hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Format the code.

Browse source
This commit is contained in:
lain 2018-03-30 15:01:53 +02:00
commit 4afbef39f4
111 changed files with 4912 additions and 2769 deletions
Download patch file Download diff file Expand all files Collapse all files

23
lib/pleroma/web/oauth/app.ex
View file

@ -3,25 +3,26 @@ defmodule Pleroma.Web.OAuth.App do
import Ecto.{Changeset}
schema "apps" do
field :client_name, :string
field :redirect_uris, :string
field :scopes, :string
field :website, :string
field :client_id, :string
field :client_secret, :string
field(:client_name, :string)
field(:redirect_uris, :string)
field(:scopes, :string)
field(:website, :string)
field(:client_id, :string)
field(:client_secret, :string)
timestamps()
end
def register_changeset(struct, params \\ %{}) do
changeset = struct
|> cast(params, [:client_name, :redirect_uris, :scopes, :website])
|> validate_required([:client_name, :redirect_uris, :scopes])
changeset =
struct
|> cast(params, [:client_name, :redirect_uris, :scopes, :website])
|> validate_required([:client_name, :redirect_uris, :scopes])
if changeset.valid? do
changeset
|> put_change(:client_id, :crypto.strong_rand_bytes(32) |> Base.url_encode64)
|> put_change(:client_secret, :crypto.strong_rand_bytes(32) |> Base.url_encode64)
|> put_change(:client_id, :crypto.strong_rand_bytes(32) |> Base.url_encode64())
|> put_change(:client_secret, :crypto.strong_rand_bytes(32) |> Base.url_encode64())
else
changeset
end

17
lib/pleroma/web/oauth/authorization.ex
View file

@ -7,24 +7,24 @@ defmodule Pleroma.Web.OAuth.Authorization do
import Ecto.{Changeset}
schema "oauth_authorizations" do
field :token, :string
field :valid_until, :naive_datetime
field :used, :boolean, default: false
belongs_to :user, Pleroma.User
belongs_to :app, Pleroma.App
field(:token, :string)
field(:valid_until, :naive_datetime)
field(:used, :boolean, default: false)
belongs_to(:user, Pleroma.User)
belongs_to(:app, Pleroma.App)
timestamps()
end
def create_authorization(%App{} = app, %User{} = user) do
token = :crypto.strong_rand_bytes(32) |> Base.url_encode64
token = :crypto.strong_rand_bytes(32) |> Base.url_encode64()
authorization = %Authorization{
token: token,
used: false,
user_id: user.id,
app_id: app.id,
valid_until: NaiveDateTime.add(NaiveDateTime.utc_now, 60 * 10)
valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
}
Repo.insert(authorization)
@ -37,11 +37,12 @@ defmodule Pleroma.Web.OAuth.Authorization do
end
def use_token(%Authorization{used: false, valid_until: valid_until} = auth) do
if NaiveDateTime.diff(NaiveDateTime.utc_now, valid_until) < 0 do
if NaiveDateTime.diff(NaiveDateTime.utc_now(), valid_until) < 0 do
Repo.update(use_changeset(auth, %{used: true}))
else
{:error, "token expired"}
end
end
def use_token(%Authorization{used: true}), do: {:error, "already used"}
end

19
lib/pleroma/web/oauth/fallback_controller.ex
View file

@ -1,12 +1,11 @@
defmodule Pleroma.Web.OAuth.FallbackController do
use Pleroma.Web, :controller
alias Pleroma.Web.OAuth.OAuthController
use Pleroma.Web, :controller
alias Pleroma.Web.OAuth.OAuthController
# No user/password
def call(conn, _) do
conn
|> put_flash(:error, "Invalid Username/Password")
|> OAuthController.authorize(conn.params)
end
end
# No user/password
def call(conn, _) do
conn
|> put_flash(:error, "Invalid Username/Password")
|> OAuthController.authorize(conn.params)
end
end

60
lib/pleroma/web/oauth/oauth_controller.ex
View file

@ -5,38 +5,49 @@ defmodule Pleroma.Web.OAuth.OAuthController do
alias Pleroma.{Repo, User}
alias Comeonin.Pbkdf2
plug :fetch_session
plug :fetch_flash
plug(:fetch_session)
plug(:fetch_flash)
action_fallback Pleroma.Web.OAuth.FallbackController
action_fallback(Pleroma.Web.OAuth.FallbackController)
def authorize(conn, params) do
render conn, "show.html", %{
render(conn, "show.html", %{
response_type: params["response_type"],
client_id: params["client_id"],
scope: params["scope"],
redirect_uri: params["redirect_uri"],
state: params["state"]
}
})
end
def create_authorization(conn, %{"authorization" => %{"name" => name, "password" => password, "client_id" => client_id, "redirect_uri" => redirect_uri} = params}) do
def create_authorization(conn, %{
"authorization" =>
%{
"name" => name,
"password" => password,
"client_id" => client_id,
"redirect_uri" => redirect_uri
} = params
}) do
with %User{} = user <- User.get_cached_by_nickname(name),
true <- Pbkdf2.checkpw(password, user.password_hash),
%App{} = app <- Repo.get_by(App, client_id: client_id),
{:ok, auth} <- Authorization.create_authorization(app, user) do
if redirect_uri == "urn:ietf:wg:oauth:2.0:oob" do
render conn, "results.html", %{
render(conn, "results.html", %{
auth: auth
}
})
else
connector = if String.contains?(redirect_uri, "?"), do: "&", else: "?"
url = "#{redirect_uri}#{connector}code=#{auth.token}"
url = if params["state"] do
url <> "&state=#{params["state"]}"
else
url
end
url =
if params["state"] do
url <> "&state=#{params["state"]}"
else
url
end
redirect(conn, external: url)
end
end
@ -45,7 +56,12 @@ defmodule Pleroma.Web.OAuth.OAuthController do
# TODO
# - proper scope handling
def token_exchange(conn, %{"grant_type" => "authorization_code"} = params) do
with %App{} = app <- Repo.get_by(App, client_id: params["client_id"], client_secret: params["client_secret"]),
with %App{} = app <-
Repo.get_by(
App,
client_id: params["client_id"],
client_secret: params["client_secret"]
),
fixed_token = fix_padding(params["code"]),
%Authorization{} = auth <- Repo.get_by(Authorization, token: fixed_token, app_id: app.id),
{:ok, token} <- Token.exchange_token(app, auth) do
@ -56,6 +72,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
expires_in: 60 * 10,
scope: "read write follow"
}
json(conn, response)
else
_error -> json(conn, %{error: "Invalid credentials"})
@ -64,8 +81,16 @@ defmodule Pleroma.Web.OAuth.OAuthController do
# TODO
# - investigate a way to verify the user wants to grant read/write/follow once scope handling is done
def token_exchange(conn, %{"grant_type" => "password", "name" => name, "password" => password} = params) do
with %App{} = app <- Repo.get_by(App, client_id: params["client_id"], client_secret: params["client_secret"]),
def token_exchange(
conn,
%{"grant_type" => "password", "name" => name, "password" => password} = params
) do
with %App{} = app <-
Repo.get_by(
App,
client_id: params["client_id"],
client_secret: params["client_secret"]
),
%User{} = user <- User.get_cached_by_nickname(name),
true <- Pbkdf2.checkpw(password, user.password_hash),
{:ok, auth} <- Authorization.create_authorization(app, user),
@ -77,6 +102,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
expires_in: 60 * 10,
scope: "read write follow"
}
json(conn, response)
else
_error -> json(conn, %{error: "Invalid credentials"})
@ -86,6 +112,6 @@ defmodule Pleroma.Web.OAuth.OAuthController do
defp fix_padding(token) do
token
|> Base.url_decode64!(padding: false)
|> Base.url_encode64
|> Base.url_encode64()
end
end

16
lib/pleroma/web/oauth/token.ex
View file

@ -5,11 +5,11 @@ defmodule Pleroma.Web.OAuth.Token do
alias Pleroma.Web.OAuth.{Token, App, Authorization}
schema "oauth_tokens" do
field :token, :string
field :refresh_token, :string
field :valid_until, :naive_datetime
belongs_to :user, Pleroma.User
belongs_to :app, Pleroma.App
field(:token, :string)
field(:refresh_token, :string)
field(:valid_until, :naive_datetime)
belongs_to(:user, Pleroma.User)
belongs_to(:app, Pleroma.App)
timestamps()
end
@ -22,15 +22,15 @@ defmodule Pleroma.Web.OAuth.Token do
end
def create_token(%App{} = app, %User{} = user) do
token = :crypto.strong_rand_bytes(32) |> Base.url_encode64
refresh_token = :crypto.strong_rand_bytes(32) |> Base.url_encode64
token = :crypto.strong_rand_bytes(32) |> Base.url_encode64()
refresh_token = :crypto.strong_rand_bytes(32) |> Base.url_encode64()
token = %Token{
token: token,
refresh_token: refresh_token,
user_id: user.id,
app_id: app.id,
valid_until: NaiveDateTime.add(NaiveDateTime.utc_now, 60 * 10)
valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
}
Repo.insert(token)