projects / akkoma / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
[#468] User UI for OAuth permissions restriction. Standardized storage format for...
[akkoma] / lib / pleroma / plugs / oauth_scopes_plug.ex
1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
4
5 defmodule Pleroma.Plugs.OAuthScopesPlug do
6 import Plug.Conn
7
8 @behaviour Plug
9
10 def init(%{required_scopes: _} = options), do: options
11
12 def call(%Plug.Conn{assigns: assigns} = conn, %{required_scopes: required_scopes}) do
13 token = assigns[:token]
14 granted_scopes = token && token.scopes
15
16 if is_nil(token) || required_scopes -- granted_scopes == [] do
17 conn
18 else
19 missing_scopes = required_scopes -- granted_scopes
20 error_message = "Insufficient permissions: #{Enum.join(missing_scopes, ", ")}."
21
22 conn
23 |> put_resp_content_type("application/json")
24 |> send_resp(403, Jason.encode!(%{error: error_message}))
25 |> halt()
26 end
27 end
28 end
Fork of https://akkoma.dev/AkkomaGang/akkoma.git