commit: 7456338ed3d0b36327c3f9b153630d36cd044bb9
parent: c23bd05737c38c407f998d3aa48c5c3d191f0c56
Author: kaniini <nenolod@gmail.com>
Date: Mon, 18 Feb 2019 04:02:41 +0000
Merge branch 'feature/add-oauth-tokens-endpoint' into 'develop'
Add OAuth tokens endpoint
See merge request pleroma/pleroma!805
Diffstat:
6 files changed, 109 insertions(+), 1 deletion(-)
diff --git a/lib/pleroma/web/oauth/token.ex b/lib/pleroma/web/oauth/token.ex
@@ -47,9 +47,27 @@ defmodule Pleroma.Web.OAuth.Token do
def delete_user_tokens(%User{id: user_id}) do
from(
- t in Pleroma.Web.OAuth.Token,
+ t in Token,
where: t.user_id == ^user_id
)
|> Repo.delete_all()
end
+
+ def delete_user_token(%User{id: user_id}, token_id) do
+ from(
+ t in Token,
+ where: t.user_id == ^user_id,
+ where: t.id == ^token_id
+ )
+ |> Repo.delete_all()
+ end
+
+ def get_user_tokens(%User{id: user_id}) do
+ from(
+ t in Token,
+ where: t.user_id == ^user_id
+ )
+ |> Repo.all()
+ |> Repo.preload(:app)
+ end
end
diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex
@@ -392,6 +392,9 @@ defmodule Pleroma.Web.Router do
get("/qvitter/mutes", TwitterAPI.Controller, :raw_empty_array)
get("/externalprofile/show", TwitterAPI.Controller, :external_profile)
+
+ get("/oauth_tokens", TwitterAPI.Controller, :oauth_tokens)
+ delete("/oauth_tokens/:id", TwitterAPI.Controller, :revoke_token)
end
pipeline :ap_relay do
diff --git a/lib/pleroma/web/twitter_api/twitter_api_controller.ex b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@@ -8,6 +8,10 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
import Pleroma.Web.ControllerHelper, only: [json_response: 3]
alias Ecto.Changeset
+ alias Pleroma.Web.TwitterAPI.{TwitterAPI, UserView, ActivityView, NotificationView, TokenView}
+ alias Pleroma.Web.CommonAPI
+ alias Pleroma.{Repo, Activity, Object, User, Notification}
+ alias Pleroma.Web.OAuth.Token
alias Pleroma.Web.ActivityPub.ActivityPub
alias Pleroma.Web.ActivityPub.Utils
alias Pleroma.Web.CommonAPI
@@ -545,6 +549,20 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
end
end
+ def oauth_tokens(%{assigns: %{user: user}} = conn, _params) do
+ with oauth_tokens <- Token.get_user_tokens(user) do
+ conn
+ |> put_view(TokenView)
+ |> render("index.json", %{tokens: oauth_tokens})
+ end
+ end
+
+ def revoke_token(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do
+ Token.delete_user_token(user, id)
+
+ json_reply(conn, 201, "")
+ end
+
def blocks(%{assigns: %{user: user}} = conn, _params) do
with blocked_users <- User.blocked_users(user) do
conn
diff --git a/lib/pleroma/web/twitter_api/views/token_view.ex b/lib/pleroma/web/twitter_api/views/token_view.ex
@@ -0,0 +1,21 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.TwitterAPI.TokenView do
+ use Pleroma.Web, :view
+
+ def render("index.json", %{tokens: tokens}) do
+ tokens
+ |> render_many(Pleroma.Web.TwitterAPI.TokenView, "show.json")
+ |> Enum.filter(&Enum.any?/1)
+ end
+
+ def render("show.json", %{token: token_entry}) do
+ %{
+ id: token_entry.id,
+ valid_until: token_entry.valid_until,
+ app_name: token_entry.app.client_name
+ }
+ end
+end
diff --git a/test/support/factory.ex b/test/support/factory.ex
@@ -227,4 +227,17 @@ defmodule Pleroma.Factory do
unreachable_since: nil
}
end
+
+ def oauth_token_factory do
+ user = insert(:user)
+ oauth_app = insert(:oauth_app)
+
+ %Pleroma.Web.OAuth.Token{
+ token: :crypto.strong_rand_bytes(32) |> Base.url_encode64(),
+ refresh_token: :crypto.strong_rand_bytes(32) |> Base.url_encode64(),
+ user_id: user.id,
+ app_id: oauth_app.id,
+ valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
+ }
+ end
end
diff --git a/test/web/twitter_api/twitter_api_controller_test.exs b/test/web/twitter_api/twitter_api_controller_test.exs
@@ -13,6 +13,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
alias Pleroma.Object
alias Pleroma.Notification
alias Pleroma.Web.ActivityPub.ActivityPub
+ alias Pleroma.Web.OAuth.Token
alias Pleroma.Web.TwitterAPI.UserView
alias Pleroma.Web.TwitterAPI.NotificationView
alias Pleroma.Web.CommonAPI
@@ -1915,4 +1916,38 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
ActivityRepresenter.to_map(activity, %{user: user, for: user})
end
end
+
+ describe "GET /api/oauth_tokens" do
+ setup do
+ token = insert(:oauth_token) |> Repo.preload(:user)
+
+ %{token: token}
+ end
+
+ test "renders list", %{token: token} do
+ response =
+ build_conn()
+ |> assign(:user, token.user)
+ |> get("/api/oauth_tokens")
+
+ keys =
+ json_response(response, 200)
+ |> hd()
+ |> Map.keys()
+
+ assert keys -- ["id", "app_name", "valid_until"] == []
+ end
+
+ test "revoke token", %{token: token} do
+ response =
+ build_conn()
+ |> assign(:user, token.user)
+ |> delete("/api/oauth_tokens/#{token.id}")
+
+ tokens = Token.get_user_tokens(token.user)
+
+ assert tokens == []
+ assert response.status == 201
+ end
+ end
end