From d9b00133293c05d477e37bb20c892bb8c8370799 Mon Sep 17 00:00:00 2001 From: Bastard Operator Date: Thu, 25 Nov 2021 20:01:30 +0100 Subject: [PATCH] Half-implemented OAuth system for Mastodon --- public/api/signup/mastodon/get_client.php | 17 +++++-- public/signup/index.php | 54 ++++++++++++++++++++++- src/action/oauth/mastodon.php | 11 +++++ src/js/api.php | 39 ++++++++++++++++ 4 files changed, 116 insertions(+), 5 deletions(-) create mode 100644 src/action/oauth/mastodon.php create mode 100644 src/js/api.php diff --git a/public/api/signup/mastodon/get_client.php b/public/api/signup/mastodon/get_client.php index 73242e5..2a4d7e3 100644 --- a/public/api/signup/mastodon/get_client.php +++ b/public/api/signup/mastodon/get_client.php @@ -34,9 +34,20 @@ if ($result === null) { } # return authentication data -hres_json(200, OK, [ +$payload = [ 'instance' => $instance, - 'result' => $result, + 'result' => &$result, 'response_type' => 'code', 'scope' => $scopes -]); +]; +$ID = sha1($result->client_id.$result->client_secret); +file_put_contents('/tmp/oauth-'.$ID, json_encode($payload)); + +$payload['id'] = $ID; +unset($result->id); +unset($result->name); +unset($result->website); +unset($result->vapid_key); +unset($result->client_secret); + +hres_json(200, OK, $payload); diff --git a/public/signup/index.php b/public/signup/index.php index ba16a0c..b520102 100644 --- a/public/signup/index.php +++ b/public/signup/index.php @@ -1,6 +1,7 @@ +
SIGNUP: +
+FUNCTION:
+ + + diff --git a/src/action/oauth/mastodon.php b/src/action/oauth/mastodon.php new file mode 100644 index 0000000..9eb2594 --- /dev/null +++ b/src/action/oauth/mastodon.php @@ -0,0 +1,11 @@ + +const http = { + request: function(method, path, payload, callbk) { + payload = payload || null; + callbk = callbk || null; + const oReq = new XMLHttpRequest(); + oReq.addEventListener("load", function() { if (callbk) callbk(this.responseText) }); + oReq.open(method, path); + oReq.setRequestHeader('Content-Type', 'application/json'); + oReq.send(payload); + }, + get: function(path, payload, callbk) { + return http.request('GET', path, payload, callbk); + }, + post: function(path, payload, callbk) { + return http.request('POST', path, payload, callbk); + } +}; + +const API = { + mastodon: { + registerInstance: function(instance) { + http.get('/api/signup/mastodon/get_client.php?instance='+encodeURIComponent(instance), {}, function(data) + { + data = JSON.parse(data); + if (data.status === 'err') { + alert(data.message); + return; + } + + const res = data.message; + const oauthUrl = res.instance+'/oauth/authorize?client_id='+encodeURIComponent(res.result.client_id)+'&redirect_uri='+encodeURIComponent(res.result.redirect_uri+'?id='+res.id)+'&response_type='+encodeURIComponent(res.response_type)+'&scope='+encodeURIComponent(res.scope); + localStorage['auth_data'] = JSON.stringify(res); + document.location.href = oauthUrl; + }); + } + } +} +