📝 Add docstrings to fix/third-party-login

coderabbitai[bot] · web-flow · commit 03f842bd9e6e · 2025-12-08T22:49:10.000Z
Docstrings generation was requested by @d-gubert. * #37707 (comment) The following files were modified: * `apps/meteor/app/api/server/middlewares/authentication.ts` * `apps/meteor/app/oauth2-server-config/server/oauth/oauth2-server.ts`
diff --git a/apps/meteor/app/api/server/middlewares/authentication.ts b/apps/meteor/app/api/server/middlewares/authentication.ts
@@ -10,6 +10,17 @@ type AuthenticationMiddlewareConfig = {
 	cookies?: boolean;
 };
 
+/**
+ * Creates an Express middleware that authenticates requests using header/cookie tokens or OAuth2.
+ *
+ * The middleware sets `req.user` when authentication succeeds and `req.userId` to the authenticated user's `_id`.
+ * If `rejectUnauthorized` is true and no user is authenticated, the middleware responds with HTTP 401 and stops the request.
+ *
+ * @param config - Configuration for the middleware.
+ *   - `rejectUnauthorized` (default: `true`): If true, unauthenticated requests are rejected with HTTP 401.
+ *   - `cookies` (default: `false`): If true, authentication values are read from cookies when available.
+ * @returns An Express middleware function that enforces authentication and populates `req.user` and `req.userId`.
+ */
 export function authenticationMiddleware(
 	config: AuthenticationMiddlewareConfig = {
 		rejectUnauthorized: true,
@@ -69,4 +80,4 @@ export function hasPermissionMiddleware(
 		}
 		next();
 	};
-}
+}
diff --git a/apps/meteor/app/oauth2-server-config/server/oauth/oauth2-server.ts b/apps/meteor/app/oauth2-server-config/server/oauth/oauth2-server.ts
@@ -13,11 +13,21 @@ const oauth2server = new OAuth2Server({
 	debug: false,
 });
 
-// https://github.com/RocketChat/rocketchat-oauth2-server/blob/e758fd7ef69348c7ceceabe241747a986c32d036/model.coffee#L27-L27
+/**
+ * Fetches an access token record by its token string.
+ *
+ * @returns The access token record matching `accessToken`, or `undefined` if none is found.
+ */
 async function getAccessToken(accessToken: string) {
 	return OAuthAccessTokens.findOneByAccessToken(accessToken);
 }
 
+/**
+ * Authenticate a request using an OAuth2 access token and return the corresponding user.
+ *
+ * @param partialRequest - Object containing `headers` and `query` used to locate the access token (`Authorization: Bearer <token>` header or `access_token` query parameter)
+ * @returns The authenticated `IUser` when the token is present, valid, and maps to an existing user; `undefined` if the token is missing, invalid, expired, or the user is not found
+ */
 export async function oAuth2ServerAuth(partialRequest: {
 	headers: Record<string, string | undefined>;
 	query: Record<string, string | undefined>;
@@ -82,4 +92,4 @@ API.v1.addAuthMethod((request: globalThis.Request) => {
 	return oAuth2ServerAuth({ headers, query });
 });
 
-(WebApp.connectHandlers as unknown as ReturnType<typeof express>).use(oauth2server.app);
+(WebApp.connectHandlers as unknown as ReturnType<typeof express>).use(oauth2server.app);
