mirror of
https://iceshrimp.dev/crimekillz/trashposs
synced 2024-11-22 00:43:49 +01:00
[mastodon-client] GET /oauth/token
This commit is contained in:
parent
4e177419eb
commit
75d6af8485
@ -1,6 +1,6 @@
|
||||
import OAuth from "@/server/api/mastodon/entities/oauth/oauth.js";
|
||||
import { secureRndstr } from "@/misc/secure-rndstr.js";
|
||||
import { Apps, AuthSessions } from "@/models/index.js";
|
||||
import { AccessTokens, Apps, AuthSessions } from "@/models/index.js";
|
||||
import { genId } from "@/misc/gen-id.js";
|
||||
import { v4 as uuid } from "uuid";
|
||||
import config from "@/config/index.js";
|
||||
@ -40,4 +40,33 @@ export class AuthHelpers {
|
||||
appdata.session_token = session.token;
|
||||
return appdata;
|
||||
}
|
||||
|
||||
public static async getAuthToken(appSecret: string, token: string) {
|
||||
// Lookup app
|
||||
const app = await Apps.findOneBy({
|
||||
secret: appSecret,
|
||||
});
|
||||
|
||||
if (app == null) throw new Error("No such app");
|
||||
|
||||
// Fetch token
|
||||
const session = await AuthSessions.findOneBy({
|
||||
token: token,
|
||||
appId: app.id,
|
||||
});
|
||||
|
||||
if (session == null) throw new Error("No such session");
|
||||
if (session.userId == null) throw new Error("This session is still pending");
|
||||
|
||||
// Lookup access token
|
||||
const accessToken = await AccessTokens.findOneByOrFail({
|
||||
appId: app.id,
|
||||
userId: session.userId,
|
||||
});
|
||||
|
||||
// Delete session
|
||||
AuthSessions.delete(session.id);
|
||||
|
||||
return accessToken.token;
|
||||
}
|
||||
}
|
||||
|
@ -15,14 +15,12 @@ import * as slow from "koa-slow";
|
||||
import { IsNull } from "typeorm";
|
||||
import config from "@/config/index.js";
|
||||
import Logger from "@/services/logger.js";
|
||||
import { UserProfiles, Users } from "@/models/index.js";
|
||||
import { Users } from "@/models/index.js";
|
||||
import { fetchMeta } from "@/misc/fetch-meta.js";
|
||||
import { genIdenticon } from "@/misc/gen-identicon.js";
|
||||
import { createTemp } from "@/misc/create-temp.js";
|
||||
import { publishMainStream } from "@/services/stream.js";
|
||||
import * as Acct from "@/misc/acct.js";
|
||||
import { envOption } from "@/env.js";
|
||||
import megalodon, { MegalodonInterface } from "megalodon";
|
||||
import activityPub from "./activitypub.js";
|
||||
import nodeinfo from "./nodeinfo.js";
|
||||
import wellKnown from "./well-known.js";
|
||||
@ -34,6 +32,7 @@ import { initializeStreamingServer } from "./api/streaming.js";
|
||||
import { koaBody } from "koa-body";
|
||||
import removeTrailingSlash from "koa-remove-trailing-slashes";
|
||||
import { v4 as uuid } from "uuid";
|
||||
import { AuthHelpers } from "@/server/api/mastodon/helpers/auth.js";
|
||||
|
||||
export const serverLogger = new Logger("server", "gray", false);
|
||||
|
||||
@ -154,20 +153,14 @@ mastoRouter.post("/oauth/token", async (ctx) => {
|
||||
console.log("token-request", body);
|
||||
console.log("token-query", ctx.request.query);
|
||||
if (body.grant_type === "client_credentials") {
|
||||
const ret = {
|
||||
ctx.body = {
|
||||
access_token: uuid(),
|
||||
token_type: "Bearer",
|
||||
scope: "read",
|
||||
created_at: Math.floor(new Date().getTime() / 1000),
|
||||
};
|
||||
ctx.body = ret;
|
||||
return;
|
||||
}
|
||||
let client_id: any = body.client_id;
|
||||
const BASE_URL = `${ctx.request.protocol}://${ctx.request.hostname}`;
|
||||
const generator = (megalodon as any).default;
|
||||
const client = generator(BASE_URL, null) as MegalodonInterface;
|
||||
let m = null;
|
||||
let token = null;
|
||||
if (body.code) {
|
||||
//m = body.code.match(/^([a-zA-Z0-9]{8})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{12})/);
|
||||
@ -179,19 +172,10 @@ mastoRouter.post("/oauth/token", async (ctx) => {
|
||||
console.log(body.code, token);
|
||||
token = body.code;
|
||||
}
|
||||
if (client_id instanceof Array) {
|
||||
client_id = client_id.toString();
|
||||
} else if (!client_id) {
|
||||
client_id = null;
|
||||
}
|
||||
try {
|
||||
const atData = await client.fetchAccessToken(
|
||||
client_id,
|
||||
body.client_secret,
|
||||
token ? token : "",
|
||||
);
|
||||
const accessToken = await AuthHelpers.getAuthToken(body.client_secret, token ? token : "");
|
||||
const ret = {
|
||||
access_token: atData.accessToken,
|
||||
access_token: accessToken,
|
||||
token_type: "Bearer",
|
||||
scope: body.scope || "read write follow push",
|
||||
created_at: Math.floor(new Date().getTime() / 1000),
|
||||
|
Loading…
Reference in New Issue
Block a user