[mastodon-client] GET /oauth/token

This commit is contained in:
Laura Hausmann 2023-10-05 14:34:52 +02:00
parent 4e177419eb
commit 75d6af8485
No known key found for this signature in database
GPG Key ID: D044E84C5BE01605
2 changed files with 35 additions and 22 deletions

View File

@ -1,6 +1,6 @@
import OAuth from "@/server/api/mastodon/entities/oauth/oauth.js";
import { secureRndstr } from "@/misc/secure-rndstr.js";
import { Apps, AuthSessions } from "@/models/index.js";
import { AccessTokens, Apps, AuthSessions } from "@/models/index.js";
import { genId } from "@/misc/gen-id.js";
import { v4 as uuid } from "uuid";
import config from "@/config/index.js";
@ -40,4 +40,33 @@ export class AuthHelpers {
appdata.session_token = session.token;
return appdata;
}
public static async getAuthToken(appSecret: string, token: string) {
// Lookup app
const app = await Apps.findOneBy({
secret: appSecret,
});
if (app == null) throw new Error("No such app");
// Fetch token
const session = await AuthSessions.findOneBy({
token: token,
appId: app.id,
});
if (session == null) throw new Error("No such session");
if (session.userId == null) throw new Error("This session is still pending");
// Lookup access token
const accessToken = await AccessTokens.findOneByOrFail({
appId: app.id,
userId: session.userId,
});
// Delete session
AuthSessions.delete(session.id);
return accessToken.token;
}
}

View File

@ -15,14 +15,12 @@ import * as slow from "koa-slow";
import { IsNull } from "typeorm";
import config from "@/config/index.js";
import Logger from "@/services/logger.js";
import { UserProfiles, Users } from "@/models/index.js";
import { Users } from "@/models/index.js";
import { fetchMeta } from "@/misc/fetch-meta.js";
import { genIdenticon } from "@/misc/gen-identicon.js";
import { createTemp } from "@/misc/create-temp.js";
import { publishMainStream } from "@/services/stream.js";
import * as Acct from "@/misc/acct.js";
import { envOption } from "@/env.js";
import megalodon, { MegalodonInterface } from "megalodon";
import activityPub from "./activitypub.js";
import nodeinfo from "./nodeinfo.js";
import wellKnown from "./well-known.js";
@ -34,6 +32,7 @@ import { initializeStreamingServer } from "./api/streaming.js";
import { koaBody } from "koa-body";
import removeTrailingSlash from "koa-remove-trailing-slashes";
import { v4 as uuid } from "uuid";
import { AuthHelpers } from "@/server/api/mastodon/helpers/auth.js";
export const serverLogger = new Logger("server", "gray", false);
@ -154,20 +153,14 @@ mastoRouter.post("/oauth/token", async (ctx) => {
console.log("token-request", body);
console.log("token-query", ctx.request.query);
if (body.grant_type === "client_credentials") {
const ret = {
ctx.body = {
access_token: uuid(),
token_type: "Bearer",
scope: "read",
created_at: Math.floor(new Date().getTime() / 1000),
};
ctx.body = ret;
return;
}
let client_id: any = body.client_id;
const BASE_URL = `${ctx.request.protocol}://${ctx.request.hostname}`;
const generator = (megalodon as any).default;
const client = generator(BASE_URL, null) as MegalodonInterface;
let m = null;
let token = null;
if (body.code) {
//m = body.code.match(/^([a-zA-Z0-9]{8})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{12})/);
@ -179,19 +172,10 @@ mastoRouter.post("/oauth/token", async (ctx) => {
console.log(body.code, token);
token = body.code;
}
if (client_id instanceof Array) {
client_id = client_id.toString();
} else if (!client_id) {
client_id = null;
}
try {
const atData = await client.fetchAccessToken(
client_id,
body.client_secret,
token ? token : "",
);
const accessToken = await AuthHelpers.getAuthToken(body.client_secret, token ? token : "");
const ret = {
access_token: atData.accessToken,
access_token: accessToken,
token_type: "Bearer",
scope: body.scope || "read write follow push",
created_at: Math.floor(new Date().getTime() / 1000),