Force failure in Mastodon API before it gets to a crash-on-startup situation.

author: default <nobody@localhost> 2023-04-15 18:14:24 +0200
committer: default <nobody@localhost> 2023-04-15 18:14:24 +0200
commit: 5ec593da2c64c70c8abe124a9f11fcf6d1ada6c0 (patch)
tree: a48fa40503a535de1b02dac3b6b6aadc2be23644 /mastoapi.c
parent: 512058bbc5fc02496110aa293240c64951e174f6 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/mastoapi.c b/mastoapi.c
index 8c2684c..9eaacb9 100644
--- a/mastoapi.c
+++ b/mastoapi.c
@@ -301,13 +301,17 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
     }
     else
     if (strcmp(cmd, "/token") == 0) {
+        xs *wrk = NULL;
         const char *gtype = xs_dict_get(args, "grant_type");
         const char *code  = xs_dict_get(args, "code");
         const char *cid   = xs_dict_get(args, "client_id");
         const char *csec  = xs_dict_get(args, "client_secret");
         const char *ruri  = xs_dict_get(args, "redirect_uri");
-        const char *scope = xs_dict_get(args, "scope");
-        xs *wrk = NULL;
+        /* FIXME: this 'scope' parameter is mandatory for the official Mastodon API,
+           but if it's enabled, it makes it crash after some more steps, which
+           is FAR WORSE */
+//        const char *scope = xs_dict_get(args, "scope");
+        const char *scope = NULL;
 
         /* no client_secret? check if it's inside an authorization header
            (AndStatus does it this way) */
author	default <nobody@localhost>	2023-04-15 18:14:24 +0200
committer	default <nobody@localhost>	2023-04-15 18:14:24 +0200
commit	5ec593da2c64c70c8abe124a9f11fcf6d1ada6c0 (patch)
tree	a48fa40503a535de1b02dac3b6b6aadc2be23644 /mastoapi.c
parent	512058bbc5fc02496110aa293240c64951e174f6 (diff)