1
1
Fork 0

API: Accept "redirect_uris" as both array and string

This commit is contained in:
Michael 2023-01-14 21:07:47 +00:00
parent 25ac99a098
commit af2a38c5b3
3 changed files with 13 additions and 6 deletions

View file

@ -70,10 +70,9 @@ class Error extends BaseFactory
System::jsonError(422, $errorObj->toArray()); System::jsonError(422, $errorObj->toArray());
} }
public function Unauthorized(string $error = '') public function Unauthorized(string $error = '', string $error_description = '')
{ {
$error = $error ?: $this->l10n->t('Unauthorized'); $error = $error ?: $this->l10n->t('Unauthorized');
$error_description = '';
$errorObj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description); $errorObj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
$this->logError(401, $error); $this->logError(401, $error);

View file

@ -44,6 +44,10 @@ class Apps extends BaseApi
*/ */
protected function post(array $request = []) protected function post(array $request = [])
{ {
if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) {
$request['redirect_uris'] = $request['redirect_uris'][0];
}
$request = $this->getRequest([ $request = $this->getRequest([
'client_name' => '', 'client_name' => '',
'redirect_uris' => '', 'redirect_uris' => '',
@ -58,6 +62,10 @@ class Apps extends BaseApi
if (!empty($postrequest) && is_array($postrequest)) { if (!empty($postrequest) && is_array($postrequest)) {
$request = array_merge($request, $postrequest); $request = array_merge($request, $postrequest);
} }
if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) {
$request['redirect_uris'] = $request['redirect_uris'][0];
}
} }
if (empty($request['client_name']) || empty($request['redirect_uris'])) { if (empty($request['client_name']) || empty($request['redirect_uris'])) {

View file

@ -32,7 +32,7 @@ use Friendica\Util\DateTimeFormat;
use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ResponseInterface;
/** /**
* @see https://docs.joinmastodon.org/spec/oauth/ * @see https://docs.joinmastodon.org/methods/oauth/#token
* @see https://aaronparecki.com/oauth-2-simplified/ * @see https://aaronparecki.com/oauth-2-simplified/
*/ */
class Token extends BaseApi class Token extends BaseApi
@ -69,13 +69,13 @@ class Token extends BaseApi
} }
if (empty($request['client_id']) || empty($request['client_secret'])) { if (empty($request['client_id']) || empty($request['client_secret'])) {
Logger::warning('Incomplete request data', ['request' => $_REQUEST]); Logger::warning('Incomplete request data', ['request' => $request]);
DI::mstdnError()->UnprocessableEntity(DI::l10n()->t('Incomplete request data')); DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Incomplete request data'));
} }
$application = OAuth::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']); $application = OAuth::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']);
if (empty($application)) { if (empty($application)) {
DI::mstdnError()->UnprocessableEntity(); DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Invalid data or unknown client'));
} }
if ($request['grant_type'] == 'client_credentials') { if ($request['grant_type'] == 'client_credentials') {