feat: add fluxer upstream source and self-hosting documentation

- Clone of github.com/fluxerapp/fluxer (official upstream) - SELF_HOSTING.md: full VM rebuild procedure, architecture overview, service reference, step-by-step setup, troubleshooting, seattle reference - dev/.env.example: all env vars with secrets redacted and generation instructions - dev/livekit.yaml: LiveKit config template with placeholder keys - fluxer-seattle/: existing seattle deployment setup scripts
2026-03-13 00:55:14 -07:00
parent 5ceda343b8
commit 3b9d759b4b
5859 changed files with 1923440 additions and 0 deletions
--- a/fluxer/packages/api/src/oauth/utils/ParseClientCredentials.tsx
+++ b/fluxer/packages/api/src/oauth/utils/ParseClientCredentials.tsx
@@ -0,0 +1,66 @@
+/*
+ * Copyright (C) 2026 Fluxer Contributors
+ *
+ * This file is part of Fluxer.
+ *
+ * Fluxer is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * Fluxer is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with Fluxer. If not, see <https://www.gnu.org/licenses/>.
+ */
+
+import {Logger} from '@fluxer/api/src/Logger';
+import {z} from 'zod';
+
+const BasicAuthScheme = z
+	.string()
+	.regex(/^Basic\s+/i)
+	.transform((val) => val.replace(/^Basic\s+/i, ''));
+
+interface ParsedClientCredentials {
+	clientId: string;
+	clientSecret?: string;
+}
+
+export function parseClientCredentials(
+	authorizationHeader: string | undefined,
+	bodyClientId?: bigint,
+	bodyClientSecret?: string,
+): ParsedClientCredentials {
+	const bodyClientIdStr = bodyClientId?.toString() ?? '';
+
+	if (authorizationHeader) {
+		const parseResult = BasicAuthScheme.safeParse(authorizationHeader);
+		if (parseResult.success) {
+			try {
+				const decoded = Buffer.from(parseResult.data, 'base64').toString('utf8');
+				const colonIndex = decoded.indexOf(':');
+
+				if (colonIndex >= 0) {
+					const id = decoded.slice(0, colonIndex);
+					const secret = decoded.slice(colonIndex + 1);
+
+					return {
+						clientId: id || bodyClientIdStr,
+						clientSecret: secret || bodyClientSecret,
+					};
+				}
+			} catch (error) {
+				Logger.debug({error}, 'Failed to decode basic auth credentials, falling back to body credentials');
+			}
+		}
+	}
+
+	return {
+		clientId: bodyClientIdStr,
+		clientSecret: bodyClientSecret,
+	};
+}