diff options
| author | Joram Wilander <jwawilander@gmail.com> | 2017-04-20 09:55:02 -0400 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-04-20 09:55:02 -0400 |
| commit | be9624e2adce7c95039e62fc4ee22538d7fa2d2f (patch) | |
| tree | 318179b4d3a4cb5114f887797a5a4c836e5255d7 /app/oauth.go | |
| parent | 1a0f8d1b3c7451eac43bfdc5971de060caabf441 (diff) | |
| download | chat-be9624e2adce7c95039e62fc4ee22538d7fa2d2f.tar.gz chat-be9624e2adce7c95039e62fc4ee22538d7fa2d2f.tar.bz2 chat-be9624e2adce7c95039e62fc4ee22538d7fa2d2f.zip | |
Implement v4 endpoints for OAuth (#6040)
* Implement POST /oauth/apps endpoint for APIv4
* Implement GET /oauth/apps endpoint for APIv4
* Implement GET /oauth/apps/{app_id} and /oauth/apps/{app_id}/info endpoints for APIv4
* Refactor API version independent oauth endpoints
* Implement DELETE /oauth/apps/{app_id} endpoint for APIv4
* Implement /oauth/apps/{app_id}/regen_secret endpoint for APIv4
* Implement GET /user/{user_id}/oauth/apps/authorized endpoint for APIv4
* Implement POST /oauth/deauthorize endpoint
Diffstat (limited to 'app/oauth.go')
| -rw-r--r-- | app/oauth.go | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/app/oauth.go b/app/oauth.go index 260e4ac00..2c8a1c91f 100644 --- a/app/oauth.go +++ b/app/oauth.go @@ -84,50 +84,50 @@ func GetOAuthAppsByCreator(userId string, page, perPage int) ([]*model.OAuthApp, } } -func AllowOAuthAppAccessToUser(userId, responseType, clientId, redirectUri, scope, state string) (string, *model.AppError) { +func AllowOAuthAppAccessToUser(userId string, authRequest *model.AuthorizeRequest) (string, *model.AppError) { if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider { return "", model.NewAppError("AllowOAuthAppAccessToUser", "api.oauth.allow_oauth.turn_off.app_error", nil, "", http.StatusNotImplemented) } - if len(scope) == 0 { - scope = model.DEFAULT_SCOPE + if len(authRequest.Scope) == 0 { + authRequest.Scope = model.DEFAULT_SCOPE } var oauthApp *model.OAuthApp - if result := <-Srv.Store.OAuth().GetApp(clientId); result.Err != nil { + if result := <-Srv.Store.OAuth().GetApp(authRequest.ClientId); result.Err != nil { return "", result.Err } else { oauthApp = result.Data.(*model.OAuthApp) } - if !oauthApp.IsValidRedirectURL(redirectUri) { + if !oauthApp.IsValidRedirectURL(authRequest.RedirectUri) { return "", model.NewAppError("AllowOAuthAppAccessToUser", "api.oauth.allow_oauth.redirect_callback.app_error", nil, "", http.StatusBadRequest) } - if responseType != model.AUTHCODE_RESPONSE_TYPE { - return redirectUri + "?error=unsupported_response_type&state=" + state, nil + if authRequest.ResponseType != model.AUTHCODE_RESPONSE_TYPE { + return authRequest.RedirectUri + "?error=unsupported_response_type&state=" + authRequest.State, nil } - authData := &model.AuthData{UserId: userId, ClientId: clientId, CreateAt: model.GetMillis(), RedirectUri: redirectUri, State: state, Scope: scope} - authData.Code = model.HashPassword(fmt.Sprintf("%v:%v:%v:%v", clientId, redirectUri, authData.CreateAt, userId)) + authData := &model.AuthData{UserId: userId, ClientId: authRequest.ClientId, CreateAt: model.GetMillis(), RedirectUri: authRequest.RedirectUri, State: authRequest.State, Scope: authRequest.Scope} + authData.Code = model.HashPassword(fmt.Sprintf("%v:%v:%v:%v", authRequest.ClientId, authRequest.RedirectUri, authData.CreateAt, userId)) // this saves the OAuth2 app as authorized authorizedApp := model.Preference{ UserId: userId, Category: model.PREFERENCE_CATEGORY_AUTHORIZED_OAUTH_APP, - Name: clientId, - Value: scope, + Name: authRequest.ClientId, + Value: authRequest.Scope, } if result := <-Srv.Store.Preference().Save(&model.Preferences{authorizedApp}); result.Err != nil { - return redirectUri + "?error=server_error&state=" + state, nil + return authRequest.RedirectUri + "?error=server_error&state=" + authRequest.State, nil } if result := <-Srv.Store.OAuth().SaveAuthData(authData); result.Err != nil { - return redirectUri + "?error=server_error&state=" + state, nil + return authRequest.RedirectUri + "?error=server_error&state=" + authRequest.State, nil } - return redirectUri + "?code=" + url.QueryEscape(authData.Code) + "&state=" + url.QueryEscape(authData.State), nil + return authRequest.RedirectUri + "?code=" + url.QueryEscape(authData.Code) + "&state=" + url.QueryEscape(authData.State), nil } func GetOAuthAccessToken(clientId, grantType, redirectUri, code, secret, refreshToken string) (*model.AccessResponse, *model.AppError) { |