X-Git-Url: https://git.squeep.com/?a=blobdiff_plain;f=lib%2Fpleroma%2Fweb%2Foauth%2Fauthorization.ex;h=268ee5b634d110bd01d929839d27682c54a50b68;hb=ee0e05f9301e149c769f36bfd0fc8527ec7b6326;hp=0fbaa902b408ecc8f86a6fd91b8c84ee8a7f8bc7;hpb=4ad843fb9df838f36c014ddfb76d7107ba2b5c7b;p=akkoma
diff --git a/lib/pleroma/web/oauth/authorization.ex b/lib/pleroma/web/oauth/authorization.ex
index 0fbaa902b..268ee5b63 100644
--- a/lib/pleroma/web/oauth/authorization.ex
+++ b/lib/pleroma/web/oauth/authorization.ex
@@ -1,49 +1,70 @@
# Pleroma: A lightweight social networking server
-# Copyright © 2017-2019 Pleroma Authors
+# Copyright © 2017-2020 Pleroma Authors
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.OAuth.Authorization do
use Ecto.Schema
- alias Pleroma.{User, Repo}
- alias Pleroma.Web.OAuth
- alias Pleroma.Web.OAuth.{Authorization, App}
+ alias Pleroma.Repo
+ alias Pleroma.User
+ alias Pleroma.Web.OAuth.App
+ alias Pleroma.Web.OAuth.Authorization
- import Ecto.{Changeset, Query}
+ import Ecto.Changeset
+ import Ecto.Query
+
+ @type t :: %__MODULE__{}
schema "oauth_authorizations" do
field(:token, :string)
- field(:scope, :string)
- field(:valid_until, :naive_datetime)
+ field(:scopes, {:array, :string}, default: [])
+ field(:valid_until, :naive_datetime_usec)
field(:used, :boolean, default: false)
- belongs_to(:user, Pleroma.User, type: Pleroma.FlakeId)
+ belongs_to(:user, User, type: FlakeId.Ecto.CompatType)
belongs_to(:app, App)
timestamps()
end
- def create_authorization(%App{} = app, %User{} = user, scope \\ nil) do
- scopes = OAuth.parse_scopes(scope || app.scopes)
- token = :crypto.strong_rand_bytes(32) |> Base.url_encode64()
-
- authorization = %Authorization{
- token: token,
- used: false,
+ @spec create_authorization(App.t(), User.t() | %{}, [String.t()] | nil) ::
+ {:ok, Authorization.t()} | {:error, Changeset.t()}
+ def create_authorization(%App{} = app, %User{} = user, scopes \\ nil) do
+ %{
+ scopes: scopes || app.scopes,
user_id: user.id,
- app_id: app.id,
- scope: Enum.join(scopes, " "),
- valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
+ app_id: app.id
}
+ |> create_changeset()
+ |> Repo.insert()
+ end
- Repo.insert(authorization)
+ @spec create_changeset(map()) :: Changeset.t()
+ def create_changeset(attrs \\ %{}) do
+ %Authorization{}
+ |> cast(attrs, [:user_id, :app_id, :scopes, :valid_until])
+ |> validate_required([:app_id, :scopes])
+ |> add_token()
+ |> add_lifetime()
end
+ defp add_token(changeset) do
+ token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
+ put_change(changeset, :token, token)
+ end
+
+ defp add_lifetime(changeset) do
+ put_change(changeset, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10))
+ end
+
+ @spec use_changeset(Authtorizatiton.t(), map()) :: Changeset.t()
def use_changeset(%Authorization{} = auth, params) do
auth
|> cast(params, [:used])
|> validate_required([:used])
end
+ @spec use_token(Authorization.t()) ::
+ {:ok, Authorization.t()} | {:error, Changeset.t()} | {:error, String.t()}
def use_token(%Authorization{used: false, valid_until: valid_until} = auth) do
if NaiveDateTime.diff(NaiveDateTime.utc_now(), valid_until) < 0 do
Repo.update(use_changeset(auth, %{used: true}))
@@ -54,11 +75,21 @@ defmodule Pleroma.Web.OAuth.Authorization do
def use_token(%Authorization{used: true}), do: {:error, "already used"}
- def delete_user_authorizations(%User{id: user_id}) do
- from(
- a in Pleroma.Web.OAuth.Authorization,
- where: a.user_id == ^user_id
- )
+ @spec delete_user_authorizations(User.t()) :: {integer(), any()}
+ def delete_user_authorizations(%User{} = user) do
+ user
+ |> delete_by_user_query
|> Repo.delete_all()
end
+
+ def delete_by_user_query(%User{id: user_id}) do
+ from(a in __MODULE__, where: a.user_id == ^user_id)
+ end
+
+ @doc "gets auth for app by token"
+ @spec get_by_token(App.t(), String.t()) :: {:ok, t()} | {:error, :not_found}
+ def get_by_token(%App{id: app_id} = _app, token) do
+ from(t in __MODULE__, where: t.app_id == ^app_id and t.token == ^token)
+ |> Repo.find_resource()
+ end
end