gotosocial/web/source/settings-panel/lib/api/oauth.js

/*
	GoToSocial
	Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org

	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU Affero General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU Affero General Public License for more details.

	You should have received a copy of the GNU Affero General Public License
	along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

"use strict";

const Promise = require("bluebird");

const { OAUTHError, AuthenticationError } = require("../errors");

const oauth = require("../../redux/reducers/oauth").actions;
const temporary = require("../../redux/reducers/temporary").actions;
const admin = require("../../redux/reducers/admin").actions;

module.exports = function oauthAPI({ apiCall, getCurrentUrl }) {
	return {

		register: function register(scopes = []) {
			return function (dispatch, _getState) {
				return Promise.try(() => {
					return dispatch(apiCall("POST", "/api/v1/apps", {
						client_name: "GoToSocial Settings",
						scopes: scopes.join(" "),
						redirect_uris: getCurrentUrl(),
						website: getCurrentUrl()
					}));
				}).then((json) => {
					json.scopes = scopes;
					dispatch(oauth.setRegistration(json));
				});
			};
		},

		authorize: function authorize() {
			return function (dispatch, getState) {
				let state = getState();
				let reg = state.oauth.registration;
				let base = new URL(state.oauth.instance);

				base.pathname = "/oauth/authorize";
				base.searchParams.set("client_id", reg.client_id);
				base.searchParams.set("redirect_uri", getCurrentUrl());
				base.searchParams.set("response_type", "code");
				base.searchParams.set("scope", reg.scopes.join(" "));

				dispatch(oauth.setLoginState("callback"));
				dispatch(temporary.setStatus("Redirecting to instance login..."));

				// send user to instance's login flow
				window.location.assign(base.href);
			};
		},

		tokenize: function tokenize(code) {
			return function (dispatch, getState) {
				let reg = getState().oauth.registration;

				return Promise.try(() => {
					if (reg == undefined || reg.client_id == undefined) {
						throw new OAUTHError("Callback code present, but no client registration is available from localStorage. \nNote: localStorage is unavailable in Private Browsing.");
					}

					return dispatch(apiCall("POST", "/oauth/token", {
						client_id: reg.client_id,
						client_secret: reg.client_secret,
						redirect_uri: getCurrentUrl(),
						grant_type: "authorization_code",
						code: code
					}));
				}).then((json) => {
					window.history.replaceState({}, document.title, window.location.pathname);
					return dispatch(oauth.login(json));
				});
			};
		},

		checkIfAdmin: function checkIfAdmin() {
			return function (dispatch, getState) {
				const state = getState();
				let stored = state.oauth.isAdmin;
				if (stored != undefined) {
					return stored;
				}

				// newer GoToSocial version will include a `role` in the Account data, check that first
				// TODO: check account data for admin status				

				// no role info, try fetching an admin-only route and see if we get an error
				return Promise.try(() => {
					return dispatch(apiCall("GET", "/api/v1/admin/domain_blocks"));
				}).then((data) => {
					return Promise.all([
						dispatch(oauth.setAdmin(true)),
						dispatch(admin.setBlockedInstances(data))
					]);
				}).catch(AuthenticationError, () => {
					return dispatch(oauth.setAdmin(false));
				});
			};
		},

		logout: function logout() {
			return function (dispatch, _getState) {
				// TODO: GoToSocial does not have a logout API route yet

				return dispatch(oauth.remove());
			};
		}
	};
};
[frontend] Unified panels (#812) * settings panel restructuring * clean up old Gin handlers * colorscheme redesign, some other small css tweaks * basic router layout, error boundary * colorscheme redesign, some other small css tweaks * kebab-case consistency * superfluous padding on applist * remove unused consts * redux, whitespace changes.. * use .jsx extensions for components * login flow up till app registration * full redux oauth implementation, with basic error handling * split oauth api functions * oauth api revocation handling * basic profile change submission * move old dir * profile overview * fix keeping track of the wrong instance url (for different instance/api domains) * use redux state for profile form * delete old/index.js, old/basic.js, fully implemented * implement old/user/profile.js * implement password change * remove debug logging * support future api for removing files * customize profile css * remove unneeded wrapper components * restructure form fields * start on admin pages * admin panel settings * admin settings panel * remove old/admin files * add top-level redirect * refactor/cleanup forms * only do API checks on logged-in state * admin-status based routing * federation block routing * federation blocks * upgrade dependencies * react 18 changes * media cleanup * fix useEffect hooks * remove unused require * custom emoji base * emoji uploader * delete last old panel files * sidebar styling, remove unused page * refactor submit functions * fix sidebar boxshadow-border * fix old css variables * fix fake-toot avatar * fix non-square emoji * fix user settings redux keys * properly get admin account contact from instance response * Account.source default values * source.status_format key * mobile responsiveness * mobile element tweaks * proper redirect after removing block * add redirects for old setting panel urls * deletes * fix mobile overflow * clean up debug logging calls 2022-09-29 10:02:41 +00:00			`/*`
			`GoToSocial`
			`Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org`

			`This program is free software: you can redistribute it and/or modify`
			`it under the terms of the GNU Affero General Public License as published by`
			`the Free Software Foundation, either version 3 of the License, or`
			`(at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU Affero General Public License for more details.`

			`You should have received a copy of the GNU Affero General Public License`
			`along with this program. If not, see <http://www.gnu.org/licenses/>.`
			`*/`

			`"use strict";`

			`const Promise = require("bluebird");`

			`const { OAUTHError, AuthenticationError } = require("../errors");`

			`const oauth = require("../../redux/reducers/oauth").actions;`
			`const temporary = require("../../redux/reducers/temporary").actions;`
			`const admin = require("../../redux/reducers/admin").actions;`

			`module.exports = function oauthAPI({ apiCall, getCurrentUrl }) {`
			`return {`

			`register: function register(scopes = []) {`
			`return function (dispatch, _getState) {`
			`return Promise.try(() => {`
			`return dispatch(apiCall("POST", "/api/v1/apps", {`
			`client_name: "GoToSocial Settings",`
			`scopes: scopes.join(" "),`
			`redirect_uris: getCurrentUrl(),`
			`website: getCurrentUrl()`
			`}));`
			`}).then((json) => {`
			`json.scopes = scopes;`
			`dispatch(oauth.setRegistration(json));`
			`});`
			`};`
			`},`

			`authorize: function authorize() {`
			`return function (dispatch, getState) {`
			`let state = getState();`
			`let reg = state.oauth.registration;`
			`let base = new URL(state.oauth.instance);`

			`base.pathname = "/oauth/authorize";`
			`base.searchParams.set("client_id", reg.client_id);`
			`base.searchParams.set("redirect_uri", getCurrentUrl());`
			`base.searchParams.set("response_type", "code");`
			`base.searchParams.set("scope", reg.scopes.join(" "));`

			`dispatch(oauth.setLoginState("callback"));`
			`dispatch(temporary.setStatus("Redirecting to instance login..."));`

			`// send user to instance's login flow`
			`window.location.assign(base.href);`
			`};`
			`},`

			`tokenize: function tokenize(code) {`
			`return function (dispatch, getState) {`
			`let reg = getState().oauth.registration;`

			`return Promise.try(() => {`
			`if (reg == undefined \|\| reg.client_id == undefined) {`
			`throw new OAUTHError("Callback code present, but no client registration is available from localStorage. \nNote: localStorage is unavailable in Private Browsing.");`
			`}`

			`return dispatch(apiCall("POST", "/oauth/token", {`
			`client_id: reg.client_id,`
			`client_secret: reg.client_secret,`
			`redirect_uri: getCurrentUrl(),`
			`grant_type: "authorization_code",`
			`code: code`
			`}));`
			`}).then((json) => {`
			`window.history.replaceState({}, document.title, window.location.pathname);`
			`return dispatch(oauth.login(json));`
			`});`
			`};`
			`},`

			`checkIfAdmin: function checkIfAdmin() {`
			`return function (dispatch, getState) {`
			`const state = getState();`
			`let stored = state.oauth.isAdmin;`
			`if (stored != undefined) {`
			`return stored;`
			`}`

			// newer GoToSocial version will include a `role` in the Account data, check that first
			`// TODO: check account data for admin status`

			`// no role info, try fetching an admin-only route and see if we get an error`
			`return Promise.try(() => {`
			`return dispatch(apiCall("GET", "/api/v1/admin/domain_blocks"));`
			`}).then((data) => {`
			`return Promise.all([`
			`dispatch(oauth.setAdmin(true)),`
			`dispatch(admin.setBlockedInstances(data))`
			`]);`
			`}).catch(AuthenticationError, () => {`
			`return dispatch(oauth.setAdmin(false));`
			`});`
			`};`
			`},`

			`logout: function logout() {`
			`return function (dispatch, _getState) {`
			`// TODO: GoToSocial does not have a logout API route yet`

			`return dispatch(oauth.remove());`
			`};`
			`}`
			`};`
			`};`