diff options
| author | Haelwenn <git.pleroma.social@hacktivis.me> | 2018-09-05 18:20:26 +0000 |
|---|---|---|
| committer | Haelwenn <git.pleroma.social@hacktivis.me> | 2018-09-05 18:20:26 +0000 |
| commit | 4a3dbd9d4e052969460bad19dfc535908027ed03 (patch) | |
| tree | e841dc3855900bf6e89d316039ba7cdcdb3be2b8 | |
| parent | 8143251f06b1a781ee20924c89be484e514f0bec (diff) | |
| parent | 84d84e4ca49c02180828d65d95b841953ed04ef0 (diff) | |
| download | pleroma-4a3dbd9d4e052969460bad19dfc535908027ed03.tar.gz pleroma-4a3dbd9d4e052969460bad19dfc535908027ed03.zip | |
Merge branch 'fix/sign-in-with-toot' into 'develop'
Fix sign-in and sign-out with Toot!
See merge request pleroma/pleroma!306
| -rw-r--r-- | lib/pleroma/web/mastodon_api/views/account_view.ex | 2 | ||||
| -rw-r--r-- | lib/pleroma/web/oauth/oauth_controller.ex | 16 | ||||
| -rw-r--r-- | lib/pleroma/web/router.ex | 1 | ||||
| -rw-r--r-- | test/web/mastodon_api/account_view_test.exs | 2 |
4 files changed, 18 insertions, 3 deletions
diff --git a/lib/pleroma/web/mastodon_api/views/account_view.ex b/lib/pleroma/web/mastodon_api/views/account_view.ex index 85aac493f..e206e6486 100644 --- a/lib/pleroma/web/mastodon_api/views/account_view.ex +++ b/lib/pleroma/web/mastodon_api/views/account_view.ex @@ -54,7 +54,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do source: %{ note: "", privacy: user_info.default_scope, - sensitive: "false" + sensitive: false } } end diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index a5fb32a4e..160cedd8e 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -60,11 +60,13 @@ defmodule Pleroma.Web.OAuth.OAuthController do fixed_token = fix_padding(params["code"]), %Authorization{} = auth <- Repo.get_by(Authorization, token: fixed_token, app_id: app.id), - {:ok, token} <- Token.exchange_token(app, auth) do + {:ok, token} <- Token.exchange_token(app, auth), + {:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do response = %{ token_type: "Bearer", access_token: token.token, refresh_token: token.refresh_token, + created_at: DateTime.to_unix(inserted_at), expires_in: 60 * 10, scope: "read write follow" } @@ -116,6 +118,18 @@ defmodule Pleroma.Web.OAuth.OAuthController do token_exchange(conn, params) end + def token_revoke(conn, %{"token" => token} = params) do + with %App{} = app <- get_app_from_request(conn, params), + %Token{} = token <- Repo.get_by(Token, token: token, app_id: app.id), + {:ok, %Token{}} <- Repo.delete(token) do + json(conn, %{}) + else + _error -> + # RFC 7009: invalid tokens [in the request] do not cause an error response + json(conn, %{}) + end + end + defp fix_padding(token) do token |> Base.url_decode64!(padding: false) diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index b212a2909..63493ae1c 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -93,6 +93,7 @@ defmodule Pleroma.Web.Router do get("/authorize", OAuthController, :authorize) post("/authorize", OAuthController, :create_authorization) post("/token", OAuthController, :token_exchange) + post("/revoke", OAuthController, :token_revoke) end scope "/api/v1", Pleroma.Web.MastodonAPI do diff --git a/test/web/mastodon_api/account_view_test.exs b/test/web/mastodon_api/account_view_test.exs index 5393732eb..b0e63df0e 100644 --- a/test/web/mastodon_api/account_view_test.exs +++ b/test/web/mastodon_api/account_view_test.exs @@ -90,7 +90,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do source: %{ note: "", privacy: "public", - sensitive: "false" + sensitive: false } } |