From c22846339a360153bd02eeb9d245ae78a4301a93 Mon Sep 17 00:00:00 2001 From: Michael Date: Wed, 12 May 2021 05:30:21 +0000 Subject: [PATCH] Improved error reporting --- src/Module/Api/Mastodon/Apps.php | 4 ++-- src/Module/BaseApi.php | 18 +++++++++++++----- src/Module/OAuth/Token.php | 10 +++++----- 3 files changed, 20 insertions(+), 12 deletions(-) diff --git a/src/Module/Api/Mastodon/Apps.php b/src/Module/Api/Mastodon/Apps.php index 3d06cdbb0..0f0837c78 100644 --- a/src/Module/Api/Mastodon/Apps.php +++ b/src/Module/Api/Mastodon/Apps.php @@ -43,7 +43,7 @@ class Apps extends BaseApi $website = !isset($_REQUEST['website']) ? '' : $_REQUEST['website']; if (empty($name) || empty($redirect)) { - DI::mstdnError()->RecordNotFound(); + DI::mstdnError()->UnprocessableEntity(DI::l10n()->t('Missing parameters')); } $client_id = bin2hex(random_bytes(32)); @@ -60,7 +60,7 @@ class Apps extends BaseApi } if (!DBA::insert('application', $fields)) { - DI::mstdnError()->RecordNotFound(); + DI::mstdnError()->InternalError(); } System::jsonExit(DI::mstdnApplication()->createFromApplicationId(DBA::lastInsertId())); diff --git a/src/Module/BaseApi.php b/src/Module/BaseApi.php index bd42e373d..a0139c637 100644 --- a/src/Module/BaseApi.php +++ b/src/Module/BaseApi.php @@ -193,15 +193,23 @@ class BaseApi extends BaseModule public static function getApplication() { - $redirect_uri = !isset($_REQUEST['redirect_uri']) ? '' : $_REQUEST['redirect_uri']; - $client_id = !isset($_REQUEST['client_id']) ? '' : $_REQUEST['client_id']; + $redirect_uri = !isset($_REQUEST['redirect_uri']) ? '' : $_REQUEST['redirect_uri']; + $client_id = !isset($_REQUEST['client_id']) ? '' : $_REQUEST['client_id']; + $client_secret = !isset($_REQUEST['client_secret']) ? '' : $_REQUEST['client_secret']; - if (empty($redirect_uri) || empty($client_id)) { - Logger::warning('Incomplete request'); + if ((empty($redirect_uri) && empty($client_secret)) || empty($client_id)) { + Logger::warning('Incomplete request', ['request' => $_REQUEST]); return []; } - $condition = ['redirect_uri' => $redirect_uri, 'client_id' => $client_id]; + $condition = ['client_id' => $client_id]; + if (!empty($client_secret)) { + $condition['client_secret'] = $client_secret; + } + if (!empty($redirect_uri)) { + $condition['redirect_uri'] = $redirect_uri; + } + $application = DBA::selectFirst('application', [], $condition); if (!DBA::isResult($application)) { Logger::warning('Application not found', $condition); diff --git a/src/Module/OAuth/Token.php b/src/Module/OAuth/Token.php index 1d0b43cd6..44a862630 100644 --- a/src/Module/OAuth/Token.php +++ b/src/Module/OAuth/Token.php @@ -39,18 +39,18 @@ class Token extends BaseApi $grant_type = !isset($_REQUEST['grant_type']) ? '' : $_REQUEST['grant_type']; if ($grant_type != 'authorization_code') { - Logger::warning('Wrong or missing grant type', ['grant_type' => $grant_type]); - DI::mstdnError()->RecordNotFound(); + Logger::warning('Unsupported or missing grant type', ['request' => $_REQUEST]); + DI::mstdnError()->UnprocessableEntity(DI::l10n()->t('Unsupported or missing grant type')); } $application = self::getApplication(); if (empty($application)) { - DI::mstdnError()->RecordNotFound(); + DI::mstdnError()->UnprocessableEntity(); } if ($application['client_secret'] != $client_secret) { Logger::warning('Wrong client secret', $client_secret); - DI::mstdnError()->RecordNotFound(); + DI::mstdnError()->Unauthorized(); } $condition = ['application-id' => $application['id'], 'code' => $code]; @@ -58,7 +58,7 @@ class Token extends BaseApi $token = DBA::selectFirst('application-token', ['access_token', 'created_at'], $condition); if (!DBA::isResult($token)) { Logger::warning('Token not found', $condition); - DI::mstdnError()->RecordNotFound(); + DI::mstdnError()->Unauthorized(); } // @todo Use entity class