1 # Pleroma: A lightweight social networking server
2 # Copyright © 2017-2021 Pleroma Authors <https://pleroma.social/>
3 # SPDX-License-Identifier: AGPL-3.0-only
5 defmodule Pleroma.Web.MastodonAPI.AppController do
7 Controller for supporting app-related actions.
8 If authentication is an option, app tokens (user-unbound) must be supported.
11 use Pleroma.Web, :controller
14 alias Pleroma.Web.OAuth.App
15 alias Pleroma.Web.OAuth.Scopes
16 alias Pleroma.Web.OAuth.Token
17 alias Pleroma.Web.Plugs.EnsurePublicOrAuthenticatedPlug
18 alias Pleroma.Web.Plugs.OAuthScopesPlug
20 action_fallback(Pleroma.Web.MastodonAPI.FallbackController)
24 [OAuthScopesPlug, EnsurePublicOrAuthenticatedPlug]
25 when action in [:create, :verify_credentials]
28 plug(Pleroma.Web.ApiSpec.CastAndValidate)
30 defdelegate open_api_operation(action), to: Pleroma.Web.ApiSpec.AppOperation
32 @doc "POST /api/v1/apps"
33 def create(%{body_params: params} = conn, _params) do
34 scopes = Scopes.fetch_scopes(params, ["read"])
38 |> Map.take([:client_name, :redirect_uris, :website])
39 |> Map.put(:scopes, scopes)
41 with cs <- App.register_changeset(%App{}, app_attrs),
42 {:ok, app} <- Repo.insert(cs) do
43 render(conn, "show.json", app: app)
48 GET /api/v1/apps/verify_credentials
49 Gets compact non-secret representation of the app. Supports app tokens and user tokens.
51 def verify_credentials(%{assigns: %{token: %Token{} = token}} = conn, _) do
52 with %{app: %App{} = app} <- Repo.preload(token, :app) do
53 render(conn, "compact_non_secret.json", app: app)