From 3cf11b0d72da909afb3d7290d3995b0d17777437 Mon Sep 17 00:00:00 2001 From: Jonny Barnes Date: Sun, 30 Jun 2024 11:13:27 +0100 Subject: [PATCH] Store scope data correctly I was using the key `scopes` instead of `scope` --- app/Http/Controllers/IndieAuthController.php | 21 ++++---------- tests/Feature/IndieAuthTest.php | 30 ++++++++++---------- 2 files changed, 20 insertions(+), 31 deletions(-) diff --git a/app/Http/Controllers/IndieAuthController.php b/app/Http/Controllers/IndieAuthController.php index 90e3e44f..c56fc59d 100644 --- a/app/Http/Controllers/IndieAuthController.php +++ b/app/Http/Controllers/IndieAuthController.php @@ -104,7 +104,7 @@ class IndieAuthController extends Controller 'client_id' => $request->get('client_id'), 'redirect_uri' => $request->get('redirect_uri'), 'auth_code' => $authCode, - 'scopes' => $request->get('scopes', ''), + 'scope' => $request->get('scope', ''), ]; Cache::put($cacheKey, $indieAuthRequestData, now()->addMinutes(10)); @@ -116,11 +116,6 @@ class IndieAuthController extends Controller 'iss' => config('app.url'), ]); - // For now just dump URL scheme - // return response()->json([ - // 'redirect_uri' => $redirectUri, - // ]); - return redirect()->away($redirectUri); } @@ -160,7 +155,7 @@ class IndieAuthController extends Controller return $indieAuthData; } - if ($indieAuthData['scopes'] === '') { + if ($indieAuthData['scope'] === '') { return response()->json(['errors' => [ 'scope' => [ 'The scope property must be non-empty for an access token to be issued.', @@ -171,7 +166,7 @@ class IndieAuthController extends Controller $tokenData = [ 'me' => config('app.url'), 'client_id' => $request->get('client_id'), - 'scope' => $indieAuthData['scopes'], + 'scope' => $indieAuthData['scope'], ]; $tokenService = resolve(TokenService::class); $token = $tokenService->getNewToken($tokenData); @@ -179,7 +174,7 @@ class IndieAuthController extends Controller return response()->json([ 'access_token' => $token, 'token_type' => 'Bearer', - 'scope' => $indieAuthData['scopes'], + 'scope' => $indieAuthData['scope'], 'me' => config('app.url'), ]); } @@ -189,16 +184,12 @@ class IndieAuthController extends Controller // If client_id is not a valid URL, then it's not valid $clientIdParsed = \Mf2\parseUriToComponents($clientId); if (! isset($clientIdParsed['authority'])) { - ray($clientIdParsed); - return false; } // If redirect_uri is not a valid URL, then it's not valid $redirectUriParsed = \Mf2\parseUriToComponents($redirectUri); if (! isset($redirectUriParsed['authority'])) { - ray($redirectUriParsed); - return false; } @@ -212,9 +203,7 @@ class IndieAuthController extends Controller try { $clientInfo = $guzzle->get($clientId); - } catch (Exception $e) { - ray('Failed to fetch client info', $e->getMessage()); - + } catch (Exception) { return false; } diff --git a/tests/Feature/IndieAuthTest.php b/tests/Feature/IndieAuthTest.php index 39d90cd3..20c388b7 100644 --- a/tests/Feature/IndieAuthTest.php +++ b/tests/Feature/IndieAuthTest.php @@ -45,7 +45,7 @@ class IndieAuthTest extends TestCase 'client_id' => 'https://app.example.com', 'redirect_uri' => 'https://app.example.com/callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'S256', ]); @@ -68,7 +68,7 @@ class IndieAuthTest extends TestCase 'client_id' => 'https://app.example.com', 'redirect_uri' => 'https://app.example.com/callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'S256', ]); @@ -89,7 +89,7 @@ class IndieAuthTest extends TestCase 'client_id' => 'https://app.example.com', 'redirect_uri' => 'https://app.example.com/callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'S256', ]); @@ -110,7 +110,7 @@ class IndieAuthTest extends TestCase 'client_id' => 'https://app.example.com', 'redirect_uri' => 'https://app.example.com/callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'S256', ]); @@ -131,7 +131,7 @@ class IndieAuthTest extends TestCase 'me' => 'https://example.com', 'redirect_uri' => 'https://app.example.com/callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'S256', ]); @@ -152,7 +152,7 @@ class IndieAuthTest extends TestCase 'me' => 'https://example.com', 'client_id' => 'https://app.example.com', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'S256', ]); @@ -173,7 +173,7 @@ class IndieAuthTest extends TestCase 'me' => 'https://example.com', 'client_id' => 'https://app.example.com', 'redirect_uri' => 'https://app.example.com/callback', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'S256', ]); @@ -195,7 +195,7 @@ class IndieAuthTest extends TestCase 'client_id' => 'https://app.example.com', 'redirect_uri' => 'https://app.example.com/callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge_method' => 'S256', ]); @@ -216,7 +216,7 @@ class IndieAuthTest extends TestCase 'client_id' => 'https://app.example.com', 'redirect_uri' => 'https://app.example.com/callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', ]); @@ -237,7 +237,7 @@ class IndieAuthTest extends TestCase 'client_id' => 'https://app.example.com', 'redirect_uri' => 'https://app.example.com/callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'invalid_value', ]); @@ -283,7 +283,7 @@ class IndieAuthTest extends TestCase 'client_id' => 'https://app.example.com', 'redirect_uri' => 'example-app://callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'S256', ]); @@ -327,7 +327,7 @@ class IndieAuthTest extends TestCase 'client_id' => 'https://app.example.com', 'redirect_uri' => 'example-app://callback', 'state' => '123456', - 'scopes' => 'create update delete', + 'scope' => 'create update delete', 'code_challenge' => '123456', 'code_challenge_method' => 'S256', ]); @@ -611,7 +611,7 @@ class IndieAuthTest extends TestCase hash('sha256', 'abc123def', true), SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING ), - 'scopes' => '', + 'scope' => '', 'client_id' => 'https://app.example.com', 'redirect_uri' => 'example-app://callback', ]); @@ -646,7 +646,7 @@ class IndieAuthTest extends TestCase hash('sha256', 'abc123def', true), SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING ), - 'scopes' => 'create update', + 'scope' => 'create update', 'client_id' => 'https://app.example.invalid', 'redirect_uri' => 'example-app://callback', ]); @@ -681,7 +681,7 @@ class IndieAuthTest extends TestCase hash('sha256', 'abc123def', true), SODIUM_BASE64_VARIANT_URLSAFE_NO_PADDING ), - 'scopes' => 'create update', + 'scope' => 'create update', 'client_id' => 'https://app.example.com', 'redirect_uri' => 'example-app://callback', ]);