mirror of
https://codeberg.org/grunfink/snac2.git
synced 2024-11-22 13:25:04 +00:00
OAuth login now works.
This commit is contained in:
parent
752058bf66
commit
4ced03bac1
3 changed files with 109 additions and 17 deletions
3
httpd.c
3
httpd.c
|
@ -179,6 +179,9 @@ void httpd_connection(FILE *f)
|
||||||
if (status == 0)
|
if (status == 0)
|
||||||
status = oauth_get_handler(req, q_path, &body, &b_size, &ctype);
|
status = oauth_get_handler(req, q_path, &body, &b_size, &ctype);
|
||||||
|
|
||||||
|
if (status == 0)
|
||||||
|
status = mastoapi_get_handler(req, q_path, &body, &b_size, &ctype);
|
||||||
|
|
||||||
if (status == 0)
|
if (status == 0)
|
||||||
status = html_get_handler(req, q_path, &body, &b_size, &ctype);
|
status = html_get_handler(req, q_path, &body, &b_size, &ctype);
|
||||||
}
|
}
|
||||||
|
|
111
mastoapi.c
111
mastoapi.c
|
@ -73,12 +73,14 @@ xs_dict *app_get(const char *id)
|
||||||
|
|
||||||
const char *login_page = ""
|
const char *login_page = ""
|
||||||
"<!DOCTYPE html>\n"
|
"<!DOCTYPE html>\n"
|
||||||
"<body><h1>%s identify</h1>\n"
|
"<body><h1>%s OAuth identify</h1>\n"
|
||||||
|
"<div style=\"background-color: red; color: white\">%s</div>\n"
|
||||||
"<form method=\"post\" action=\"https:/" "/%s/oauth/x-snac-login\">\n"
|
"<form method=\"post\" action=\"https:/" "/%s/oauth/x-snac-login\">\n"
|
||||||
"<p>Login: <input type=\"text\" name=\"login\"></p>\n"
|
"<p>Login: <input type=\"text\" name=\"login\"></p>\n"
|
||||||
"<p>Password: <input type=\"password\" name=\"passwd\"></p>\n"
|
"<p>Password: <input type=\"password\" name=\"passwd\"></p>\n"
|
||||||
"<input type=\"hidden\" name=\"redir\" value=\"%s\">\n"
|
"<input type=\"hidden\" name=\"redir\" value=\"%s\">\n"
|
||||||
"<input type=\"hidden\" name=\"cid\" value=\"%s\">\n"
|
"<input type=\"hidden\" name=\"cid\" value=\"%s\">\n"
|
||||||
|
"<input type=\"submit\" value=\"OK\">\n"
|
||||||
"</form><p>%s</p></body>\n"
|
"</form><p>%s</p></body>\n"
|
||||||
"";
|
"";
|
||||||
|
|
||||||
|
@ -90,13 +92,15 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
|
||||||
|
|
||||||
{
|
{
|
||||||
xs *j = xs_json_dumps_pp(req, 4);
|
xs *j = xs_json_dumps_pp(req, 4);
|
||||||
printf("oauth:\n%s\n", j);
|
printf("oauth get:\n%s\n", j);
|
||||||
}
|
}
|
||||||
|
|
||||||
int status = 404;
|
int status = 404;
|
||||||
xs_dict *msg = xs_dict_get(req, "q_vars");
|
xs_dict *msg = xs_dict_get(req, "q_vars");
|
||||||
xs *cmd = xs_replace(q_path, "/oauth", "");
|
xs *cmd = xs_replace(q_path, "/oauth", "");
|
||||||
|
|
||||||
|
srv_debug(0, xs_fmt("oauth_get_handler %s", q_path));
|
||||||
|
|
||||||
if (strcmp(cmd, "/authorize") == 0) {
|
if (strcmp(cmd, "/authorize") == 0) {
|
||||||
const char *cid = xs_dict_get(msg, "client_id");
|
const char *cid = xs_dict_get(msg, "client_id");
|
||||||
const char *ruri = xs_dict_get(msg, "redirect_uri");
|
const char *ruri = xs_dict_get(msg, "redirect_uri");
|
||||||
|
@ -110,11 +114,17 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
|
||||||
if (app != NULL) {
|
if (app != NULL) {
|
||||||
const char *host = xs_dict_get(srv_config, "host");
|
const char *host = xs_dict_get(srv_config, "host");
|
||||||
|
|
||||||
*body = xs_fmt(login_page, host, host, ruri, cid, USER_AGENT);
|
*body = xs_fmt(login_page, host, "", host, ruri, cid, USER_AGENT);
|
||||||
*ctype = "text/html";
|
*ctype = "text/html";
|
||||||
status = 200;
|
status = 200;
|
||||||
|
|
||||||
|
srv_debug(0, xs_fmt("oauth authorize: generating login page"));
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
srv_debug(0, xs_fmt("oauth authorize: bad client_id %s", cid));
|
||||||
}
|
}
|
||||||
|
else
|
||||||
|
srv_debug(0, xs_fmt("oauth authorize: invalid or unset arguments"));
|
||||||
}
|
}
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
|
@ -122,25 +132,70 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
|
||||||
|
|
||||||
|
|
||||||
int oauth_post_handler(const xs_dict *req, const char *q_path,
|
int oauth_post_handler(const xs_dict *req, const char *q_path,
|
||||||
const char *payload, int p_size,
|
const char *payload, int p_size,
|
||||||
char **body, int *b_size, char **ctype)
|
char **body, int *b_size, char **ctype)
|
||||||
{
|
{
|
||||||
if (!xs_startswith(q_path, "/oauth/"))
|
if (!xs_startswith(q_path, "/oauth/"))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
{
|
||||||
|
xs *j = xs_json_dumps_pp(req, 4);
|
||||||
|
printf("oauth post:\n%s\n", j);
|
||||||
|
}
|
||||||
|
|
||||||
int status = 404;
|
int status = 404;
|
||||||
xs_dict *msg = xs_dict_get(req, "p_vars");
|
xs_dict *msg = xs_dict_get(req, "p_vars");
|
||||||
xs *cmd = xs_replace(q_path, "/oauth", "");
|
xs *cmd = xs_replace(q_path, "/oauth", "");
|
||||||
|
|
||||||
printf("oauth: %s\n", q_path);
|
srv_debug(0, xs_fmt("oauth_post_handler %s", q_path));
|
||||||
|
|
||||||
|
if (strcmp(cmd, "/x-snac-login") == 0) {
|
||||||
|
const char *login = xs_dict_get(msg, "login");
|
||||||
|
const char *passwd = xs_dict_get(msg, "passwd");
|
||||||
|
const char *redir = xs_dict_get(msg, "redir");
|
||||||
|
const char *cid = xs_dict_get(msg, "cid");
|
||||||
|
|
||||||
|
const char *host = xs_dict_get(srv_config, "host");
|
||||||
|
|
||||||
|
/* by default, generate another login form with an error */
|
||||||
|
*body = xs_fmt(login_page, host, "LOGIN INCORRECT", host, redir, cid, USER_AGENT);
|
||||||
|
*ctype = "text/html";
|
||||||
|
status = 200;
|
||||||
|
|
||||||
|
if (login && passwd && redir && cid) {
|
||||||
|
snac snac;
|
||||||
|
|
||||||
|
if (user_open(&snac, login)) {
|
||||||
|
/* check the login + password */
|
||||||
|
if (check_password(login, passwd,
|
||||||
|
xs_dict_get(snac.config, "passwd"))) {
|
||||||
|
/* success! redirect to the desired uri */
|
||||||
|
xs *code = random_str();
|
||||||
|
|
||||||
|
xs_free(*body);
|
||||||
|
*body = xs_fmt("%s?code=%s", redir, code);
|
||||||
|
status = 303;
|
||||||
|
|
||||||
|
srv_debug(0, xs_fmt("oauth x-snac-login: redirect to %s", *body));
|
||||||
|
}
|
||||||
|
else
|
||||||
|
srv_debug(0, xs_fmt("oauth x-snac-login: login '%s' incorrect", login));
|
||||||
|
|
||||||
|
user_free(&snac);
|
||||||
|
}
|
||||||
|
else
|
||||||
|
srv_debug(0, xs_fmt("oauth x-snac-login: bad user '%s'", login));
|
||||||
|
}
|
||||||
|
else
|
||||||
|
srv_debug(0, xs_fmt("oauth x-snac-login: invalid or unset arguments"));
|
||||||
|
}
|
||||||
|
else
|
||||||
if (strcmp(cmd, "/token") == 0) {
|
if (strcmp(cmd, "/token") == 0) {
|
||||||
const char *gtype = xs_dict_get(msg, "grant_type");
|
const char *gtype = xs_dict_get(msg, "grant_type");
|
||||||
const char *code = xs_dict_get(msg, "code");
|
const char *code = xs_dict_get(msg, "code");
|
||||||
const char *cid = xs_dict_get(msg, "client_id");
|
const char *cid = xs_dict_get(msg, "client_id");
|
||||||
const char *csec = xs_dict_get(msg, "client_secret");
|
const char *csec = xs_dict_get(msg, "client_secret");
|
||||||
const char *ruri = xs_dict_get(msg, "redirect_uri");
|
const char *ruri = xs_dict_get(msg, "redirect_uri");
|
||||||
const char *scope = xs_dict_get(msg, "scope");
|
|
||||||
|
|
||||||
if (gtype && code && cid && csec && ruri) {
|
if (gtype && code && cid && csec && ruri) {
|
||||||
xs *rsp = xs_dict_new();
|
xs *rsp = xs_dict_new();
|
||||||
|
@ -149,15 +204,18 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
|
||||||
|
|
||||||
rsp = xs_dict_append(rsp, "access_token", token);
|
rsp = xs_dict_append(rsp, "access_token", token);
|
||||||
rsp = xs_dict_append(rsp, "token_type", "Bearer");
|
rsp = xs_dict_append(rsp, "token_type", "Bearer");
|
||||||
rsp = xs_dict_append(rsp, "scope", scope);
|
|
||||||
rsp = xs_dict_append(rsp, "created_at", cat);
|
rsp = xs_dict_append(rsp, "created_at", cat);
|
||||||
|
|
||||||
*body = xs_json_dumps_pp(rsp, 4);
|
*body = xs_json_dumps_pp(rsp, 4);
|
||||||
*ctype = "application/json";
|
*ctype = "application/json";
|
||||||
status = 200;
|
status = 200;
|
||||||
|
|
||||||
|
srv_debug(0, xs_fmt("oauth token: successful login, token %s", token));
|
||||||
}
|
}
|
||||||
else
|
else {
|
||||||
|
srv_debug(0, xs_fmt("oauth token: invalid or unset arguments"));
|
||||||
status = 400;
|
status = 400;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
else
|
else
|
||||||
if (strcmp(cmd, "/revoke") == 0) {
|
if (strcmp(cmd, "/revoke") == 0) {
|
||||||
|
@ -178,13 +236,42 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
int mastoapi_post_handler(const xs_dict *req, const char *q_path,
|
int mastoapi_get_handler(const xs_dict *req, const char *q_path,
|
||||||
const char *payload, int p_size,
|
char **body, int *b_size, char **ctype)
|
||||||
char **body, int *b_size, char **ctype)
|
|
||||||
{
|
{
|
||||||
if (!xs_startswith(q_path, "/api/v1/"))
|
if (!xs_startswith(q_path, "/api/v1/"))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
{
|
||||||
|
xs *j = xs_json_dumps_pp(req, 4);
|
||||||
|
printf("mastoapi get:\n%s\n", j);
|
||||||
|
}
|
||||||
|
|
||||||
|
int status = 404;
|
||||||
|
xs_dict *msg = xs_dict_get(req, "q_vars");
|
||||||
|
xs *cmd = xs_replace(q_path, "/api/v1", "");
|
||||||
|
|
||||||
|
srv_debug(0, xs_fmt("mastoapi_get_handler %s", q_path));
|
||||||
|
|
||||||
|
if (strcmp(cmd, "/accounts/verify_credentials") == 0) {
|
||||||
|
}
|
||||||
|
|
||||||
|
return status;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
int mastoapi_post_handler(const xs_dict *req, const char *q_path,
|
||||||
|
const char *payload, int p_size,
|
||||||
|
char **body, int *b_size, char **ctype)
|
||||||
|
{
|
||||||
|
if (!xs_startswith(q_path, "/api/v1/"))
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
{
|
||||||
|
xs *j = xs_json_dumps_pp(req, 4);
|
||||||
|
printf("mastoapi post:\n%s\n", j);
|
||||||
|
}
|
||||||
|
|
||||||
int status = 404;
|
int status = 404;
|
||||||
xs *msg = NULL;
|
xs *msg = NULL;
|
||||||
char *i_ctype = xs_dict_get(req, "content-type");
|
char *i_ctype = xs_dict_get(req, "content-type");
|
||||||
|
|
12
snac.h
12
snac.h
|
@ -224,11 +224,13 @@ int job_fifo_ready(void);
|
||||||
void job_post(const xs_val *job, int urgent);
|
void job_post(const xs_val *job, int urgent);
|
||||||
void job_wait(xs_val **job);
|
void job_wait(xs_val **job);
|
||||||
|
|
||||||
int mastoapi_post_handler(const xs_dict *req, const char *q_path,
|
|
||||||
const char *payload, int p_size,
|
|
||||||
char **body, int *b_size, char **ctype);
|
|
||||||
int oauth_get_handler(const xs_dict *req, const char *q_path,
|
int oauth_get_handler(const xs_dict *req, const char *q_path,
|
||||||
char **body, int *b_size, char **ctype);
|
char **body, int *b_size, char **ctype);
|
||||||
int oauth_post_handler(const xs_dict *req, const char *q_path,
|
int oauth_post_handler(const xs_dict *req, const char *q_path,
|
||||||
const char *payload, int p_size,
|
const char *payload, int p_size,
|
||||||
char **body, int *b_size, char **ctype);
|
char **body, int *b_size, char **ctype);
|
||||||
|
int mastoapi_get_handler(const xs_dict *req, const char *q_path,
|
||||||
|
char **body, int *b_size, char **ctype);
|
||||||
|
int mastoapi_post_handler(const xs_dict *req, const char *q_path,
|
||||||
|
const char *payload, int p_size,
|
||||||
|
char **body, int *b_size, char **ctype);
|
||||||
|
|
Loading…
Reference in a new issue