oauth: support either name or username parameter with grant_type=password

closes #180
This commit is contained in:
William Pitcock 2018-06-14 01:45:10 +00:00
parent ea42ba603f
commit 4894b88b1b
1 changed files with 13 additions and 1 deletions

View File

@ -81,7 +81,7 @@ def token_exchange(conn, %{"grant_type" => "authorization_code"} = params) do
# - investigate a way to verify the user wants to grant read/write/follow once scope handling is done # - investigate a way to verify the user wants to grant read/write/follow once scope handling is done
def token_exchange( def token_exchange(
conn, conn,
%{"grant_type" => "password", "name" => name, "password" => password} = params %{"grant_type" => "password", "username" => name, "password" => password} = params
) do ) do
with %App{} = app <- get_app_from_request(conn, params), with %App{} = app <- get_app_from_request(conn, params),
%User{} = user <- User.get_cached_by_nickname(name), %User{} = user <- User.get_cached_by_nickname(name),
@ -104,6 +104,18 @@ def token_exchange(
end end
end end
def token_exchange(
conn,
%{"grant_type" => "password", "name" => name, "password" => password} = params
) do
params =
params
|> Map.delete("name")
|> Map.put("username", name)
token_exchange(conn, params)
end
defp fix_padding(token) do defp fix_padding(token) do
token token
|> Base.url_decode64!(padding: false) |> Base.url_decode64!(padding: false)