Merge remote-tracking branch 'upstream/develop' into emoji-selector-update

* upstream/develop: (469 commits) Feature/add sticker picker guard more secure routes guard secure routes by redirecting to root closest can returns itself as well find inside status-content div only try to use the closest a tag as target Update es.json Also apply keyword filter to subjects Remove files I accidentally pushed in fix issues caused by merges in usersearch on @ Add user search at fix eslint warnings remove vue-popperjs fix moderation menu partially hidden by usercard boundary migrate popper css rewrite ModerationTools using v-tooltip make popover position for status action dropdow relative to parent node rewrite ExtraButtons using v-tooltip install v-tooltip i18n/Update pedantic Japanese translation ...
author: Henry Jameson <me@hjkos.com> 2019-07-28 13:30:29 +0300
committer: Henry Jameson <me@hjkos.com> 2019-07-28 13:30:29 +0300
commit: b3aff9bbae77b2fd34b2267ce9196c0ebd3e4691 (patch)
tree: 1219e00b6bfe6784add1578a3bc986c1dbb5f34d /src/services/new_api/oauth.js
parent: 7f6f025792dcb3a10c94c8952d0312abd0b46989 (diff)
parent: 4827e4d972f8ee11e606693e24ae4ca21711c6b1 (diff)
1 files changed, 104 insertions, 34 deletions
diff --git a/src/services/new_api/oauth.js b/src/services/new_api/oauth.js
index 9e656507..d0d18c03 100644
--- a/src/services/new_api/oauth.js
+++ b/src/services/new_api/oauth.js
@@ -1,51 +1,57 @@
-import {reduce} from 'lodash'
+import { reduce } from 'lodash'
+
+const REDIRECT_URI = `${window.location.origin}/oauth-callback`
+
+export const getOrCreateApp = ({ clientId, clientSecret, instance, commit }) => {
+  if (clientId && clientSecret) {
+    return Promise.resolve({ clientId, clientSecret })
+  }
 
-const getOrCreateApp = ({oauth, instance}) => {
   const url = `${instance}/api/v1/apps`
   const form = new window.FormData()
 
-  form.append('client_name', `PleromaFE_${Math.random()}`)
-  form.append('redirect_uris', `${window.location.origin}/oauth-callback`)
+  form.append('client_name', `PleromaFE_${window.___pleromafe_commit_hash}_${(new Date()).toISOString()}`)
+  form.append('redirect_uris', REDIRECT_URI)
   form.append('scopes', 'read write follow')
 
   return window.fetch(url, {
     method: 'POST',
     body: form
-  }).then((data) => data.json())
+  })
+    .then((data) => data.json())
+    .then((app) => ({ clientId: app.client_id, clientSecret: app.client_secret }))
+    .then((app) => commit('setClientData', app) || app)
 }
-const login = (args) => {
-  getOrCreateApp(args).then((app) => {
-    args.commit('setClientData', app)
-
-    const data = {
-      response_type: 'code',
-      client_id: app.client_id,
-      redirect_uri: app.redirect_uri,
-      scope: 'read write follow'
-    }
 
-    const dataString = reduce(data, (acc, v, k) => {
-      const encoded = `${k}=${encodeURIComponent(v)}`
-      if (!acc) {
-        return encoded
-      } else {
-        return `${acc}&${encoded}`
-      }
-    }, false)
+const login = ({ instance, clientId }) => {
+  const data = {
+    response_type: 'code',
+    client_id: clientId,
+    redirect_uri: REDIRECT_URI,
+    scope: 'read write follow'
+  }
 
-    // Do the redirect...
-    const url = `${args.instance}/oauth/authorize?${dataString}`
+  const dataString = reduce(data, (acc, v, k) => {
+    const encoded = `${k}=${encodeURIComponent(v)}`
+    if (!acc) {
+      return encoded
+    } else {
+      return `${acc}&${encoded}`
+    }
+  }, false)
 
-    window.location.href = url
-  })
+  // Do the redirect...
+  const url = `${instance}/oauth/authorize?${dataString}`
+
+  window.location.href = url
 }
 
-const getTokenWithCredentials = ({app, instance, username, password}) => {
+const getTokenWithCredentials = ({ clientId, clientSecret, instance, username, password }) => {
   const url = `${instance}/oauth/token`
   const form = new window.FormData()
 
-  form.append('client_id', app.client_id)
-  form.append('client_secret', app.client_secret)
+  form.append('client_id', clientId)
+  form.append('client_secret', clientSecret)
   form.append('grant_type', 'password')
   form.append('username', username)
   form.append('password', password)
@@ -56,12 +62,12 @@ const getTokenWithCredentials = ({app, instance, username, password}) => {
   }).then((data) => data.json())
 }
 
-const getToken = ({app, instance, code}) => {
+const getToken = ({ clientId, clientSecret, instance, code }) => {
   const url = `${instance}/oauth/token`
   const form = new window.FormData()
 
-  form.append('client_id', app.client_id)
-  form.append('client_secret', app.client_secret)
+  form.append('client_id', clientId)
+  form.append('client_secret', clientSecret)
   form.append('grant_type', 'authorization_code')
   form.append('code', code)
   form.append('redirect_uri', `${window.location.origin}/oauth-callback`)
@@ -69,6 +75,67 @@ const getToken = ({app, instance, code}) => {
   return window.fetch(url, {
     method: 'POST',
     body: form
+  })
+    .then((data) => data.json())
+}
+
+export const getClientToken = ({ clientId, clientSecret, instance }) => {
+  const url = `${instance}/oauth/token`
+  const form = new window.FormData()
+
+  form.append('client_id', clientId)
+  form.append('client_secret', clientSecret)
+  form.append('grant_type', 'client_credentials')
+  form.append('redirect_uri', `${window.location.origin}/oauth-callback`)
+
+  return window.fetch(url, {
+    method: 'POST',
+    body: form
+  }).then((data) => data.json())
+}
+const verifyOTPCode = ({ app, instance, mfaToken, code }) => {
+  const url = `${instance}/oauth/mfa/challenge`
+  const form = new window.FormData()
+
+  form.append('client_id', app.client_id)
+  form.append('client_secret', app.client_secret)
+  form.append('mfa_token', mfaToken)
+  form.append('code', code)
+  form.append('challenge_type', 'totp')
+
+  return window.fetch(url, {
+    method: 'POST',
+    body: form
+  }).then((data) => data.json())
+}
+
+const verifyRecoveryCode = ({ app, instance, mfaToken, code }) => {
+  const url = `${instance}/oauth/mfa/challenge`
+  const form = new window.FormData()
+
+  form.append('client_id', app.client_id)
+  form.append('client_secret', app.client_secret)
+  form.append('mfa_token', mfaToken)
+  form.append('code', code)
+  form.append('challenge_type', 'recovery')
+
+  return window.fetch(url, {
+    method: 'POST',
+    body: form
+  }).then((data) => data.json())
+}
+
+const revokeToken = ({ app, instance, token }) => {
+  const url = `${instance}/oauth/revoke`
+  const form = new window.FormData()
+
+  form.append('client_id', app.clientId)
+  form.append('client_secret', app.clientSecret)
+  form.append('token', token)
+
+  return window.fetch(url, {
+    method: 'POST',
+    body: form
   }).then((data) => data.json())
 }
 
@@ -76,7 +143,10 @@ const oauth = {
   login,
   getToken,
   getTokenWithCredentials,
-  getOrCreateApp
+  getOrCreateApp,
+  verifyOTPCode,
+  verifyRecoveryCode,
+  revokeToken
 }
 
 export default oauth
author	Henry Jameson <me@hjkos.com>	2019-07-28 13:30:29 +0300
committer	Henry Jameson <me@hjkos.com>	2019-07-28 13:30:29 +0300
commit	b3aff9bbae77b2fd34b2267ce9196c0ebd3e4691 (patch)
tree	1219e00b6bfe6784add1578a3bc986c1dbb5f34d /src/services/new_api/oauth.js
parent	7f6f025792dcb3a10c94c8952d0312abd0b46989 (diff)
parent	4827e4d972f8ee11e606693e24ae4ca21711c6b1 (diff)