creating trusted app from adminFE & mix task
This commit is contained in:
parent
d74405fc1a
commit
a6ee6784bc
|
@ -99,6 +99,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- Add an option `authorized_fetch_mode` to require HTTP signatures for AP fetches.
|
||||
- ActivityPub: support for `replies` collection (output for outgoing federation & fetching on incoming federation).
|
||||
- Mix task to refresh counter cache (`mix pleroma.refresh_counter_cache`)
|
||||
- Mix task to create trusted OAuth App.
|
||||
<details>
|
||||
<summary>API Changes</summary>
|
||||
|
||||
|
@ -145,6 +146,7 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
|||
- ActivityPub: `[:activitypub, :note_replies_output_limit]` setting sets the number of note self-replies to output on outgoing federation.
|
||||
- Admin API: `GET /api/pleroma/admin/stats` to get status count by visibility scope
|
||||
- Admin API: `GET /api/pleroma/admin/statuses` - list all statuses (accepts `godmode` and `local_only`)
|
||||
- Admin API: endpoints for create/update/delete OAuth Apps.
|
||||
</details>
|
||||
|
||||
### Fixed
|
||||
|
|
|
@ -983,3 +983,104 @@ Loads json generated from `config/descriptions.exs`.
|
|||
}
|
||||
}
|
||||
```
|
||||
|
||||
## `GET /api/pleroma/admin/oauth_app`
|
||||
|
||||
### List OAuth app
|
||||
|
||||
- Params:
|
||||
- *optional* `name`
|
||||
- *optional* `client_id`
|
||||
- *optional* `page`
|
||||
- *optional* `page_size`
|
||||
- *optional* `trusted`
|
||||
|
||||
- Response:
|
||||
|
||||
```json
|
||||
{
|
||||
"apps": [
|
||||
{
|
||||
"id": 1,
|
||||
"name": "App name",
|
||||
"client_id": "yHoDSiWYp5mPV6AfsaVOWjdOyt5PhWRiafi6MRd1lSk",
|
||||
"client_secret": "nLmis486Vqrv2o65eM9mLQx_m_4gH-Q6PcDpGIMl6FY",
|
||||
"redirect_uri": "https://example.com/oauth-callback",
|
||||
"website": "https://example.com",
|
||||
"trusted": true
|
||||
}
|
||||
],
|
||||
"count": 17,
|
||||
"page_size": 50
|
||||
}
|
||||
```
|
||||
|
||||
|
||||
## `POST /api/pleroma/admin/oauth_app`
|
||||
|
||||
### Create OAuth App
|
||||
|
||||
- Params:
|
||||
- `name`
|
||||
- `redirect_uris`
|
||||
- `scopes`
|
||||
- *optional* `website`
|
||||
- *optional* `trusted`
|
||||
|
||||
- Response:
|
||||
|
||||
```json
|
||||
{
|
||||
"id": 1,
|
||||
"name": "App name",
|
||||
"client_id": "yHoDSiWYp5mPV6AfsaVOWjdOyt5PhWRiafi6MRd1lSk",
|
||||
"client_secret": "nLmis486Vqrv2o65eM9mLQx_m_4gH-Q6PcDpGIMl6FY",
|
||||
"redirect_uri": "https://example.com/oauth-callback",
|
||||
"website": "https://example.com",
|
||||
"trusted": true
|
||||
}
|
||||
```
|
||||
|
||||
- On failure:
|
||||
```json
|
||||
{
|
||||
"redirect_uris": "can't be blank",
|
||||
"name": "can't be blank"
|
||||
}
|
||||
```
|
||||
|
||||
## `PATCH /api/pleroma/admin/oauth_app/:id`
|
||||
|
||||
### Update OAuth App
|
||||
|
||||
- Params:
|
||||
- *optional* `name`
|
||||
- *optional* `redirect_uris`
|
||||
- *optional* `scopes`
|
||||
- *optional* `website`
|
||||
- *optional* `trusted`
|
||||
|
||||
- Response:
|
||||
|
||||
```json
|
||||
{
|
||||
"id": 1,
|
||||
"name": "App name",
|
||||
"client_id": "yHoDSiWYp5mPV6AfsaVOWjdOyt5PhWRiafi6MRd1lSk",
|
||||
"client_secret": "nLmis486Vqrv2o65eM9mLQx_m_4gH-Q6PcDpGIMl6FY",
|
||||
"redirect_uri": "https://example.com/oauth-callback",
|
||||
"website": "https://example.com",
|
||||
"trusted": true
|
||||
}
|
||||
```
|
||||
|
||||
## `DELETE /api/pleroma/admin/oauth_app/:id`
|
||||
|
||||
### Delete OAuth App
|
||||
|
||||
- Params: None
|
||||
|
||||
- Response:
|
||||
- On success: `204`, empty response
|
||||
- On failure:
|
||||
- 400 Bad Request `"Invalid parameters"` when `status` is missing
|
|
@ -0,0 +1,16 @@
|
|||
# Creating trusted OAuth App
|
||||
|
||||
{! backend/administration/CLI_tasks/general_cli_task_info.include !}
|
||||
|
||||
## Create trusted OAuth App.
|
||||
|
||||
Optional params:
|
||||
* `-s SCOPES` - scopes for app, e.g. `read,write,follow,push`.
|
||||
|
||||
```sh tab="OTP"
|
||||
./bin/pleroma_ctl app create -n APP_NAME -r REDIRECT_URI
|
||||
```
|
||||
|
||||
```sh tab="From Source"
|
||||
mix pleroma.app create -n APP_NAME -r REDIRECT_URI
|
||||
```
|
|
@ -0,0 +1,49 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Mix.Tasks.Pleroma.App do
|
||||
@moduledoc File.read!("docs/administration/CLI_tasks/oauth_app.md")
|
||||
use Mix.Task
|
||||
|
||||
import Mix.Pleroma
|
||||
|
||||
@shortdoc "Creates trusted OAuth App"
|
||||
|
||||
def run(["create" | options]) do
|
||||
start_pleroma()
|
||||
|
||||
{opts, _} =
|
||||
OptionParser.parse!(options,
|
||||
strict: [name: :string, redirect_uri: :string, scopes: :string],
|
||||
aliases: [n: :name, r: :redirect_uri, s: :scopes]
|
||||
)
|
||||
|
||||
scopes =
|
||||
if opts[:scopes] do
|
||||
String.split(opts[:scopes], ",")
|
||||
else
|
||||
["read", "write", "follow", "push"]
|
||||
end
|
||||
|
||||
params = %{
|
||||
client_name: opts[:name],
|
||||
redirect_uris: opts[:redirect_uri],
|
||||
trusted: true,
|
||||
scopes: scopes
|
||||
}
|
||||
|
||||
with {:ok, app} <- Pleroma.Web.OAuth.App.create(params) do
|
||||
shell_info("#{app.client_name} successfully created:")
|
||||
shell_info("App client_id: " <> app.client_id)
|
||||
shell_info("App client_secret: " <> app.client_secret)
|
||||
else
|
||||
{:error, changeset} ->
|
||||
shell_error("Creating failed:")
|
||||
|
||||
Enum.each(Pleroma.Web.OAuth.App.errors(changeset), fn {key, error} ->
|
||||
shell_error("#{key}: #{error}")
|
||||
end)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -27,7 +27,9 @@ defmodule Pleroma.Web.AdminAPI.AdminAPIController do
|
|||
alias Pleroma.Web.AdminAPI.Search
|
||||
alias Pleroma.Web.CommonAPI
|
||||
alias Pleroma.Web.Endpoint
|
||||
alias Pleroma.Web.MastodonAPI.AppView
|
||||
alias Pleroma.Web.MastodonAPI.StatusView
|
||||
alias Pleroma.Web.OAuth.App
|
||||
alias Pleroma.Web.Router
|
||||
|
||||
require Logger
|
||||
|
@ -978,6 +980,83 @@ def resend_confirmation_email(%{assigns: %{user: admin}} = conn, %{"nicknames" =
|
|||
conn |> json("")
|
||||
end
|
||||
|
||||
def oauth_app_create(conn, params) do
|
||||
params =
|
||||
if params["name"] do
|
||||
Map.put(params, "client_name", params["name"])
|
||||
else
|
||||
params
|
||||
end
|
||||
|
||||
result =
|
||||
case App.create(params) do
|
||||
{:ok, app} ->
|
||||
AppView.render("show.json", %{app: app, admin: true})
|
||||
|
||||
{:error, changeset} ->
|
||||
App.errors(changeset)
|
||||
end
|
||||
|
||||
json(conn, result)
|
||||
end
|
||||
|
||||
def oauth_app_update(conn, params) do
|
||||
params =
|
||||
if params["name"] do
|
||||
Map.put(params, "client_name", params["name"])
|
||||
else
|
||||
params
|
||||
end
|
||||
|
||||
with {:ok, app} <- App.update(params) do
|
||||
json(conn, AppView.render("show.json", %{app: app, admin: true}))
|
||||
else
|
||||
{:error, changeset} ->
|
||||
json(conn, App.errors(changeset))
|
||||
|
||||
nil ->
|
||||
json_response(conn, :bad_request, "")
|
||||
end
|
||||
end
|
||||
|
||||
def oauth_app_list(conn, params) do
|
||||
{page, page_size} = page_params(params)
|
||||
|
||||
search_params = %{
|
||||
client_name: params["name"],
|
||||
client_id: params["client_id"],
|
||||
page: page,
|
||||
page_size: page_size
|
||||
}
|
||||
|
||||
search_params =
|
||||
if Map.has_key?(params, "trusted") do
|
||||
Map.put(search_params, :trusted, params["trusted"])
|
||||
else
|
||||
search_params
|
||||
end
|
||||
|
||||
with {:ok, apps, count} <- App.search(search_params) do
|
||||
json(
|
||||
conn,
|
||||
AppView.render("index.json",
|
||||
apps: apps,
|
||||
count: count,
|
||||
page_size: page_size,
|
||||
admin: true
|
||||
)
|
||||
)
|
||||
end
|
||||
end
|
||||
|
||||
def oauth_app_delete(conn, params) do
|
||||
with {:ok, _app} <- App.destroy(params["id"]) do
|
||||
json_response(conn, :no_content, "")
|
||||
else
|
||||
_ -> json_response(conn, :bad_request, "")
|
||||
end
|
||||
end
|
||||
|
||||
def stats(conn, _) do
|
||||
count = Stats.get_status_visibility_count()
|
||||
|
||||
|
|
|
@ -92,6 +92,7 @@ def create(
|
|||
|> Map.put("fullname", params["fullname"] || nickname)
|
||||
|> Map.put("bio", params["bio"] || "")
|
||||
|> Map.put("confirm", params["password"])
|
||||
|> Map.put("trusted_app", app.trusted)
|
||||
|
||||
with :ok <- validate_email_param(params),
|
||||
{:ok, user} <- TwitterAPI.register_user(params, need_confirmation: true),
|
||||
|
|
|
@ -7,6 +7,21 @@ defmodule Pleroma.Web.MastodonAPI.AppView do
|
|||
|
||||
alias Pleroma.Web.OAuth.App
|
||||
|
||||
def render("index.json", %{apps: apps, count: count, page_size: page_size, admin: true}) do
|
||||
%{
|
||||
apps: render_many(apps, Pleroma.Web.MastodonAPI.AppView, "show.json", %{admin: true}),
|
||||
count: count,
|
||||
page_size: page_size
|
||||
}
|
||||
end
|
||||
|
||||
def render("show.json", %{admin: true, app: %App{} = app} = assigns) do
|
||||
"show.json"
|
||||
|> render(Map.delete(assigns, :admin))
|
||||
|> Map.put(:trusted, app.trusted)
|
||||
|> Map.put(:id, app.id)
|
||||
end
|
||||
|
||||
def render("show.json", %{app: %App{} = app}) do
|
||||
%{
|
||||
id: app.id |> to_string,
|
||||
|
|
|
@ -5,6 +5,7 @@
|
|||
defmodule Pleroma.Web.OAuth.App do
|
||||
use Ecto.Schema
|
||||
import Ecto.Changeset
|
||||
import Ecto.Query
|
||||
alias Pleroma.Repo
|
||||
|
||||
@type t :: %__MODULE__{}
|
||||
|
@ -16,14 +17,24 @@ defmodule Pleroma.Web.OAuth.App do
|
|||
field(:website, :string)
|
||||
field(:client_id, :string)
|
||||
field(:client_secret, :string)
|
||||
field(:trusted, :boolean, default: false)
|
||||
|
||||
has_many(:oauth_authorizations, Pleroma.Web.OAuth.Authorization, on_delete: :delete_all)
|
||||
has_many(:oauth_tokens, Pleroma.Web.OAuth.Token, on_delete: :delete_all)
|
||||
|
||||
timestamps()
|
||||
end
|
||||
|
||||
@spec changeset(App.t(), map()) :: Ecto.Changeset.t()
|
||||
def changeset(struct, params) do
|
||||
cast(struct, params, [:client_name, :redirect_uris, :scopes, :website, :trusted])
|
||||
end
|
||||
|
||||
@spec register_changeset(App.t(), map()) :: Ecto.Changeset.t()
|
||||
def register_changeset(struct, params \\ %{}) do
|
||||
changeset =
|
||||
struct
|
||||
|> cast(params, [:client_name, :redirect_uris, :scopes, :website])
|
||||
|> changeset(params)
|
||||
|> validate_required([:client_name, :redirect_uris, :scopes])
|
||||
|
||||
if changeset.valid? do
|
||||
|
@ -41,6 +52,21 @@ def register_changeset(struct, params \\ %{}) do
|
|||
end
|
||||
end
|
||||
|
||||
@spec create(map()) :: {:ok, App.t()} | {:error, Ecto.Changeset.t()}
|
||||
def create(params) do
|
||||
with changeset <- __MODULE__.register_changeset(%__MODULE__{}, params) do
|
||||
Repo.insert(changeset)
|
||||
end
|
||||
end
|
||||
|
||||
@spec update(map()) :: {:ok, App.t()} | {:error, Ecto.Changeset.t()}
|
||||
def update(params) do
|
||||
with %__MODULE__{} = app <- Repo.get(__MODULE__, params["id"]),
|
||||
changeset <- changeset(app, params) do
|
||||
Repo.update(changeset)
|
||||
end
|
||||
end
|
||||
|
||||
@doc """
|
||||
Gets app by attrs or create new with attrs.
|
||||
And updates the scopes if need.
|
||||
|
@ -65,4 +91,58 @@ defp update_scopes(%__MODULE__{} = app, scopes) do
|
|||
|> change(%{scopes: scopes})
|
||||
|> Repo.update()
|
||||
end
|
||||
|
||||
@spec search(map()) :: {:ok, [App.t()], non_neg_integer()}
|
||||
def search(params) do
|
||||
query = from(a in __MODULE__)
|
||||
|
||||
query =
|
||||
if params[:client_name] do
|
||||
from(a in query, where: a.client_name == ^params[:client_name])
|
||||
else
|
||||
query
|
||||
end
|
||||
|
||||
query =
|
||||
if params[:client_id] do
|
||||
from(a in query, where: a.client_id == ^params[:client_id])
|
||||
else
|
||||
query
|
||||
end
|
||||
|
||||
query =
|
||||
if Map.has_key?(params, :trusted) do
|
||||
from(a in query, where: a.trusted == ^params[:trusted])
|
||||
else
|
||||
query
|
||||
end
|
||||
|
||||
query =
|
||||
from(u in query,
|
||||
limit: ^params[:page_size],
|
||||
offset: ^((params[:page] - 1) * params[:page_size])
|
||||
)
|
||||
|
||||
count = Repo.aggregate(__MODULE__, :count, :id)
|
||||
|
||||
{:ok, Repo.all(query), count}
|
||||
end
|
||||
|
||||
@spec destroy(pos_integer()) :: {:ok, App.t()} | {:error, Ecto.Changeset.t()}
|
||||
def destroy(id) do
|
||||
with %__MODULE__{} = app <- Repo.get(__MODULE__, id) do
|
||||
Repo.delete(app)
|
||||
end
|
||||
end
|
||||
|
||||
@spec errors(Ecto.Changeset.t()) :: map()
|
||||
def errors(changeset) do
|
||||
Enum.reduce(changeset.errors, %{}, fn
|
||||
{:client_name, {error, _}}, acc ->
|
||||
Map.put(acc, :name, error)
|
||||
|
||||
{key, {error, _}}, acc ->
|
||||
Map.put(acc, key, error)
|
||||
end)
|
||||
end
|
||||
end
|
||||
|
|
|
@ -203,6 +203,11 @@ defmodule Pleroma.Web.Router do
|
|||
|
||||
post("/reload_emoji", AdminAPIController, :reload_emoji)
|
||||
get("/stats", AdminAPIController, :stats)
|
||||
|
||||
get("/oauth_app", AdminAPIController, :oauth_app_list)
|
||||
post("/oauth_app", AdminAPIController, :oauth_app_create)
|
||||
patch("/oauth_app/:id", AdminAPIController, :oauth_app_update)
|
||||
delete("/oauth_app/:id", AdminAPIController, :oauth_app_delete)
|
||||
end
|
||||
|
||||
scope "/api/pleroma/emoji", Pleroma.Web.PleromaAPI do
|
||||
|
|
|
@ -13,6 +13,7 @@ defmodule Pleroma.Web.TwitterAPI.TwitterAPI do
|
|||
|
||||
def register_user(params, opts \\ []) do
|
||||
token = params["token"]
|
||||
trusted_app? = params["trusted_app"]
|
||||
|
||||
params = %{
|
||||
nickname: params["nickname"],
|
||||
|
@ -29,7 +30,7 @@ def register_user(params, opts \\ []) do
|
|||
captcha_enabled = Pleroma.Config.get([Pleroma.Captcha, :enabled])
|
||||
# true if captcha is disabled or enabled and valid, false otherwise
|
||||
captcha_ok =
|
||||
if not captcha_enabled do
|
||||
if trusted_app? || not captcha_enabled do
|
||||
:ok
|
||||
else
|
||||
Pleroma.Captcha.validate(
|
||||
|
|
|
@ -0,0 +1,9 @@
|
|||
defmodule Pleroma.Repo.Migrations.AddTrustedToApps do
|
||||
use Ecto.Migration
|
||||
|
||||
def change do
|
||||
alter table(:apps) do
|
||||
add(:trusted, :boolean, default: false)
|
||||
end
|
||||
end
|
||||
end
|
|
@ -294,7 +294,7 @@ def follow_activity_factory do
|
|||
|
||||
def oauth_app_factory do
|
||||
%Pleroma.Web.OAuth.App{
|
||||
client_name: "Some client",
|
||||
client_name: sequence(:client_name, &"Some client #{&1}"),
|
||||
redirect_uris: "https://example.com/callback",
|
||||
scopes: ["read", "write", "follow", "push", "admin"],
|
||||
website: "https://example.com",
|
||||
|
|
|
@ -0,0 +1,65 @@
|
|||
# Pleroma: A lightweight social networking server
|
||||
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
||||
# SPDX-License-Identifier: AGPL-3.0-only
|
||||
|
||||
defmodule Mix.Tasks.Pleroma.AppTest do
|
||||
use Pleroma.DataCase, async: true
|
||||
|
||||
setup_all do
|
||||
Mix.shell(Mix.Shell.Process)
|
||||
|
||||
on_exit(fn ->
|
||||
Mix.shell(Mix.Shell.IO)
|
||||
end)
|
||||
end
|
||||
|
||||
describe "creates new app" do
|
||||
test "with default scopes" do
|
||||
name = "Some name"
|
||||
redirect = "https://example.com"
|
||||
Mix.Tasks.Pleroma.App.run(["create", "-n", name, "-r", redirect])
|
||||
|
||||
assert_app(name, redirect, ["read", "write", "follow", "push"])
|
||||
end
|
||||
|
||||
test "with custom scopes" do
|
||||
name = "Another name"
|
||||
redirect = "https://example.com"
|
||||
|
||||
Mix.Tasks.Pleroma.App.run([
|
||||
"create",
|
||||
"-n",
|
||||
name,
|
||||
"-r",
|
||||
redirect,
|
||||
"-s",
|
||||
"read,write,follow,push,admin"
|
||||
])
|
||||
|
||||
assert_app(name, redirect, ["read", "write", "follow", "push", "admin"])
|
||||
end
|
||||
end
|
||||
|
||||
test "with errors" do
|
||||
Mix.Tasks.Pleroma.App.run(["create"])
|
||||
{:mix_shell, :error, ["Creating failed:"]}
|
||||
{:mix_shell, :error, ["name: can't be blank"]}
|
||||
{:mix_shell, :error, ["redirect_uris: can't be blank"]}
|
||||
end
|
||||
|
||||
defp assert_app(name, redirect, scopes) do
|
||||
app = Repo.get_by(Pleroma.Web.OAuth.App, client_name: name)
|
||||
|
||||
assert_received {:mix_shell, :info, [message]}
|
||||
assert message == "#{name} successfully created:"
|
||||
|
||||
assert_received {:mix_shell, :info, [message]}
|
||||
assert message == "App client_id: #{app.client_id}"
|
||||
|
||||
assert_received {:mix_shell, :info, [message]}
|
||||
assert message == "App client_secret: #{app.client_secret}"
|
||||
|
||||
assert app.scopes == scopes
|
||||
assert app.redirect_uris == redirect
|
||||
end
|
||||
end
|
|
@ -3623,6 +3623,191 @@ test "status visibility count", %{conn: conn} do
|
|||
response["status_visibility"]
|
||||
end
|
||||
end
|
||||
|
||||
describe "POST /api/pleroma/admin/oauth_app" do
|
||||
test "errors", %{conn: conn} do
|
||||
response = conn |> post("/api/pleroma/admin/oauth_app", %{}) |> json_response(200)
|
||||
|
||||
assert response == %{"name" => "can't be blank", "redirect_uris" => "can't be blank"}
|
||||
end
|
||||
|
||||
test "success", %{conn: conn} do
|
||||
base_url = Pleroma.Web.base_url()
|
||||
app_name = "Trusted app"
|
||||
|
||||
response =
|
||||
conn
|
||||
|> post("/api/pleroma/admin/oauth_app", %{
|
||||
name: app_name,
|
||||
redirect_uris: base_url
|
||||
})
|
||||
|> json_response(200)
|
||||
|
||||
assert %{
|
||||
"client_id" => _,
|
||||
"client_secret" => _,
|
||||
"name" => ^app_name,
|
||||
"redirect_uri" => ^base_url,
|
||||
"trusted" => false
|
||||
} = response
|
||||
end
|
||||
|
||||
test "with trusted", %{conn: conn} do
|
||||
base_url = Pleroma.Web.base_url()
|
||||
app_name = "Trusted app"
|
||||
|
||||
response =
|
||||
conn
|
||||
|> post("/api/pleroma/admin/oauth_app", %{
|
||||
name: app_name,
|
||||
redirect_uris: base_url,
|
||||
trusted: true
|
||||
})
|
||||
|> json_response(200)
|
||||
|
||||
assert %{
|
||||
"client_id" => _,
|
||||
"client_secret" => _,
|
||||
"name" => ^app_name,
|
||||
"redirect_uri" => ^base_url,
|
||||
"trusted" => true
|
||||
} = response
|
||||
end
|
||||
end
|
||||
|
||||
describe "GET /api/pleroma/admin/oauth_app" do
|
||||
setup do
|
||||
app = insert(:oauth_app)
|
||||
{:ok, app: app}
|
||||
end
|
||||
|
||||
test "list", %{conn: conn} do
|
||||
response =
|
||||
conn
|
||||
|> get("/api/pleroma/admin/oauth_app")
|
||||
|> json_response(200)
|
||||
|
||||
assert %{"apps" => apps, "count" => count, "page_size" => _} = response
|
||||
|
||||
assert length(apps) == count
|
||||
end
|
||||
|
||||
test "with page size", %{conn: conn} do
|
||||
insert(:oauth_app)
|
||||
page_size = 1
|
||||
|
||||
response =
|
||||
conn
|
||||
|> get("/api/pleroma/admin/oauth_app", %{page_size: to_string(page_size)})
|
||||
|> json_response(200)
|
||||
|
||||
assert %{"apps" => apps, "count" => _, "page_size" => ^page_size} = response
|
||||
|
||||
assert length(apps) == page_size
|
||||
end
|
||||
|
||||
test "search by client name", %{conn: conn, app: app} do
|
||||
response =
|
||||
conn
|
||||
|> get("/api/pleroma/admin/oauth_app", %{name: app.client_name})
|
||||
|> json_response(200)
|
||||
|
||||
assert %{"apps" => [returned], "count" => _, "page_size" => _} = response
|
||||
|
||||
assert returned["client_id"] == app.client_id
|
||||
assert returned["name"] == app.client_name
|
||||
end
|
||||
|
||||
test "search by client id", %{conn: conn, app: app} do
|
||||
response =
|
||||
conn
|
||||
|> get("/api/pleroma/admin/oauth_app", %{client_id: app.client_id})
|
||||
|> json_response(200)
|
||||
|
||||
assert %{"apps" => [returned], "count" => _, "page_size" => _} = response
|
||||
|
||||
assert returned["client_id"] == app.client_id
|
||||
assert returned["name"] == app.client_name
|
||||
end
|
||||
|
||||
test "only trusted", %{conn: conn} do
|
||||
app = insert(:oauth_app, trusted: true)
|
||||
|
||||
response =
|
||||
conn
|
||||
|> get("/api/pleroma/admin/oauth_app", %{trusted: true})
|
||||
|> json_response(200)
|
||||
|
||||
assert %{"apps" => [returned], "count" => _, "page_size" => _} = response
|
||||
|
||||
assert returned["client_id"] == app.client_id
|
||||
assert returned["name"] == app.client_name
|
||||
end
|
||||
end
|
||||
|
||||
describe "DELETE /api/pleroma/admin/oauth_app/:id" do
|
||||
test "with id", %{conn: conn} do
|
||||
app = insert(:oauth_app)
|
||||
|
||||
response =
|
||||
conn
|
||||
|> delete("/api/pleroma/admin/oauth_app/" <> to_string(app.id))
|
||||
|> json_response(:no_content)
|
||||
|
||||
assert response == ""
|
||||
end
|
||||
|
||||
test "with non existance id", %{conn: conn} do
|
||||
response =
|
||||
conn
|
||||
|> delete("/api/pleroma/admin/oauth_app/0")
|
||||
|> json_response(:bad_request)
|
||||
|
||||
assert response == ""
|
||||
end
|
||||
end
|
||||
|
||||
describe "PATCH /api/pleroma/admin/oauth_app/:id" do
|
||||
test "with id", %{conn: conn} do
|
||||
app = insert(:oauth_app)
|
||||
|
||||
name = "another name"
|
||||
url = "https://example.com"
|
||||
scopes = ["admin"]
|
||||
id = app.id
|
||||
website = "http://website.com"
|
||||
|
||||
response =
|
||||
conn
|
||||
|> patch("/api/pleroma/admin/oauth_app/" <> to_string(app.id), %{
|
||||
name: name,
|
||||
trusted: true,
|
||||
redirect_uris: url,
|
||||
scopes: scopes,
|
||||
website: website
|
||||
})
|
||||
|> json_response(200)
|
||||
|
||||
assert %{
|
||||
"client_id" => _,
|
||||
"client_secret" => _,
|
||||
"id" => ^id,
|
||||
"name" => ^name,
|
||||
"redirect_uri" => ^url,
|
||||
"trusted" => true,
|
||||
"website" => ^website
|
||||
} = response
|
||||
end
|
||||
|
||||
test "without id", %{conn: conn} do
|
||||
response =
|
||||
conn
|
||||
|> patch("/api/pleroma/admin/oauth_app/0")
|
||||
|> json_response(:bad_request)
|
||||
|
||||
assert response == ""
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
# Needed for testing
|
||||
|
|
|
@ -942,6 +942,73 @@ test "returns forbidden if token is invalid", %{conn: conn, valid_params: valid_
|
|||
res = post(conn, "/api/v1/accounts", valid_params)
|
||||
assert json_response(res, 403) == %{"error" => "Invalid credentials"}
|
||||
end
|
||||
|
||||
test "registration from trusted app" do
|
||||
clear_config([Pleroma.Captcha, :enabled], true)
|
||||
app = insert(:oauth_app, trusted: true, scopes: ["read", "write", "follow", "push"])
|
||||
|
||||
conn =
|
||||
build_conn()
|
||||
|> post("/oauth/token", %{
|
||||
"grant_type" => "client_credentials",
|
||||
"client_id" => app.client_id,
|
||||
"client_secret" => app.client_secret
|
||||
})
|
||||
|
||||
assert %{"access_token" => token, "token_type" => "Bearer"} = json_response(conn, 200)
|
||||
|
||||
response =
|
||||
build_conn()
|
||||
|> Plug.Conn.put_req_header("authorization", "Bearer " <> token)
|
||||
|> post("/api/v1/accounts", %{
|
||||
nickname: "nickanme",
|
||||
agreement: true,
|
||||
email: "email@example.com",
|
||||
fullname: "Lain",
|
||||
username: "Lain",
|
||||
password: "some_password",
|
||||
confirm: "some_password"
|
||||
})
|
||||
|> json_response(200)
|
||||
|
||||
assert %{
|
||||
"access_token" => access_token,
|
||||
"created_at" => _,
|
||||
"scope" => ["read", "write", "follow", "push"],
|
||||
"token_type" => "Bearer"
|
||||
} = response
|
||||
|
||||
response =
|
||||
build_conn()
|
||||
|> Plug.Conn.put_req_header("authorization", "Bearer " <> access_token)
|
||||
|> get("/api/v1/accounts/verify_credentials")
|
||||
|> json_response(200)
|
||||
|
||||
assert %{
|
||||
"acct" => "Lain",
|
||||
"bot" => false,
|
||||
"display_name" => "Lain",
|
||||
"follow_requests_count" => 0,
|
||||
"followers_count" => 0,
|
||||
"following_count" => 0,
|
||||
"locked" => false,
|
||||
"note" => "",
|
||||
"source" => %{
|
||||
"fields" => [],
|
||||
"note" => "",
|
||||
"pleroma" => %{
|
||||
"actor_type" => "Person",
|
||||
"discoverable" => false,
|
||||
"no_rich_text" => false,
|
||||
"show_role" => true
|
||||
},
|
||||
"privacy" => "public",
|
||||
"sensitive" => false
|
||||
},
|
||||
"statuses_count" => 0,
|
||||
"username" => "Lain"
|
||||
} = response
|
||||
end
|
||||
end
|
||||
|
||||
describe "create account by app / rate limit" do
|
||||
|
|
Loading…
Reference in New Issue