added nextclud oAuth

apps/hub/app/(auth)/oauth/_components/Authorize.tsx

@@ -4,6 +4,8 @@ import { Service } from "../page";
 import { generateToken } from "./action";
 import { useSession } from "next-auth/react";
 import { useErrorBoundary } from "react-error-boundary";
+import { se } from "date-fns/locale";
+import { PERMISSION } from "@repo/db";
 
 export const Authorize = ({ service }: { service: Service }) => {
 	const { showBoundary } = useErrorBoundary();
@@ -12,8 +14,7 @@ export const Authorize = ({ service }: { service: Service }) => {
 		searchParams.get("redirect_uri")?.startsWith(url),
 	);
 	const { data: session } = useSession();
-	if (!session)
+	if (!session) redirect("/login?redirect=" + encodeURIComponent(window.location.href));
-		redirect("/login?redirect=" + encodeURIComponent(window.location.href));
 	if (!legitimeUrl)
 		return (
 			<div className="card-body">
@@ -21,13 +22,24 @@ export const Authorize = ({ service }: { service: Service }) => {
 				<p>Du greifst von einem nicht genehmigtem Server auf diese URL zu</p>
 			</div>
 		);
+	if (
+		service.requiredPermissions &&
+		!service.requiredPermissions.every((p) => session.user.permissions.includes(p as PERMISSION))
+	)
+		return (
+			<div className="card-body">
+				<h1 className="text-4xl font-bold">Fehlende Berechtigung</h1>
+				<p>
+					Du hast nicht die erforderlichen Berechtigungen, um dich auf diesem Service anzumelden.
+				</p>
+			</div>
+		);
 
 	return (
 		<form className="card-body" onSubmit={(e) => e.preventDefault()}>
 			<h1 className="text-4xl font-bold">Zugriff zulassen</h1>
 			<p>
-				Die Anwendung <strong>{service.name}</strong> möchte auf deine Daten
+				Die Anwendung <strong>{service.name}</strong> möchte auf deine Daten zugreifen.
-				zugreifen.
 			</p>
 			<div className="space-x-4">
 				<button type="button" className="btn">
@@ -41,10 +53,7 @@ export const Authorize = ({ service }: { service: Service }) => {
 							const code = await generateToken(service);
 							const url = new URL(searchParams.get("redirect_uri") as string);
 							url.searchParams.append("code", code?.accessToken as string);
-							url.searchParams.append(
+							url.searchParams.append("state", searchParams.get("state") as string);
-								"state",
-								searchParams.get("state") as string,
-							);
 
 							window.location.href = url.href;
 						} catch (error) {

apps/hub/helper/authServices.ts

@@ -19,4 +19,15 @@ export const services = [
 		name: "Moodle",
 		approvedUrls: ["http://localhost:8081", "https://moodle.virtualairrescue.com"],
 	},
+	{
+		id: "4",
+		secret: "as6gcx75s",
+		service: "nextcloud",
+		name: "Nextcloud",
+		approvedUrls: [
+			"https://nextcloud.virtualairrescue.com",
+			"http://nextcloud.virtualairrescue.com/",
+		],
+		requiredPermissions: ["ADMIN_USER"],
+	},
 ];