improve token response handling
This commit is contained in:
parent
7f116952f5
commit
7b19e42f57
2 changed files with 82 additions and 14 deletions
45
lib/token.ex
45
lib/token.ex
|
@ -11,7 +11,9 @@ defmodule PlugIndie.Token do
|
||||||
) do
|
) do
|
||||||
case do_verify_token(access_token, token_endpoint, user_agent) do
|
case do_verify_token(access_token, token_endpoint, user_agent) do
|
||||||
{:ok, %{status: 200, body: body}} ->
|
{:ok, %{status: 200, body: body}} ->
|
||||||
verify_token_response(body, required_scope, supported_scopes, own_hostname)
|
body
|
||||||
|
|> map_keys_to_string()
|
||||||
|
|> verify_token_response(required_scope, supported_scopes, own_hostname)
|
||||||
|
|
||||||
{:ok, %{status: status}} ->
|
{:ok, %{status: status}} ->
|
||||||
{:error, :request_error, status}
|
{:error, :request_error, status}
|
||||||
|
@ -45,19 +47,28 @@ defmodule PlugIndie.Token do
|
||||||
Tesla.get(client, token_endpoint)
|
Tesla.get(client, token_endpoint)
|
||||||
end
|
end
|
||||||
|
|
||||||
defp verify_token_response(
|
def verify_token_response(
|
||||||
%{
|
%{
|
||||||
me: host_uri,
|
"me" => host_uri,
|
||||||
scope: scope,
|
"scope" => scope,
|
||||||
client_id: client_id,
|
"client_id" => client_id,
|
||||||
issued_at: _issued_at,
|
"issued_at" => _issued_at,
|
||||||
issued_by: _issued_by,
|
"issued_by" => _issued_by,
|
||||||
nonce: _nonce
|
"nonce" => _nonce
|
||||||
},
|
},
|
||||||
required_scope,
|
required_scope,
|
||||||
supported_scopes,
|
supported_scopes,
|
||||||
own_hostname
|
own_hostname
|
||||||
) do
|
) do
|
||||||
|
# {%{
|
||||||
|
# "client_id" => "https://indiepass.app/",
|
||||||
|
# "issued_at" => 1_733_382_601,
|
||||||
|
# "issued_by" => "https://tokens.indieauth.com/token",
|
||||||
|
# "me" => "https://blog.inhji.de/",
|
||||||
|
# "nonce" => 358_618_865,
|
||||||
|
# "scope" => "create update delete media read follow channels mute block"
|
||||||
|
# }, "create", ["create", "media"], "inhji.de"}
|
||||||
|
|
||||||
Logger.info("Host-URI: '#{host_uri}'")
|
Logger.info("Host-URI: '#{host_uri}'")
|
||||||
Logger.info("ClientId: '#{client_id}'")
|
Logger.info("ClientId: '#{client_id}'")
|
||||||
Logger.info("Scopes: '#{scope}'")
|
Logger.info("Scopes: '#{scope}'")
|
||||||
|
@ -72,6 +83,8 @@ defmodule PlugIndie.Token do
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def verify_token_response(_, _, _, _), do: {:error, "verify_token_response", "bad request"}
|
||||||
|
|
||||||
defp verify_hostname_match(host_uri, own_hostname) do
|
defp verify_hostname_match(host_uri, own_hostname) do
|
||||||
hostnames_match? = get_hostname(host_uri) == own_hostname
|
hostnames_match? = get_hostname(host_uri) == own_hostname
|
||||||
|
|
||||||
|
@ -107,4 +120,8 @@ defmodule PlugIndie.Token do
|
||||||
{:error, "verify_scope_support", "scope '#{required_scope}' was not requested"}
|
{:error, "verify_scope_support", "scope '#{required_scope}' was not requested"}
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
|
defp map_keys_to_string(map) do
|
||||||
|
for {key, val} <- map, into: %{}, do: {to_string(key), val}
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|
51
test/token_test.exs
Normal file
51
test/token_test.exs
Normal file
|
@ -0,0 +1,51 @@
|
||||||
|
defmodule TokenTest do
|
||||||
|
use ExUnit.Case
|
||||||
|
|
||||||
|
describe "verify_token_response/4" do
|
||||||
|
test "with atom keyed map" do
|
||||||
|
body = %{
|
||||||
|
:client_id => "https://indiepass.app/",
|
||||||
|
:issued_at => 1_733_382_601,
|
||||||
|
:issued_by => "https://tokens.indieauth.com/token",
|
||||||
|
:me => "https://blog.inhji.de/",
|
||||||
|
:nonce => 358_618_865,
|
||||||
|
:scope => "create update delete media read follow channels mute block"
|
||||||
|
}
|
||||||
|
|
||||||
|
required_scope = "create"
|
||||||
|
supported_scopes = ["create", "media"]
|
||||||
|
hostname = "blog.inhji.de"
|
||||||
|
|
||||||
|
assert {:error, _, _} =
|
||||||
|
PlugIndie.Token.verify_token_response(
|
||||||
|
body,
|
||||||
|
required_scope,
|
||||||
|
supported_scopes,
|
||||||
|
hostname
|
||||||
|
)
|
||||||
|
end
|
||||||
|
|
||||||
|
test "with string keyed map" do
|
||||||
|
body = %{
|
||||||
|
"client_id" => "https://indiepass.app/",
|
||||||
|
"issued_at" => 1_733_382_601,
|
||||||
|
"issued_by" => "https://tokens.indieauth.com/token",
|
||||||
|
"me" => "https://blog.inhji.de/",
|
||||||
|
"nonce" => 358_618_865,
|
||||||
|
"scope" => "create update delete media read follow channels mute block"
|
||||||
|
}
|
||||||
|
|
||||||
|
required_scope = "create"
|
||||||
|
supported_scopes = ["create", "media"]
|
||||||
|
hostname = "blog.inhji.de"
|
||||||
|
|
||||||
|
assert PlugIndie.Token.verify_token_response(
|
||||||
|
body,
|
||||||
|
required_scope,
|
||||||
|
supported_scopes,
|
||||||
|
hostname
|
||||||
|
) ==
|
||||||
|
:ok
|
||||||
|
end
|
||||||
|
end
|
||||||
|
end
|
Loading…
Reference in a new issue