From 71a49e2b43218d34f97b2276c43bdeb2df4a53d2 Mon Sep 17 00:00:00 2001 From: Tobi Smethurst <31960611+tsmethurst@users.noreply.github.com> Date: Thu, 1 Apr 2021 20:46:45 +0200 Subject: Api/v1/accounts (#8) * start work on accounts module * plodding away on the accounts endpoint * groundwork for other account routes * add password validator * validation utils * require account approval flags * comments * comments * go fmt * comments * add distributor stub * rename api to federator * tidy a bit * validate new account requests * rename r router * comments * add domain blocks * add some more shortcuts * add some more shortcuts * check email + username availability * email block checking for signups * chunking away at it * tick off a few more things * some fiddling with tests * add mock package * relocate repo * move mocks around * set app id on new signups * initialize oauth server properly * rename oauth server * proper mocking tests * go fmt ./... * add required fields * change name of func * move validation to account.go * more tests! * add some file utility tools * add mediaconfig * new shortcut * add some more fields * add followrequest model * add notify * update mastotypes * mock out storage interface * start building media interface * start on update credentials * mess about with media a bit more * test image manipulation * media more or less working * account update nearly working * rearranging my package ;) ;) ;) * phew big stuff!!!! * fix type checking * *fiddles* * Add CreateTables func * account registration flow working * tidy * script to step through auth flow * add a lil helper for generating user uris * fiddling with federation a bit * update progress * Tidying and linting --- scripts/auth_flow.sh | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) create mode 100755 scripts/auth_flow.sh (limited to 'scripts/auth_flow.sh') diff --git a/scripts/auth_flow.sh b/scripts/auth_flow.sh new file mode 100755 index 000000000..8bba39532 --- /dev/null +++ b/scripts/auth_flow.sh @@ -0,0 +1,33 @@ +#!/bin/sh + +set -eux + +SERVER_URL="http://localhost:8080" +REDIRECT_URI="${SERVER_URL}" +CLIENT_NAME="Test Application Name" + +REGISTRATION_REASON="Testing whether or not this dang diggity thing works!" +REGISTRATION_EMAIL="test@example.org" +REGISTRATION_USERNAME="test_user" +REGISTRATION_PASSWORD="very safe password 123" +REGISTRATION_AGREEMENT="true" +REGISTRATION_LOCALE="en" + +# Step 1: create the app to register the new account +CREATE_APP_RESPONSE=$(curl --fail -s -X POST -F "client_name=${CLIENT_NAME}" -F "redirect_uris=${REDIRECT_URI}" "${SERVER_URL}/api/v1/apps") +CLIENT_ID=$(echo "${CREATE_APP_RESPONSE}" | jq -r .client_id) +CLIENT_SECRET=$(echo "${CREATE_APP_RESPONSE}" | jq -r .client_secret) +echo "Obtained client_id: ${CLIENT_ID} and client_secret: ${CLIENT_SECRET}" + +# Step 2: obtain a code for that app +APP_CODE_RESPONSE=$(curl --fail -s -X POST -F "scope=read" -F "grant_type=client_credentials" -F "client_id=${CLIENT_ID}" -F "client_secret=${CLIENT_SECRET}" -F "redirect_uri=${REDIRECT_URI}" "${SERVER_URL}/oauth/token") +APP_ACCESS_TOKEN=$(echo "${APP_CODE_RESPONSE}" | jq -r .access_token) +echo "Obtained app access token: ${APP_ACCESS_TOKEN}" + +# Step 3: use the code to register a new account +ACCOUNT_REGISTER_RESPONSE=$(curl --fail -s -H "Authorization: Bearer ${APP_ACCESS_TOKEN}" -F "reason=${REGISTRATION_REASON}" -F "email=${REGISTRATION_EMAIL}" -F "username=${REGISTRATION_USERNAME}" -F "password=${REGISTRATION_PASSWORD}" -F "agreement=${REGISTRATION_AGREEMENT}" -F "locale=${REGISTRATION_LOCALE}" "${SERVER_URL}/api/v1/accounts") +USER_ACCESS_TOKEN=$(echo "${ACCOUNT_REGISTER_RESPONSE}" | jq -r .access_token) +echo "Obtained user access token: ${USER_ACCESS_TOKEN}" + +# # Step 4: verify the returned access token +curl -s -H "Authorization: Bearer ${USER_ACCESS_TOKEN}" "${SERVER_URL}/api/v1/accounts/verify_credentials" | jq -- cgit v1.2.3