From 691d1208b5abd5bfb6ff0c1c75a8f315ee0e4500 Mon Sep 17 00:00:00 2001 From: eugenijm Date: Tue, 26 Mar 2019 21:42:03 +0300 Subject: [PATCH 1/2] Add GET /api/v1/apps/verify_credentials --- .../mastodon_api/mastodon_api_controller.ex | 9 +++++++ .../web/mastodon_api/views/app_view.ex | 27 +++++++++++++++++++ lib/pleroma/web/router.ex | 1 + .../mastodon_api_controller_test.exs | 20 ++++++++++++++ 4 files changed, 57 insertions(+) create mode 100644 lib/pleroma/web/mastodon_api/views/app_view.ex diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 6b7c67012..295c8bebe 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -18,6 +18,7 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIController do alias Pleroma.Web.ActivityPub.Visibility alias Pleroma.Web.CommonAPI alias Pleroma.Web.MastodonAPI.AccountView + alias Pleroma.Web.MastodonAPI.AppView alias Pleroma.Web.MastodonAPI.FilterView alias Pleroma.Web.MastodonAPI.ListView alias Pleroma.Web.MastodonAPI.MastodonAPI @@ -132,6 +133,14 @@ def verify_credentials(%{assigns: %{user: user}} = conn, _) do json(conn, account) end + def verify_app_credentials(%{assigns: %{user: _user, token: token}} = conn, _) do + with %Token{app: %App{} = app} <- Repo.preload(token, :app) do + conn + |> put_view(AppView) + |> render("show.json", %{app: app}) + end + end + def user(%{assigns: %{user: for_user}} = conn, %{"id" => nickname_or_id}) do with %User{} = user <- User.get_cached_by_nickname_or_id(nickname_or_id), true <- User.auth_active?(user) || user.id == for_user.id || User.superuser?(for_user) do diff --git a/lib/pleroma/web/mastodon_api/views/app_view.ex b/lib/pleroma/web/mastodon_api/views/app_view.ex new file mode 100644 index 000000000..1976d4dcb --- /dev/null +++ b/lib/pleroma/web/mastodon_api/views/app_view.ex @@ -0,0 +1,27 @@ +# Pleroma: A lightweight social networking server +# Copyright © 2017-2019 Pleroma Authors +# SPDX-License-Identifier: AGPL-3.0-only + +defmodule Pleroma.Web.MastodonAPI.AppView do + use Pleroma.Web, :view + + alias Pleroma.Web.OAuth.App + + def render("show.json", %{app: %App{website: webiste, client_name: name}}) do + result = %{ + name: name, + website: webiste + } + + vapid_key = Pleroma.Web.Push.vapid_config() |> Keyword.get(:public_key) + + result = + if vapid_key do + Map.put(result, "vapid_key", vapid_key) + else + result + end + + result + end +end diff --git a/lib/pleroma/web/router.ex b/lib/pleroma/web/router.ex index befd382ba..32e5f7644 100644 --- a/lib/pleroma/web/router.ex +++ b/lib/pleroma/web/router.ex @@ -328,6 +328,7 @@ defmodule Pleroma.Web.Router do get("/instance", MastodonAPIController, :masto_instance) get("/instance/peers", MastodonAPIController, :peers) post("/apps", MastodonAPIController, :create_app) + get("/apps/verify_credentials", MastodonAPIController, :verify_app_credentials) get("/custom_emojis", MastodonAPIController, :custom_emojis) get("/statuses/:id/card", MastodonAPIController, :status_card) diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 21e88eda9..9c0fdf368 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -332,6 +332,26 @@ test "verify_credentials default scope unlisted", %{conn: conn} do assert id == to_string(user.id) end + test "apps/verify_credentials", %{conn: conn} do + token = insert(:oauth_token) + + conn = + conn + |> assign(:user, token.user) + |> assign(:token, token) + |> get("/api/v1/apps/verify_credentials") + + app = Repo.preload(token, :app).app + + expected = %{ + "name" => app.client_name, + "website" => app.website, + "vapid_key" => Pleroma.Web.Push.vapid_config() |> Keyword.get(:public_key) + } + + assert expected == json_response(conn, 200) + end + test "get a status", %{conn: conn} do activity = insert(:note_activity) From a4ab60ac54d7ef0e2983483868c0e6fd59213aa4 Mon Sep 17 00:00:00 2001 From: eugenijm Date: Tue, 26 Mar 2019 23:21:31 +0300 Subject: [PATCH 2/2] Add vapid_key to the `POST /api/v1/apps` response --- .../mastodon_api/mastodon_api_controller.ex | 15 ++------ .../web/mastodon_api/views/app_view.ex | 38 +++++++++++++------ .../mastodon_api_controller_test.exs | 31 ++++++++++++++- 3 files changed, 60 insertions(+), 24 deletions(-) diff --git a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex index 295c8bebe..eee4e7678 100644 --- a/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex +++ b/lib/pleroma/web/mastodon_api/mastodon_api_controller.ex @@ -52,16 +52,9 @@ def create_app(conn, params) do with cs <- App.register_changeset(%App{}, app_attrs), false <- cs.changes[:client_name] == @local_mastodon_name, {:ok, app} <- Repo.insert(cs) do - res = %{ - id: app.id |> to_string, - name: app.client_name, - client_id: app.client_id, - client_secret: app.client_secret, - redirect_uri: app.redirect_uris, - website: app.website - } - - json(conn, res) + conn + |> put_view(AppView) + |> render("show.json", %{app: app}) end end @@ -137,7 +130,7 @@ def verify_app_credentials(%{assigns: %{user: _user, token: token}} = conn, _) d with %Token{app: %App{} = app} <- Repo.preload(token, :app) do conn |> put_view(AppView) - |> render("show.json", %{app: app}) + |> render("short.json", %{app: app}) end end diff --git a/lib/pleroma/web/mastodon_api/views/app_view.ex b/lib/pleroma/web/mastodon_api/views/app_view.ex index 1976d4dcb..f52b693a6 100644 --- a/lib/pleroma/web/mastodon_api/views/app_view.ex +++ b/lib/pleroma/web/mastodon_api/views/app_view.ex @@ -7,21 +7,35 @@ defmodule Pleroma.Web.MastodonAPI.AppView do alias Pleroma.Web.OAuth.App - def render("show.json", %{app: %App{website: webiste, client_name: name}}) do - result = %{ + @vapid_key :web_push_encryption + |> Application.get_env(:vapid_details, []) + |> Keyword.get(:public_key) + + def render("show.json", %{app: %App{} = app}) do + %{ + id: app.id |> to_string, + name: app.client_name, + client_id: app.client_id, + client_secret: app.client_secret, + redirect_uri: app.redirect_uris, + website: app.website + } + |> with_vapid_key() + end + + def render("short.json", %{app: %App{website: webiste, client_name: name}}) do + %{ name: name, website: webiste } + |> with_vapid_key() + end - vapid_key = Pleroma.Web.Push.vapid_config() |> Keyword.get(:public_key) - - result = - if vapid_key do - Map.put(result, "vapid_key", vapid_key) - else - result - end - - result + defp with_vapid_key(data) do + if @vapid_key do + Map.put(data, "vapid_key", @vapid_key) + else + data + end end end diff --git a/test/web/mastodon_api/mastodon_api_controller_test.exs b/test/web/mastodon_api/mastodon_api_controller_test.exs index 9c0fdf368..d9bcbf5a9 100644 --- a/test/web/mastodon_api/mastodon_api_controller_test.exs +++ b/test/web/mastodon_api/mastodon_api_controller_test.exs @@ -14,7 +14,9 @@ defmodule Pleroma.Web.MastodonAPI.MastodonAPIControllerTest do alias Pleroma.Web.ActivityPub.ActivityPub alias Pleroma.Web.CommonAPI alias Pleroma.Web.MastodonAPI.FilterView + alias Pleroma.Web.OAuth.App alias Pleroma.Web.OStatus + alias Pleroma.Web.Push alias Pleroma.Web.TwitterAPI.TwitterAPI import Pleroma.Factory import ExUnit.CaptureLog @@ -346,7 +348,34 @@ test "apps/verify_credentials", %{conn: conn} do expected = %{ "name" => app.client_name, "website" => app.website, - "vapid_key" => Pleroma.Web.Push.vapid_config() |> Keyword.get(:public_key) + "vapid_key" => Push.vapid_config() |> Keyword.get(:public_key) + } + + assert expected == json_response(conn, 200) + end + + test "creates an oauth app", %{conn: conn} do + user = insert(:user) + app_attrs = build(:oauth_app) + + conn = + conn + |> assign(:user, user) + |> post("/api/v1/apps", %{ + client_name: app_attrs.client_name, + redirect_uris: app_attrs.redirect_uris + }) + + [app] = Repo.all(App) + + expected = %{ + "name" => app.client_name, + "website" => app.website, + "client_id" => app.client_id, + "client_secret" => app.client_secret, + "id" => app.id |> to_string(), + "redirect_uri" => app.redirect_uris, + "vapid_key" => Push.vapid_config() |> Keyword.get(:public_key) } assert expected == json_response(conn, 200)