mirror of
https://codeberg.org/grunfink/snac2.git
synced 2024-11-25 22:45:05 +00:00
OAuth login now works.
This commit is contained in:
parent
752058bf66
commit
4ced03bac1
3 changed files with 109 additions and 17 deletions
3
httpd.c
3
httpd.c
|
@ -179,6 +179,9 @@ void httpd_connection(FILE *f)
|
|||
if (status == 0)
|
||||
status = oauth_get_handler(req, q_path, &body, &b_size, &ctype);
|
||||
|
||||
if (status == 0)
|
||||
status = mastoapi_get_handler(req, q_path, &body, &b_size, &ctype);
|
||||
|
||||
if (status == 0)
|
||||
status = html_get_handler(req, q_path, &body, &b_size, &ctype);
|
||||
}
|
||||
|
|
101
mastoapi.c
101
mastoapi.c
|
@ -73,12 +73,14 @@ xs_dict *app_get(const char *id)
|
|||
|
||||
const char *login_page = ""
|
||||
"<!DOCTYPE html>\n"
|
||||
"<body><h1>%s identify</h1>\n"
|
||||
"<body><h1>%s OAuth identify</h1>\n"
|
||||
"<div style=\"background-color: red; color: white\">%s</div>\n"
|
||||
"<form method=\"post\" action=\"https:/" "/%s/oauth/x-snac-login\">\n"
|
||||
"<p>Login: <input type=\"text\" name=\"login\"></p>\n"
|
||||
"<p>Password: <input type=\"password\" name=\"passwd\"></p>\n"
|
||||
"<input type=\"hidden\" name=\"redir\" value=\"%s\">\n"
|
||||
"<input type=\"hidden\" name=\"cid\" value=\"%s\">\n"
|
||||
"<input type=\"submit\" value=\"OK\">\n"
|
||||
"</form><p>%s</p></body>\n"
|
||||
"";
|
||||
|
||||
|
@ -90,13 +92,15 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
|
|||
|
||||
{
|
||||
xs *j = xs_json_dumps_pp(req, 4);
|
||||
printf("oauth:\n%s\n", j);
|
||||
printf("oauth get:\n%s\n", j);
|
||||
}
|
||||
|
||||
int status = 404;
|
||||
xs_dict *msg = xs_dict_get(req, "q_vars");
|
||||
xs *cmd = xs_replace(q_path, "/oauth", "");
|
||||
|
||||
srv_debug(0, xs_fmt("oauth_get_handler %s", q_path));
|
||||
|
||||
if (strcmp(cmd, "/authorize") == 0) {
|
||||
const char *cid = xs_dict_get(msg, "client_id");
|
||||
const char *ruri = xs_dict_get(msg, "redirect_uri");
|
||||
|
@ -110,11 +114,17 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
|
|||
if (app != NULL) {
|
||||
const char *host = xs_dict_get(srv_config, "host");
|
||||
|
||||
*body = xs_fmt(login_page, host, host, ruri, cid, USER_AGENT);
|
||||
*body = xs_fmt(login_page, host, "", host, ruri, cid, USER_AGENT);
|
||||
*ctype = "text/html";
|
||||
status = 200;
|
||||
|
||||
srv_debug(0, xs_fmt("oauth authorize: generating login page"));
|
||||
}
|
||||
else
|
||||
srv_debug(0, xs_fmt("oauth authorize: bad client_id %s", cid));
|
||||
}
|
||||
else
|
||||
srv_debug(0, xs_fmt("oauth authorize: invalid or unset arguments"));
|
||||
}
|
||||
|
||||
return status;
|
||||
|
@ -128,19 +138,64 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
|
|||
if (!xs_startswith(q_path, "/oauth/"))
|
||||
return 0;
|
||||
|
||||
{
|
||||
xs *j = xs_json_dumps_pp(req, 4);
|
||||
printf("oauth post:\n%s\n", j);
|
||||
}
|
||||
|
||||
int status = 404;
|
||||
xs_dict *msg = xs_dict_get(req, "p_vars");
|
||||
xs *cmd = xs_replace(q_path, "/oauth", "");
|
||||
|
||||
printf("oauth: %s\n", q_path);
|
||||
srv_debug(0, xs_fmt("oauth_post_handler %s", q_path));
|
||||
|
||||
if (strcmp(cmd, "/x-snac-login") == 0) {
|
||||
const char *login = xs_dict_get(msg, "login");
|
||||
const char *passwd = xs_dict_get(msg, "passwd");
|
||||
const char *redir = xs_dict_get(msg, "redir");
|
||||
const char *cid = xs_dict_get(msg, "cid");
|
||||
|
||||
const char *host = xs_dict_get(srv_config, "host");
|
||||
|
||||
/* by default, generate another login form with an error */
|
||||
*body = xs_fmt(login_page, host, "LOGIN INCORRECT", host, redir, cid, USER_AGENT);
|
||||
*ctype = "text/html";
|
||||
status = 200;
|
||||
|
||||
if (login && passwd && redir && cid) {
|
||||
snac snac;
|
||||
|
||||
if (user_open(&snac, login)) {
|
||||
/* check the login + password */
|
||||
if (check_password(login, passwd,
|
||||
xs_dict_get(snac.config, "passwd"))) {
|
||||
/* success! redirect to the desired uri */
|
||||
xs *code = random_str();
|
||||
|
||||
xs_free(*body);
|
||||
*body = xs_fmt("%s?code=%s", redir, code);
|
||||
status = 303;
|
||||
|
||||
srv_debug(0, xs_fmt("oauth x-snac-login: redirect to %s", *body));
|
||||
}
|
||||
else
|
||||
srv_debug(0, xs_fmt("oauth x-snac-login: login '%s' incorrect", login));
|
||||
|
||||
user_free(&snac);
|
||||
}
|
||||
else
|
||||
srv_debug(0, xs_fmt("oauth x-snac-login: bad user '%s'", login));
|
||||
}
|
||||
else
|
||||
srv_debug(0, xs_fmt("oauth x-snac-login: invalid or unset arguments"));
|
||||
}
|
||||
else
|
||||
if (strcmp(cmd, "/token") == 0) {
|
||||
const char *gtype = xs_dict_get(msg, "grant_type");
|
||||
const char *code = xs_dict_get(msg, "code");
|
||||
const char *cid = xs_dict_get(msg, "client_id");
|
||||
const char *csec = xs_dict_get(msg, "client_secret");
|
||||
const char *ruri = xs_dict_get(msg, "redirect_uri");
|
||||
const char *scope = xs_dict_get(msg, "scope");
|
||||
|
||||
if (gtype && code && cid && csec && ruri) {
|
||||
xs *rsp = xs_dict_new();
|
||||
|
@ -149,16 +204,19 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
|
|||
|
||||
rsp = xs_dict_append(rsp, "access_token", token);
|
||||
rsp = xs_dict_append(rsp, "token_type", "Bearer");
|
||||
rsp = xs_dict_append(rsp, "scope", scope);
|
||||
rsp = xs_dict_append(rsp, "created_at", cat);
|
||||
|
||||
*body = xs_json_dumps_pp(rsp, 4);
|
||||
*ctype = "application/json";
|
||||
status = 200;
|
||||
|
||||
srv_debug(0, xs_fmt("oauth token: successful login, token %s", token));
|
||||
}
|
||||
else
|
||||
else {
|
||||
srv_debug(0, xs_fmt("oauth token: invalid or unset arguments"));
|
||||
status = 400;
|
||||
}
|
||||
}
|
||||
else
|
||||
if (strcmp(cmd, "/revoke") == 0) {
|
||||
const char *cid = xs_dict_get(msg, "client_id");
|
||||
|
@ -178,6 +236,30 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
|
|||
}
|
||||
|
||||
|
||||
int mastoapi_get_handler(const xs_dict *req, const char *q_path,
|
||||
char **body, int *b_size, char **ctype)
|
||||
{
|
||||
if (!xs_startswith(q_path, "/api/v1/"))
|
||||
return 0;
|
||||
|
||||
{
|
||||
xs *j = xs_json_dumps_pp(req, 4);
|
||||
printf("mastoapi get:\n%s\n", j);
|
||||
}
|
||||
|
||||
int status = 404;
|
||||
xs_dict *msg = xs_dict_get(req, "q_vars");
|
||||
xs *cmd = xs_replace(q_path, "/api/v1", "");
|
||||
|
||||
srv_debug(0, xs_fmt("mastoapi_get_handler %s", q_path));
|
||||
|
||||
if (strcmp(cmd, "/accounts/verify_credentials") == 0) {
|
||||
}
|
||||
|
||||
return status;
|
||||
}
|
||||
|
||||
|
||||
int mastoapi_post_handler(const xs_dict *req, const char *q_path,
|
||||
const char *payload, int p_size,
|
||||
char **body, int *b_size, char **ctype)
|
||||
|
@ -185,6 +267,11 @@ int mastoapi_post_handler(const xs_dict *req, const char *q_path,
|
|||
if (!xs_startswith(q_path, "/api/v1/"))
|
||||
return 0;
|
||||
|
||||
{
|
||||
xs *j = xs_json_dumps_pp(req, 4);
|
||||
printf("mastoapi post:\n%s\n", j);
|
||||
}
|
||||
|
||||
int status = 404;
|
||||
xs *msg = NULL;
|
||||
char *i_ctype = xs_dict_get(req, "content-type");
|
||||
|
|
8
snac.h
8
snac.h
|
@ -224,11 +224,13 @@ int job_fifo_ready(void);
|
|||
void job_post(const xs_val *job, int urgent);
|
||||
void job_wait(xs_val **job);
|
||||
|
||||
int mastoapi_post_handler(const xs_dict *req, const char *q_path,
|
||||
const char *payload, int p_size,
|
||||
char **body, int *b_size, char **ctype);
|
||||
int oauth_get_handler(const xs_dict *req, const char *q_path,
|
||||
char **body, int *b_size, char **ctype);
|
||||
int oauth_post_handler(const xs_dict *req, const char *q_path,
|
||||
const char *payload, int p_size,
|
||||
char **body, int *b_size, char **ctype);
|
||||
int mastoapi_get_handler(const xs_dict *req, const char *q_path,
|
||||
char **body, int *b_size, char **ctype);
|
||||
int mastoapi_post_handler(const xs_dict *req, const char *q_path,
|
||||
const char *payload, int p_size,
|
||||
char **body, int *b_size, char **ctype);
|
||||
|
|
Loading…
Reference in a new issue