Also delete the app in token revokation.

author: default <nobody@localhost> 2023-04-10 09:21:14 +0200
committer: default <nobody@localhost> 2023-04-10 09:21:14 +0200
commit: 429be774d2bdcc64297a485aee78078f9baa3350 (patch)
tree: f89923fc0ab5c981005e1b2f195affe52d78cf22 /mastoapi.c
parent: 74098ec443b479ce751c28d875c53ec274fcc3a4 (diff)
1 files changed, 30 insertions, 0 deletions
diff --git a/mastoapi.c b/mastoapi.c
index 3b0ccbd..35099e1 100644
--- a/mastoapi.c
+++ b/mastoapi.c
@@ -34,6 +34,9 @@ static xs_str *random_str(void)
 int app_add(const char *id, const xs_dict *app)
 /* stores an app */
 {
+    if (!xs_is_hex(id))
+        return 500;
+
     int status = 201;
     xs *fn     = xs_fmt("%s/app/", srv_basedir);
     FILE *f;
@@ -57,6 +60,9 @@ int app_add(const char *id, const xs_dict *app)
 xs_dict *app_get(const char *id)
 /* gets an app */
 {
+    if (!xs_is_hex(id))
+        return NULL;
+
     xs *fn       = xs_fmt("%s/app/%s.json", srv_basedir, id);
     xs_dict *app = NULL;
     FILE *f;
@@ -72,9 +78,24 @@ xs_dict *app_get(const char *id)
 }
 
 
+int app_del(const char *id)
+/* deletes an app */
+{
+    if (!xs_is_hex(id))
+        return -1;
+
+    xs *fn = xs_fmt("%s/app/%s.json", srv_basedir, id);
+
+    return unlink(fn);
+}
+
+
 int token_add(const char *id, const xs_dict *token)
 /* stores a token */
 {
+    if (!xs_is_hex(id))
+        return 500;
+
     int status = 201;
     xs *fn     = xs_fmt("%s/token/", srv_basedir);
     FILE *f;
@@ -98,6 +119,9 @@ int token_add(const char *id, const xs_dict *token)
 xs_dict *token_get(const char *id)
 /* gets a token */
 {
+    if (!xs_is_hex(id))
+        return NULL;
+
     xs *fn         = xs_fmt("%s/token/%s.json", srv_basedir, id);
     xs_dict *token = NULL;
     FILE *f;
@@ -116,6 +140,9 @@ xs_dict *token_get(const char *id)
 int token_del(const char *id)
 /* deletes a token */
 {
+    if (!xs_is_hex(id))
+        return -1;
+
     xs *fn = xs_fmt("%s/token/%s.json", srv_basedir, id);
 
     return unlink(fn);
@@ -324,6 +351,9 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
                 token_del(tokid);
                 srv_debug(0, xs_fmt("oauth revoke: revoked token %s", tokid));
                 status = 200;
+
+                /* also delete the app, as it serves no purpose from now on */
+                app_del(cid);
             }
         }
         else {
author	default <nobody@localhost>	2023-04-10 09:21:14 +0200
committer	default <nobody@localhost>	2023-04-10 09:21:14 +0200
commit	429be774d2bdcc64297a485aee78078f9baa3350 (patch)
tree	f89923fc0ab5c981005e1b2f195affe52d78cf22 /mastoapi.c
parent	74098ec443b479ce751c28d875c53ec274fcc3a4 (diff)