API: Accept "redirect_uris" as both array and string

This commit is contained in:
Michael 2023-01-14 21:07:47 +00:00
parent 25ac99a098
commit af2a38c5b3
3 changed files with 13 additions and 6 deletions

View file

@ -70,10 +70,9 @@ class Error extends BaseFactory
System::jsonError(422, $errorObj->toArray());
}
public function Unauthorized(string $error = '')
public function Unauthorized(string $error = '', string $error_description = '')
{
$error = $error ?: $this->l10n->t('Unauthorized');
$error_description = '';
$errorObj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
$this->logError(401, $error);

View file

@ -44,6 +44,10 @@ class Apps extends BaseApi
*/
protected function post(array $request = [])
{
if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) {
$request['redirect_uris'] = $request['redirect_uris'][0];
}
$request = $this->getRequest([
'client_name' => '',
'redirect_uris' => '',
@ -58,6 +62,10 @@ class Apps extends BaseApi
if (!empty($postrequest) && is_array($postrequest)) {
$request = array_merge($request, $postrequest);
}
if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) {
$request['redirect_uris'] = $request['redirect_uris'][0];
}
}
if (empty($request['client_name']) || empty($request['redirect_uris'])) {

View file

@ -32,7 +32,7 @@ use Friendica\Util\DateTimeFormat;
use Psr\Http\Message\ResponseInterface;
/**
* @see https://docs.joinmastodon.org/spec/oauth/
* @see https://docs.joinmastodon.org/methods/oauth/#token
* @see https://aaronparecki.com/oauth-2-simplified/
*/
class Token extends BaseApi
@ -69,13 +69,13 @@ class Token extends BaseApi
}
if (empty($request['client_id']) || empty($request['client_secret'])) {
Logger::warning('Incomplete request data', ['request' => $_REQUEST]);
DI::mstdnError()->UnprocessableEntity(DI::l10n()->t('Incomplete request data'));
Logger::warning('Incomplete request data', ['request' => $request]);
DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Incomplete request data'));
}
$application = OAuth::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']);
if (empty($application)) {
DI::mstdnError()->UnprocessableEntity();
DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Invalid data or unknown client'));
}
if ($request['grant_type'] == 'client_credentials') {