From 938328cd077d40b75e0834d56ff8d43ad035fd2b Mon Sep 17 00:00:00 2001
From: f0x52 <f0x@cthu.lu>
Date: Thu, 29 Sep 2022 12:02:41 +0200
Subject: [frontend] Unified panels (#812)

* settings panel restructuring

* clean up old Gin handlers

* colorscheme redesign, some other small css tweaks

* basic router layout, error boundary

* colorscheme redesign, some other small css tweaks

* kebab-case consistency

* superfluous padding on applist

* remove unused consts

* redux, whitespace changes..

* use .jsx extensions for components

* login flow up till app registration

* full redux oauth implementation, with basic error handling

* split oauth api functions

* oauth api revocation handling

* basic profile change submission

* move old dir

* profile overview

* fix keeping track of the wrong instance url (for different instance/api domains)

* use redux state for profile form

* delete old/index.js, old/basic.js, fully implemented

* implement old/user/profile.js

* implement password change

* remove debug logging

* support future api for removing files

* customize profile css

* remove unneeded wrapper components

* restructure form fields

* start on admin pages

* admin panel settings

* admin settings panel

* remove old/admin files

* add top-level redirect

* refactor/cleanup forms

* only do API checks on logged-in state

* admin-status based routing

* federation block routing

* federation blocks

* upgrade dependencies

* react 18 changes

* media cleanup

* fix useEffect hooks

* remove unused require

* custom emoji base

* emoji uploader

* delete last old panel files

* sidebar styling, remove unused page

* refactor submit functions

* fix sidebar boxshadow-border

* fix old css variables

* fix fake-toot avatar

* fix non-square emoji

* fix user settings redux keys

* properly get admin account contact from instance response

* Account.source default values

* source.status_format key

* mobile responsiveness

* mobile element tweaks

* proper redirect after removing block

* add redirects for old setting panel urls

* deletes

* fix mobile overflow

* clean up debug logging calls
---
 web/source/settings-panel/lib/api/oauth.js | 124 +++++++++++++++++++++++++++++
 1 file changed, 124 insertions(+)
 create mode 100644 web/source/settings-panel/lib/api/oauth.js

(limited to 'web/source/settings-panel/lib/api/oauth.js')

diff --git a/web/source/settings-panel/lib/api/oauth.js b/web/source/settings-panel/lib/api/oauth.js
new file mode 100644
index 000000000..76d0e9d2f
--- /dev/null
+++ b/web/source/settings-panel/lib/api/oauth.js
@@ -0,0 +1,124 @@
+/*
+	GoToSocial
+	Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
+
+	This program is free software: you can redistribute it and/or modify
+	it under the terms of the GNU Affero General Public License as published by
+	the Free Software Foundation, either version 3 of the License, or
+	(at your option) any later version.
+
+	This program is distributed in the hope that it will be useful,
+	but WITHOUT ANY WARRANTY; without even the implied warranty of
+	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+	GNU Affero General Public License for more details.
+
+	You should have received a copy of the GNU Affero General Public License
+	along with this program.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+"use strict";
+
+const Promise = require("bluebird");
+
+const { OAUTHError, AuthenticationError } = require("../errors");
+
+const oauth = require("../../redux/reducers/oauth").actions;
+const temporary = require("../../redux/reducers/temporary").actions;
+const admin = require("../../redux/reducers/admin").actions;
+
+module.exports = function oauthAPI({ apiCall, getCurrentUrl }) {
+	return {
+
+		register: function register(scopes = []) {
+			return function (dispatch, _getState) {
+				return Promise.try(() => {
+					return dispatch(apiCall("POST", "/api/v1/apps", {
+						client_name: "GoToSocial Settings",
+						scopes: scopes.join(" "),
+						redirect_uris: getCurrentUrl(),
+						website: getCurrentUrl()
+					}));
+				}).then((json) => {
+					json.scopes = scopes;
+					dispatch(oauth.setRegistration(json));
+				});
+			};
+		},
+
+		authorize: function authorize() {
+			return function (dispatch, getState) {
+				let state = getState();
+				let reg = state.oauth.registration;
+				let base = new URL(state.oauth.instance);
+
+				base.pathname = "/oauth/authorize";
+				base.searchParams.set("client_id", reg.client_id);
+				base.searchParams.set("redirect_uri", getCurrentUrl());
+				base.searchParams.set("response_type", "code");
+				base.searchParams.set("scope", reg.scopes.join(" "));
+
+				dispatch(oauth.setLoginState("callback"));
+				dispatch(temporary.setStatus("Redirecting to instance login..."));
+
+				// send user to instance's login flow
+				window.location.assign(base.href);
+			};
+		},
+
+		tokenize: function tokenize(code) {
+			return function (dispatch, getState) {
+				let reg = getState().oauth.registration;
+
+				return Promise.try(() => {
+					if (reg == undefined || reg.client_id == undefined) {
+						throw new OAUTHError("Callback code present, but no client registration is available from localStorage. \nNote: localStorage is unavailable in Private Browsing.");
+					}
+
+					return dispatch(apiCall("POST", "/oauth/token", {
+						client_id: reg.client_id,
+						client_secret: reg.client_secret,
+						redirect_uri: getCurrentUrl(),
+						grant_type: "authorization_code",
+						code: code
+					}));
+				}).then((json) => {
+					window.history.replaceState({}, document.title, window.location.pathname);
+					return dispatch(oauth.login(json));
+				});
+			};
+		},
+
+		checkIfAdmin: function checkIfAdmin() {
+			return function (dispatch, getState) {
+				const state = getState();
+				let stored = state.oauth.isAdmin;
+				if (stored != undefined) {
+					return stored;
+				}
+
+				// newer GoToSocial version will include a `role` in the Account data, check that first
+				// TODO: check account data for admin status				
+
+				// no role info, try fetching an admin-only route and see if we get an error
+				return Promise.try(() => {
+					return dispatch(apiCall("GET", "/api/v1/admin/domain_blocks"));
+				}).then((data) => {
+					return Promise.all([
+						dispatch(oauth.setAdmin(true)),
+						dispatch(admin.setBlockedInstances(data))
+					]);
+				}).catch(AuthenticationError, () => {
+					return dispatch(oauth.setAdmin(false));
+				});
+			};
+		},
+
+		logout: function logout() {
+			return function (dispatch, _getState) {
+				// TODO: GoToSocial does not have a logout API route yet
+
+				return dispatch(oauth.remove());
+			};
+		}
+	};
+};
\ No newline at end of file
-- 
cgit v1.2.3