aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/pleroma/web/oauth.ex8
-rw-r--r--lib/pleroma/web/oauth/authenticator.ex22
-rw-r--r--lib/pleroma/web/oauth/authenticator_adapter.ex7
-rw-r--r--lib/pleroma/web/oauth/oauth_controller.ex17
-rw-r--r--lib/pleroma/web/web.ex2
5 files changed, 48 insertions, 8 deletions
diff --git a/lib/pleroma/web/oauth.ex b/lib/pleroma/web/oauth.ex
index d2835a0ba..f3bac33c8 100644
--- a/lib/pleroma/web/oauth.ex
+++ b/lib/pleroma/web/oauth.ex
@@ -3,6 +3,14 @@
# SPDX-License-Identifier: AGPL-3.0-only
defmodule Pleroma.Web.OAuth do
+ @authenticator Application.get_env(
+ :pleroma,
+ Pleroma.Web.AuthenticatorAdapter,
+ Pleroma.Web.Authenticator
+ )
+
+ def authenticator, do: @authenticator
+
def parse_scopes(scopes, _default) when is_list(scopes) do
Enum.filter(scopes, &(&1 not in [nil, ""]))
end
diff --git a/lib/pleroma/web/oauth/authenticator.ex b/lib/pleroma/web/oauth/authenticator.ex
new file mode 100644
index 000000000..86bbc41f0
--- /dev/null
+++ b/lib/pleroma/web/oauth/authenticator.ex
@@ -0,0 +1,22 @@
+defmodule Pleroma.Web.Authenticator do
+ alias Pleroma.User
+ alias Comeonin.Pbkdf2
+
+ @behaviour Pleroma.Web.AuthenticatorAdapter
+
+ def get_user(%Plug.Conn{} = conn) do
+ %{"authorization" => %{"name" => name, "password" => password}} = conn.params
+
+ with {_, %User{} = user} <- {:user, User.get_by_nickname_or_email(name)},
+ {_, true} <- {:checkpw, Pbkdf2.checkpw(password, user.password_hash)} do
+ {:ok, user}
+ else
+ error ->
+ {:error, error}
+ end
+ end
+
+ def handle_error(%Plug.Conn{} = _conn, error) do
+ error
+ end
+end
diff --git a/lib/pleroma/web/oauth/authenticator_adapter.ex b/lib/pleroma/web/oauth/authenticator_adapter.ex
new file mode 100644
index 000000000..282963b1c
--- /dev/null
+++ b/lib/pleroma/web/oauth/authenticator_adapter.ex
@@ -0,0 +1,7 @@
+defmodule Pleroma.Web.AuthenticatorAdapter do
+ alias Pleroma.User
+
+ @callback get_user(Plug.Conn.t()) :: {:ok, User.t()} | {:error, any()}
+
+ @callback handle_error(Plug.Conn.t(), any()) :: any()
+end
diff --git a/lib/pleroma/web/oauth/oauth_controller.ex b/lib/pleroma/web/oauth/oauth_controller.ex
index 7c1a3adbd..abe6fd2f2 100644
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@@ -5,6 +5,7 @@
defmodule Pleroma.Web.OAuth.OAuthController do
use Pleroma.Web, :controller
+ alias Pleroma.Web.OAuth
alias Pleroma.Web.OAuth.Authorization
alias Pleroma.Web.OAuth.Token
alias Pleroma.Web.OAuth.App
@@ -24,27 +25,27 @@ defmodule Pleroma.Web.OAuth.OAuthController do
available_scopes = (app && app.scopes) || []
scopes = oauth_scopes(params, nil) || available_scopes
- render(conn, "show.html", %{
+ template = Application.get_env(:pleroma, :auth_template, "show.html")
+
+ render(conn, template, %{
response_type: params["response_type"],
client_id: params["client_id"],
available_scopes: available_scopes,
scopes: scopes,
redirect_uri: params["redirect_uri"],
- state: params["state"]
+ state: params["state"],
+ params: params
})
end
def create_authorization(conn, %{
"authorization" =>
%{
- "name" => name,
- "password" => password,
"client_id" => client_id,
"redirect_uri" => redirect_uri
} = auth_params
}) do
- with %User{} = user <- User.get_by_nickname_or_email(name),
- true <- Pbkdf2.checkpw(password, user.password_hash),
+ with {_, {:ok, %User{} = user}} <- {:get_user, OAuth.authenticator().get_user(conn)},
%App{} = app <- Repo.get_by(App, client_id: client_id),
true <- redirect_uri in String.split(app.redirect_uris),
scopes <- oauth_scopes(auth_params, []),
@@ -53,9 +54,9 @@ defmodule Pleroma.Web.OAuth.OAuthController do
{:missing_scopes, false} <- {:missing_scopes, scopes == []},
{:auth_active, true} <- {:auth_active, User.auth_active?(user)},
{:ok, auth} <- Authorization.create_authorization(app, user, scopes) do
- # Special case: Local MastodonFE.
redirect_uri =
if redirect_uri == "." do
+ # Special case: Local MastodonFE
mastodon_api_url(conn, :login)
else
redirect_uri
@@ -97,7 +98,7 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|> authorize(auth_params)
error ->
- error
+ OAuth.authenticator().handle_error(conn, error)
end
end
diff --git a/lib/pleroma/web/web.ex b/lib/pleroma/web/web.ex
index 853aa2a87..4f618743d 100644
--- a/lib/pleroma/web/web.ex
+++ b/lib/pleroma/web/web.ex
@@ -26,6 +26,8 @@ defmodule Pleroma.Web do
import Plug.Conn
import Pleroma.Web.Gettext
import Pleroma.Web.Router.Helpers
+
+ plug(:put_layout, Application.get_env(:pleroma, :app_template, "app.html"))
end
end
generated by cgit v1.2.3 (git 2.26.2) at 2025-04-24 17:42:59 +0000