From 2ecc79754108bb19986f6af36264ca7fda6d9a5f Mon Sep 17 00:00:00 2001 From: Michael Date: Sun, 22 Jan 2023 11:25:31 +0000 Subject: [PATCH 1/2] API: Show different ids on reshares / don't check for client secret --- src/Factory/Api/Mastodon/Status.php | 12 ++++++++++++ src/Module/OAuth/Token.php | 3 ++- 2 files changed, 14 insertions(+), 1 deletion(-) diff --git a/src/Factory/Api/Mastodon/Status.php b/src/Factory/Api/Mastodon/Status.php index 2e16660c7..b32a6c510 100644 --- a/src/Factory/Api/Mastodon/Status.php +++ b/src/Factory/Api/Mastodon/Status.php @@ -97,17 +97,29 @@ class Status extends BaseFactory throw new HTTPException\NotFoundException('Item with URI ID ' . $uriId . ' not found' . ($uid ? ' for user ' . $uid : '.')); } + $activity_fields = ['uri-id', 'thr-parent-id', 'uri', 'author-id', 'author-uri-id', 'author-link', 'app', 'created', 'network', 'parent-author-id', 'private']; + if (($item['gravity'] == Item::GRAVITY_ACTIVITY) && ($item['vid'] == Verb::getID(Activity::ANNOUNCE))) { $is_reshare = true; $account = $this->mstdnAccountFactory->createFromUriId($item['author-uri-id'], $uid); $uriId = $item['thr-parent-id']; + $activity = $item; $item = Post::selectFirst($fields, ['uri-id' => $uriId, 'uid' => [0, $uid]], ['order' => ['uid' => true]]); if (!$item) { throw new HTTPException\NotFoundException('Item with URI ID ' . $uriId . ' not found' . ($uid ? ' for user ' . $uid : '.')); } + foreach ($activity_fields as $field) { + $item[$field] = $activity[$field]; + } } else { $is_reshare = $reblog && !is_null($item['causer-uri-id']) && ($item['causer-id'] != $item['author-id']) && ($item['post-reason'] == Item::PR_ANNOUNCEMENT); $account = $this->mstdnAccountFactory->createFromUriId($is_reshare ? $item['causer-uri-id'] : $item['author-uri-id'], $uid); + if ($is_reshare) { + $activity = Post::selectFirstPost($activity_fields, ['thr-parent-id' => $item['uri-id'], 'author-id' => $item['causer-id'], 'verb' => Activity::ANNOUNCE]); + if ($activity) { + $item = array_merge($item, $activity); + } + } } $count_announce = Post::countPosts([ diff --git a/src/Module/OAuth/Token.php b/src/Module/OAuth/Token.php index 7481bf75f..2752c69a6 100644 --- a/src/Module/OAuth/Token.php +++ b/src/Module/OAuth/Token.php @@ -68,7 +68,8 @@ class Token extends BaseApi } } - if (empty($request['client_id']) || empty($request['client_secret'])) { + // "client_secret" is required for "client_credentials": https://www.oauth.com/oauth2-servers/access-tokens/client-credentials/ + if (empty($request['client_id']) || (($request['grant_type'] == 'client_credentials') && empty($request['client_secret']))) { Logger::warning('Incomplete request data', ['request' => $request]); DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Incomplete request data')); } From 5a01fb05219b5fc5f041fc029038b32b3cdfbc08 Mon Sep 17 00:00:00 2001 From: Michael Date: Mon, 23 Jan 2023 17:56:45 +0000 Subject: [PATCH 2/2] Don't show reblogged on single post --- src/Module/Api/Mastodon/Statuses.php | 2 +- src/Module/OAuth/Token.php | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/src/Module/Api/Mastodon/Statuses.php b/src/Module/Api/Mastodon/Statuses.php index 4c161193e..71681968d 100644 --- a/src/Module/Api/Mastodon/Statuses.php +++ b/src/Module/Api/Mastodon/Statuses.php @@ -295,7 +295,7 @@ class Statuses extends BaseApi DI::mstdnError()->UnprocessableEntity(); } - System::jsonExit(DI::mstdnStatus()->createFromUriId($this->parameters['id'], $uid)); + System::jsonExit(DI::mstdnStatus()->createFromUriId($this->parameters['id'], $uid, false)); } private function getApp(): string diff --git a/src/Module/OAuth/Token.php b/src/Module/OAuth/Token.php index 07f9bb8c6..ecb65048d 100644 --- a/src/Module/OAuth/Token.php +++ b/src/Module/OAuth/Token.php @@ -71,8 +71,7 @@ class Token extends BaseApi } } - // "client_secret" is required for "client_credentials": https://www.oauth.com/oauth2-servers/access-tokens/client-credentials/ - if (empty($request['client_id']) || (($request['grant_type'] == 'client_credentials') && empty($request['client_secret']))) { + if (empty($request['client_id']) || empty($request['client_secret'])) { Logger::warning('Incomplete request data', ['request' => $request]); DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Incomplete request data')); }