diff --git a/.gitignore b/.gitignore
index 522fc4d..4a9937a 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,3 @@
.*.swp
+*.mock
config/config.php
diff --git a/public/api/signup/mastodon/get_client.php b/public/api/signup/mastodon/get_client.php
index 2a4d7e3..7813cf2 100644
--- a/public/api/signup/mastodon/get_client.php
+++ b/public/api/signup/mastodon/get_client.php
@@ -10,7 +10,7 @@ if ($instance === false) {
$app_name = conf('app_name', 'RealFan');
$site_name = conf('site_name', HOST_DEV);
$redirect_uris = conf('site_name', HOST_DEV).'/signup/mastodon:oauth';
-$scopes = 'read write';
+$scopes = 'read:accounts write';
# create the Authorization App
$ch = curl_init($instance.'/api/v1/apps');
diff --git a/src/action/oauth/mastodon.php b/src/action/oauth/mastodon.php
index 9eb2594..899dc3c 100644
--- a/src/action/oauth/mastodon.php
+++ b/src/action/oauth/mastodon.php
@@ -1,11 +1,37 @@
instance.'/oauth/token');
+curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
+curl_setopt($ch, CURLOPT_POSTFIELDS, [
+ 'client_id' => $payload->result->client_id,
+ 'client_secret' => $payload->result->client_secret,
+ 'redirect_uri' => $payload->result->redirect_uri.'?id='.$ID,
+ 'grant_type' => 'authorization_code',
+ 'code' => $code
+]);
+curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+$auth = curl_exec($ch);
+curl_close($ch);
+
+$auth = @json_decode($output);
+}
+
+# TODO: remove mock when done
+$payload = json_decode(file_get_contents('/src/mock-payload.mock'));
+$auth = json_decode(file_get_contents('/src/mock-auth.mock'));
+
+$output = mastodon_get($payload->instance,
+ '/api/v1/accounts/verify_credentials', $auth->access_token);
+
+var_dump($output);
+echo '
';
var_dump($payload);
-var_dump($code);
die;
diff --git a/src/base.methods.php b/src/base.methods.php
index 918be55..34528d1 100644
--- a/src/base.methods.php
+++ b/src/base.methods.php
@@ -70,3 +70,12 @@ function resolve_instance($txt) {
return 'https://'.$name;
}
+function mastodon_get($instance, $path, $token) {
+ $ch = curl_init($instance.$path);
+ curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: Bearer '.$token]);
+ curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
+ $output = curl_exec($ch);
+ curl_close($ch);
+ return @json_decode($output);
+}
+