Friendica/friendica-github
1
0
Fork 0
mirror of https://github.com/friendica/friendica synced 2025-04-24 04:30:11 +00:00
Code Issues Projects Releases Packages Wiki Activity

API: New classes for OAuth and basic auth

Browse source
This commit is contained in:
Michael 2021-06-08 06:32:24 +00:00
parent 246aa293d1
commit acbe9ebf9e
9 changed files with 346 additions and 178 deletions
Download patch file Download diff file Expand all files Collapse all files

5
src/Module/OAuth/Token.php
View file

@ -26,6 +26,7 @@ use Friendica\Core\System;
use Friendica\Database\DBA;
use Friendica\DI;
use Friendica\Module\BaseApi;
use Friendica\Security\OAuth;
/**
* @see https://docs.joinmastodon.org/spec/oauth/
@ -57,7 +58,7 @@ class Token extends BaseApi
DI::mstdnError()->UnprocessableEntity(DI::l10n()->t('Incomplete request data'));
}
$application = self::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']);
$application = OAuth::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']);
if (empty($application)) {
DI::mstdnError()->UnprocessableEntity();
}
@ -65,7 +66,7 @@ class Token extends BaseApi
if ($request['grant_type'] == 'client_credentials') {
// the "client_credentials" are used as a token for the application itself.
// see https://aaronparecki.com/oauth-2-simplified/#client-credentials
$token = self::createTokenForUser($application, 0, '');
$token = OAuth::createTokenForUser($application, 0, '');
} elseif ($request['grant_type'] == 'authorization_code') {
// For security reasons only allow freshly created tokens
$condition = ["`redirect_uri` = ? AND `id` = ? AND `code` = ? AND `created_at` > UTC_TIMESTAMP() - INTERVAL ? MINUTE",