[#923] OAuth consumer improvements, fixes, refactoring.

author: Ivan Tashkinov <ivant.business@gmail.com> 2019-03-27 15:39:35 +0300
committer: Ivan Tashkinov <ivant.business@gmail.com> 2019-03-27 15:39:35 +0300
commit: 2a95014b9d7142aa2549e70f428293af78fae8eb (patch)
tree: 3d527bee41bcbb4fddec9251ecb18f1337bc64a2 /lib
parent: 81bf6d9e6a92b4af00b3351b043193a3c299ede5 (diff)
download: pleroma-2a95014b9d7142aa2549e70f428293af78fae8eb.tar.gz
8 files changed, 57 insertions, 26 deletions
diff --git a/lib/pleroma/web/auth/authenticator.ex b/lib/pleroma/web/auth/authenticator.ex
index 1f614668c..bb87b323c 100644
--- a/lib/pleroma/web/auth/authenticator.ex
+++ b/lib/pleroma/web/auth/authenticator.ex
@@ -33,4 +33,10 @@ defmodule Pleroma.Web.Auth.Authenticator do
   def auth_template do
     implementation().auth_template() || Pleroma.Config.get(:auth_template, "show.html")
   end
+
+  @callback oauth_consumer_template() :: String.t() | nil
+  def oauth_consumer_template do
+    implementation().oauth_consumer_template() ||
+      Pleroma.Config.get(:oauth_consumer_template, "consumer.html")
+  end
 end
diff --git a/lib/pleroma/web/auth/ldap_authenticator.ex b/lib/pleroma/web/auth/ldap_authenticator.ex
index 65abd7f38..8b6d5a77f 100644
--- a/lib/pleroma/web/auth/ldap_authenticator.ex
+++ b/lib/pleroma/web/auth/ldap_authenticator.ex
@@ -51,6 +51,8 @@ defmodule Pleroma.Web.Auth.LDAPAuthenticator do
 
   def auth_template, do: nil
 
+  def oauth_consumer_template, do: nil
+
   defp ldap_user(name, password) do
     ldap = Pleroma.Config.get(:ldap, [])
     host = Keyword.get(ldap, :host, "localhost")
diff --git a/lib/pleroma/web/auth/pleroma_authenticator.ex b/lib/pleroma/web/auth/pleroma_authenticator.ex
index 60847ce6a..8b190f97f 100644
--- a/lib/pleroma/web/auth/pleroma_authenticator.ex
+++ b/lib/pleroma/web/auth/pleroma_authenticator.ex
@@ -92,4 +92,6 @@ defmodule Pleroma.Web.Auth.PleromaAuthenticator do
   end
 
   def auth_template, do: nil
+
+  def oauth_consumer_template, do: nil
 end
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index b300c96df..078839d5c 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -174,6 +174,25 @@ defmodule Pleroma.Web.OAuth.OAuthController do
     end
   end
 
+  def prepare_request(conn, %{"provider" => provider} = params) do
+    scope =
+      oauth_scopes(params, [])
+      |> Enum.join(" ")
+
+    state =
+      params
+      |> Map.delete("scopes")
+      |> Map.put("scope", scope)
+      |> Poison.encode!()
+
+    params =
+      params
+      |> Map.drop(~w(scope scopes client_id redirect_uri))
+      |> Map.put("state", state)
+
+    redirect(conn, to: o_auth_path(conn, :request, provider, params))
+  end
+
   def request(conn, params) do
     message =
       if params["provider"] do
@@ -235,14 +254,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
   end
 
   defp callback_params(%{"state" => state} = params) do
-    [client_id, redirect_uri, scope, state] = String.split(state, "|")
-
-    Map.merge(params, %{
-      "client_id" => client_id,
-      "redirect_uri" => redirect_uri,
-      "scope" => scope,
-      "state" => state
-    })
+    Map.merge(params, Poison.decode!(state))
   end
 
   def registration_details(conn, params) do
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
index f2cec574b..4d0e04d9f 100644
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@@ -213,6 +213,7 @@ defmodule Pleroma.Web.Router do
     scope [] do
       pipe_through(:browser)
 
+      get("/prepare_request", OAuthController, :prepare_request)
       get("/:provider", OAuthController, :request)
       get("/:provider/callback", OAuthController, :callback)
       post("/register", OAuthController, :register)
diff --git a/lib/pleroma/web/templates/o_auth/o_auth/_scopes.html.eex b/lib/pleroma/web/templates/o_auth/o_auth/_scopes.html.eex
new file mode 100644
index 000000000..4b8fb5dae
--- /dev/null
+++ b/lib/pleroma/web/templates/o_auth/o_auth/_scopes.html.eex
@@ -0,0 +1,13 @@
+<div class="scopes-input">
+  <%= label @form, :scope, "Permissions" %>
+
+  <div class="scopes">
+    <%= for scope <- @available_scopes do %>
+      <%# Note: using hidden input with `unchecked_value` in order to distinguish user's empty selection from `scope` param being omitted %>
+      <div class="scope">
+        <%= checkbox @form, :"scope_#{scope}", value: scope in @scopes && scope, checked_value: scope, unchecked_value: "", name: assigns[:scope_param] || "scope[]" %>
+        <%= label @form, :"scope_#{scope}", String.capitalize(scope) %>
+      </div>
+    <% end %>
+  </div>
+</div>
diff --git a/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex b/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex
index a64859a49..002f014e6 100644
--- a/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex
+++ b/lib/pleroma/web/templates/o_auth/o_auth/consumer.html.eex
@@ -2,9 +2,14 @@
 <br>
 <h2>Sign in with external provider</h2>
 
-<%= for strategy <- Pleroma.Config.get([:auth, :oauth_consumer_strategies], []) do %>
-  <%= form_for @conn, o_auth_path(@conn, :request, strategy), [method: "get"], fn f -> %>
-    <%= hidden_input f, :state, value: Enum.join([@client_id, @redirect_uri, Enum.join(@available_scopes, " "), @state], "|") %>
-    <%= submit "Sign in with #{String.capitalize(strategy)}" %>
-  <% end %>
+<%= form_for @conn, o_auth_path(@conn, :prepare_request), [method: "get"], fn f -> %>
+  <%= render @view_module, "_scopes.html", Map.put(assigns, :form, f) %>
+
+  <%= hidden_input f, :client_id, value: @client_id %>
+  <%= hidden_input f, :redirect_uri, value: @redirect_uri %>
+  <%= hidden_input f, :state, value: @state %>
+
+    <%= for strategy <- Pleroma.Config.get([:auth, :oauth_consumer_strategies], []) do %>
+      <%= submit "Sign in with #{String.capitalize(strategy)}", name: "provider", value: strategy %>
+    <% end %>
 <% end %>
diff --git a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
index b2381869a..e6cf1db45 100644
--- a/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
+++ b/lib/pleroma/web/templates/o_auth/o_auth/show.html.eex
@@ -16,18 +16,8 @@
   <%= label f, :password, "Password" %>
   <%= password_input f, :password %>
 </div>
-<div class="scopes-input">
-<%= label f, :scope, "Permissions" %>
-  <div class="scopes">
-    <%= for scope <- @available_scopes do %>
-      <%# Note: using hidden input with `unchecked_value` in order to distinguish user's empty selection from `scope` param being omitted %>
-      <div class="scope">
-        <%= checkbox f, :"scope_#{scope}", value: scope in @scopes && scope, checked_value: scope, unchecked_value: "", name: "authorization[scope][]" %>
-        <%= label f, :"scope_#{scope}", String.capitalize(scope) %>
-      </div>
-    <% end %>
-  </div>
-</div>
+
+<%= render @view_module, "_scopes.html", Map.merge(assigns, %{form: f, scope_param: "authorization[scope][]"}) %>
 
 <%= hidden_input f, :client_id, value: @client_id %>
 <%= hidden_input f, :response_type, value: @response_type %>
@@ -37,5 +27,5 @@
 <% end %>
 
 <%= if Pleroma.Config.get([:auth, :oauth_consumer_enabled]) do %>
-  <%= render @view_module, "consumer.html", assigns %>
+  <%= render @view_module, Pleroma.Web.Auth.Authenticator.oauth_consumer_template(), assigns %>
 <% end %>
author	Ivan Tashkinov <ivant.business@gmail.com>	2019-03-27 15:39:35 +0300
committer	Ivan Tashkinov <ivant.business@gmail.com>	2019-03-27 15:39:35 +0300
commit	2a95014b9d7142aa2549e70f428293af78fae8eb (patch)
tree	3d527bee41bcbb4fddec9251ecb18f1337bc64a2 /lib
parent	81bf6d9e6a92b4af00b3351b043193a3c299ede5 (diff)
download	pleroma-2a95014b9d7142aa2549e70f428293af78fae8eb.tar.gz