aboutsummaryrefslogtreecommitdiff
path: root/lib/pleroma/web/oauth/oauth_controller.ex
diff options
context:
space:
mode:
Diffstat (limited to 'lib/pleroma/web/oauth/oauth_controller.ex')
-rw-r--r--lib/pleroma/web/oauth/oauth_controller.ex16
1 files changed, 15 insertions, 1 deletions
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index a5fb32a4e..160cedd8e 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -60,11 +60,13 @@ defmodule Pleroma.Web.OAuth.OAuthController do
fixed_token = fix_padding(params["code"]),
%Authorization{} = auth <-
Repo.get_by(Authorization, token: fixed_token, app_id: app.id),
- {:ok, token} <- Token.exchange_token(app, auth) do
+ {:ok, token} <- Token.exchange_token(app, auth),
+ {:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do
response = %{
token_type: "Bearer",
access_token: token.token,
refresh_token: token.refresh_token,
+ created_at: DateTime.to_unix(inserted_at),
expires_in: 60 * 10,
scope: "read write follow"
}
@@ -116,6 +118,18 @@ defmodule Pleroma.Web.OAuth.OAuthController do
token_exchange(conn, params)
end
+ def token_revoke(conn, %{"token" => token} = params) do
+ with %App{} = app <- get_app_from_request(conn, params),
+ %Token{} = token <- Repo.get_by(Token, token: token, app_id: app.id),
+ {:ok, %Token{}} <- Repo.delete(token) do
+ json(conn, %{})
+ else
+ _error ->
+ # RFC 7009: invalid tokens [in the request] do not cause an error response
+ json(conn, %{})
+ end
+ end
+
defp fix_padding(token) do
token
|> Base.url_decode64!(padding: false)
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-25 11:23:21 +0000