Merge branch 'fix/sign-in-with-toot' into 'develop'
Fix sign-in and sign-out with Toot! See merge request pleroma/pleroma!306
This commit is contained in:
Haelwenn
commit
4a3dbd9d4e
|
|
@ -54,7 +54,7 @@ def render("account.json", %{user: user}) do
|
||||||
source: %{
|
source: %{
|
||||||
note: "",
|
note: "",
|
||||||
privacy: user_info.default_scope,
|
privacy: user_info.default_scope,
|
||||||
sensitive: "false"
|
sensitive: false
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
end
|
end
|
||||||
|
|
|
||||||
|
|
@ -60,11 +60,13 @@ def token_exchange(conn, %{"grant_type" => "authorization_code"} = params) do
|
||||||
fixed_token = fix_padding(params["code"]),
|
fixed_token = fix_padding(params["code"]),
|
||||||
%Authorization{} = auth <-
|
%Authorization{} = auth <-
|
||||||
Repo.get_by(Authorization, token: fixed_token, app_id: app.id),
|
Repo.get_by(Authorization, token: fixed_token, app_id: app.id),
|
||||||
{:ok, token} <- Token.exchange_token(app, auth) do
|
{:ok, token} <- Token.exchange_token(app, auth),
|
||||||
|
{:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do
|
||||||
response = %{
|
response = %{
|
||||||
token_type: "Bearer",
|
token_type: "Bearer",
|
||||||
access_token: token.token,
|
access_token: token.token,
|
||||||
refresh_token: token.refresh_token,
|
refresh_token: token.refresh_token,
|
||||||
|
created_at: DateTime.to_unix(inserted_at),
|
||||||
expires_in: 60 * 10,
|
expires_in: 60 * 10,
|
||||||
scope: "read write follow"
|
scope: "read write follow"
|
||||||
}
|
}
|
||||||
|
|
@ -116,6 +118,18 @@ def token_exchange(
|
||||||
token_exchange(conn, params)
|
token_exchange(conn, params)
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def token_revoke(conn, %{"token" => token} = params) do
|
||||||
|
with %App{} = app <- get_app_from_request(conn, params),
|
||||||
|
%Token{} = token <- Repo.get_by(Token, token: token, app_id: app.id),
|
||||||
|
{:ok, %Token{}} <- Repo.delete(token) do
|
||||||
|
json(conn, %{})
|
||||||
|
else
|
||||||
|
_error ->
|
||||||
|
# RFC 7009: invalid tokens [in the request] do not cause an error response
|
||||||
|
json(conn, %{})
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
defp fix_padding(token) do
|
defp fix_padding(token) do
|
||||||
token
|
token
|
||||||
|> Base.url_decode64!(padding: false)
|
|> Base.url_decode64!(padding: false)
|
||||||
|
|
|
||||||
|
|
@ -93,6 +93,7 @@ def user_fetcher(username_or_email) do
|
||||||
get("/authorize", OAuthController, :authorize)
|
get("/authorize", OAuthController, :authorize)
|
||||||
post("/authorize", OAuthController, :create_authorization)
|
post("/authorize", OAuthController, :create_authorization)
|
||||||
post("/token", OAuthController, :token_exchange)
|
post("/token", OAuthController, :token_exchange)
|
||||||
|
post("/revoke", OAuthController, :token_revoke)
|
||||||
end
|
end
|
||||||
|
|
||||||
scope "/api/v1", Pleroma.Web.MastodonAPI do
|
scope "/api/v1", Pleroma.Web.MastodonAPI do
|
||||||
|
|
|
||||||
|
|
@ -90,7 +90,7 @@ test "Represent a Service(bot) account" do
|
||||||
source: %{
|
source: %{
|
||||||
note: "",
|
note: "",
|
||||||
privacy: "public",
|
privacy: "public",
|
||||||
sensitive: "false"
|
sensitive: false
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue