Add very basic oauth and mastodon api support.

2017-09-06 19:06:25 +02:00 · 2017-09-06 19:06:25 +02:00 · 2a298d70f9
commit 2a298d70f9
parent 4e785df984
16 changed files with 286 additions and 0 deletions
--- a/lib/pleroma/web/oauth/authorization.ex
+++ b/lib/pleroma/web/oauth/authorization.ex
@ -0,0 +1,30 @@
+defmodule Pleroma.Web.OAuth.Authorization do
+  use Ecto.Schema
+
+  alias Pleroma.{App, User, Repo}
+  alias Pleroma.Web.OAuth.Authorization
+
+  schema "oauth_authorizations" do
+    field :token, :string
+    field :valid_until, :naive_datetime
+    field :used, :boolean, default: false
+    belongs_to :user, Pleroma.User
+    belongs_to :app, Pleroma.App
+
+    timestamps()
+  end
+
+  def create_authorization(%App{} = app, %User{} = user) do
+    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64
+
+    authorization = %Authorization{
+      token: token,
+      used: false,
+      user_id: user.id,
+      app_id: app.id,
+      valid_until: NaiveDateTime.add(NaiveDateTime.utc_now, 60 * 10)
+    }
+
+    Repo.insert(authorization)
+  end
+end
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@ -0,0 +1,44 @@
+defmodule Pleroma.Web.OAuth.OAuthController do
+  use Pleroma.Web, :controller
+
+  alias Pleroma.Web.OAuth.{Authorization, Token}
+  alias Pleroma.{Repo, User, App}
+  alias Comeonin.Pbkdf2
+
+  def authorize(conn, params) do
+    render conn, "show.html", %{
+      response_type: params["response_type"],
+      client_id: params["client_id"],
+      scope: params["scope"],
+      redirect_uri: params["redirect_uri"]
+    }
+  end
+
+  def create_authorization(conn, %{"authorization" => %{"name" => name, "password" => password, "client_id" => client_id}} = params) do
+    with %User{} = user <- User.get_cached_by_nickname(name),
+         true <- Pbkdf2.checkpw(password, user.password_hash),
+         %App{} = app <- Pleroma.Repo.get_by(Pleroma.App, client_id: client_id),
+         {:ok, auth} <- Authorization.create_authorization(app, user) do
+      render conn, "results.html", %{
+        auth: auth
+      }
+    end
+  end
+
+  # TODO CRITICAL
+  # - Check validity of auth token
+  def token_exchange(conn, %{"grant_type" => "authorization_code"} = params) do
+    with %App{} = app <- Repo.get_by(App, client_id: params["client_id"], client_secret: params["client_secret"]),
+         %Authorization{} = auth <- Repo.get_by(Authorization, token: params["code"], app_id: app.id),
+         {:ok, token} <- Token.create_token(app, Repo.get(User, auth.user_id)) do
+      response = %{
+        token_type: "Bearer",
+        access_token: token.token,
+        refresh_token: token.refresh_token,
+        expires_in: 60 * 10,
+        scope: "read write follow"
+      }
+      json(conn, response)
+    end
+  end
+end
--- a/lib/pleroma/web/oauth/oauth_view.ex
+++ b/lib/pleroma/web/oauth/oauth_view.ex
@ -0,0 +1,4 @@
+defmodule Pleroma.Web.OAuth.OAuthView do
+  use Pleroma.Web, :view
+  import Phoenix.HTML.Form
+end
--- a/lib/pleroma/web/oauth/token.ex
+++ b/lib/pleroma/web/oauth/token.ex
@ -0,0 +1,31 @@
+defmodule Pleroma.Web.OAuth.Token do
+  use Ecto.Schema
+
+  alias Pleroma.{App, User, Repo}
+  alias Pleroma.Web.OAuth.Token
+
+  schema "oauth_tokens" do
+    field :token, :string
+    field :refresh_token, :string
+    field :valid_until, :naive_datetime
+    belongs_to :user, Pleroma.User
+    belongs_to :app, Pleroma.App
+
+    timestamps()
+  end
+
+  def create_token(%App{} = app, %User{} = user) do
+    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64
+    refresh_token = :crypto.strong_rand_bytes(32) |> Base.url_encode64
+
+    token = %Token{
+      token: token,
+      refresh_token: refresh_token,
+      user_id: user.id,
+      app_id: app.id,
+      valid_until: NaiveDateTime.add(NaiveDateTime.utc_now, 60 * 10)
+    }
+
+    Repo.insert(token)
+  end
+end