2021-11-25 14:53:32 +00:00
|
|
|
<?php require '/src/base.php' ?>
|
|
|
|
<?php
|
|
|
|
|
|
|
|
$instance = resolve_instance($_GET['instance'] ?? '');
|
|
|
|
if ($instance === false) {
|
2021-11-25 15:43:35 +00:00
|
|
|
hres_json(400, ERR, lr('error.instance_not_exists',
|
|
|
|
'Instance does not exist or is incorrect.'));
|
2021-11-25 14:53:32 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
$app_name = conf('app_name', 'RealFan');
|
2021-11-25 18:18:00 +00:00
|
|
|
$site_name = conf('site_name', HOST_DEV);
|
|
|
|
$redirect_uris = conf('site_name', HOST_DEV).'/signup/mastodon:oauth';
|
2021-11-25 14:53:32 +00:00
|
|
|
$scopes = 'read write';
|
|
|
|
|
|
|
|
# create the Authorization App
|
|
|
|
$ch = curl_init($instance.'/api/v1/apps');
|
|
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode([
|
|
|
|
'client_name' => $app_name,
|
|
|
|
'redirect_uris' => $redirect_uris,
|
|
|
|
'website' => $site_name,
|
|
|
|
'scopes' => $scopes,
|
|
|
|
]));
|
|
|
|
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
|
|
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
$result = curl_exec($ch);
|
|
|
|
curl_close($ch);
|
|
|
|
|
|
|
|
|
|
|
|
# result must be JSON
|
|
|
|
$result = @json_decode($result);
|
|
|
|
if ($result === null) {
|
2021-11-25 15:43:35 +00:00
|
|
|
hres_json(500, ERR, lr('error.instance_failed_or_not_mastodon',
|
|
|
|
'Instance failed to create an authorization App. Is it an instance?'));
|
2021-11-25 14:53:32 +00:00
|
|
|
}
|
|
|
|
|
2021-11-25 18:18:00 +00:00
|
|
|
# return authentication data
|
2021-11-25 19:01:30 +00:00
|
|
|
$payload = [
|
2021-11-25 18:18:00 +00:00
|
|
|
'instance' => $instance,
|
2021-11-25 19:01:30 +00:00
|
|
|
'result' => &$result,
|
2021-11-25 14:53:32 +00:00
|
|
|
'response_type' => 'code',
|
|
|
|
'scope' => $scopes
|
2021-11-25 19:01:30 +00:00
|
|
|
];
|
|
|
|
$ID = sha1($result->client_id.$result->client_secret);
|
|
|
|
file_put_contents('/tmp/oauth-'.$ID, json_encode($payload));
|
|
|
|
|
|
|
|
$payload['id'] = $ID;
|
|
|
|
unset($result->id);
|
|
|
|
unset($result->name);
|
|
|
|
unset($result->website);
|
|
|
|
unset($result->vapid_key);
|
|
|
|
unset($result->client_secret);
|
|
|
|
|
|
|
|
hres_json(200, OK, $payload);
|