X-Git-Url: http://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Foauth%2Fauthorization.ex;h=c5b7ec9a5628499719103909f7f81aa7b2e8b034;hb=dcf24a3233bb50689d26f9d7833f98158730ce35;hp=1ba5be60261844c3ff169e1ba423cc412c3849be;hpb=2b21c05105d550d09d85807246be696a1aed4b32;p=akkoma

diff --git a/lib/pleroma/web/oauth/authorization.ex b/lib/pleroma/web/oauth/authorization.ex
index 1ba5be602..c5b7ec9a5 100644
--- a/lib/pleroma/web/oauth/authorization.ex
+++ b/lib/pleroma/web/oauth/authorization.ex
@@ -1,30 +1,37 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
 defmodule Pleroma.Web.OAuth.Authorization do
   use Ecto.Schema
 
   alias Pleroma.{User, Repo}
   alias Pleroma.Web.OAuth.{Authorization, App}
 
-  import Ecto.{Changeset}
+  import Ecto.{Changeset, Query}
 
   schema "oauth_authorizations" do
-    field :token, :string
-    field :valid_until, :naive_datetime
-    field :used, :boolean, default: false
-    belongs_to :user, Pleroma.User
-    belongs_to :app, Pleroma.App
+    field(:token, :string)
+    field(:scopes, {:array, :string}, default: [])
+    field(:valid_until, :naive_datetime)
+    field(:used, :boolean, default: false)
+    belongs_to(:user, Pleroma.User, type: Pleroma.FlakeId)
+    belongs_to(:app, App)
 
     timestamps()
   end
 
-  def create_authorization(%App{} = app, %User{} = user) do
-    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64
+  def create_authorization(%App{} = app, %User{} = user, scopes \\ nil) do
+    scopes = scopes || app.scopes
+    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64()
 
     authorization = %Authorization{
       token: token,
       used: false,
       user_id: user.id,
       app_id: app.id,
-      valid_until: NaiveDateTime.add(NaiveDateTime.utc_now, 60 * 10)
+      scopes: scopes,
+      valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
     }
 
     Repo.insert(authorization)
@@ -37,11 +44,20 @@ defmodule Pleroma.Web.OAuth.Authorization do
   end
 
   def use_token(%Authorization{used: false, valid_until: valid_until} = auth) do
-    if NaiveDateTime.diff(NaiveDateTime.utc_now, valid_until) < 0 do
+    if NaiveDateTime.diff(NaiveDateTime.utc_now(), valid_until) < 0 do
       Repo.update(use_changeset(auth, %{used: true}))
     else
       {:error, "token expired"}
     end
   end
+
   def use_token(%Authorization{used: true}), do: {:error, "already used"}
+
+  def delete_user_authorizations(%User{id: user_id}) do
+    from(
+      a in Pleroma.Web.OAuth.Authorization,
+      where: a.user_id == ^user_id
+    )
+    |> Repo.delete_all()
+  end
 end