Tigthen permissions + implement mocks for OAuth testing

* We are testing the OAuth final step
master
Bofh 1 year ago
parent d9b0013329
commit 5282b5cabb

1
.gitignore vendored

@ -1,2 +1,3 @@
.*.swp
*.mock
config/config.php

@ -10,7 +10,7 @@ if ($instance === false) {
$app_name = conf('app_name', 'RealFan');
$site_name = conf('site_name', HOST_DEV);
$redirect_uris = conf('site_name', HOST_DEV).'/signup/mastodon:oauth';
$scopes = 'read write';
$scopes = 'read:accounts write';
# create the Authorization App
$ch = curl_init($instance.'/api/v1/apps');

@ -1,11 +1,37 @@
<?php
# TODO: uncomment when done
if (false) {
$payload_fil = '/tmp/oauth-'.$ID;
if (!file_exists($payload_fil)) {
header('Location: /signup'); die;
}
$payload = json_decode(file_get_contents($payload_fil));
$ch = curl_init($payload->instance.'/oauth/token');
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
curl_setopt($ch, CURLOPT_POSTFIELDS, [
'client_id' => $payload->result->client_id,
'client_secret' => $payload->result->client_secret,
'redirect_uri' => $payload->result->redirect_uri.'?id='.$ID,
'grant_type' => 'authorization_code',
'code' => $code
]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$auth = curl_exec($ch);
curl_close($ch);
$auth = @json_decode($output);
}
# TODO: remove mock when done
$payload = json_decode(file_get_contents('/src/mock-payload.mock'));
$auth = json_decode(file_get_contents('/src/mock-auth.mock'));
$output = mastodon_get($payload->instance,
'/api/v1/accounts/verify_credentials', $auth->access_token);
var_dump($output);
echo '<br><br>';
var_dump($payload);
var_dump($code);
die;

@ -70,3 +70,12 @@ function resolve_instance($txt) {
return 'https://'.$name;
}
function mastodon_get($instance, $path, $token) {
$ch = curl_init($instance.$path);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: Bearer '.$token]);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$output = curl_exec($ch);
curl_close($ch);
return @json_decode($output);
}

Loading…
Cancel
Save