notfire/Iceshrimp.NET
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

[backend/masto-client] Implement /oauth/revoke endpoint

Browse source
This commit is contained in:
Laura Hausmann 2024-02-02 03:03:17 +01:00
parent 3217831d22
commit 2736ce1b71
No known key found for this signature in database
GPG key ID: D044E84C5BE01605
2 changed files with 31 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

17
Iceshrimp.Backend/Controllers/Mastodon/MastodonAuthController.cs
View file

@ -117,15 +117,22 @@ public class MastodonAuthController(DatabaseContext db) : Controller {
return Ok(res); return Ok(res);
} }
//TODO: implement /oauth/revoke
/*
[HttpPost("/oauth/revoke")] [HttpPost("/oauth/revoke")]
[ConsumesHybrid] [ConsumesHybrid]
[Produces("application/json")] [Produces("application/json")]
//[ProducesResponseType(StatusCodes.Status200OK, Type = typeof(MastodonAuth.RegisterAppResponse))] [ProducesResponseType(StatusCodes.Status200OK, Type = typeof(object))]
[ProducesResponseType(StatusCodes.Status400BadRequest, Type = typeof(MastodonErrorResponse))] [ProducesResponseType(StatusCodes.Status400BadRequest, Type = typeof(MastodonErrorResponse))]
[ProducesResponseType(StatusCodes.Status403Forbidden, Type = typeof(MastodonErrorResponse))] [ProducesResponseType(StatusCodes.Status403Forbidden, Type = typeof(MastodonErrorResponse))]
public async Task<IActionResult> RegisterApp([FromHybrid] ) { } public async Task<IActionResult> RevokeOauthToken([FromHybrid] AuthSchemas.OauthTokenRevocationRequest request) {
var token = await db.OauthTokens.FirstOrDefaultAsync(p => p.Token == request.Token &&
p.App.ClientId == request.ClientId &&
p.App.ClientSecret == request.ClientSecret);
if (token == null)
throw GracefulException.Forbidden("You are not authorized to revoke this token");
*/ db.Remove(token);
await db.SaveChangesAsync();
return Ok(new object());
}
} }

14
Iceshrimp.Backend/Controllers/Mastodon/Schemas/AuthSchemas.cs
View file

@ -110,4 +110,18 @@ public abstract class AuthSchemas {
[J("scope")] public string Scope => string.Join(' ', Scopes); [J("scope")] public string Scope => string.Join(' ', Scopes);
[J("created_at")] public long CreatedAtInternal => (long)(CreatedAt - DateTime.UnixEpoch).TotalSeconds; [J("created_at")] public long CreatedAtInternal => (long)(CreatedAt - DateTime.UnixEpoch).TotalSeconds;
} }
public class OauthTokenRevocationRequest {
[B(Name = "client_id")]
[J("client_id")]
[JR]
public string ClientId { get; set; } = null!;
[B(Name = "client_secret")]
[J("client_secret")]
[JR]
public string ClientSecret { get; set; } = null!;
[B(Name = "code")] [J("token")] [JR] public string Token { get; set; } = null!;
}
} }