differences_in_mastoapi_responses.md: fullname & bio are optionnal

[ci skip]

4 files changed, 60 insertions, 13 deletions

diff --git a/lib/pleroma/web/oauth/app.ex b/lib/pleroma/web/oauth/app.ex
index bccc2ac96..ddcdb1871 100644
--- a/lib/pleroma/web/oauth/app.ex
+++ b/lib/pleroma/web/oauth/app.ex
@@ -7,6 +7,7 @@ defmodule Pleroma.Web.OAuth.App do
   import Ecto.Changeset
 
   @type t :: %__MODULE__{}
+
   schema "apps" do
     field(:client_name, :string)
     field(:redirect_uris, :string)
diff --git a/lib/pleroma/web/oauth/authorization.ex b/lib/pleroma/web/oauth/authorization.ex
index ca3901cc4..b47688de1 100644
--- a/lib/pleroma/web/oauth/authorization.ex
+++ b/lib/pleroma/web/oauth/authorization.ex
@@ -14,6 +14,7 @@ defmodule Pleroma.Web.OAuth.Authorization do
   import Ecto.Query
 
   @type t :: %__MODULE__{}
+
   schema "oauth_authorizations" do
     field(:token, :string)
     field(:scopes, {:array, :string}, default: [])
@@ -25,28 +26,45 @@ defmodule Pleroma.Web.OAuth.Authorization do
     timestamps()
   end
 
+  @spec create_authorization(App.t(), User.t() | %{}, [String.t()] | nil) ::
+          {:ok, Authorization.t()} | {:error, Changeset.t()}
   def create_authorization(%App{} = app, %User{} = user, scopes \\ nil) do
-    scopes = scopes || app.scopes
-    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
-
-    authorization = %Authorization{
-      token: token,
-      used: false,
+    %{
+      scopes: scopes || app.scopes,
       user_id: user.id,
-      app_id: app.id,
-      scopes: scopes,
-      valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
+      app_id: app.id
     }
+    |> create_changeset()
+    |> Repo.insert()
+  end
+
+  @spec create_changeset(map()) :: Changeset.t()
+  def create_changeset(attrs \\ %{}) do
+    %Authorization{}
+    |> cast(attrs, [:user_id, :app_id, :scopes, :valid_until])
+    |> validate_required([:app_id, :scopes])
+    |> add_token()
+    |> add_lifetime()
+  end
+
+  defp add_token(changeset) do
+    token = :crypto.strong_rand_bytes(32) |> Base.url_encode64(padding: false)
+    put_change(changeset, :token, token)
+  end
 
-    Repo.insert(authorization)
+  defp add_lifetime(changeset) do
+    put_change(changeset, :valid_until, NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10))
   end
 
+  @spec use_changeset(Authtorizatiton.t(), map()) :: Changeset.t()
   def use_changeset(%Authorization{} = auth, params) do
     auth
     |> cast(params, [:used])
     |> validate_required([:used])
   end
 
+  @spec use_token(Authorization.t()) ::
+          {:ok, Authorization.t()} | {:error, Changeset.t()} | {:error, String.t()}
   def use_token(%Authorization{used: false, valid_until: valid_until} = auth) do
     if NaiveDateTime.diff(NaiveDateTime.utc_now(), valid_until) < 0 do
       Repo.update(use_changeset(auth, %{used: true}))
@@ -57,6 +75,7 @@ defmodule Pleroma.Web.OAuth.Authorization do
 
   def use_token(%Authorization{used: true}), do: {:error, "already used"}
 
+  @spec delete_user_authorizations(User.t()) :: {integer(), any()}
   def delete_user_authorizations(%User{id: user_id}) do
     from(
       a in Pleroma.Web.OAuth.Authorization,
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index 8ee0da667..862b8f8c9 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -218,6 +218,28 @@ defmodule Pleroma.Web.OAuth.OAuthController do
     token_exchange(conn, params)
   end
 
+  def token_exchange(conn, %{"grant_type" => "client_credentials"} = params) do
+    with %App{} = app <- get_app_from_request(conn, params),
+         {:ok, auth} <- Authorization.create_authorization(app, %User{}),
+         {:ok, token} <- Token.exchange_token(app, auth),
+         {:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do
+      response = %{
+        token_type: "Bearer",
+        access_token: token.token,
+        refresh_token: token.refresh_token,
+        created_at: DateTime.to_unix(inserted_at),
+        expires_in: 60 * 10,
+        scope: Enum.join(token.scopes, " ")
+      }
+
+      json(conn, response)
+    else
+      _error ->
+        put_status(conn, 400)
+        |> json(%{error: "Invalid credentials"})
+    end
+  end
+
   # Bad request
   def token_exchange(conn, params), do: bad_request(conn, params)
 
diff --git a/lib/pleroma/web/oauth/token.ex b/lib/pleroma/web/oauth/token.ex
index 4e5d1d118..ef047d565 100644
--- a/lib/pleroma/web/oauth/token.ex
+++ b/lib/pleroma/web/oauth/token.ex
@@ -45,12 +45,16 @@ defmodule Pleroma.Web.OAuth.Token do
     |> Repo.find_resource()
   end
 
+  @spec exchange_token(App.t(), Authorization.t()) ::
+          {:ok, Token.t()} | {:error, Changeset.t()}
   def exchange_token(app, auth) do
     with {:ok, auth} <- Authorization.use_token(auth),
          true <- auth.app_id == app.id do
+      user = if auth.user_id, do: User.get_cached_by_id(auth.user_id), else: %User{}
+
       create_token(
         app,
-        User.get_cached_by_id(auth.user_id),
+        user,
         %{scopes: auth.scopes}
       )
     end
@@ -81,12 +85,13 @@ defmodule Pleroma.Web.OAuth.Token do
     |> validate_required([:valid_until])
   end
 
+  @spec create_token(App.t(), User.t(), map()) :: {:ok, Token} | {:error, Changeset.t()}
   def create_token(%App{} = app, %User{} = user, attrs \\ %{}) do
     %__MODULE__{user_id: user.id, app_id: app.id}
     |> cast(%{scopes: attrs[:scopes] || app.scopes}, [:scopes])
-    |> validate_required([:scopes, :user_id, :app_id])
+    |> validate_required([:scopes, :app_id])
     |> put_valid_until(attrs)
-    |> put_token
+    |> put_token()
     |> put_refresh_token(attrs)
     |> Repo.insert()
   end