hj/pleroma
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Move LDAP code to LDAPAuthenticator. Use Authenticator for token_exchange with grant_type as well

Browse source
This commit is contained in:
link0ff 2019-03-03 21:20:36 +02:00
commit 88a672fe88
4 changed files with 55 additions and 32 deletions
Download patch file Download diff file Expand all files Collapse all files

31
lib/pleroma/web/oauth/oauth_controller.ex
View file

@ -11,7 +11,6 @@ defmodule Pleroma.Web.OAuth.OAuthController do
alias Pleroma.Web.OAuth.App
alias Pleroma.Repo
alias Pleroma.User
alias Comeonin.Pbkdf2
import Pleroma.Web.ControllerHelper, only: [oauth_scopes: 2]
@ -126,10 +125,10 @@ defmodule Pleroma.Web.OAuth.OAuthController do
def token_exchange(
conn,
%{"grant_type" => "password", "username" => name, "password" => password} = params
%{"grant_type" => "password"} = params
) do
with %App{} = app <- get_app_from_request(conn, params),
%User{} = user <- get_user(name, password),
with {_, {:ok, %User{} = user}} <- {:get_user, Authenticator.get_user(conn)},
%App{} = app <- get_app_from_request(conn, params),
{:auth_active, true} <- {:auth_active, User.auth_active?(user)},
scopes <- oauth_scopes(params, app.scopes),
[] <- scopes -- app.scopes,
@ -213,28 +212,4 @@ defmodule Pleroma.Web.OAuth.OAuthController do
nil
end
end
defp get_user(name, password) do
if Pleroma.Config.get([:ldap, :enabled]) do
case Pleroma.LDAP.get_user(name, password) do
%User{} = user ->
user
{:error, {:ldap_connection_error, _}} ->
# When LDAP is unavailable, try default login
with %User{} = user <- User.get_by_nickname_or_email(name),
true <- Pbkdf2.checkpw(password, user.password_hash) do
user
end
error ->
error
end
else
with %User{} = user <- User.get_by_nickname_or_email(name),
true <- Pbkdf2.checkpw(password, user.password_hash) do
user
end
end
end
end