diff --git a/appinfo/routes.php b/appinfo/routes.php index 90ef2f44..861bcb93 100644 --- a/appinfo/routes.php +++ b/appinfo/routes.php @@ -70,6 +70,7 @@ return [ ['name' => 'OAuth#nodeinfo2', 'url' => '/.well-known/nodeinfo/2.0', 'verb' => 'GET'], ['name' => 'OAuth#apps', 'url' => '/api/v1/apps', 'verb' => 'POST'], ['name' => 'OAuth#authorize', 'url' => '/oauth/authorize', 'verb' => 'GET'], + ['name' => 'OAuth#authorizing', 'url' => '/oauth/authorize', 'verb' => 'POST'], ['name' => 'OAuth#token', 'url' => '/oauth/token', 'verb' => 'POST'], // Api for 3rd party diff --git a/lib/Controller/OAuthController.php b/lib/Controller/OAuthController.php index 05836f99..238cb402 100644 --- a/lib/Controller/OAuthController.php +++ b/lib/Controller/OAuthController.php @@ -45,6 +45,7 @@ use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Http\Response; +use OCP\AppFramework\Http\TemplateResponse; use OCP\IRequest; use OCP\IURLGenerator; use OCP\IUserSession; @@ -172,13 +173,57 @@ class OAuthController extends Controller { string $redirect_uri, string $response_type, string $scope = 'read' + ): Response { + try { + $user = $this->userSession->getUser(); + + // check actor exists + $this->accountService->getActorFromUserId($user->getUID()); + + if ($response_type !== 'code') { + throw new ClientNotFoundException('invalid response type'); + } + + // check client exists in db + $this->clientService->getFromClientId($client_id); + + return new TemplateResponse(Application::APP_NAME, 'oauth2', [ + 'request' => + [ + 'clientId' => $client_id, + 'redirectUri' => $redirect_uri, + 'responseType' => $response_type, + 'scope' => $scope + ] + ]); + + } catch (Exception $e) { + $this->logger->notice($e->getMessage() . ' ' . get_class($e)); + + return new TemplateResponse( + Application::APP_NAME, + 'oauth2', + ['error' => $e->getMessage()] + ); + } + } + + + /** + * @NoAdminRequired + */ + public function authorizing( + string $client_id, + string $redirect_uri, + string $response_type, + string $scope = 'read' ): DataResponse { try { $user = $this->userSession->getUser(); $account = $this->accountService->getActorFromUserId($user->getUID()); if ($response_type !== 'code') { - return new DataResponse(['error' => 'invalid_type'], Http::STATUS_BAD_REQUEST); + throw new ClientNotFoundException('invalid response type'); } $client = $this->clientService->getFromClientId($client_id); @@ -204,18 +249,12 @@ class OAuthController extends Controller { // TODO : finalize result if no redirect_url return new DataResponse( - [ - 'code' => $code, - // 'access_token' => '', - // "token_type" => "Bearer", - // "scope" => "read write follow push", - // "created_at" => 1573979017 - ], Http::STATUS_OK + ['code' => $code], Http::STATUS_OK ); } catch (Exception $e) { $this->logger->notice($e->getMessage() . ' ' . get_class($e)); - return new DataResponse(['error' => $e->getMessage()], Http::STATUS_UNAUTHORIZED); + return new DataResponse(['error' => $e->getMessage()], Http::STATUS_BAD_REQUEST); } } diff --git a/templates/oauth2.php b/templates/oauth2.php new file mode 100644 index 00000000..2b192b05 --- /dev/null +++ b/templates/oauth2.php @@ -0,0 +1,26 @@ + + * + * @author Jonas Sulzer + * @author Julius Härtl + * + * @license GNU AGPL version 3 or any later version + * + * This program is free software: you can redistribute it and/or modify + * it under the terms of the GNU Affero General Public License as + * published by the Free Software Foundation, either version 3 of the + * License, or (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Affero General Public License for more details. + * + * You should have received a copy of the GNU Affero General Public License + * along with this program. If not, see . + * + */ + + +\OCP\Util::addScript('social', 'social-oauth2');