[#923] OAuth consumer improvements, fixes, refactoring.

2019-03-27 15:39:35 +03:00 · 2019-03-27 15:39:35 +03:00 · 2a95014b9d
commit 2a95014b9d
parent 81bf6d9e6a
10 changed files with 59 additions and 36 deletions
--- a/lib/pleroma/web/auth/authenticator.ex
+++ b/lib/pleroma/web/auth/authenticator.ex
@ -33,4 +33,10 @@ defmodule Pleroma.Web.Auth.Authenticator do
  def auth_template do
    implementation().auth_template() || Pleroma.Config.get(:auth_template, "show.html")
  end
+
+  @callback oauth_consumer_template() :: String.t() | nil
+  def oauth_consumer_template do
+    implementation().oauth_consumer_template() ||
+      Pleroma.Config.get(:oauth_consumer_template, "consumer.html")
+  end
 end
--- a/lib/pleroma/web/auth/ldap_authenticator.ex
+++ b/lib/pleroma/web/auth/ldap_authenticator.ex
@ -51,6 +51,8 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do

  def auth_template, do: nil

+  def oauth_consumer_template, do: nil
+
  defp ldap_user(name, password) do
    ldap = Pleroma.Config.get(:ldap, [])
    host = Keyword.get(ldap, :host, "localhost")
--- a/lib/pleroma/web/auth/pleroma_authenticator.ex
+++ b/lib/pleroma/web/auth/pleroma_authenticator.ex
@ -92,4 +92,6 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do
  end

  def auth_template, do: nil
+
+  def oauth_consumer_template, do: nil
 end
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@ -174,6 +174,25 @@ defmodule Pleroma.Web.OAuth.OAuthController do
    end
  end

+  def prepare_request(conn, %{"provider" => provider} = params) do
+    scope =
+      oauth_scopes(params, [])
+      |> Enum.join(" ")
+
+    state =
+      params
+      |> Map.delete("scopes")
+      |> Map.put("scope", scope)
+      |> Poison.encode!()
+
+    params =
+      params
+      |> Map.drop(~w(scope scopes client_id redirect_uri))
+      |> Map.put("state", state)
+
+    redirect(conn, to: o_auth_path(conn, :request, provider, params))
+  end
+
  def request(conn, params) do
    message =
      if params["provider"] do
@ -235,14 +254,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
  end

  defp callback_params(%{"state" => state} = params) do
-    [client_id, redirect_uri, scope, state] = String.split(state, "|")
-
-    Map.merge(params, %{
-      "client_id" => client_id,
-      "redirect_uri" => redirect_uri,
-      "scope" => scope,
-      "state" => state
-    })
+    Map.merge(params, Poison.decode!(state))
  end

  def registration_details(conn, params) do
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@ -213,6 +213,7 @@ defmodule Pleroma.Web.Router do
    scope [] do
      pipe_through(:browser)

+      get("/prepare_request", OAuthController, :prepare_request)
      get("/:provider", OAuthController, :request)
      get("/:provider/callback", OAuthController, :callback)
      post("/register", OAuthController, :register)
--- a/lib/pleroma/web/templates/o_auth/o_auth/_scopes.html.eex
+++ b/lib/pleroma/web/templates/o_auth/o_auth/_scopes.html.eex
@ -0,0 +1,13 @@
+<div class="scopes-input">
+  <%= label @form, :scope, "Permissions" %>
+
+  <div class="scopes">
+    <%= for scope <- @available_scopes do %>
+      <%# Note: using hidden input with `unchecked_value` in order to distinguish user's empty selection from `scope` param being omitted %>
+      <div class="scope">
+        <%= checkbox @form, :"scope_#{scope}", value: scope in @scopes && scope, checked_value: scope, unchecked_value: "", name: assigns[:scope_param] || "scope[]" %>
+        <%= label @form, :"scope_#{scope}", String.capitalize(scope) %>
+      </div>
+    <% end %>
+  </div>
+</div>
--- a/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex
+++ b/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex
@ -2,9 +2,14 @@
 <br>
 <h2>Sign in with external provider</h2>

-<%= for strategy <- Pleroma.Config.get([:auth, :oauth_consumer_strategies], []) do %>
-  <%= form_for @conn, o_auth_path(@conn, :request, strategy), [method: "get"], fn f -> %>
-    <%= hidden_input f, :state, value: Enum.join([@client_id, @redirect_uri, Enum.join(@available_scopes, " "), @state], "|") %>
-    <%= submit "Sign in with #{String.capitalize(strategy)}" %>
-  <% end %>
+<%= form_for @conn, o_auth_path(@conn, :prepare_request), [method: "get"], fn f -> %>
+  <%= render @view_module, "_scopes.html", Map.put(assigns, :form, f) %>
+
+  <%= hidden_input f, :client_id, value: @client_id %>
+  <%= hidden_input f, :redirect_uri, value: @redirect_uri %>
+  <%= hidden_input f, :state, value: @state %>
+
+    <%= for strategy <- Pleroma.Config.get([:auth, :oauth_consumer_strategies], []) do %>
+      <%= submit "Sign in with #{String.capitalize(strategy)}", name: "provider", value: strategy %>
+    <% end %>
 <% end %>
--- a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
+++ b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
@ -16,18 +16,8 @@
  <%= label f, :password, "Password" %>
  <%= password_input f, :password %>
 </div>
-<div class="scopes-input">
-<%= label f, :scope, "Permissions" %>
-  <div class="scopes">
-    <%= for scope <- @available_scopes do %>
-      <%# Note: using hidden input with `unchecked_value` in order to distinguish user's empty selection from `scope` param being omitted %>
-      <div class="scope">
-        <%= checkbox f, :"scope_#{scope}", value: scope in @scopes && scope, checked_value: scope, unchecked_value: "", name: "authorization[scope][]" %>
-        <%= label f, :"scope_#{scope}", String.capitalize(scope) %>
-      </div>
-    <% end %>
-  </div>
-</div>
+
+<%= render @view_module, "_scopes.html", Map.merge(assigns, %{form: f, scope_param: "authorization[scope][]"}) %>

 <%= hidden_input f, :client_id, value: @client_id %>
 <%= hidden_input f, :response_type, value: @response_type %>
@ -37,5 +27,5 @@
 <% end %>

 <%= if Pleroma.Config.get([:auth, :oauth_consumer_enabled]) do %>
-  <%= render @view_module, "consumer.html", assigns %>
+  <%= render @view_module, Pleroma.Web.Auth.Authenticator.oauth_consumer_template(), assigns %>
 <% end %>