snac2

Fork of https://codeberg.org/grunfink/snac2
git clone https://git.inz.fi/snac2
Log | Files | Refs | README | LICENSE
commit ec6f94e27ed0bfb5f8dd029f372cf4fe060ca19f
parent f6ef275fa3dfd0e74093a5eb74a5167f7be4ece0
Author: default <nobody@localhost>
Date:   Thu,  4 May 2023 11:52:04 +0200

New url /oauth/x-snac-get-token.

Diffstat:

Mmastoapi.c | 52++++++++++++++++++++++++++++++++++++++++++++++++++++


1 file changed, 52 insertions(+), 0 deletions(-)

diff --git a/mastoapi.c b/mastoapi.c
@@ -221,6 +221,16 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
         else
             srv_debug(0, xs_fmt("oauth authorize: invalid or unset arguments"));
     }
+    else
+    if (strcmp(cmd, "/x-snac-get-token") == 0) {
+        const char *host = xs_dict_get(srv_config, "host");
+
+        *body  = xs_fmt(login_page, host, "", host, "oauth/x-snac-get-token",
+                        "", "", "", USER_AGENT);
+        *ctype = "text/html";
+        status = 200;
+
+    }
 
     return status;
 }
@@ -427,6 +437,48 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
             status = 403;
         }
     }
+    if (strcmp(cmd, "/x-snac-get-token") == 0) {
+        const char *login  = xs_dict_get(args, "login");
+        const char *passwd = xs_dict_get(args, "passwd");
+
+        const char *host = xs_dict_get(srv_config, "host");
+
+        /* by default, generate another login form with an error */
+        *body  = xs_fmt(login_page, host, "LOGIN INCORRECT", host, "oauth/x-snac-get-token",
+                        "", "", "", USER_AGENT);
+        *ctype = "text/html";
+        status = 200;
+
+        if (login && passwd) {
+            snac user;
+
+            if (user_open(&user, login)) {
+                /* check the login + password */
+                if (check_password(login, passwd, xs_dict_get(user.config, "passwd"))) {
+                    /* success! create a new token */
+                    xs *tokid = random_str();
+
+                    srv_debug(1, xs_fmt("x-snac-new-token: "
+                                    "successful login for %s, new token %s", login, tokid));
+
+                    xs *token = xs_dict_new();
+                    token = xs_dict_append(token, "token",         tokid);
+                    token = xs_dict_append(token, "client_id",     "snac-client");
+                    token = xs_dict_append(token, "client_secret", "");
+                    token = xs_dict_append(token, "uid",           login);
+                    token = xs_dict_append(token, "code",          "");
+
+                    token_add(tokid, token);
+
+                    *ctype = "text/plain";
+                    xs_free(*body);
+                    *body = xs_dup(tokid);
+                }
+
+                user_free(&user);
+            }
+        }
+    }
 
     return status;
 }