summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--httpd.c3
-rw-r--r--mastoapi.c109
-rw-r--r--snac.h12
3 files changed, 108 insertions, 16 deletions
diff --git a/httpd.c b/httpd.c
index 6d7b76e..d5de87c 100644
--- a/httpd.c
+++ b/httpd.c
@@ -180,6 +180,9 @@ void httpd_connection(FILE *f)
status = oauth_get_handler(req, q_path, &body, &b_size, &ctype);
if (status == 0)
+ status = mastoapi_get_handler(req, q_path, &body, &b_size, &ctype);
+
+ if (status == 0)
status = html_get_handler(req, q_path, &body, &b_size, &ctype);
}
else
diff --git a/mastoapi.c b/mastoapi.c
index 80a94af..ddf29a7 100644
--- a/mastoapi.c
+++ b/mastoapi.c
@@ -73,12 +73,14 @@ xs_dict *app_get(const char *id)
const char *login_page = ""
"<!DOCTYPE html>\n"
-"<body><h1>%s identify</h1>\n"
+"<body><h1>%s OAuth identify</h1>\n"
+"<div style=\"background-color: red; color: white\">%s</div>\n"
"<form method=\"post\" action=\"https:/" "/%s/oauth/x-snac-login\">\n"
"<p>Login: <input type=\"text\" name=\"login\"></p>\n"
"<p>Password: <input type=\"password\" name=\"passwd\"></p>\n"
"<input type=\"hidden\" name=\"redir\" value=\"%s\">\n"
"<input type=\"hidden\" name=\"cid\" value=\"%s\">\n"
+"<input type=\"submit\" value=\"OK\">\n"
"</form><p>%s</p></body>\n"
"";
@@ -90,13 +92,15 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
{
xs *j = xs_json_dumps_pp(req, 4);
- printf("oauth:\n%s\n", j);
+ printf("oauth get:\n%s\n", j);
}
int status = 404;
xs_dict *msg = xs_dict_get(req, "q_vars");
xs *cmd = xs_replace(q_path, "/oauth", "");
+ srv_debug(0, xs_fmt("oauth_get_handler %s", q_path));
+
if (strcmp(cmd, "/authorize") == 0) {
const char *cid = xs_dict_get(msg, "client_id");
const char *ruri = xs_dict_get(msg, "redirect_uri");
@@ -110,11 +114,17 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
if (app != NULL) {
const char *host = xs_dict_get(srv_config, "host");
- *body = xs_fmt(login_page, host, host, ruri, cid, USER_AGENT);
+ *body = xs_fmt(login_page, host, "", host, ruri, cid, USER_AGENT);
*ctype = "text/html";
status = 200;
+
+ srv_debug(0, xs_fmt("oauth authorize: generating login page"));
}
+ else
+ srv_debug(0, xs_fmt("oauth authorize: bad client_id %s", cid));
}
+ else
+ srv_debug(0, xs_fmt("oauth authorize: invalid or unset arguments"));
}
return status;
@@ -122,25 +132,70 @@ int oauth_get_handler(const xs_dict *req, const char *q_path,
int oauth_post_handler(const xs_dict *req, const char *q_path,
- const char *payload, int p_size,
- char **body, int *b_size, char **ctype)
+ const char *payload, int p_size,
+ char **body, int *b_size, char **ctype)
{
if (!xs_startswith(q_path, "/oauth/"))
return 0;
+ {
+ xs *j = xs_json_dumps_pp(req, 4);
+ printf("oauth post:\n%s\n", j);
+ }
+
int status = 404;
xs_dict *msg = xs_dict_get(req, "p_vars");
xs *cmd = xs_replace(q_path, "/oauth", "");
- printf("oauth: %s\n", q_path);
+ srv_debug(0, xs_fmt("oauth_post_handler %s", q_path));
+
+ if (strcmp(cmd, "/x-snac-login") == 0) {
+ const char *login = xs_dict_get(msg, "login");
+ const char *passwd = xs_dict_get(msg, "passwd");
+ const char *redir = xs_dict_get(msg, "redir");
+ const char *cid = xs_dict_get(msg, "cid");
+
+ const char *host = xs_dict_get(srv_config, "host");
+
+ /* by default, generate another login form with an error */
+ *body = xs_fmt(login_page, host, "LOGIN INCORRECT", host, redir, cid, USER_AGENT);
+ *ctype = "text/html";
+ status = 200;
+
+ if (login && passwd && redir && cid) {
+ snac snac;
+ if (user_open(&snac, login)) {
+ /* check the login + password */
+ if (check_password(login, passwd,
+ xs_dict_get(snac.config, "passwd"))) {
+ /* success! redirect to the desired uri */
+ xs *code = random_str();
+
+ xs_free(*body);
+ *body = xs_fmt("%s?code=%s", redir, code);
+ status = 303;
+
+ srv_debug(0, xs_fmt("oauth x-snac-login: redirect to %s", *body));
+ }
+ else
+ srv_debug(0, xs_fmt("oauth x-snac-login: login '%s' incorrect", login));
+
+ user_free(&snac);
+ }
+ else
+ srv_debug(0, xs_fmt("oauth x-snac-login: bad user '%s'", login));
+ }
+ else
+ srv_debug(0, xs_fmt("oauth x-snac-login: invalid or unset arguments"));
+ }
+ else
if (strcmp(cmd, "/token") == 0) {
const char *gtype = xs_dict_get(msg, "grant_type");
const char *code = xs_dict_get(msg, "code");
const char *cid = xs_dict_get(msg, "client_id");
const char *csec = xs_dict_get(msg, "client_secret");
const char *ruri = xs_dict_get(msg, "redirect_uri");
- const char *scope = xs_dict_get(msg, "scope");
if (gtype && code && cid && csec && ruri) {
xs *rsp = xs_dict_new();
@@ -149,15 +204,18 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
rsp = xs_dict_append(rsp, "access_token", token);
rsp = xs_dict_append(rsp, "token_type", "Bearer");
- rsp = xs_dict_append(rsp, "scope", scope);
rsp = xs_dict_append(rsp, "created_at", cat);
*body = xs_json_dumps_pp(rsp, 4);
*ctype = "application/json";
status = 200;
+
+ srv_debug(0, xs_fmt("oauth token: successful login, token %s", token));
}
- else
+ else {
+ srv_debug(0, xs_fmt("oauth token: invalid or unset arguments"));
status = 400;
+ }
}
else
if (strcmp(cmd, "/revoke") == 0) {
@@ -178,13 +236,42 @@ int oauth_post_handler(const xs_dict *req, const char *q_path,
}
+int mastoapi_get_handler(const xs_dict *req, const char *q_path,
+ char **body, int *b_size, char **ctype)
+{
+ if (!xs_startswith(q_path, "/api/v1/"))
+ return 0;
+
+ {
+ xs *j = xs_json_dumps_pp(req, 4);
+ printf("mastoapi get:\n%s\n", j);
+ }
+
+ int status = 404;
+ xs_dict *msg = xs_dict_get(req, "q_vars");
+ xs *cmd = xs_replace(q_path, "/api/v1", "");
+
+ srv_debug(0, xs_fmt("mastoapi_get_handler %s", q_path));
+
+ if (strcmp(cmd, "/accounts/verify_credentials") == 0) {
+ }
+
+ return status;
+}
+
+
int mastoapi_post_handler(const xs_dict *req, const char *q_path,
- const char *payload, int p_size,
- char **body, int *b_size, char **ctype)
+ const char *payload, int p_size,
+ char **body, int *b_size, char **ctype)
{
if (!xs_startswith(q_path, "/api/v1/"))
return 0;
+ {
+ xs *j = xs_json_dumps_pp(req, 4);
+ printf("mastoapi post:\n%s\n", j);
+ }
+
int status = 404;
xs *msg = NULL;
char *i_ctype = xs_dict_get(req, "content-type");
diff --git a/snac.h b/snac.h
index f1960a3..f33b806 100644
--- a/snac.h
+++ b/snac.h
@@ -224,11 +224,13 @@ int job_fifo_ready(void);
void job_post(const xs_val *job, int urgent);
void job_wait(xs_val **job);
-int mastoapi_post_handler(const xs_dict *req, const char *q_path,
- const char *payload, int p_size,
- char **body, int *b_size, char **ctype);
int oauth_get_handler(const xs_dict *req, const char *q_path,
char **body, int *b_size, char **ctype);
int oauth_post_handler(const xs_dict *req, const char *q_path,
- const char *payload, int p_size,
- char **body, int *b_size, char **ctype);
+ const char *payload, int p_size,
+ char **body, int *b_size, char **ctype);
+int mastoapi_get_handler(const xs_dict *req, const char *q_path,
+ char **body, int *b_size, char **ctype);
+int mastoapi_post_handler(const xs_dict *req, const char *q_path,
+ const char *payload, int p_size,
+ char **body, int *b_size, char **ctype);
generated by cgit v1.2.3 (git 2.39.1) at 2025-06-08 08:52:39 +0000