mirror of
https://git.pleroma.social/pleroma/pleroma.git
synced 2025-01-05 14:58:40 +00:00
Merge branch 'iss-849' into 'develop'
Parse access_token from body parameters and URL parameters See merge request pleroma/pleroma!1103
This commit is contained in:
commit
497d34b825
3 changed files with 32 additions and 1 deletions
|
@ -48,6 +48,7 @@ unit-testing:
|
||||||
- name: postgres:9.6.2
|
- name: postgres:9.6.2
|
||||||
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
command: ["postgres", "-c", "fsync=off", "-c", "synchronous_commit=off", "-c", "full_page_writes=off"]
|
||||||
script:
|
script:
|
||||||
|
- mix deps.get
|
||||||
- mix ecto.create
|
- mix ecto.create
|
||||||
- mix ecto.migrate
|
- mix ecto.migrate
|
||||||
- mix test --trace --preload-modules
|
- mix test --trace --preload-modules
|
||||||
|
|
|
@ -16,6 +16,16 @@ defmodule Pleroma.Plugs.OAuthPlug do
|
||||||
|
|
||||||
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
|
def call(%{assigns: %{user: %User{}}} = conn, _), do: conn
|
||||||
|
|
||||||
|
def call(%{params: %{"access_token" => access_token}} = conn, _) do
|
||||||
|
with {:ok, user, token_record} <- fetch_user_and_token(access_token) do
|
||||||
|
conn
|
||||||
|
|> assign(:token, token_record)
|
||||||
|
|> assign(:user, user)
|
||||||
|
else
|
||||||
|
_ -> conn
|
||||||
|
end
|
||||||
|
end
|
||||||
|
|
||||||
def call(conn, _) do
|
def call(conn, _) do
|
||||||
with {:ok, token_str} <- fetch_token_str(conn),
|
with {:ok, token_str} <- fetch_token_str(conn),
|
||||||
{:ok, user, token_record} <- fetch_user_and_token(token_str) do
|
{:ok, user, token_record} <- fetch_user_and_token(token_str) do
|
||||||
|
|
|
@ -38,6 +38,26 @@ defmodule Pleroma.Plugs.OAuthPlugTest do
|
||||||
assert conn.assigns[:user] == opts[:user]
|
assert conn.assigns[:user] == opts[:user]
|
||||||
end
|
end
|
||||||
|
|
||||||
|
test "with valid token(downcase) in url parameters, it assings the user", opts do
|
||||||
|
conn =
|
||||||
|
:get
|
||||||
|
|> build_conn("/?access_token=#{opts[:token]}")
|
||||||
|
|> put_req_header("content-type", "application/json")
|
||||||
|
|> fetch_query_params()
|
||||||
|
|> OAuthPlug.call(%{})
|
||||||
|
|
||||||
|
assert conn.assigns[:user] == opts[:user]
|
||||||
|
end
|
||||||
|
|
||||||
|
test "with valid token(downcase) in body parameters, it assigns the user", opts do
|
||||||
|
conn =
|
||||||
|
:post
|
||||||
|
|> build_conn("/api/v1/statuses", access_token: opts[:token], status: "test")
|
||||||
|
|> OAuthPlug.call(%{})
|
||||||
|
|
||||||
|
assert conn.assigns[:user] == opts[:user]
|
||||||
|
end
|
||||||
|
|
||||||
test "with invalid token, it not assigns the user", %{conn: conn} do
|
test "with invalid token, it not assigns the user", %{conn: conn} do
|
||||||
conn =
|
conn =
|
||||||
conn
|
conn
|
||||||
|
|
Loading…
Reference in a new issue