%s
\n" ""; @@ -90,13 +92,15 @@ int oauth_get_handler(const xs_dict *req, const char *q_path, { xs *j = xs_json_dumps_pp(req, 4); - printf("oauth:\n%s\n", j); + printf("oauth get:\n%s\n", j); } int status = 404; xs_dict *msg = xs_dict_get(req, "q_vars"); xs *cmd = xs_replace(q_path, "/oauth", ""); + srv_debug(0, xs_fmt("oauth_get_handler %s", q_path)); + if (strcmp(cmd, "/authorize") == 0) { const char *cid = xs_dict_get(msg, "client_id"); const char *ruri = xs_dict_get(msg, "redirect_uri"); @@ -110,11 +114,17 @@ int oauth_get_handler(const xs_dict *req, const char *q_path, if (app != NULL) { const char *host = xs_dict_get(srv_config, "host"); - *body = xs_fmt(login_page, host, host, ruri, cid, USER_AGENT); + *body = xs_fmt(login_page, host, "", host, ruri, cid, USER_AGENT); *ctype = "text/html"; status = 200; + + srv_debug(0, xs_fmt("oauth authorize: generating login page")); } + else + srv_debug(0, xs_fmt("oauth authorize: bad client_id %s", cid)); } + else + srv_debug(0, xs_fmt("oauth authorize: invalid or unset arguments")); } return status; @@ -122,25 +132,70 @@ int oauth_get_handler(const xs_dict *req, const char *q_path, int oauth_post_handler(const xs_dict *req, const char *q_path, - const char *payload, int p_size, - char **body, int *b_size, char **ctype) + const char *payload, int p_size, + char **body, int *b_size, char **ctype) { if (!xs_startswith(q_path, "/oauth/")) return 0; + { + xs *j = xs_json_dumps_pp(req, 4); + printf("oauth post:\n%s\n", j); + } + int status = 404; xs_dict *msg = xs_dict_get(req, "p_vars"); xs *cmd = xs_replace(q_path, "/oauth", ""); - printf("oauth: %s\n", q_path); + srv_debug(0, xs_fmt("oauth_post_handler %s", q_path)); + if (strcmp(cmd, "/x-snac-login") == 0) { + const char *login = xs_dict_get(msg, "login"); + const char *passwd = xs_dict_get(msg, "passwd"); + const char *redir = xs_dict_get(msg, "redir"); + const char *cid = xs_dict_get(msg, "cid"); + + const char *host = xs_dict_get(srv_config, "host"); + + /* by default, generate another login form with an error */ + *body = xs_fmt(login_page, host, "LOGIN INCORRECT", host, redir, cid, USER_AGENT); + *ctype = "text/html"; + status = 200; + + if (login && passwd && redir && cid) { + snac snac; + + if (user_open(&snac, login)) { + /* check the login + password */ + if (check_password(login, passwd, + xs_dict_get(snac.config, "passwd"))) { + /* success! redirect to the desired uri */ + xs *code = random_str(); + + xs_free(*body); + *body = xs_fmt("%s?code=%s", redir, code); + status = 303; + + srv_debug(0, xs_fmt("oauth x-snac-login: redirect to %s", *body)); + } + else + srv_debug(0, xs_fmt("oauth x-snac-login: login '%s' incorrect", login)); + + user_free(&snac); + } + else + srv_debug(0, xs_fmt("oauth x-snac-login: bad user '%s'", login)); + } + else + srv_debug(0, xs_fmt("oauth x-snac-login: invalid or unset arguments")); + } + else if (strcmp(cmd, "/token") == 0) { const char *gtype = xs_dict_get(msg, "grant_type"); const char *code = xs_dict_get(msg, "code"); const char *cid = xs_dict_get(msg, "client_id"); const char *csec = xs_dict_get(msg, "client_secret"); const char *ruri = xs_dict_get(msg, "redirect_uri"); - const char *scope = xs_dict_get(msg, "scope"); if (gtype && code && cid && csec && ruri) { xs *rsp = xs_dict_new(); @@ -149,15 +204,18 @@ int oauth_post_handler(const xs_dict *req, const char *q_path, rsp = xs_dict_append(rsp, "access_token", token); rsp = xs_dict_append(rsp, "token_type", "Bearer"); - rsp = xs_dict_append(rsp, "scope", scope); rsp = xs_dict_append(rsp, "created_at", cat); *body = xs_json_dumps_pp(rsp, 4); *ctype = "application/json"; status = 200; + + srv_debug(0, xs_fmt("oauth token: successful login, token %s", token)); } - else + else { + srv_debug(0, xs_fmt("oauth token: invalid or unset arguments")); status = 400; + } } else if (strcmp(cmd, "/revoke") == 0) { @@ -178,13 +236,42 @@ int oauth_post_handler(const xs_dict *req, const char *q_path, } -int mastoapi_post_handler(const xs_dict *req, const char *q_path, - const char *payload, int p_size, - char **body, int *b_size, char **ctype) +int mastoapi_get_handler(const xs_dict *req, const char *q_path, + char **body, int *b_size, char **ctype) { if (!xs_startswith(q_path, "/api/v1/")) return 0; + { + xs *j = xs_json_dumps_pp(req, 4); + printf("mastoapi get:\n%s\n", j); + } + + int status = 404; + xs_dict *msg = xs_dict_get(req, "q_vars"); + xs *cmd = xs_replace(q_path, "/api/v1", ""); + + srv_debug(0, xs_fmt("mastoapi_get_handler %s", q_path)); + + if (strcmp(cmd, "/accounts/verify_credentials") == 0) { + } + + return status; +} + + +int mastoapi_post_handler(const xs_dict *req, const char *q_path, + const char *payload, int p_size, + char **body, int *b_size, char **ctype) +{ + if (!xs_startswith(q_path, "/api/v1/")) + return 0; + + { + xs *j = xs_json_dumps_pp(req, 4); + printf("mastoapi post:\n%s\n", j); + } + int status = 404; xs *msg = NULL; char *i_ctype = xs_dict_get(req, "content-type"); diff --git a/snac.h b/snac.h index f1960a3..f33b806 100644 --- a/snac.h +++ b/snac.h @@ -224,11 +224,13 @@ int job_fifo_ready(void); void job_post(const xs_val *job, int urgent); void job_wait(xs_val **job); -int mastoapi_post_handler(const xs_dict *req, const char *q_path, - const char *payload, int p_size, - char **body, int *b_size, char **ctype); int oauth_get_handler(const xs_dict *req, const char *q_path, char **body, int *b_size, char **ctype); int oauth_post_handler(const xs_dict *req, const char *q_path, - const char *payload, int p_size, - char **body, int *b_size, char **ctype); + const char *payload, int p_size, + char **body, int *b_size, char **ctype); +int mastoapi_get_handler(const xs_dict *req, const char *q_path, + char **body, int *b_size, char **ctype); +int mastoapi_post_handler(const xs_dict *req, const char *q_path, + const char *payload, int p_size, + char **body, int *b_size, char **ctype);