feat: ✨ don't depend on an external service for urn:ietf:wg:oauth:2.0:oob (#9602)

Co-authored-by: GeopJr <evan@geopjr.dev> Co-committed-by: GeopJr <evan@geopjr.dev>
2024-11-22 12:13:48 +01:00 · 2023-02-11 20:08:12 +00:00 · 2023-02-11 20:08:12 +00:00 · ccba7fc9db
commit ccba7fc9db
parent 572f97771f
3 changed files with 15 additions and 6 deletions
--- a/locales/en-US.yml
+++ b/locales/en-US.yml
@ -1294,6 +1294,7 @@ _auth:
  pleaseGoBack: "Please go back to the application"
  callback: "Returning to the application"
  denied: "Access denied"
  copyAsk: "Please paste the following authorization code to the application"
 _antennaSources:
  all: "All posts"
  homeTimeline: "Posts from followed users"
--- a/packages/backend/src/server/api/mastodon/endpoints/auth.ts
+++ b/packages/backend/src/server/api/mastodon/endpoints/auth.ts
@ -58,10 +58,7 @@ export function apiAuthMastodon(router: Router): void {
 			}
 			const scopeArr = Array.from(pushScope);
-			let red = body.redirect_uris;
+			const red = body.redirect_uris;
 			if (red === "urn:ietf:wg:oauth:2.0:oob") {
 				red = "https://thedesk.top/hello.html";
 			}
 			const appData = await client.registerApp(body.client_name, {
 				scopes: scopeArr,
 				redirect_uris: red,
--- a/packages/client/src/pages/auth.vue
+++ b/packages/client/src/pages/auth.vue
@ -16,7 +16,11 @@
 	</div>
 	<div v-if="state == 'accepted'" class="accepted">
 		<h1>{{ session.app.isAuthorized ? i18n.t('already-authorized') : i18n.ts.allowed }}</h1>
-		<p v-if="session.app.callbackUrl">{{ i18n.ts._auth.callback }}<MkEllipsis/></p>
+		<p v-if="session.app.callbackUrl && !auth_code">{{ i18n.ts._auth.callback }}<MkEllipsis/></p>
 		<MkKeyValue v-if="session.app.callbackUrl && auth_code" :copy="auth_code">
 			<template #key>{{ i18n.ts._auth.copyAsk }}</template>
 			<template #value>{{ auth_code }}</template>
 		</MkKeyValue>
 		<p v-if="!session.app.callbackUrl">{{ i18n.ts._auth.pleaseGoBack }}</p>
 	</div>
 	<div v-if="state == 'fetch-session-error'" class="error">
@ -32,6 +36,7 @@
 import { defineComponent } from 'vue';
 import XForm from './auth.form.vue';
 import MkSignin from '@/components/MkSignin.vue';
 import MkKeyValue from '@/components/MkKeyValue.vue';
 import * as os from '@/os';
 import { login } from '@/account';
 import { i18n } from '@/i18n';
@ -40,6 +45,7 @@ export default defineComponent({
 	components: {
 		XForm,
 		MkSignin,
 		MkKeyValue
 	},
 	props: ['token'],
 	data() {
@ -48,6 +54,7 @@ export default defineComponent({
 			session: null,
 			fetching: true,
 			i18n,
 			auth_code: null
 		};
 	},
 	mounted() {
@ -82,7 +89,11 @@ export default defineComponent({
 			if (this.session.app.callbackUrl) {
 				const url = new URL(this.session.app.callbackUrl);
 				if (['javascript:', 'file:', 'data:', 'mailto:', 'tel:'].includes(url.protocol)) throw new Error('invalid url');
-				location.href = `${this.session.app.callbackUrl}?token=${this.session.token}&code=${this.session.token}&state=${getUrlParams().state || ''}`;
+				if (this.session.app.callbackUrl === "urn:ietf:wg:oauth:2.0:oob") {
 					this.auth_code = this.session.token;
 				} else {
 					location.href = `${this.session.app.callbackUrl}?token=${this.session.token}&code=${this.session.token}&state=${getUrlParams().state || ''}`;
 				}
 			}
 		}, onLogin(res) {
 			login(res.i);