diff --git a/src/Factory/Api/Mastodon/Error.php b/src/Factory/Api/Mastodon/Error.php index 387077032..32ca03a62 100644 --- a/src/Factory/Api/Mastodon/Error.php +++ b/src/Factory/Api/Mastodon/Error.php @@ -70,10 +70,9 @@ class Error extends BaseFactory System::jsonError(422, $errorObj->toArray()); } - public function Unauthorized(string $error = '') + public function Unauthorized(string $error = '', string $error_description = '') { $error = $error ?: $this->l10n->t('Unauthorized'); - $error_description = ''; $errorObj = new \Friendica\Object\Api\Mastodon\Error($error, $error_description); $this->logError(401, $error); diff --git a/src/Module/Api/Mastodon/Apps.php b/src/Module/Api/Mastodon/Apps.php index f78cb0709..8071c7568 100644 --- a/src/Module/Api/Mastodon/Apps.php +++ b/src/Module/Api/Mastodon/Apps.php @@ -44,6 +44,10 @@ class Apps extends BaseApi */ protected function post(array $request = []) { + if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) { + $request['redirect_uris'] = $request['redirect_uris'][0]; + } + $request = $this->getRequest([ 'client_name' => '', 'redirect_uris' => '', @@ -58,6 +62,10 @@ class Apps extends BaseApi if (!empty($postrequest) && is_array($postrequest)) { $request = array_merge($request, $postrequest); } + + if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) { + $request['redirect_uris'] = $request['redirect_uris'][0]; + } } if (empty($request['client_name']) || empty($request['redirect_uris'])) { diff --git a/src/Module/OAuth/Token.php b/src/Module/OAuth/Token.php index 1fdb57aba..7481bf75f 100644 --- a/src/Module/OAuth/Token.php +++ b/src/Module/OAuth/Token.php @@ -32,7 +32,7 @@ use Friendica\Util\DateTimeFormat; use Psr\Http\Message\ResponseInterface; /** - * @see https://docs.joinmastodon.org/spec/oauth/ + * @see https://docs.joinmastodon.org/methods/oauth/#token * @see https://aaronparecki.com/oauth-2-simplified/ */ class Token extends BaseApi @@ -69,13 +69,13 @@ class Token extends BaseApi } if (empty($request['client_id']) || empty($request['client_secret'])) { - Logger::warning('Incomplete request data', ['request' => $_REQUEST]); - DI::mstdnError()->UnprocessableEntity(DI::l10n()->t('Incomplete request data')); + Logger::warning('Incomplete request data', ['request' => $request]); + DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Incomplete request data')); } $application = OAuth::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']); if (empty($application)) { - DI::mstdnError()->UnprocessableEntity(); + DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Invalid data or unknown client')); } if ($request['grant_type'] == 'client_credentials') {