From: Ivan Tashkinov Date: Thu, 14 Feb 2019 14:03:19 +0000 (+0300) Subject: [#468] Refactored OAuth scopes parsing / defaults handling. X-Git-Url: https://git.squeep.com/?a=commitdiff_plain;h=027adbc9e5c60cd43b8857eb7a3124e6df1310c2;p=akkoma [#468] Refactored OAuth scopes parsing / defaults handling. --- diff --git a/lib/pleroma/web/controller_helper.ex b/lib/pleroma/web/controller_helper.ex index 14e3d19fd..a32195b49 100644 --- a/lib/pleroma/web/controller_helper.ex +++ b/lib/pleroma/web/controller_helper.ex @@ -5,6 +5,10 @@ defmodule Pleroma.Web.ControllerHelper do use Pleroma.Web, :controller + def oauth_scopes(params, default) do + Pleroma.Web.OAuth.parse_scopes(params["scopes"] || params["scope"], default) + end + def json_response(conn, status, json) do conn |> put_status(status) diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 59f472e91..a1e9472b2 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -19,11 +19,12 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.ActivityPub.Utils alias Pleroma.Web.CommonAPI - alias Pleroma.Web.OAuth alias Pleroma.Web.OAuth.{Authorization, Token, App} alias Pleroma.Web.MediaProxy + import Pleroma.Web.ControllerHelper, only: [oauth_scopes: 2] import Ecto.Query + require Logger @httpoison Application.get_env(:pleroma, :httpoison) @@ -32,8 +33,12 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do action_fallback(:errors) def create_app(conn, params) do - scopes = OAuth.parse_scopes(params["scope"] || params["scopes"]) - app_attrs = params |> Map.drop(["scope", "scopes"]) |> Map.put("scopes", scopes) + scopes = oauth_scopes(params, []) + + app_attrs = + params + |> Map.drop(["scope", "scopes"]) + |> Map.put("scopes", scopes) with cs <- App.register_changeset(%App{}, app_attrs), false <- cs.changes[:client_name] == @local_mastodon_name, diff --git a/lib/pleroma/web/oauth.ex b/lib/pleroma/web/oauth.ex index 761b80fde..8c78d1100 100644 --- a/lib/pleroma/web/oauth.ex +++ b/lib/pleroma/web/oauth.ex @@ -3,22 +3,21 @@ # SPDX-License-Identifier: AGPL-3.0-only defmodule Pleroma.Web.OAuth do - def parse_scopes(nil) do - nil + def parse_scopes(scopes, default) when is_list(scopes) do + scopes = Enum.filter(scopes, &(&1 not in [nil, ""])) + + if Enum.any?(scopes), + do: scopes, + else: default end - def parse_scopes(scopes) when is_list(scopes) do + def parse_scopes(scopes, default) when is_binary(scopes) do scopes + |> String.split(~r/[\s,]+/) + |> parse_scopes(default) end - def parse_scopes(scopes) do - scopes = - scopes - |> to_string() - |> String.trim() - - if scopes == "", - do: [], - else: String.split(scopes, [" ", ","]) + def parse_scopes(_, default) do + default end end diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index f00d5293d..3e905c7c7 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -5,11 +5,12 @@ defmodule Pleroma.Web.OAuth.OAuthController do use Pleroma.Web, :controller - alias Pleroma.Web.OAuth alias Pleroma.Web.OAuth.{Authorization, Token, App} alias Pleroma.{Repo, User} alias Comeonin.Pbkdf2 + import Pleroma.Web.ControllerHelper, only: [oauth_scopes: 2] + plug(:fetch_session) plug(:fetch_flash) @@ -19,7 +20,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do render(conn, "show.html", %{ response_type: params["response_type"], client_id: params["client_id"], - scopes: scopes(params) || [], + scopes: oauth_scopes(params, []), redirect_uri: params["redirect_uri"], state: params["state"] }) @@ -39,7 +40,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do {:auth_active, true} <- {:auth_active, User.auth_active?(user)}, %App{} = app <- Repo.get_by(App, client_id: client_id), true <- redirect_uri in String.split(app.redirect_uris), - scopes <- scopes(params) || app.scopes, + scopes <- oauth_scopes(params, app.scopes), [] <- scopes -- app.scopes, true <- Enum.any?(scopes), {:ok, auth} <- Authorization.create_authorization(app, user, scopes) do @@ -117,7 +118,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do %User{} = user <- User.get_by_nickname_or_email(name), true <- Pbkdf2.checkpw(password, user.password_hash), {:auth_active, true} <- {:auth_active, User.auth_active?(user)}, - scopes <- scopes(params) || app.scopes, + scopes <- oauth_scopes(params, app.scopes), {:ok, auth} <- Authorization.create_authorization(app, user, scopes), {:ok, token} <- Token.exchange_token(app, auth) do response = %{ @@ -197,7 +198,4 @@ defmodule Pleroma.Web.OAuth.OAuthController do nil end end - - defp scopes(params), - do: OAuth.parse_scopes(params["scopes"] || params["scope"]) end