Apps.php 3.0 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586
  1. <?php
  2. declare(strict_types = 1);
  3. // {{{ License
  4. // This file is part of GNU social - https://www.gnu.org/software/social
  5. //
  6. // GNU social is free software: you can redistribute it and/or modify
  7. // it under the terms of the GNU Affero General Public License as published by
  8. // the Free Software Foundation, either version 3 of the License, or
  9. // (at your option) any later version.
  10. //
  11. // GNU social is distributed in the hope that it will be useful,
  12. // but WITHOUT ANY WARRANTY; without even the implied warranty of
  13. // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  14. // GNU Affero General Public License for more details.
  15. //
  16. // You should have received a copy of the GNU Affero General Public License
  17. // along with GNU social. If not, see <http://www.gnu.org/licenses/>.
  18. // }}}
  19. /**
  20. * ActivityPub implementation for GNU social
  21. *
  22. * @package OAuth2
  23. * @category API
  24. *
  25. * @author Diogo Peralta Cordeiro <@diogo.site>
  26. * @copyright 2021 Free Software Foundation, Inc http://www.fsf.org
  27. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  28. */
  29. namespace Plugin\IndieAuth\Controller;
  30. use App\Core\Controller;
  31. use App\Core\DB\DB;
  32. use App\Core\Log;
  33. use App\Util\Common;
  34. use Plugin\IndieAuth\Entity\OAuth2Client;
  35. use Symfony\Component\HttpFoundation\JsonResponse;
  36. /**
  37. * App Management Endpoint
  38. *
  39. * @copyright 2021 Free Software Foundation, Inc http://www.fsf.org
  40. * @license https://www.gnu.org/licenses/agpl.html GNU AGPL v3 or later
  41. */
  42. class Apps extends Controller
  43. {
  44. public function onPost(): JsonResponse
  45. {
  46. Log::debug('OAuth2 Apps: Received a POST request.');
  47. Log::debug('OAuth2 Apps: Request content: ', [$body = $this->request->getContent()]);
  48. $args = json_decode($body, true);
  49. $identifier = hash('md5', random_bytes(16));
  50. // Random string Length should be between 43 and 128
  51. $secret = Common::base64url_encode(hash('sha256', random_bytes(57)));
  52. DB::persist($app = OAuth2Client::create([
  53. 'identifier' => $identifier,
  54. 'secret' => $secret,
  55. 'redirect_uris' => $args['redirect_uris'],
  56. 'grants' => 'client_credentials authorization_code',
  57. 'scopes' => $args['scopes'],
  58. 'active' => true,
  59. 'allow_plain_text_pkce' => false,
  60. 'client_name' => $args['client_name'],
  61. 'website' => $args['website'],
  62. ]));
  63. Log::debug('OAuth2 Apps: Created App: ', [$app]);
  64. DB::flush();
  65. // Success
  66. return new JsonResponse([
  67. 'name' => $app->getClientName(),
  68. 'website' => $app->getWebsite(),
  69. 'redirect_uri' => $app->getRedirectUris()[0],
  70. 'client_id' => $app->getIdentifier(),
  71. 'client_secret' => $app->getSecret(),
  72. ], status: 200, headers: ['content_type' => 'application/json; charset=utf-8']);
  73. }
  74. }