Merge branch 'fix/sign-in-with-toot' into 'develop'

Fix sign-in and sign-out with Toot! See merge request pleroma/pleroma!306
2018-09-05 18:20:26 +00:00 · 2018-09-05 18:20:26 +00:00 · 4a3dbd9d4e
commit 4a3dbd9d4e
parent 8143251f06 84d84e4ca4
4 changed files with 18 additions and 3 deletions
--- a/lib/pleroma/web/mastodon_api/views/account_view.ex
+++ b/lib/pleroma/web/mastodon_api/views/account_view.ex
@ -54,7 +54,7 @@ def render("account.json", %{user: user}) do
      source: %{
        note: "",
        privacy: user_info.default_scope,
-        sensitive: "false"
+        sensitive: false
      }
    }
  end
--- a/lib/pleroma/web/oauth/oauth_controller.ex
+++ b/lib/pleroma/web/oauth/oauth_controller.ex
@ -60,11 +60,13 @@ def token_exchange(conn, %{"grant_type" => "authorization_code"} = params) do
         fixed_token = fix_padding(params["code"]),
         %Authorization{} = auth <-
           Repo.get_by(Authorization, token: fixed_token, app_id: app.id),
-         {:ok, token} <- Token.exchange_token(app, auth) do
+         {:ok, token} <- Token.exchange_token(app, auth),
+         {:ok, inserted_at} <- DateTime.from_naive(token.inserted_at, "Etc/UTC") do
      response = %{
        token_type: "Bearer",
        access_token: token.token,
        refresh_token: token.refresh_token,
+        created_at: DateTime.to_unix(inserted_at),
        expires_in: 60 * 10,
        scope: "read write follow"
      }
@ -116,6 +118,18 @@ def token_exchange(
    token_exchange(conn, params)
  end

+  def token_revoke(conn, %{"token" => token} = params) do
+    with %App{} = app <- get_app_from_request(conn, params),
+         %Token{} = token <- Repo.get_by(Token, token: token, app_id: app.id),
+         {:ok, %Token{}} <- Repo.delete(token) do
+      json(conn, %{})
+    else
+      _error ->
+        # RFC 7009: invalid tokens [in the request] do not cause an error response
+        json(conn, %{})
+    end
+  end
+
  defp fix_padding(token) do
    token
    |> Base.url_decode64!(padding: false)
--- a/lib/pleroma/web/router.ex
+++ b/lib/pleroma/web/router.ex
@ -93,6 +93,7 @@ def user_fetcher(username_or_email) do
    get("/authorize", OAuthController, :authorize)
    post("/authorize", OAuthController, :create_authorization)
    post("/token", OAuthController, :token_exchange)
+    post("/revoke", OAuthController, :token_revoke)
  end

  scope "/api/v1", Pleroma.Web.MastodonAPI do
--- a/test/web/mastodon_api/account_view_test.exs
+++ b/test/web/mastodon_api/account_view_test.exs
@ -90,7 +90,7 @@ test "Represent a Service(bot) account" do
      source: %{
        note: "",
        privacy: "public",
-        sensitive: "false"
+        sensitive: false
      }
    }