diff options
| author | Ivan Tashkinov <ivant.business@gmail.com> | 2019-04-02 14:05:34 +0300 |
|---|---|---|
| committer | Ivan Tashkinov <ivant.business@gmail.com> | 2019-04-02 14:05:34 +0300 |
| commit | 37925cbe78b7fc73f28cc85ffcf1e16fb00f7a24 (patch) | |
| tree | 2e3f848e697426f4b79d8e02a2ba20df12368ca9 /lib/pleroma/web/oauth/oauth_controller.ex | |
| parent | 590c935d95f0ea4fb65994027a88a0623527af88 (diff) | |
| parent | 091baf93169895c62418ccee81b80d00416aaa56 (diff) | |
| download | pleroma-37925cbe78b7fc73f28cc85ffcf1e16fb00f7a24.tar.gz | |
Merge remote-tracking branch 'remotes/upstream/develop' into twitter_oauth
# Conflicts:
# lib/pleroma/web/oauth/oauth_controller.ex
# lib/pleroma/web/router.ex
Diffstat (limited to 'lib/pleroma/web/oauth/oauth_controller.ex')
| -rw-r--r-- | lib/pleroma/web/oauth/oauth_controller.ex | 26 |
1 files changed, 24 insertions, 2 deletions
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 54e0a35ba..1b467e983 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -9,6 +9,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do alias Pleroma.Repo alias Pleroma.User alias Pleroma.Web.Auth.Authenticator + alias Pleroma.Web.ControllerHelper alias Pleroma.Web.OAuth.App alias Pleroma.Web.OAuth.Authorization alias Pleroma.Web.OAuth.Token @@ -22,7 +23,28 @@ defmodule Pleroma.Web.OAuth.OAuthController do action_fallback(Pleroma.Web.OAuth.FallbackController) - def authorize(conn, params) do + def authorize(%{assigns: %{token: %Token{} = token}} = conn, params) do + if ControllerHelper.truthy_param?(params["force_login"]) do + do_authorize(conn, params) + else + redirect_uri = + if is_binary(params["redirect_uri"]) do + params["redirect_uri"] + else + app = Repo.preload(token, :app).app + + app.redirect_uris + |> String.split() + |> Enum.at(0) + end + + redirect(conn, external: redirect_uri(conn, redirect_uri)) + end + end + + def authorize(conn, params), do: do_authorize(conn, params) + + defp do_authorize(conn, params) do app = Repo.get_by(App, client_id: params["client_id"]) available_scopes = (app && app.scopes) || [] scopes = oauth_scopes(params, nil) || available_scopes @@ -99,7 +121,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do fixed_token = fix_padding(params["code"]), %Authorization{} = auth <- Repo.get_by(Authorization, token: fixed_token, app_id: app.id), - %User{} = user <- Repo.get(User, auth.user_id), + %User{} = user <- User.get_by_id(auth.user_id), {:ok, token} <- Token.exchange_token(app, auth), {:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do response = %{ |