From 1b2a95429b20eda758c06953e3ac4ef983924488 Mon Sep 17 00:00:00 2001
From: FloatingGhost <hannah@coffee-and-dreams.uk>
Date: Tue, 23 Aug 2022 12:57:18 +0100
Subject: [PATCH] reuse token where we have one

---
 lib/pleroma/web/o_auth/authorization.ex     |  5 +++++
 lib/pleroma/web/o_auth/o_auth_controller.ex | 10 ++++++----
 lib/pleroma/web/o_auth/token.ex             |  1 +
 lib/pleroma/web/o_auth/token/query.ex       |  4 ++++
 4 files changed, 16 insertions(+), 4 deletions(-)

diff --git a/lib/pleroma/web/o_auth/authorization.ex b/lib/pleroma/web/o_auth/authorization.ex
index e0ecb0f4f..e56704164 100644
--- a/lib/pleroma/web/o_auth/authorization.ex
+++ b/lib/pleroma/web/o_auth/authorization.ex
@@ -94,4 +94,9 @@ def get_by_token(%App{id: app_id} = _app, token) do
     from(t in __MODULE__, where: t.app_id == ^app_id and t.token == ^token)
     |> Repo.find_resource()
   end
+
+  def get_preeexisting_by_app_and_user(%App{id: app_id} = _app, %User{id: user_id} = _user) do
+    from(t in __MODULE__, where: t.app_id == ^app_id and t.user_id == ^user_id, limit: 1)
+    |> Repo.find_resource()
+  end
 end
diff --git a/lib/pleroma/web/o_auth/o_auth_controller.ex b/lib/pleroma/web/o_auth/o_auth_controller.ex
index 45e99d35b..e8e64cb7f 100644
--- a/lib/pleroma/web/o_auth/o_auth_controller.ex
+++ b/lib/pleroma/web/o_auth/o_auth_controller.ex
@@ -77,10 +77,12 @@ def authorize(%Plug.Conn{} = conn, params) do
          false <- is_nil(user_id),
          %User{} = user <- User.get_cached_by_id(user_id),
          %App{} = app <- Repo.get_by(App, client_id: params["client_id"]),
-         {:ok, %Token{} = token} <- Token.get_preeexisting_by_app_and_user(app, user) do
+         {:ok, %Token{} = token} <- Token.get_preeexisting_by_app_and_user(app, user),
+         {:ok, %Authorization{} = auth} <- Authorization.get_preeexisting_by_app_and_user(app, user) do
+      IO.inspect(params)
       conn
       |> assign(:token, token)
-      |> handle_existing_authorization(params)
+      |> after_create_authorization(auth, %{"authorization" => params})
     else
       _ -> do_authorize(conn, params)
     end
@@ -281,11 +283,11 @@ def token_exchange(
   end
 
   def token_exchange(%Plug.Conn{} = conn, %{"grant_type" => "authorization_code"} = params) do
-    with {:ok, app} <- Token.Utils.fetch_app(conn),
+    with {:ok, app} <- IO.inspect(Token.Utils.fetch_app(conn)),
          fixed_token = Token.Utils.fix_padding(params["code"]),
          {:ok, auth} <- Authorization.get_by_token(app, fixed_token),
          %User{} = user <- User.get_cached_by_id(auth.user_id),
-         {:ok, token} <- Token.exchange_token(app, auth) do
+         {:ok, token} <- IO.inspect(Token.exchange_token(app, auth)) do
       after_token_exchange(conn, %{user: user, token: token})
     else
       error ->
diff --git a/lib/pleroma/web/o_auth/token.ex b/lib/pleroma/web/o_auth/token.ex
index 686e6715b..33bfd876d 100644
--- a/lib/pleroma/web/o_auth/token.ex
+++ b/lib/pleroma/web/o_auth/token.ex
@@ -75,6 +75,7 @@ def get_preeexisting_by_app_and_user(app, user) do
     |> Query.get_by_user(user.id)
     |> Query.get_unexpired()
     |> Query.preload([:user])
+    |> Query.sort_by_inserted_at()
     |> Query.limit(1)
     |> Repo.find_resource()
   end
diff --git a/lib/pleroma/web/o_auth/token/query.ex b/lib/pleroma/web/o_auth/token/query.ex
index 1415191b7..662e7856d 100644
--- a/lib/pleroma/web/o_auth/token/query.ex
+++ b/lib/pleroma/web/o_auth/token/query.ex
@@ -47,6 +47,10 @@ def limit(query, limit) do
     from(q in query, limit: ^limit)
   end
 
+  def sort_by_inserted_at(query) do
+    from(q in query, order_by: [desc: :updated_at])
+  end
+
   @spec preload(query, any) :: query
   def preload(query \\ Token, assoc_preload \\ [])