forked from AkkomaGang/akkoma
Compare commits
No commits in common. "df21b6182975046b00d97b1a644ea8fe4d6a1053" and "6fb91d79f37736ce1b3ac2ff1217f9a71bfcd44e" have entirely different histories.
df21b61829
...
6fb91d79f3
11 changed files with 39 additions and 121 deletions
|
@ -19,7 +19,6 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).
|
||||||
- Documentation issue in which a non-existing nginx file was referenced
|
- Documentation issue in which a non-existing nginx file was referenced
|
||||||
- Issue where a bad inbox URL could break federation
|
- Issue where a bad inbox URL could break federation
|
||||||
- Issue where hashtag rel values would be scrubbed
|
- Issue where hashtag rel values would be scrubbed
|
||||||
- Issue where short domains listed in `transparency_obfuscate_domains` were not actually obfuscated
|
|
||||||
|
|
||||||
## 2023.08
|
## 2023.08
|
||||||
|
|
||||||
|
|
|
@ -958,15 +958,6 @@ config :ueberauth, Ueberauth,
|
||||||
]
|
]
|
||||||
```
|
```
|
||||||
|
|
||||||
You may also need to set up your frontend to use oauth logins. For example, for `akkoma-fe`:
|
|
||||||
|
|
||||||
```elixir
|
|
||||||
config :pleroma, :frontend_configurations,
|
|
||||||
pleroma_fe: %{
|
|
||||||
loginMethod: "token"
|
|
||||||
}
|
|
||||||
```
|
|
||||||
|
|
||||||
## Link parsing
|
## Link parsing
|
||||||
|
|
||||||
### :uri_schemes
|
### :uri_schemes
|
||||||
|
|
|
@ -61,32 +61,6 @@ config :pleroma, :mrf_simple,
|
||||||
|
|
||||||
The effects of MRF policies can be very drastic. It is important to use this functionality carefully. Always try to talk to an admin before writing an MRF policy concerning their instance.
|
The effects of MRF policies can be very drastic. It is important to use this functionality carefully. Always try to talk to an admin before writing an MRF policy concerning their instance.
|
||||||
|
|
||||||
## Hiding or Obfuscating Policies
|
|
||||||
|
|
||||||
You can opt out of publicly displaying all MRF policies or only hide or obfuscate selected domains.
|
|
||||||
|
|
||||||
To just hide everything set:
|
|
||||||
|
|
||||||
```elixir
|
|
||||||
config :pleroma, :mrf,
|
|
||||||
...
|
|
||||||
transparency: false,
|
|
||||||
```
|
|
||||||
|
|
||||||
To hide or obfuscate only select entries, use:
|
|
||||||
|
|
||||||
```elixir
|
|
||||||
config :pleroma, :mrf,
|
|
||||||
...
|
|
||||||
transparency_obfuscate_domains: ["handholdi.ng", "badword.com"],
|
|
||||||
transparency_exclusions: [{"ghost.club", "even a fragment is too spoopy for humans"}]
|
|
||||||
```
|
|
||||||
|
|
||||||
## More MRF Policies
|
|
||||||
|
|
||||||
See the [documentation cheatsheet](cheatsheet.md)
|
|
||||||
for all available MRF policies and their options.
|
|
||||||
|
|
||||||
## Writing your own MRF Policy
|
## Writing your own MRF Policy
|
||||||
|
|
||||||
As discussed above, the MRF system is a modular system that supports pluggable policies. This means that an admin may write a custom MRF policy in Elixir or any other language that runs on the Erlang VM, by specifying the module name in the `policies` config setting.
|
As discussed above, the MRF system is a modular system that supports pluggable policies. This means that an admin may write a custom MRF policy in Elixir or any other language that runs on the Erlang VM, by specifying the module name in the `policies` config setting.
|
||||||
|
|
|
@ -314,20 +314,6 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
|
||||||
def filter(object), do: {:ok, object}
|
def filter(object), do: {:ok, object}
|
||||||
|
|
||||||
defp obfuscate(string) when is_binary(string) do
|
defp obfuscate(string) when is_binary(string) do
|
||||||
# Want to strip at least two neighbouring chars
|
|
||||||
# to ensure at least one non-dot char is in the obfuscation area
|
|
||||||
stripped = String.length(string) - 6
|
|
||||||
|
|
||||||
{keepstart, keepend} =
|
|
||||||
if stripped > 1 do
|
|
||||||
{3, 3}
|
|
||||||
else
|
|
||||||
{
|
|
||||||
2 - div(1 - stripped, 2),
|
|
||||||
2 + div(stripped, 2)
|
|
||||||
}
|
|
||||||
end
|
|
||||||
|
|
||||||
string
|
string
|
||||||
|> to_charlist()
|
|> to_charlist()
|
||||||
|> Enum.with_index()
|
|> Enum.with_index()
|
||||||
|
@ -336,7 +322,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicy do
|
||||||
?.
|
?.
|
||||||
|
|
||||||
{char, index} ->
|
{char, index} ->
|
||||||
if keepstart <= index && index < String.length(string) - keepend, do: ?*, else: char
|
if 3 <= index && index < String.length(string) - 3, do: ?*, else: char
|
||||||
end)
|
end)
|
||||||
|> to_string()
|
|> to_string()
|
||||||
end
|
end
|
||||||
|
|
|
@ -261,9 +261,6 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
|
||||||
|> MediaProxy.url()
|
|> MediaProxy.url()
|
||||||
end
|
end
|
||||||
|
|
||||||
last_status_at =
|
|
||||||
if is_nil(user.last_status_at), do: nil, else: NaiveDateTime.to_date(user.last_status_at)
|
|
||||||
|
|
||||||
%{
|
%{
|
||||||
id: to_string(user.id),
|
id: to_string(user.id),
|
||||||
username: username_from_nickname(user.nickname),
|
username: username_from_nickname(user.nickname),
|
||||||
|
@ -292,7 +289,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountView do
|
||||||
actor_type: user.actor_type
|
actor_type: user.actor_type
|
||||||
}
|
}
|
||||||
},
|
},
|
||||||
last_status_at: last_status_at,
|
last_status_at: user.last_status_at,
|
||||||
akkoma: %{
|
akkoma: %{
|
||||||
instance: render("instance.json", %{instance: instance}),
|
instance: render("instance.json", %{instance: instance}),
|
||||||
status_ttl_days: user.status_ttl_days
|
status_ttl_days: user.status_ttl_days
|
||||||
|
|
|
@ -39,7 +39,6 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
||||||
action_fallback(Pleroma.Web.OAuth.FallbackController)
|
action_fallback(Pleroma.Web.OAuth.FallbackController)
|
||||||
|
|
||||||
@oob_token_redirect_uri "urn:ietf:wg:oauth:2.0:oob"
|
@oob_token_redirect_uri "urn:ietf:wg:oauth:2.0:oob"
|
||||||
@state_cookie_name "akkoma_oauth_state"
|
|
||||||
|
|
||||||
# Note: this definition is only called from error-handling methods with `conn.params` as 2nd arg
|
# Note: this definition is only called from error-handling methods with `conn.params` as 2nd arg
|
||||||
def authorize(%Plug.Conn{} = conn, %{"authorization" => _} = params) do
|
def authorize(%Plug.Conn{} = conn, %{"authorization" => _} = params) do
|
||||||
|
@ -444,10 +443,13 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
||||||
|> Map.put("scope", scope)
|
|> Map.put("scope", scope)
|
||||||
|> Jason.encode!()
|
|> Jason.encode!()
|
||||||
|
|
||||||
|
params =
|
||||||
|
auth_attrs
|
||||||
|
|> Map.drop(~w(scope scopes client_id redirect_uri))
|
||||||
|
|> Map.put("state", state)
|
||||||
|
|
||||||
# Handing the request to Ueberauth
|
# Handing the request to Ueberauth
|
||||||
conn
|
redirect(conn, to: ~p"/oauth/#{provider}?#{params}")
|
||||||
|> put_resp_cookie(@state_cookie_name, state)
|
|
||||||
|> redirect(to: ~p"/oauth/#{provider}")
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def request(%Plug.Conn{} = conn, params) do
|
def request(%Plug.Conn{} = conn, params) do
|
||||||
|
@ -466,26 +468,20 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
||||||
end
|
end
|
||||||
|
|
||||||
def callback(%Plug.Conn{assigns: %{ueberauth_failure: failure}} = conn, params) do
|
def callback(%Plug.Conn{assigns: %{ueberauth_failure: failure}} = conn, params) do
|
||||||
params = callback_params(conn, params)
|
params = callback_params(params)
|
||||||
messages = for e <- Map.get(failure, :errors, []), do: e.message
|
messages = for e <- Map.get(failure, :errors, []), do: e.message
|
||||||
message = Enum.join(messages, "; ")
|
message = Enum.join(messages, "; ")
|
||||||
|
|
||||||
error_message = dgettext("errors", "Failed to authenticate: %{message}.", message: message)
|
conn
|
||||||
|
|> put_flash(
|
||||||
if params["redirect_uri"] do
|
:error,
|
||||||
conn
|
dgettext("errors", "Failed to authenticate: %{message}.", message: message)
|
||||||
|> put_flash(
|
)
|
||||||
:error,
|
|> redirect(external: redirect_uri(conn, params["redirect_uri"]))
|
||||||
error_message
|
|
||||||
)
|
|
||||||
|> redirect(external: redirect_uri(conn, params["redirect_uri"]))
|
|
||||||
else
|
|
||||||
send_resp(conn, :bad_request, error_message)
|
|
||||||
end
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def callback(%Plug.Conn{} = conn, params) do
|
def callback(%Plug.Conn{} = conn, params) do
|
||||||
params = callback_params(conn, params)
|
params = callback_params(params)
|
||||||
|
|
||||||
with {:ok, registration} <- Authenticator.get_registration(conn) do
|
with {:ok, registration} <- Authenticator.get_registration(conn) do
|
||||||
auth_attrs = Map.take(params, ~w(client_id redirect_uri scope scopes state))
|
auth_attrs = Map.take(params, ~w(client_id redirect_uri scope scopes state))
|
||||||
|
@ -515,9 +511,8 @@ defmodule Pleroma.Web.OAuth.OAuthController do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
defp callback_params(%Plug.Conn{} = conn, params) do
|
defp callback_params(%{"state" => state} = params) do
|
||||||
fetch_cookies(conn)
|
Map.merge(params, Jason.decode!(state))
|
||||||
Map.merge(params, Jason.decode!(Map.get(conn.req_cookies, @state_cookie_name, "{}")))
|
|
||||||
end
|
end
|
||||||
|
|
||||||
def registration_details(%Plug.Conn{} = conn, %{"authorization" => auth_attrs}) do
|
def registration_details(%Plug.Conn{} = conn, %{"authorization" => auth_attrs}) do
|
||||||
|
|
2
mix.exs
2
mix.exs
|
@ -156,7 +156,7 @@ defmodule Pleroma.Mixfile do
|
||||||
{:ex_syslogger, "~> 2.0.0"},
|
{:ex_syslogger, "~> 2.0.0"},
|
||||||
{:floki, "~> 0.34"},
|
{:floki, "~> 0.34"},
|
||||||
{:timex, "~> 3.7"},
|
{:timex, "~> 3.7"},
|
||||||
{:ueberauth, "== 0.10.5"},
|
{:ueberauth, "~> 0.10"},
|
||||||
{:linkify, git: "https://akkoma.dev/AkkomaGang/linkify.git"},
|
{:linkify, git: "https://akkoma.dev/AkkomaGang/linkify.git"},
|
||||||
{:http_signatures,
|
{:http_signatures,
|
||||||
git: "https://akkoma.dev/AkkomaGang/http_signatures.git",
|
git: "https://akkoma.dev/AkkomaGang/http_signatures.git",
|
||||||
|
|
2
mix.lock
2
mix.lock
|
@ -124,7 +124,7 @@
|
||||||
"timex": {:hex, :timex, "3.7.11", "bb95cb4eb1d06e27346325de506bcc6c30f9c6dea40d1ebe390b262fad1862d1", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.20", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 1.1", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm", "8b9024f7efbabaf9bd7aa04f65cf8dcd7c9818ca5737677c7b76acbc6a94d1aa"},
|
"timex": {:hex, :timex, "3.7.11", "bb95cb4eb1d06e27346325de506bcc6c30f9c6dea40d1ebe390b262fad1862d1", [:mix], [{:combine, "~> 0.10", [hex: :combine, repo: "hexpm", optional: false]}, {:gettext, "~> 0.20", [hex: :gettext, repo: "hexpm", optional: false]}, {:tzdata, "~> 1.1", [hex: :tzdata, repo: "hexpm", optional: false]}], "hexpm", "8b9024f7efbabaf9bd7aa04f65cf8dcd7c9818ca5737677c7b76acbc6a94d1aa"},
|
||||||
"trailing_format_plug": {:hex, :trailing_format_plug, "0.0.7", "64b877f912cf7273bed03379936df39894149e35137ac9509117e59866e10e45", [:mix], [{:plug, "> 0.12.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "bd4fde4c15f3e993a999e019d64347489b91b7a9096af68b2bdadd192afa693f"},
|
"trailing_format_plug": {:hex, :trailing_format_plug, "0.0.7", "64b877f912cf7273bed03379936df39894149e35137ac9509117e59866e10e45", [:mix], [{:plug, "> 0.12.0", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "bd4fde4c15f3e993a999e019d64347489b91b7a9096af68b2bdadd192afa693f"},
|
||||||
"tzdata": {:hex, :tzdata, "1.1.1", "20c8043476dfda8504952d00adac41c6eda23912278add38edc140ae0c5bcc46", [:mix], [{:hackney, "~> 1.17", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm", "a69cec8352eafcd2e198dea28a34113b60fdc6cb57eb5ad65c10292a6ba89787"},
|
"tzdata": {:hex, :tzdata, "1.1.1", "20c8043476dfda8504952d00adac41c6eda23912278add38edc140ae0c5bcc46", [:mix], [{:hackney, "~> 1.17", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm", "a69cec8352eafcd2e198dea28a34113b60fdc6cb57eb5ad65c10292a6ba89787"},
|
||||||
"ueberauth": {:hex, :ueberauth, "0.10.5", "806adb703df87e55b5615cf365e809f84c20c68aa8c08ff8a416a5a6644c4b02", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "3efd1f31d490a125c7ed453b926f7c31d78b97b8a854c755f5c40064bf3ac9e1"},
|
"ueberauth": {:hex, :ueberauth, "0.10.6", "8dbefd5aec30c5830af2b6ce6e03f62cc28ae0757f34e2986454f54b8dca3f65", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "b0ad1c7508f3cfd5c2c1c668d1a32bafd77de4c56af82c7bfd7e54ed078a7928"},
|
||||||
"unicode_util_compat": {:hex, :unicode_util_compat, "0.7.0", "bc84380c9ab48177092f43ac89e4dfa2c6d62b40b8bd132b1059ecc7232f9a78", [:rebar3], [], "hexpm", "25eee6d67df61960cf6a794239566599b09e17e668d3700247bc498638152521"},
|
"unicode_util_compat": {:hex, :unicode_util_compat, "0.7.0", "bc84380c9ab48177092f43ac89e4dfa2c6d62b40b8bd132b1059ecc7232f9a78", [:rebar3], [], "hexpm", "25eee6d67df61960cf6a794239566599b09e17e668d3700247bc498638152521"},
|
||||||
"unsafe": {:hex, :unsafe, "1.0.2", "23c6be12f6c1605364801f4b47007c0c159497d0446ad378b5cf05f1855c0581", [:mix], [], "hexpm", "b485231683c3ab01a9cd44cb4a79f152c6f3bb87358439c6f68791b85c2df675"},
|
"unsafe": {:hex, :unsafe, "1.0.2", "23c6be12f6c1605364801f4b47007c0c159497d0446ad378b5cf05f1855c0581", [:mix], [], "hexpm", "b485231683c3ab01a9cd44cb4a79f152c6f3bb87358439c6f68791b85c2df675"},
|
||||||
"vex": {:hex, :vex, "0.9.1", "cb65348ebd1c4002861b65bef36e524c29d9a879c90119b2d0e674e323124277", [:mix], [], "hexpm", "a0f9f3959d127ad6a6a617c3f607ecfb1bc6f3c59f9c3614a901a46d1765bafe"},
|
"vex": {:hex, :vex, "0.9.1", "cb65348ebd1c4002861b65bef36e524c29d9a879c90119b2d0e674e323124277", [:mix], [], "hexpm", "a0f9f3959d127ad6a6a617c3f607ecfb1bc6f3c59f9c3614a901a46d1765bafe"},
|
||||||
|
|
|
@ -283,7 +283,7 @@ defmodule Pleroma.Web.ActivityPub.MRF.SimplePolicyTest do
|
||||||
|
|
||||||
assert {:ok,
|
assert {:ok,
|
||||||
%{
|
%{
|
||||||
mrf_simple: %{reject: ["rem***.*****nce", "*.b"]},
|
mrf_simple: %{reject: ["rem***.*****nce", "a.b"]},
|
||||||
mrf_simple_info: %{reject: %{"rem***.*****nce" => %{}}}
|
mrf_simple_info: %{reject: %{"rem***.*****nce" => %{}}}
|
||||||
}} = SimplePolicy.describe()
|
}} = SimplePolicy.describe()
|
||||||
end
|
end
|
||||||
|
|
|
@ -40,8 +40,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
|
||||||
emoji: %{"karjalanpiirakka" => "/file.png"},
|
emoji: %{"karjalanpiirakka" => "/file.png"},
|
||||||
raw_bio: "valid html. a\nb\nc\nd\nf '&<>\"",
|
raw_bio: "valid html. a\nb\nc\nd\nf '&<>\"",
|
||||||
also_known_as: ["https://shitposter.zone/users/shp"],
|
also_known_as: ["https://shitposter.zone/users/shp"],
|
||||||
status_ttl_days: 5,
|
status_ttl_days: 5
|
||||||
last_status_at: ~N[2023-12-31T15:06:17]
|
|
||||||
})
|
})
|
||||||
|
|
||||||
insert(:instance, %{host: "example.com", nodeinfo: %{version: "2.1"}})
|
insert(:instance, %{host: "example.com", nodeinfo: %{version: "2.1"}})
|
||||||
|
@ -92,7 +91,7 @@ defmodule Pleroma.Web.MastodonAPI.AccountViewTest do
|
||||||
fields: []
|
fields: []
|
||||||
},
|
},
|
||||||
fqn: "shp@shitposter.club",
|
fqn: "shp@shitposter.club",
|
||||||
last_status_at: ~D[2023-12-31],
|
last_status_at: nil,
|
||||||
pleroma: %{
|
pleroma: %{
|
||||||
ap_id: user.ap_id,
|
ap_id: user.ap_id,
|
||||||
also_known_as: ["https://shitposter.zone/users/shp"],
|
also_known_as: ["https://shitposter.zone/users/shp"],
|
||||||
|
|
|
@ -81,7 +81,9 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
|
||||||
|
|
||||||
assert html_response(conn, 302)
|
assert html_response(conn, 302)
|
||||||
|
|
||||||
assert {:ok, state_components} = Jason.decode(conn.resp_cookies["akkoma_oauth_state"].value)
|
redirect_query = URI.parse(redirected_to(conn)).query
|
||||||
|
assert %{"state" => state_param} = URI.decode_query(redirect_query)
|
||||||
|
assert {:ok, state_components} = Jason.decode(state_param)
|
||||||
|
|
||||||
expected_client_id = app.client_id
|
expected_client_id = app.client_id
|
||||||
expected_redirect_uri = app.redirect_uris
|
expected_redirect_uri = app.redirect_uris
|
||||||
|
@ -95,7 +97,7 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
|
||||||
end
|
end
|
||||||
|
|
||||||
test "with user-bound registration, GET /oauth/<provider>/callback redirects to `redirect_uri` with `code`",
|
test "with user-bound registration, GET /oauth/<provider>/callback redirects to `redirect_uri` with `code`",
|
||||||
%{app: app, conn: _} do
|
%{app: app, conn: conn} do
|
||||||
registration = insert(:registration)
|
registration = insert(:registration)
|
||||||
redirect_uri = OAuthController.default_redirect_uri(app)
|
redirect_uri = OAuthController.default_redirect_uri(app)
|
||||||
|
|
||||||
|
@ -107,17 +109,15 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
|
||||||
}
|
}
|
||||||
|
|
||||||
conn =
|
conn =
|
||||||
build_conn()
|
conn
|
||||||
|> put_req_cookie("akkoma_oauth_state", Jason.encode!(state_params))
|
|
||||||
|> Plug.Session.call(Plug.Session.init(@session_opts))
|
|
||||||
|> fetch_session()
|
|
||||||
|> assign(:ueberauth_auth, %{provider: registration.provider, uid: registration.uid})
|
|> assign(:ueberauth_auth, %{provider: registration.provider, uid: registration.uid})
|
||||||
|> get(
|
|> get(
|
||||||
"/oauth/twitter/callback",
|
"/oauth/twitter/callback",
|
||||||
%{
|
%{
|
||||||
"oauth_token" => "G-5a3AAAAAAAwMH9AAABaektfSM",
|
"oauth_token" => "G-5a3AAAAAAAwMH9AAABaektfSM",
|
||||||
"oauth_verifier" => "QZl8vUqNvXMTKpdmUnGejJxuHG75WWWs",
|
"oauth_verifier" => "QZl8vUqNvXMTKpdmUnGejJxuHG75WWWs",
|
||||||
"provider" => "twitter"
|
"provider" => "twitter",
|
||||||
|
"state" => Jason.encode!(state_params)
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -162,42 +162,15 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
|
||||||
|
|
||||||
test "on authentication error, GET /oauth/<provider>/callback redirects to `redirect_uri`", %{
|
test "on authentication error, GET /oauth/<provider>/callback redirects to `redirect_uri`", %{
|
||||||
app: app,
|
app: app,
|
||||||
conn: _
|
conn: conn
|
||||||
} do
|
} do
|
||||||
state_params = %{
|
state_params = %{
|
||||||
"scope" => Enum.join(app.scopes, " "),
|
"scope" => Enum.join(app.scopes, " "),
|
||||||
"client_id" => app.client_id,
|
"client_id" => app.client_id,
|
||||||
"redirect_uri" => OAuthController.default_redirect_uri(app)
|
"redirect_uri" => OAuthController.default_redirect_uri(app),
|
||||||
|
"state" => ""
|
||||||
}
|
}
|
||||||
|
|
||||||
conn =
|
|
||||||
build_conn()
|
|
||||||
|> put_req_cookie("akkoma_oauth_state", Jason.encode!(state_params))
|
|
||||||
|> Plug.Session.call(Plug.Session.init(@session_opts))
|
|
||||||
|> fetch_session()
|
|
||||||
|> assign(:ueberauth_failure, %{errors: [%{message: "(error description)"}]})
|
|
||||||
|> get(
|
|
||||||
"/oauth/twitter/callback",
|
|
||||||
%{
|
|
||||||
"oauth_token" => "G-5a3AAAAAAAwMH9AAABaektfSM",
|
|
||||||
"oauth_verifier" => "QZl8vUqNvXMTKpdmUnGejJxuHG75WWWs",
|
|
||||||
"provider" => "twitter",
|
|
||||||
"state" => ""
|
|
||||||
}
|
|
||||||
)
|
|
||||||
|
|
||||||
assert html_response(conn, 302)
|
|
||||||
assert redirected_to(conn) == app.redirect_uris
|
|
||||||
|
|
||||||
assert Phoenix.Flash.get(conn.assigns.flash, :error) ==
|
|
||||||
"Failed to authenticate: (error description)."
|
|
||||||
end
|
|
||||||
|
|
||||||
test "on authentication error with no prior state, GET /oauth/<provider>/callback returns 400",
|
|
||||||
%{
|
|
||||||
app: _,
|
|
||||||
conn: conn
|
|
||||||
} do
|
|
||||||
conn =
|
conn =
|
||||||
conn
|
conn
|
||||||
|> assign(:ueberauth_failure, %{errors: [%{message: "(error description)"}]})
|
|> assign(:ueberauth_failure, %{errors: [%{message: "(error description)"}]})
|
||||||
|
@ -207,11 +180,15 @@ defmodule Pleroma.Web.OAuth.OAuthControllerTest do
|
||||||
"oauth_token" => "G-5a3AAAAAAAwMH9AAABaektfSM",
|
"oauth_token" => "G-5a3AAAAAAAwMH9AAABaektfSM",
|
||||||
"oauth_verifier" => "QZl8vUqNvXMTKpdmUnGejJxuHG75WWWs",
|
"oauth_verifier" => "QZl8vUqNvXMTKpdmUnGejJxuHG75WWWs",
|
||||||
"provider" => "twitter",
|
"provider" => "twitter",
|
||||||
"state" => ""
|
"state" => Jason.encode!(state_params)
|
||||||
}
|
}
|
||||||
)
|
)
|
||||||
|
|
||||||
assert response(conn, 400)
|
assert html_response(conn, 302)
|
||||||
|
assert redirected_to(conn) == app.redirect_uris
|
||||||
|
|
||||||
|
assert Phoenix.Flash.get(conn.assigns.flash, :error) ==
|
||||||
|
"Failed to authenticate: (error description)."
|
||||||
end
|
end
|
||||||
|
|
||||||
test "GET /oauth/registration_details renders registration details form", %{
|
test "GET /oauth/registration_details renders registration details form", %{
|
||||||
|
|
Loading…
Reference in a new issue