jonny/jonnybarnes.uk
1
0
Fork 0
Code Issues 5 Pull requests Projects Releases 5 Packages Wiki Activity Actions

Store scope data correctly

Browse source 
I was using the key `scopes` instead of `scope`
This commit is contained in:
Jonny Barnes 2024-06-30 11:13:27 +01:00
parent 06c5d811be
commit 3cf11b0d72
Signed by: jonny
SSH key fingerprint: SHA256:CTuSlns5U7qlD9jqHvtnVmfYV3Zwl2Z7WnJ4/dqOaL8
2 changed files with 20 additions and 31 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
app/Http/Controllers/IndieAuthController.php
View file

@ -104,7 +104,7 @@ class IndieAuthController extends Controller
'client_id' => $request->get('client_id'), 'client_id' => $request->get('client_id'),
'redirect_uri' => $request->get('redirect_uri'), 'redirect_uri' => $request->get('redirect_uri'),
'auth_code' => $authCode, 'auth_code' => $authCode,
'scopes' => $request->get('scopes', ''), 'scope' => $request->get('scope', ''),
]; ];
Cache::put($cacheKey, $indieAuthRequestData, now()->addMinutes(10)); Cache::put($cacheKey, $indieAuthRequestData, now()->addMinutes(10));
@ -116,11 +116,6 @@ class IndieAuthController extends Controller
'iss' => config('app.url'), 'iss' => config('app.url'),
]); ]);
// For now just dump URL scheme
// return response()->json([
// 'redirect_uri' => $redirectUri,
// ]);
return redirect()->away($redirectUri); return redirect()->away($redirectUri);
} }
@ -160,7 +155,7 @@ class IndieAuthController extends Controller
return $indieAuthData; return $indieAuthData;
} }
if ($indieAuthData['scopes'] === '') { if ($indieAuthData['scope'] === '') {
return response()->json(['errors' => [ return response()->json(['errors' => [
'scope' => [ 'scope' => [
'The scope property must be non-empty for an access token to be issued.', 'The scope property must be non-empty for an access token to be issued.',
@ -171,7 +166,7 @@ class IndieAuthController extends Controller
$tokenData = [ $tokenData = [
'me' => config('app.url'), 'me' => config('app.url'),
'client_id' => $request->get('client_id'), 'client_id' => $request->get('client_id'),
'scope' => $indieAuthData['scopes'], 'scope' => $indieAuthData['scope'],
]; ];
$tokenService = resolve(TokenService::class); $tokenService = resolve(TokenService::class);
$token = $tokenService->getNewToken($tokenData); $token = $tokenService->getNewToken($tokenData);
@ -179,7 +174,7 @@ class IndieAuthController extends Controller
return response()->json([ return response()->json([
'access_token' => $token, 'access_token' => $token,
'token_type' => 'Bearer', 'token_type' => 'Bearer',
'scope' => $indieAuthData['scopes'], 'scope' => $indieAuthData['scope'],
'me' => config('app.url'), 'me' => config('app.url'),
]); ]);
} }
@ -189,16 +184,12 @@ class IndieAuthController extends Controller
// If client_id is not a valid URL, then it's not valid // If client_id is not a valid URL, then it's not valid
$clientIdParsed = \Mf2\parseUriToComponents($clientId); $clientIdParsed = \Mf2\parseUriToComponents($clientId);
if (! isset($clientIdParsed['authority'])) { if (! isset($clientIdParsed['authority'])) {
ray($clientIdParsed);
return false; return false;
} }
// If redirect_uri is not a valid URL, then it's not valid // If redirect_uri is not a valid URL, then it's not valid
$redirectUriParsed = \Mf2\parseUriToComponents($redirectUri); $redirectUriParsed = \Mf2\parseUriToComponents($redirectUri);
if (! isset($redirectUriParsed['authority'])) { if (! isset($redirectUriParsed['authority'])) {
ray($redirectUriParsed);
return false; return false;
} }
@ -212,9 +203,7 @@ class IndieAuthController extends Controller
try { try {
$clientInfo = $guzzle->get($clientId); $clientInfo = $guzzle->get($clientId);
} catch (Exception $e) { } catch (Exception) {
ray('Failed to fetch client info', $e->getMessage());
return false; return false;
} }

30
tests/Feature/IndieAuthTest.php
View file

@ -45,7 +45,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback', 'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -68,7 +68,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback', 'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -89,7 +89,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback', 'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -110,7 +110,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback', 'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -131,7 +131,7 @@ class IndieAuthTest extends TestCase
'me' => 'https://example.com', 'me' => 'https://example.com',
'redirect_uri' => 'https://app.example.com/callback', 'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -152,7 +152,7 @@ class IndieAuthTest extends TestCase
'me' => 'https://example.com', 'me' => 'https://example.com',
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -173,7 +173,7 @@ class IndieAuthTest extends TestCase
'me' => 'https://example.com', 'me' => 'https://example.com',
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback', 'redirect_uri' => 'https://app.example.com/callback',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -195,7 +195,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback', 'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -216,7 +216,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback', 'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
]); ]);
@ -237,7 +237,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'https://app.example.com/callback', 'redirect_uri' => 'https://app.example.com/callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'invalid_value', 'code_challenge_method' => 'invalid_value',
]); ]);
@ -283,7 +283,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'example-app://callback', 'redirect_uri' => 'example-app://callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -327,7 +327,7 @@ class IndieAuthTest extends TestCase
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'example-app://callback', 'redirect_uri' => 'example-app://callback',
'state' => '123456', 'state' => '123456',
'scopes' => 'create update delete', 'scope' => 'create update delete',
'code_challenge' => '123456', 'code_challenge' => '123456',
'code_challenge_method' => 'S256', 'code_challenge_method' => 'S256',
]); ]);
@ -611,7 +611,7 @@ class IndieAuthTest extends TestCase
hash('sha256', 'abc123def', true), hash('sha256', 'abc123def', true),
SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
), ),
'scopes' => '', 'scope' => '',
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'example-app://callback', 'redirect_uri' => 'example-app://callback',
]); ]);
@ -646,7 +646,7 @@ class IndieAuthTest extends TestCase
hash('sha256', 'abc123def', true), hash('sha256', 'abc123def', true),
SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
), ),
'scopes' => 'create update', 'scope' => 'create update',
'client_id' => 'https://app.example.invalid', 'client_id' => 'https://app.example.invalid',
'redirect_uri' => 'example-app://callback', 'redirect_uri' => 'example-app://callback',
]); ]);
@ -681,7 +681,7 @@ class IndieAuthTest extends TestCase
hash('sha256', 'abc123def', true), hash('sha256', 'abc123def', true),
SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING
), ),
'scopes' => 'create update', 'scope' => 'create update',
'client_id' => 'https://app.example.com', 'client_id' => 'https://app.example.com',
'redirect_uri' => 'example-app://callback', 'redirect_uri' => 'example-app://callback',
]); ]);