Merge branch 'fix/sign-in-with-toot' into 'develop'

Fix sign-in and sign-out with Toot!

See merge request pleroma/pleroma!306
This commit is contained in:
Haelwenn 2018-09-05 18:20:26 +00:00
commit 4a3dbd9d4e
4 changed files with 18 additions and 3 deletions

View file

@ -54,7 +54,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
source: %{ source: %{
note: "", note: "",
privacy: user_info.default_scope, privacy: user_info.default_scope,
sensitive: "false" sensitive: false
} }
} }
end end

View file

@ -60,11 +60,13 @@ defmodule Pleroma.Web.OAuth.OAuthController do
fixed_token = fix_padding(params["code"]), fixed_token = fix_padding(params["code"]),
%Authorization{} = auth <- %Authorization{} = auth <-
Repo.get_by(Authorization, token: fixed_token, app_id: app.id), Repo.get_by(Authorization, token: fixed_token, app_id: app.id),
{:ok, token} <- Token.exchange_token(app, auth) do {:ok, token} <- Token.exchange_token(app, auth),
{:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do
response = %{ response = %{
token_type: "Bearer", token_type: "Bearer",
access_token: token.token, access_token: token.token,
refresh_token: token.refresh_token, refresh_token: token.refresh_token,
created_at: DateTime.to_unix(inserted_at),
expires_in: 60 * 10, expires_in: 60 * 10,
scope: "read write follow" scope: "read write follow"
} }
@ -116,6 +118,18 @@ defmodule Pleroma.Web.OAuth.OAuthController do
token_exchange(conn, params) token_exchange(conn, params)
end end
def token_revoke(conn, %{"token" => token} = params) do
with %App{} = app <- get_app_from_request(conn, params),
%Token{} = token <- Repo.get_by(Token, token: token, app_id: app.id),
{:ok, %Token{}} <- Repo.delete(token) do
json(conn, %{})
else
_error ->
# RFC 7009: invalid tokens [in the request] do not cause an error response
json(conn, %{})
end
end
defp fix_padding(token) do defp fix_padding(token) do
token token
|> Base.url_decode64!(padding: false) |> Base.url_decode64!(padding: false)

View file

@ -93,6 +93,7 @@ defmodule Pleroma.Web.Router do
get("/authorize", OAuthController, :authorize) get("/authorize", OAuthController, :authorize)
post("/authorize", OAuthController, :create_authorization) post("/authorize", OAuthController, :create_authorization)
post("/token", OAuthController, :token_exchange) post("/token", OAuthController, :token_exchange)
post("/revoke", OAuthController, :token_revoke)
end end
scope "/api/v1", Pleroma.Web.MastodonAPI do scope "/api/v1", Pleroma.Web.MastodonAPI do

View file

@ -90,7 +90,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
source: %{ source: %{
note: "", note: "",
privacy: "public", privacy: "public",
sensitive: "false" sensitive: false
} }
} }