OAuth: Add client_credentials flow

2019-04-10 07:59:58 +02:00 · 2019-04-10 07:59:58 +02:00 · 3adde01eba
parent dcdff1846c
commit 3adde01eba
1 changed files with 24 additions and 0 deletions
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@ -181,6 +181,9 @@ defmodule Pleroma.Web.OAuth.OAuthController do
    end
  end

+  # Is this function even ever used?
+  # def token_exchange(conn, %{"grant_type" => "password"} = params)
+  # should have grabbed it already
  def token_exchange(
        conn,
        %{"grant_type" => "password", "name" => name, "password" => _password} = params
@ -193,6 +196,27 @@ defmodule Pleroma.Web.OAuth.OAuthController do
    token_exchange(conn, params)
  end

+  def token_exchange(conn, %{"grant_type" => "client_credentials"} = params) do
+    with %App{} = app <- get_app_from_request(conn, params),
+         {:ok, auth} <- Authorization.create_authorization(app, %User{}, scopes),
+         {:ok, token} <- Token.exchange_token(app, auth) do
+      response = %{
+        token_type: "Bearer",
+        access_token: token.token,
+        refresh_token: token.refresh_token,
+        created_at: DateTime.to_unix(inserted_at),
+        expires_in: 60 * 10,
+        scope: Enum.join(token.scopes, " ")
+      }
+
+      json(conn, response)
+    else
+      _error ->
+        put_status(conn, 400)
+        |> json(%{error: "Invalid credentials"})
+    end
+  end
+
  def token_revoke(conn, %{"token" => token} = params) do
    with %App{} = app <- get_app_from_request(conn, params),
         %Token{} = token <- Repo.get_by(Token, token: token, app_id: app.id),