catch (error) {
+        console.warn('OAuth2CallbackMiddleware: Failed to decode access token:', error)
+      }
+
       // Store tokens in session
       session['oauth2_access_token'] = tokens.accessToken
       session['oauth2_refresh_token'] = tokens.refreshToken || null