Added force_login authentication option (previously applied by default).

2019-04-01 14:46:50 +03:00 · 2019-04-01 14:46:50 +03:00 · cbe09d94d1
commit cbe09d94d1
parent dc39d8d3fb
3 changed files with 44 additions and 13 deletions
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@ -8,6 +8,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
  alias Pleroma.Repo
  alias Pleroma.User
  alias Pleroma.Web.Auth.Authenticator
+  alias Pleroma.Web.ControllerHelper
  alias Pleroma.Web.OAuth.App
  alias Pleroma.Web.OAuth.Authorization
  alias Pleroma.Web.OAuth.Token
@ -19,7 +20,28 @@ defmodule Pleroma.Web.OAuth.OAuthController do

  action_fallback(Pleroma.Web.OAuth.FallbackController)

-  def authorize(conn, params) do
+  def authorize(%{assigns: %{token: %Token{} = token}} = conn, params) do
+    if ControllerHelper.truthy_param?(params["force_login"]) do
+      do_authorize(conn, params)
+    else
+      redirect_uri =
+        if is_binary(params["redirect_uri"]) do
+          params["redirect_uri"]
+        else
+          app = Repo.preload(token, :app).app
+
+          app.redirect_uris
+          |> String.split()
+          |> Enum.at(0)
+        end
+
+      redirect(conn, external: redirect_uri(conn, redirect_uri))
+    end
+  end
+
+  def authorize(conn, params), do: do_authorize(conn, params)
+
+  defp do_authorize(conn, params) do
    app = Repo.get_by(App, client_id: params["client_id"])
    available_scopes = (app && app.scopes) || []
    scopes = oauth_scopes(params, nil) || available_scopes
@ -51,13 +73,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
         {:missing_scopes, false} <- {:missing_scopes, scopes == []},
         {:auth_active, true} <- {:auth_active, User.auth_active?(user)},
         {:ok, auth} <- Authorization.create_authorization(app, user, scopes) do
-      redirect_uri =
-        if redirect_uri == "." do
-          # Special case: Local MastodonFE
-          mastodon_api_url(conn, :login)
-        else
-          redirect_uri
-        end
+      redirect_uri = redirect_uri(conn, redirect_uri)

      cond do
        redirect_uri == "urn:ietf:wg:oauth:2.0:oob" ->
@ -221,4 +237,9 @@ defmodule Pleroma.Web.OAuth.OAuthController do
      nil
    end
  end
+
+  # Special case: Local MastodonFE
+  defp redirect_uri(conn, "."), do: mastodon_api_url(conn, :index, [])
+
+  defp redirect_uri(_conn, redirect_uri), do: redirect_uri
 end