X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Fo_auth%2Fo_auth_controller.ex;h=358120fe6c375bd98d8c7d056e59c0635da5b17e;hb=b0130bfa7b420550aa7acba6a88c71aa22c51246;hp=43536f95d718380f09a109ad3dcf55ef88dbf28a;hpb=d72f9e39d9f76ee8bbd26c068b2870ea945705b7;p=akkoma diff --git a/lib/pleroma/web/o_auth/o_auth_controller.ex b/lib/pleroma/web/o_auth/o_auth_controller.ex index 43536f95d..358120fe6 100644 --- a/lib/pleroma/web/o_auth/o_auth_controller.ex +++ b/lib/pleroma/web/o_auth/o_auth_controller.ex @@ -5,6 +5,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do use Pleroma.Web, :controller + alias Pleroma.Helpers.AuthHelper alias Pleroma.Helpers.UriHelper alias Pleroma.Maps alias Pleroma.MFA @@ -76,46 +77,33 @@ defmodule Pleroma.Web.OAuth.OAuthController do available_scopes = (app && app.scopes) || [] scopes = Scopes.fetch_scopes(params, available_scopes) - # if we already have a token for this specific setup, we can use that - with false <- Params.truthy_param?(params["force_login"]), - %App{} <- app, - {:ok, _} <- Scopes.validate(scopes, app.scopes), - {:ok, %Token{} = token} <- Token.get_by_app(app) do - token = Repo.preload(token, :app) + user = + with %{assigns: %{user: %User{} = user}} <- conn do + user + else + _ -> nil + end - conn - |> assign(:token, token) - |> handle_existing_authorization(params) - else - _ -> - user = - with %{assigns: %{user: %User{} = user}} <- conn do - user - else - _ -> nil - end - - scopes = - if scopes == [] do - available_scopes - else - scopes - end - - # Note: `params` might differ from `conn.params`; use `@params` not `@conn.params` in template - render(conn, Authenticator.auth_template(), %{ - user: user, - app: app && Map.delete(app, :client_secret), - response_type: params["response_type"], - client_id: params["client_id"], - available_scopes: available_scopes, - scopes: scopes, - redirect_uri: params["redirect_uri"], - state: params["state"], - params: params, - view_module: OAuthView - }) - end + scopes = + if scopes == [] do + available_scopes + else + scopes + end + + # Note: `params` might differ from `conn.params`; use `@params` not `@conn.params` in template + render(conn, Authenticator.auth_template(), %{ + user: user, + app: app && Map.delete(app, :client_secret), + response_type: params["response_type"], + client_id: params["client_id"], + available_scopes: available_scopes, + scopes: scopes, + redirect_uri: params["redirect_uri"], + state: params["state"], + params: params, + view_module: OAuthView + }) end defp handle_existing_authorization( @@ -330,8 +318,9 @@ defmodule Pleroma.Web.OAuth.OAuthController do # Bad request def token_exchange(%Plug.Conn{} = conn, params), do: bad_request(conn, params) - def after_token_exchange(%Plug.Conn{} = conn, %{token: _token} = view_params) do + def after_token_exchange(%Plug.Conn{} = conn, %{token: token} = view_params) do conn + |> AuthHelper.put_session_token(token.token) |> json(OAuthView.render("token.json", view_params)) end @@ -390,7 +379,15 @@ defmodule Pleroma.Web.OAuth.OAuthController do def token_revoke(%Plug.Conn{} = conn, %{"token" => token}) do with {:ok, %Token{} = oauth_token} <- Token.get_by_token(token), - {:ok, _oauth_token} <- RevokeToken.revoke(oauth_token) do + {:ok, oauth_token} <- RevokeToken.revoke(oauth_token) do + conn = + with session_token = AuthHelper.get_session_token(conn), + %Token{token: ^session_token} <- oauth_token do + AuthHelper.delete_session_token(conn) + else + _ -> conn + end + json(conn, %{}) else _error ->