Tigthen permissions + implement mocks for OAuth testing
* We are testing the OAuth final step
This commit is contained in:
parent
d9b0013329
commit
5282b5cabb
|
|
@ -1,2 +1,3 @@
|
|||
.*.swp
|
||||
*.mock
|
||||
config/config.php
|
||||
|
|
|
|||
|
|
@ -10,7 +10,7 @@ if ($instance === false) {
|
|||
$app_name = conf('app_name', 'RealFan');
|
||||
$site_name = conf('site_name', HOST_DEV);
|
||||
$redirect_uris = conf('site_name', HOST_DEV).'/signup/mastodon:oauth';
|
||||
$scopes = 'read write';
|
||||
$scopes = 'read:accounts write';
|
||||
|
||||
# create the Authorization App
|
||||
$ch = curl_init($instance.'/api/v1/apps');
|
||||
|
|
|
|||
|
|
@ -1,11 +1,37 @@
|
|||
<?php
|
||||
|
||||
# TODO: uncomment when done
|
||||
if (false) {
|
||||
$payload_fil = '/tmp/oauth-'.$ID;
|
||||
if (!file_exists($payload_fil)) {
|
||||
header('Location: /signup'); die;
|
||||
}
|
||||
|
||||
$payload = json_decode(file_get_contents($payload_fil));
|
||||
$ch = curl_init($payload->instance.'/oauth/token');
|
||||
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, "POST");
|
||||
curl_setopt($ch, CURLOPT_POSTFIELDS, [
|
||||
'client_id' => $payload->result->client_id,
|
||||
'client_secret' => $payload->result->client_secret,
|
||||
'redirect_uri' => $payload->result->redirect_uri.'?id='.$ID,
|
||||
'grant_type' => 'authorization_code',
|
||||
'code' => $code
|
||||
]);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
$auth = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
|
||||
$auth = @json_decode($output);
|
||||
}
|
||||
|
||||
# TODO: remove mock when done
|
||||
$payload = json_decode(file_get_contents('/src/mock-payload.mock'));
|
||||
$auth = json_decode(file_get_contents('/src/mock-auth.mock'));
|
||||
|
||||
$output = mastodon_get($payload->instance,
|
||||
'/api/v1/accounts/verify_credentials', $auth->access_token);
|
||||
|
||||
var_dump($output);
|
||||
echo '<br><br>';
|
||||
var_dump($payload);
|
||||
var_dump($code);
|
||||
die;
|
||||
|
|
|
|||
|
|
@ -70,3 +70,12 @@ function resolve_instance($txt) {
|
|||
return 'https://'.$name;
|
||||
}
|
||||
|
||||
function mastodon_get($instance, $path, $token) {
|
||||
$ch = curl_init($instance.$path);
|
||||
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Authorization: Bearer '.$token]);
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
$output = curl_exec($ch);
|
||||
curl_close($ch);
|
||||
return @json_decode($output);
|
||||
}
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue