diff options
| author | lambda <pleromagit@rogerbraun.net> | 2018-03-25 13:40:06 +0000 |
|---|---|---|
| committer | lambda <pleromagit@rogerbraun.net> | 2018-03-25 13:40:06 +0000 |
| commit | 809bffbb21aa3f587e89b220c5309ea75e1e15ff (patch) | |
| tree | e7bdd6d9fecca0f1fbe58acb3fbbfe303b1a0b00 /lib | |
| parent | 47a5cc0dd9a1afeb81a884ee91cab48f97de82f8 (diff) | |
| parent | dd21137f38631be8ce8534493185f313fa08b7a8 (diff) | |
| download | pleroma-809bffbb21aa3f587e89b220c5309ea75e1e15ff.tar.gz | |
Merge branch 'feature/oauth-token-password' into 'develop'
oauth: implement grant_type=password for single-page apps
See merge request pleroma/pleroma!81
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/pleroma/web/oauth/oauth_controller.ex | 21 |
1 files changed, 21 insertions, 0 deletions
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex index 94318bfa9..cebc18252 100644 --- a/lib/pleroma/web/oauth/oauth_controller.ex +++ b/lib/pleroma/web/oauth/oauth_controller.ex @@ -62,6 +62,27 @@ defmodule Pleroma.Web.OAuth.OAuthController do end end + # TODO + # - investigate a way to verify the user wants to grant read/write/follow once scope handling is done + def token_exchange(conn, %{"grant_type" => "password", "name" => name, "password" => password} = params) do + with %App{} = app <- Repo.get_by(App, client_id: params["client_id"], client_secret: params["client_secret"]), + %User{} = user <- User.get_cached_by_nickname(name), + true <- Pbkdf2.checkpw(password, user.password_hash), + {:ok, auth} <- Authorization.create_authorization(app, user), + {:ok, token} <- Token.exchange_token(app, auth) do + response = %{ + token_type: "Bearer", + access_token: token.token, + refresh_token: token.refresh_token, + expires_in: 60 * 10, + scope: "read write follow" + } + json(conn, response) + else + _error -> json(conn, %{error: "Invalid credentials"}) + end + end + defp fix_padding(token) do token |> Base.url_decode64!(padding: false) |