From 89028f3852573eb307f3eb48d304b74764b196bf Mon Sep 17 00:00:00 2001
From: Alma <alma@MacBook-Air-de-Alma.local>
Date: Sun, 13 Apr 2025 21:18:32 +0200
Subject: [PATCH] widget email 10

---
 app/api/auth/[...nextauth]/route.ts |  5 ---
 app/api/emails/route.ts             | 61 ++++++++++++-----------------
 2 files changed, 25 insertions(+), 41 deletions(-)

diff --git a/app/api/auth/[...nextauth]/route.ts b/app/api/auth/[...nextauth]/route.ts
index 86811859..c7850b39 100644
--- a/app/api/auth/[...nextauth]/route.ts
+++ b/app/api/auth/[...nextauth]/route.ts
@@ -14,8 +14,6 @@ declare module "next-auth" {
       role: string[];
     };
     accessToken: string;
-    rocketChatToken: string | null;
-    rocketChatUserId: string | null;
   }
 
   interface JWT {
@@ -26,8 +24,6 @@ declare module "next-auth" {
     username: string;
     first_name: string;
     last_name: string;
-    rocketChatToken: string | null;
-    rocketChatUserId: string | null;
   }
 }
 
@@ -46,7 +42,6 @@ export const authOptions: NextAuthOptions = {
       clientSecret: getRequiredEnvVar("KEYCLOAK_CLIENT_SECRET"),
       issuer: getRequiredEnvVar("KEYCLOAK_ISSUER"),
       profile(profile) {
-        console.log("Keycloak profile received for user:", profile.preferred_username);
         return {
           id: profile.sub,
           name: profile.name ?? profile.preferred_username,
diff --git a/app/api/emails/route.ts b/app/api/emails/route.ts
index 9b9e98b0..5cb5904d 100644
--- a/app/api/emails/route.ts
+++ b/app/api/emails/route.ts
@@ -6,62 +6,51 @@ export async function GET(req: NextRequest) {
   try {
     const session = await getServerSession(authOptions);
 
-    if (!session?.user?.email || !session?.accessToken) {
+    if (!session?.user?.email) {
       return NextResponse.json({ error: 'Unauthorized' }, { status: 401 });
     }
 
     const nextcloudUrl = process.env.NEXTCLOUD_URL;
-    if (!nextcloudUrl) {
-      console.error('Missing Nextcloud URL');
+    const clientId = process.env.NEXTCLOUD_CLIENT_ID;
+    const clientSecret = process.env.NEXTCLOUD_CLIENT_SECRET;
+
+    if (!nextcloudUrl || !clientId || !clientSecret) {
+      console.error('Missing Nextcloud configuration');
       return NextResponse.json(
         { error: 'Nextcloud configuration is missing' },
         { status: 500 }
       );
     }
 
-    // First, try to get the user's Nextcloud ID using the OCS API
-    const userInfoResponse = await fetch(`${nextcloudUrl}/ocs/v2.php/cloud/user`, {
+    // First, get a Nextcloud OIDC token using client credentials
+    const tokenResponse = await fetch(`${nextcloudUrl}/index.php/apps/oauth2/api/v1/token`, {
+      method: 'POST',
       headers: {
-        'Authorization': `Bearer ${session.accessToken}`,
-        'Accept': 'application/json',
-        'OCS-APIRequest': 'true',
-        'Content-Type': 'application/json',
-        'X-Requested-With': 'XMLHttpRequest',
+        'Content-Type': 'application/x-www-form-urlencoded',
+        'Authorization': `Basic ${Buffer.from(`${clientId}:${clientSecret}`).toString('base64')}`,
       },
+      body: new URLSearchParams({
+        grant_type: 'client_credentials',
+        scope: 'ocs',
+      }),
     });
 
-    if (!userInfoResponse.ok) {
-      console.error('Failed to get user info:', {
-        status: userInfoResponse.status,
-        statusText: userInfoResponse.statusText,
-        url: userInfoResponse.url,
+    if (!tokenResponse.ok) {
+      const errorData = await tokenResponse.json();
+      console.error('Failed to get Nextcloud token:', {
+        status: tokenResponse.status,
+        statusText: tokenResponse.statusText,
+        error: errorData
       });
-      
-      if (userInfoResponse.status === 401) {
-        return NextResponse.json({ error: 'Nextcloud authentication failed' }, { status: 401 });
-      }
-      
-      return NextResponse.json(
-        { error: "L'application Mail n'est pas disponible sur Nextcloud. Veuillez contacter votre administrateur." },
-        { status: 404 }
-      );
+      return NextResponse.json({ error: 'Nextcloud authentication failed' }, { status: 401 });
     }
 
-    const userInfo = await userInfoResponse.json();
-    const userId = userInfo?.ocs?.data?.id;
+    const { access_token } = await tokenResponse.json();
 
-    if (!userId) {
-      console.error('Failed to get user ID from Nextcloud');
-      return NextResponse.json(
-        { error: "L'application Mail n'est pas disponible sur Nextcloud. Veuillez contacter votre administrateur." },
-        { status: 404 }
-      );
-    }
-
-    // Now try to access the Mail app using OCS API
+    // Now try to access the Mail app using the Nextcloud token
     const response = await fetch(`${nextcloudUrl}/ocs/v2.php/apps/mail/api/v1/accounts`, {
       headers: {
-        'Authorization': `Bearer ${session.accessToken}`,
+        'Authorization': `Bearer ${access_token}`,
         'Accept': 'application/json',
         'OCS-APIRequest': 'true',
         'Content-Type': 'application/json',