diff options
| author |  default | 2023-04-10 09:21:14 +0200 |
|---|---|---|
| committer | default | 2023-04-10 09:21:14 +0200 |
| commit | 429be774d2bdcc64297a485aee78078f9baa3350 (patch) | |
| tree | f89923fc0ab5c981005e1b2f195affe52d78cf22 | |
| parent | Backport from xs. (diff) | |
| download | snac2-429be774d2bdcc64297a485aee78078f9baa3350.tar.gz snac2-429be774d2bdcc64297a485aee78078f9baa3350.tar.xz snac2-429be774d2bdcc64297a485aee78078f9baa3350.zip | |
Also delete the app in token revokation.
| -rw-r--r-- | mastoapi.c | 30 |
1 files changed, 30 insertions, 0 deletions
| @@ -34,6 +34,9 @@ static xs_str *random_str(void) | |||
| 34 | int app_add(const char *id, const xs_dict *app) | 34 | int app_add(const char *id, const xs_dict *app) |
| 35 | /* stores an app */ | 35 | /* stores an app */ |
| 36 | { | 36 | { |
| 37 | if (!xs_is_hex(id)) | ||
| 38 | return 500; | ||
| 39 | |||
| 37 | int status = 201; | 40 | int status = 201; |
| 38 | xs *fn = xs_fmt("%s/app/", srv_basedir); | 41 | xs *fn = xs_fmt("%s/app/", srv_basedir); |
| 39 | FILE *f; | 42 | FILE *f; |
| @@ -57,6 +60,9 @@ int app_add(const char *id, const xs_dict *app) | |||
| 57 | xs_dict *app_get(const char *id) | 60 | xs_dict *app_get(const char *id) |
| 58 | /* gets an app */ | 61 | /* gets an app */ |
| 59 | { | 62 | { |
| 63 | if (!xs_is_hex(id)) | ||
| 64 | return NULL; | ||
| 65 | |||
| 60 | xs *fn = xs_fmt("%s/app/%s.json", srv_basedir, id); | 66 | xs *fn = xs_fmt("%s/app/%s.json", srv_basedir, id); |
| 61 | xs_dict *app = NULL; | 67 | xs_dict *app = NULL; |
| 62 | FILE *f; | 68 | FILE *f; |
| @@ -72,9 +78,24 @@ xs_dict *app_get(const char *id) | |||
| 72 | } | 78 | } |
| 73 | 79 | ||
| 74 | 80 | ||
| 81 | int app_del(const char *id) | ||
| 82 | /* deletes an app */ | ||
| 83 | { | ||
| 84 | if (!xs_is_hex(id)) | ||
| 85 | return -1; | ||
| 86 | |||
| 87 | xs *fn = xs_fmt("%s/app/%s.json", srv_basedir, id); | ||
| 88 | |||
| 89 | return unlink(fn); | ||
| 90 | } | ||
| 91 | |||
| 92 | |||
| 75 | int token_add(const char *id, const xs_dict *token) | 93 | int token_add(const char *id, const xs_dict *token) |
| 76 | /* stores a token */ | 94 | /* stores a token */ |
| 77 | { | 95 | { |
| 96 | if (!xs_is_hex(id)) | ||
| 97 | return 500; | ||
| 98 | |||
| 78 | int status = 201; | 99 | int status = 201; |
| 79 | xs *fn = xs_fmt("%s/token/", srv_basedir); | 100 | xs *fn = xs_fmt("%s/token/", srv_basedir); |
| 80 | FILE *f; | 101 | FILE *f; |
| @@ -98,6 +119,9 @@ int token_add(const char *id, const xs_dict *token) | |||
| 98 | xs_dict *token_get(const char *id) | 119 | xs_dict *token_get(const char *id) |
| 99 | /* gets a token */ | 120 | /* gets a token */ |
| 100 | { | 121 | { |
| 122 | if (!xs_is_hex(id)) | ||
| 123 | return NULL; | ||
| 124 | |||
| 101 | xs *fn = xs_fmt("%s/token/%s.json", srv_basedir, id); | 125 | xs *fn = xs_fmt("%s/token/%s.json", srv_basedir, id); |
| 102 | xs_dict *token = NULL; | 126 | xs_dict *token = NULL; |
| 103 | FILE *f; | 127 | FILE *f; |
| @@ -116,6 +140,9 @@ xs_dict *token_get(const char *id) | |||
| 116 | int token_del(const char *id) | 140 | int token_del(const char *id) |
| 117 | /* deletes a token */ | 141 | /* deletes a token */ |
| 118 | { | 142 | { |
| 143 | if (!xs_is_hex(id)) | ||
| 144 | return -1; | ||
| 145 | |||
| 119 | xs *fn = xs_fmt("%s/token/%s.json", srv_basedir, id); | 146 | xs *fn = xs_fmt("%s/token/%s.json", srv_basedir, id); |
| 120 | 147 | ||
| 121 | return unlink(fn); | 148 | return unlink(fn); |
| @@ -324,6 +351,9 @@ int oauth_post_handler(const xs_dict *req, const char *q_path, | |||
| 324 | token_del(tokid); | 351 | token_del(tokid); |
| 325 | srv_debug(0, xs_fmt("oauth revoke: revoked token %s", tokid)); | 352 | srv_debug(0, xs_fmt("oauth revoke: revoked token %s", tokid)); |
| 326 | status = 200; | 353 | status = 200; |
| 354 | |||
| 355 | /* also delete the app, as it serves no purpose from now on */ | ||
| 356 | app_del(cid); | ||
| 327 | } | 357 | } |
| 328 | } | 358 | } |
| 329 | else { | 359 | else { |