From 47e9aa6338f98519cb677630b8c7f0ee101d1723 Mon Sep 17 00:00:00 2001 From: Michael Date: Fri, 17 Dec 2021 15:25:04 +0000 Subject: [PATCH] API: Fix for OAuth endpoints that mustn't be authorized --- src/Module/Api/Mastodon/Apps.php | 1 + src/Module/OAuth/Acknowledge.php | 6 ++++++ src/Module/OAuth/Revoke.php | 6 ++++++ src/Module/OAuth/Token.php | 6 ++++++ 4 files changed, 19 insertions(+) diff --git a/src/Module/Api/Mastodon/Apps.php b/src/Module/Api/Mastodon/Apps.php index 582232642a..c1e6a222d5 100644 --- a/src/Module/Api/Mastodon/Apps.php +++ b/src/Module/Api/Mastodon/Apps.php @@ -37,6 +37,7 @@ class Apps extends BaseApi { return parent::run($request, false); } + /** * @throws \Friendica\Network\HTTPException\InternalServerErrorException */ diff --git a/src/Module/OAuth/Acknowledge.php b/src/Module/OAuth/Acknowledge.php index 477d3dfcf3..b06fa9f230 100644 --- a/src/Module/OAuth/Acknowledge.php +++ b/src/Module/OAuth/Acknowledge.php @@ -24,12 +24,18 @@ namespace Friendica\Module\OAuth; use Friendica\Core\Renderer; use Friendica\DI; use Friendica\Module\BaseApi; +use Psr\Http\Message\ResponseInterface; /** * Acknowledgement of OAuth requests */ class Acknowledge extends BaseApi { + public function run(array $request = [], bool $scopecheck = true): ResponseInterface + { + return parent::run($request, false); + } + protected function post(array $request = []) { DI::session()->set('oauth_acknowledge', true); diff --git a/src/Module/OAuth/Revoke.php b/src/Module/OAuth/Revoke.php index 86bc01ced4..525fdd97e7 100644 --- a/src/Module/OAuth/Revoke.php +++ b/src/Module/OAuth/Revoke.php @@ -26,12 +26,18 @@ use Friendica\Core\System; use Friendica\Database\DBA; use Friendica\DI; use Friendica\Module\BaseApi; +use Psr\Http\Message\ResponseInterface; /** * @see https://docs.joinmastodon.org/spec/oauth/ */ class Revoke extends BaseApi { + public function run(array $request = [], bool $scopecheck = true): ResponseInterface + { + return parent::run($request, false); + } + protected function post(array $request = []) { $request = $this->getRequest([ diff --git a/src/Module/OAuth/Token.php b/src/Module/OAuth/Token.php index efd4000f67..1790b887d9 100644 --- a/src/Module/OAuth/Token.php +++ b/src/Module/OAuth/Token.php @@ -28,6 +28,7 @@ use Friendica\DI; use Friendica\Module\BaseApi; use Friendica\Security\OAuth; use Friendica\Util\DateTimeFormat; +use Psr\Http\Message\ResponseInterface; /** * @see https://docs.joinmastodon.org/spec/oauth/ @@ -35,6 +36,11 @@ use Friendica\Util\DateTimeFormat; */ class Token extends BaseApi { + public function run(array $request = [], bool $scopecheck = true): ResponseInterface + { + return parent::run($request, false); + } + protected function post(array $request = []) { $request = $this->getRequest([