Merge branch 'feature/add-oauth-tokens-endpoint' into 'develop'

Add OAuth tokens endpoint See merge request pleroma/pleroma!805
2019-02-18 04:02:41 +00:00 · 2019-02-18 04:02:41 +00:00 · 7456338ed3
parent c23bd05737 fd17a0cc9b
commit 7456338ed3
6 changed files with 109 additions and 1 deletions
--- a/lib/pleroma/web/oauth/token.ex
+++ b/lib/pleroma/web/oauth/token.ex
@ -47,9 +47,27 @@ defmodule Pleroma.Web.OAuth.Token do

  def delete_user_tokens(%User{id: user_id}) do
    from(
-      t in Pleroma.Web.OAuth.Token,
+      t in Token,
      where: t.user_id == ^user_id
    )
    |> Repo.delete_all()
  end
+
+  def delete_user_token(%User{id: user_id}, token_id) do
+    from(
+      t in Token,
+      where: t.user_id == ^user_id,
+      where: t.id == ^token_id
+    )
+    |> Repo.delete_all()
+  end
+
+  def get_user_tokens(%User{id: user_id}) do
+    from(
+      t in Token,
+      where: t.user_id == ^user_id
+    )
+    |> Repo.all()
+    |> Repo.preload(:app)
+  end
 end
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@ -392,6 +392,9 @@ defmodule Pleroma.Web.Router do
    get("/qvitter/mutes", TwitterAPI.Controller, :raw_empty_array)

    get("/externalprofile/show", TwitterAPI.Controller, :external_profile)
+
+    get("/oauth_tokens", TwitterAPI.Controller, :oauth_tokens)
+    delete("/oauth_tokens/:id", TwitterAPI.Controller, :revoke_token)
  end

  pipeline :ap_relay do
--- a/lib/pleroma/web/twitter_api/twitter_api_controller.ex
+++ b/lib/pleroma/web/twitter_api/twitter_api_controller.ex
@ -8,6 +8,10 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
  import Pleroma.Web.ControllerHelper, only: [json_response: 3]

  alias Ecto.Changeset
+  alias Pleroma.Web.TwitterAPI.{TwitterAPI, UserView, ActivityView, NotificationView, TokenView}
+  alias Pleroma.Web.CommonAPI
+  alias Pleroma.{Repo, Activity, Object, User, Notification}
+  alias Pleroma.Web.OAuth.Token
  alias Pleroma.Web.ActivityPub.ActivityPub
  alias Pleroma.Web.ActivityPub.Utils
  alias Pleroma.Web.CommonAPI
@ -545,6 +549,20 @@ defmodule Pleroma.Web.TwitterAPI.Controller do
    end
  end

+  def oauth_tokens(%{assigns: %{user: user}} = conn, _params) do
+    with oauth_tokens <- Token.get_user_tokens(user) do
+      conn
+      |> put_view(TokenView)
+      |> render("index.json", %{tokens: oauth_tokens})
+    end
+  end
+
+  def revoke_token(%{assigns: %{user: user}} = conn, %{"id" => id} = _params) do
+    Token.delete_user_token(user, id)
+
+    json_reply(conn, 201, "")
+  end
+
  def blocks(%{assigns: %{user: user}} = conn, _params) do
    with blocked_users <- User.blocked_users(user) do
      conn
--- a/lib/pleroma/web/twitter_api/views/token_view.ex
+++ b/lib/pleroma/web/twitter_api/views/token_view.ex
@ -0,0 +1,21 @@
+# Pleroma: A lightweight social networking server
+# Copyright © 2017-2019 Pleroma Authors <https://pleroma.social/>
+# SPDX-License-Identifier: AGPL-3.0-only
+
+defmodule Pleroma.Web.TwitterAPI.TokenView do
+  use Pleroma.Web, :view
+
+  def render("index.json", %{tokens: tokens}) do
+    tokens
+    |> render_many(Pleroma.Web.TwitterAPI.TokenView, "show.json")
+    |> Enum.filter(&Enum.any?/1)
+  end
+
+  def render("show.json", %{token: token_entry}) do
+    %{
+      id: token_entry.id,
+      valid_until: token_entry.valid_until,
+      app_name: token_entry.app.client_name
+    }
+  end
+end
--- a/test/support/factory.ex
+++ b/test/support/factory.ex
@ -227,4 +227,17 @@ defmodule Pleroma.Factory do
      unreachable_since: nil
    }
  end
+
+  def oauth_token_factory do
+    user = insert(:user)
+    oauth_app = insert(:oauth_app)
+
+    %Pleroma.Web.OAuth.Token{
+      token: :crypto.strong_rand_bytes(32) |> Base.url_encode64(),
+      refresh_token: :crypto.strong_rand_bytes(32) |> Base.url_encode64(),
+      user_id: user.id,
+      app_id: oauth_app.id,
+      valid_until: NaiveDateTime.add(NaiveDateTime.utc_now(), 60 * 10)
+    }
+  end
 end
--- a/test/web/twitter_api/twitter_api_controller_test.exs
+++ b/test/web/twitter_api/twitter_api_controller_test.exs
@ -13,6 +13,7 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
  alias Pleroma.Object
  alias Pleroma.Notification
  alias Pleroma.Web.ActivityPub.ActivityPub
+  alias Pleroma.Web.OAuth.Token
  alias Pleroma.Web.TwitterAPI.UserView
  alias Pleroma.Web.TwitterAPI.NotificationView
  alias Pleroma.Web.CommonAPI
@ -1915,4 +1916,38 @@ defmodule Pleroma.Web.TwitterAPI.ControllerTest do
               ActivityRepresenter.to_map(activity, %{user: user, for: user})
    end
  end
+
+  describe "GET /api/oauth_tokens" do
+    setup do
+      token = insert(:oauth_token) |> Repo.preload(:user)
+
+      %{token: token}
+    end
+
+    test "renders list", %{token: token} do
+      response =
+        build_conn()
+        |> assign(:user, token.user)
+        |> get("/api/oauth_tokens")
+
+      keys =
+        json_response(response, 200)
+        |> hd()
+        |> Map.keys()
+
+      assert keys -- ["id", "app_name", "valid_until"] == []
+    end
+
+    test "revoke token", %{token: token} do
+      response =
+        build_conn()
+        |> assign(:user, token.user)
+        |> delete("/api/oauth_tokens/#{token.id}")
+
+      tokens = Token.get_user_tokens(token.user)
+
+      assert tokens == []
+      assert response.status == 201
+    end
+  end
 end