2019-10-01 08:21:46 +00:00
|
|
|
# Pleroma: A lightweight social networking server
|
2021-01-13 06:49:20 +00:00
|
|
|
# Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
|
2019-10-01 08:21:46 +00:00
|
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
|
|
|
|
defmodule Pleroma.Web.MastodonAPI.AppController do
|
2021-02-11 12:02:50 +00:00
|
|
|
@moduledoc """
|
|
|
|
Controller for supporting app-related actions.
|
|
|
|
If authentication is an option, app tokens (user-unbound) must be supported.
|
|
|
|
"""
|
|
|
|
|
2019-10-01 08:21:46 +00:00
|
|
|
use Pleroma.Web, :controller
|
|
|
|
|
2021-08-29 05:18:12 +00:00
|
|
|
alias Pleroma.Maps
|
2019-10-01 08:21:46 +00:00
|
|
|
alias Pleroma.Repo
|
2021-08-29 13:22:03 +00:00
|
|
|
alias Pleroma.User
|
2019-10-01 08:21:46 +00:00
|
|
|
alias Pleroma.Web.OAuth.App
|
|
|
|
alias Pleroma.Web.OAuth.Scopes
|
|
|
|
alias Pleroma.Web.OAuth.Token
|
|
|
|
|
|
|
|
action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
|
|
|
|
|
2021-06-09 00:14:12 +00:00
|
|
|
plug(:skip_auth when action in [:create, :verify_credentials])
|
2020-04-22 15:50:25 +00:00
|
|
|
|
2020-05-04 16:16:18 +00:00
|
|
|
plug(Pleroma.Web.ApiSpec.CastAndValidate)
|
2019-10-06 14:12:17 +00:00
|
|
|
|
2020-04-01 19:00:59 +00:00
|
|
|
defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.AppOperation
|
|
|
|
|
2019-10-01 08:21:46 +00:00
|
|
|
@doc "POST /api/v1/apps"
|
2021-12-28 00:14:15 +00:00
|
|
|
def create(%{body_params: params} = conn, _params) do
|
2019-10-01 08:21:46 +00:00
|
|
|
scopes = Scopes.fetch_scopes(params, ["read"])
|
2021-12-28 00:14:15 +00:00
|
|
|
user_id = get_user_id(conn)
|
2021-08-29 05:18:12 +00:00
|
|
|
|
2019-10-01 08:21:46 +00:00
|
|
|
app_attrs =
|
|
|
|
params
|
2020-04-01 19:00:59 +00:00
|
|
|
|> Map.take([:client_name, :redirect_uris, :website])
|
|
|
|
|> Map.put(:scopes, scopes)
|
2021-08-29 05:18:12 +00:00
|
|
|
|> Maps.put_if_present(:user_id, user_id)
|
2019-10-01 08:21:46 +00:00
|
|
|
|
|
|
|
with cs <- App.register_changeset(%App{}, app_attrs),
|
|
|
|
{:ok, app} <- Repo.insert(cs) do
|
|
|
|
render(conn, "show.json", app: app)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2021-12-28 00:14:15 +00:00
|
|
|
defp get_user_id(%{assigns: %{user: %User{id: user_id}}}), do: user_id
|
|
|
|
defp get_user_id(_conn), do: nil
|
|
|
|
|
2021-02-11 12:02:50 +00:00
|
|
|
@doc """
|
|
|
|
GET /api/v1/apps/verify_credentials
|
|
|
|
Gets compact non-secret representation of the app. Supports app tokens and user tokens.
|
|
|
|
"""
|
|
|
|
def verify_credentials(%{assigns: %{token: %Token{} = token}} = conn, _) do
|
|
|
|
with %{app: %App{} = app} <- Repo.preload(token, :app) do
|
|
|
|
render(conn, "compact_non_secret.json", app: app)
|
2019-10-01 08:21:46 +00:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|