From be9624e2adce7c95039e62fc4ee22538d7fa2d2f Mon Sep 17 00:00:00 2001
From: Joram Wilander <jwawilander@gmail.com>
Date: Thu, 20 Apr 2017 09:55:02 -0400
Subject: Implement v4 endpoints for OAuth (#6040)

* Implement POST /oauth/apps endpoint for APIv4

* Implement GET /oauth/apps endpoint for APIv4

* Implement GET /oauth/apps/{app_id} and /oauth/apps/{app_id}/info endpoints for APIv4

* Refactor API version independent oauth endpoints

* Implement DELETE /oauth/apps/{app_id} endpoint for APIv4

* Implement /oauth/apps/{app_id}/regen_secret endpoint for APIv4

* Implement GET /user/{user_id}/oauth/apps/authorized endpoint for APIv4

* Implement POST /oauth/deauthorize endpoint
---
 app/oauth.go | 28 ++++++++++++++--------------
 1 file changed, 14 insertions(+), 14 deletions(-)

(limited to 'app/oauth.go')

diff --git a/app/oauth.go b/app/oauth.go
index 260e4ac00..2c8a1c91f 100644
--- a/app/oauth.go
+++ b/app/oauth.go
@@ -84,50 +84,50 @@ func GetOAuthAppsByCreator(userId string, page, perPage int) ([]*model.OAuthApp,
 	}
 }
 
-func AllowOAuthAppAccessToUser(userId, responseType, clientId, redirectUri, scope, state string) (string, *model.AppError) {
+func AllowOAuthAppAccessToUser(userId string, authRequest *model.AuthorizeRequest) (string, *model.AppError) {
 	if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider {
 		return "", model.NewAppError("AllowOAuthAppAccessToUser", "api.oauth.allow_oauth.turn_off.app_error", nil, "", http.StatusNotImplemented)
 	}
 
-	if len(scope) == 0 {
-		scope = model.DEFAULT_SCOPE
+	if len(authRequest.Scope) == 0 {
+		authRequest.Scope = model.DEFAULT_SCOPE
 	}
 
 	var oauthApp *model.OAuthApp
-	if result := <-Srv.Store.OAuth().GetApp(clientId); result.Err != nil {
+	if result := <-Srv.Store.OAuth().GetApp(authRequest.ClientId); result.Err != nil {
 		return "", result.Err
 	} else {
 		oauthApp = result.Data.(*model.OAuthApp)
 	}
 
-	if !oauthApp.IsValidRedirectURL(redirectUri) {
+	if !oauthApp.IsValidRedirectURL(authRequest.RedirectUri) {
 		return "", model.NewAppError("AllowOAuthAppAccessToUser", "api.oauth.allow_oauth.redirect_callback.app_error", nil, "", http.StatusBadRequest)
 	}
 
-	if responseType != model.AUTHCODE_RESPONSE_TYPE {
-		return redirectUri + "?error=unsupported_response_type&state=" + state, nil
+	if authRequest.ResponseType != model.AUTHCODE_RESPONSE_TYPE {
+		return authRequest.RedirectUri + "?error=unsupported_response_type&state=" + authRequest.State, nil
 	}
 
-	authData := &model.AuthData{UserId: userId, ClientId: clientId, CreateAt: model.GetMillis(), RedirectUri: redirectUri, State: state, Scope: scope}
-	authData.Code = model.HashPassword(fmt.Sprintf("%v:%v:%v:%v", clientId, redirectUri, authData.CreateAt, userId))
+	authData := &model.AuthData{UserId: userId, ClientId: authRequest.ClientId, CreateAt: model.GetMillis(), RedirectUri: authRequest.RedirectUri, State: authRequest.State, Scope: authRequest.Scope}
+	authData.Code = model.HashPassword(fmt.Sprintf("%v:%v:%v:%v", authRequest.ClientId, authRequest.RedirectUri, authData.CreateAt, userId))
 
 	// this saves the OAuth2 app as authorized
 	authorizedApp := model.Preference{
 		UserId:   userId,
 		Category: model.PREFERENCE_CATEGORY_AUTHORIZED_OAUTH_APP,
-		Name:     clientId,
-		Value:    scope,
+		Name:     authRequest.ClientId,
+		Value:    authRequest.Scope,
 	}
 
 	if result := <-Srv.Store.Preference().Save(&model.Preferences{authorizedApp}); result.Err != nil {
-		return redirectUri + "?error=server_error&state=" + state, nil
+		return authRequest.RedirectUri + "?error=server_error&state=" + authRequest.State, nil
 	}
 
 	if result := <-Srv.Store.OAuth().SaveAuthData(authData); result.Err != nil {
-		return redirectUri + "?error=server_error&state=" + state, nil
+		return authRequest.RedirectUri + "?error=server_error&state=" + authRequest.State, nil
 	}
 
-	return redirectUri + "?code=" + url.QueryEscape(authData.Code) + "&state=" + url.QueryEscape(authData.State), nil
+	return authRequest.RedirectUri + "?code=" + url.QueryEscape(authData.Code) + "&state=" + url.QueryEscape(authData.State), nil
 }
 
 func GetOAuthAccessToken(clientId, grantType, redirectUri, code, secret, refreshToken string) (*model.AccessResponse, *model.AppError) {
-- 
cgit v1.2.3-1-g7c22