Tigthen permissions + implement mocks for OAuth testing
* We are testing the OAuth final step
This commit is contained in:
parent
d9b0013329
commit
5282b5cabb
|
|
@ -1,2 +1,3 @@
|
||||||
.*.swp
|
.*.swp
|
||||||
|
*.mock
|
||||||
config/config.php
|
config/config.php
|
||||||
|
|
|
||||||
|
|
@ -10,7 +10,7 @@ if ($instance === false) {
|
||||||
$app_name = conf('app_name', 'RealFan');
|
$app_name = conf('app_name', 'RealFan');
|
||||||
$site_name = conf('site_name', HOST_DEV);
|
$site_name = conf('site_name', HOST_DEV);
|
||||||
$redirect_uris = conf('site_name', HOST_DEV).'/signup/mastodon:oauth';
|
$redirect_uris = conf('site_name', HOST_DEV).'/signup/mastodon:oauth';
|
||||||
$scopes = 'read write';
|
$scopes = 'read:accounts write';
|
||||||
|
|
||||||
# create the Authorization App
|
# create the Authorization App
|
||||||
$ch = curl_init($instance.'/api/v1/apps');
|
$ch = curl_init($instance.'/api/v1/apps');
|
||||||
|
|
|
||||||
|
|
@ -1,11 +1,37 @@
|
||||||
<?php
|
<?php
|
||||||
|
|
||||||
|
# TODO: uncomment when done
|
||||||
|
if (false) {
|
||||||
$payload_fil = '/tmp/oauth-'.$ID;
|
$payload_fil = '/tmp/oauth-'.$ID;
|
||||||
if (!file_exists($payload_fil)) {
|
if (!file_exists($payload_fil)) {
|
||||||
header('Location: /signup'); die;
|
header('Location: /signup'); die;
|
||||||
}
|
}
|
||||||
|
|
||||||
$payload = json_decode(file_get_contents($payload_fil));
|
$payload = json_decode(file_get_contents($payload_fil));
|
||||||
|
$ch = curl_init($payload->instance.'/oauth/token');
|
||||||
|
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
|
||||||
|
curl_setopt($ch, CURLOPT_POSTFIELDS, [
|
||||||
|
'client_id' => $payload->result->client_id,
|
||||||
|
'client_secret' => $payload->result->client_secret,
|
||||||
|
'redirect_uri' => $payload->result->redirect_uri.'?id='.$ID,
|
||||||
|
'grant_type' => 'authorization_code',
|
||||||
|
'code' => $code
|
||||||
|
]);
|
||||||
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||||
|
$auth = curl_exec($ch);
|
||||||
|
curl_close($ch);
|
||||||
|
|
||||||
|
$auth = @json_decode($output);
|
||||||
|
}
|
||||||
|
|
||||||
|
# TODO: remove mock when done
|
||||||
|
$payload = json_decode(file_get_contents('/src/mock-payload.mock'));
|
||||||
|
$auth = json_decode(file_get_contents('/src/mock-auth.mock'));
|
||||||
|
|
||||||
|
$output = mastodon_get($payload->instance,
|
||||||
|
'/api/v1/accounts/verify_credentials', $auth->access_token);
|
||||||
|
|
||||||
|
var_dump($output);
|
||||||
|
echo '<br><br>';
|
||||||
var_dump($payload);
|
var_dump($payload);
|
||||||
var_dump($code);
|
|
||||||
die;
|
die;
|
||||||
|
|
|
||||||
|
|
@ -70,3 +70,12 @@ function resolve_instance($txt) {
|
||||||
return 'https://'.$name;
|
return 'https://'.$name;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
function mastodon_get($instance, $path, $token) {
|
||||||
|
$ch = curl_init($instance.$path);
|
||||||
|
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: Bearer '.$token]);
|
||||||
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||||
|
$output = curl_exec($ch);
|
||||||
|
curl_close($ch);
|
||||||
|
return @json_decode($output);
|
||||||
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue