projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
MastoAPI StatusView: Add locality indicator.
[akkoma]
/
lib
/
pleroma
/
web
/
oauth
/
token.ex
diff --git
a/lib/pleroma/web/oauth/token.ex
b/lib/pleroma/web/oauth/token.ex
index 71fd1b87463d70b045f8ea8bdd1d062e35f90fb7..ca67632badb52c7147491b7e0b98003406b520f1 100644
(file)
--- a/
lib/pleroma/web/oauth/token.ex
+++ b/
lib/pleroma/web/oauth/token.ex
@@
-16,6
+16,7
@@
defmodule Pleroma.Web.OAuth.Token do
schema "oauth_tokens" do
field(:token, :string)
field(:refresh_token, :string)
schema "oauth_tokens" do
field(:token, :string)
field(:refresh_token, :string)
+ field(:scopes, {:array, :string}, default: [])
field(:valid_until, :naive_datetime)
belongs_to(:user, Pleroma.User, type: Pleroma.FlakeId)
belongs_to(:app, App)
field(:valid_until, :naive_datetime)
belongs_to(:user, Pleroma.User, type: Pleroma.FlakeId)
belongs_to(:app, App)
@@
-26,17
+27,19
@@
defmodule Pleroma.Web.OAuth.Token do
def exchange_token(app, auth) do
with {:ok, auth} <- Authorization.use_token(auth),
true <- auth.app_id == app.id do
def exchange_token(app, auth) do
with {:ok, auth} <- Authorization.use_token(auth),
true <- auth.app_id == app.id do
- create_token(app, Repo.get(User, auth.user_id))
+ create_token(app, Repo.get(User, auth.user_id)
, auth.scopes
)
end
end
end
end
- def create_token(%App{} = app, %User{} = user) do
+ def create_token(%App{} = app, %User{} = user, scopes \\ nil) do
+ scopes = scopes || app.scopes
token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
refresh_token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
token = %Token{
token: token,
refresh_token: refresh_token,
token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
refresh_token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
token = %Token{
token: token,
refresh_token: refresh_token,
+ scopes: scopes,
user_id: user.id,
app_id: app.id,
valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
user_id: user.id,
app_id: app.id,
valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)