New url /oauth/x-snac-get-token.

author: default 2023-05-04 11:52:04 +0200
committer: default 2023-05-04 11:52:04 +0200
commit: ec6f94e27ed0bfb5f8dd029f372cf4fe060ca19f (patch)
tree: bfa3d7e3518f377531f5c1494099a7fefc0f8566
parent: Made the post action configurable in login_page. (diff)
download: penes-snac2-ec6f94e27ed0bfb5f8dd029f372cf4fe060ca19f.tar.gz
penes-snac2-ec6f94e27ed0bfb5f8dd029f372cf4fe060ca19f.tar.xz
penes-snac2-ec6f94e27ed0bfb5f8dd029f372cf4fe060ca19f.zip
1 files changed, 52 insertions, 0 deletions
diff --git a/mastoapi.c b/mastoapi.c
index 4396155..6729cf7 100644
--- a/mastoapi.c
+++ b/mastoapi.c
@@ -221,6 +221,16 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
        else
            srv_debug(0, xs_fmt("oauth authorize: invalid or unset arguments"));
    }
+    else
+    if (strcmp(cmd, "/x-snac-get-token") == 0) {
+        const char *host = xs_dict_get(srv_config, "host");
+        *body  = xs_fmt(login_page, host, "", host, "oauth/x-snac-get-token",
+                        "", "", "", USER_AGENT);
+        *ctype = "text/html";
+        status = 200;
+    }
    return status;
 }
@@ -427,6 +437,48 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
            status = 403;
        }
    }
+    if (strcmp(cmd, "/x-snac-get-token") == 0) {
+        const char *login  = xs_dict_get(args, "login");
+        const char *passwd = xs_dict_get(args, "passwd");
+        const char *host = xs_dict_get(srv_config, "host");
+        /* by default, generate another login form with an error */
+        *body  = xs_fmt(login_page, host, "LOGIN INCORRECT", host, "oauth/x-snac-get-token",
+                        "", "", "", USER_AGENT);
+        *ctype = "text/html";
+        status = 200;
+        if (login && passwd) {
+            snac user;
+            if (user_open(&user, login)) {
+                /* check the login + password */
+                if (check_password(login, passwd, xs_dict_get(user.config, "passwd"))) {
+                    /* success! create a new token */
+                    xs *tokid = random_str();
+                    srv_debug(1, xs_fmt("x-snac-new-token: "
+                                    "successful login for %s, new token %s", login, tokid));
+                    xs *token = xs_dict_new();
+                    token = xs_dict_append(token, "token",         tokid);
+                    token = xs_dict_append(token, "client_id",     "snac-client");
+                    token = xs_dict_append(token, "client_secret", "");
+                    token = xs_dict_append(token, "uid",           login);
+                    token = xs_dict_append(token, "code",          "");
+                    token_add(tokid, token);
+                    *ctype = "text/plain";
+                    xs_free(*body);
+                    *body = xs_dup(tokid);
+                }
+                user_free(&user);
+            }
+        }
+    }
    return status;
 }
author	default	2023-05-04 11:52:04 +0200
committer	default	2023-05-04 11:52:04 +0200
commit	ec6f94e27ed0bfb5f8dd029f372cf4fe060ca19f (patch)
tree	bfa3d7e3518f377531f5c1494099a7fefc0f8566
parent	Made the post action configurable in login_page. (diff)
download	penes-snac2-ec6f94e27ed0bfb5f8dd029f372cf4fe060ca19f.tar.gz penes-snac2-ec6f94e27ed0bfb5f8dd029f372cf4fe060ca19f.tar.xz penes-snac2-ec6f94e27ed0bfb5f8dd029f372cf4fe060ca19f.zip

diff --git a/mastoapi.c b/mastoapi.c index 4396155..6729cf7 100644 --- a/mastoapi.c +++ b/mastoapi.c
@@ -221,6 +221,16 @@ int oauth_get_handler(const xs_dict req, const char q_path,
221	else	221	else
222	srv_debug(0, xs_fmt("oauth authorize: invalid or unset arguments"));	222	srv_debug(0, xs_fmt("oauth authorize: invalid or unset arguments"));
223	}	223	}
		224	else
		225	if (strcmp(cmd, "/x-snac-get-token") == 0) {
		226	const char *host = xs_dict_get(srv_config, "host");
		227
		228	*body = xs_fmt(login_page, host, "", host, "oauth/x-snac-get-token",
		229	"", "", "", USER_AGENT);
		230	*ctype = "text/html";
		231	status = 200;
		232
		233	}
224		234
225	return status;	235	return status;
226	}	236	}
@@ -427,6 +437,48 @@ int oauth_post_handler(const xs_dict req, const char q_path,
427	status = 403;	437	status = 403;
428	}	438	}
429	}	439	}
		440	if (strcmp(cmd, "/x-snac-get-token") == 0) {
		441	const char *login = xs_dict_get(args, "login");
		442	const char *passwd = xs_dict_get(args, "passwd");
		443
		444	const char *host = xs_dict_get(srv_config, "host");
		445
		446	/* by default, generate another login form with an error */
		447	*body = xs_fmt(login_page, host, "LOGIN INCORRECT", host, "oauth/x-snac-get-token",
		448	"", "", "", USER_AGENT);
		449	*ctype = "text/html";
		450	status = 200;
		451
		452	if (login && passwd) {
		453	snac user;
		454
		455	if (user_open(&user, login)) {
		456	/* check the login + password */
		457	if (check_password(login, passwd, xs_dict_get(user.config, "passwd"))) {
		458	/* success! create a new token */
		459	xs *tokid = random_str();
		460
		461	srv_debug(1, xs_fmt("x-snac-new-token: "
		462	"successful login for %s, new token %s", login, tokid));
		463
		464	xs *token = xs_dict_new();
		465	token = xs_dict_append(token, "token", tokid);
		466	token = xs_dict_append(token, "client_id", "snac-client");
		467	token = xs_dict_append(token, "client_secret", "");
		468	token = xs_dict_append(token, "uid", login);
		469	token = xs_dict_append(token, "code", "");
		470
		471	token_add(tokid, token);
		472
		473	*ctype = "text/plain";
		474	xs_free(*body);
		475	*body = xs_dup(tokid);
		476	}
		477
		478	user_free(&user);
		479	}
		480	}
		481	}
430		482
431	return status;	483	return status;
432	}	484	}