| 1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
 | /*
	GoToSocial
	Copyright (C) 2021-2022 GoToSocial Authors admin@gotosocial.org
	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU Affero General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.
	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
	GNU Affero General Public License for more details.
	You should have received a copy of the GNU Affero General Public License
	along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/
"use strict";
const Promise = require("bluebird");
const { OAUTHError, AuthenticationError } = require("../errors");
const oauth = require("../../redux/reducers/oauth").actions;
const temporary = require("../../redux/reducers/temporary").actions;
const admin = require("../../redux/reducers/admin").actions;
module.exports = function oauthAPI({ apiCall, getCurrentUrl }) {
	return {
		register: function register(scopes = []) {
			return function (dispatch, _getState) {
				return Promise.try(() => {
					return dispatch(apiCall("POST", "/api/v1/apps", {
						client_name: "GoToSocial Settings",
						scopes: scopes.join(" "),
						redirect_uris: getCurrentUrl(),
						website: getCurrentUrl()
					}));
				}).then((json) => {
					json.scopes = scopes;
					dispatch(oauth.setRegistration(json));
				});
			};
		},
		authorize: function authorize() {
			return function (dispatch, getState) {
				let state = getState();
				let reg = state.oauth.registration;
				let base = new URL(state.oauth.instance);
				base.pathname = "/oauth/authorize";
				base.searchParams.set("client_id", reg.client_id);
				base.searchParams.set("redirect_uri", getCurrentUrl());
				base.searchParams.set("response_type", "code");
				base.searchParams.set("scope", reg.scopes.join(" "));
				dispatch(oauth.setLoginState("callback"));
				dispatch(temporary.setStatus("Redirecting to instance login..."));
				// send user to instance's login flow
				window.location.assign(base.href);
			};
		},
		tokenize: function tokenize(code) {
			return function (dispatch, getState) {
				let reg = getState().oauth.registration;
				return Promise.try(() => {
					if (reg == undefined || reg.client_id == undefined) {
						throw new OAUTHError("Callback code present, but no client registration is available from localStorage. \nNote: localStorage is unavailable in Private Browsing.");
					}
					return dispatch(apiCall("POST", "/oauth/token", {
						client_id: reg.client_id,
						client_secret: reg.client_secret,
						redirect_uri: getCurrentUrl(),
						grant_type: "authorization_code",
						code: code
					}));
				}).then((json) => {
					window.history.replaceState({}, document.title, window.location.pathname);
					return dispatch(oauth.login(json));
				});
			};
		},
		checkIfAdmin: function checkIfAdmin() {
			return function (dispatch, getState) {
				const state = getState();
				let stored = state.oauth.isAdmin;
				if (stored != undefined) {
					return stored;
				}
				// newer GoToSocial version will include a `role` in the Account data, check that first
				// TODO: check account data for admin status				
				// no role info, try fetching an admin-only route and see if we get an error
				return Promise.try(() => {
					return dispatch(apiCall("GET", "/api/v1/admin/domain_blocks"));
				}).then((data) => {
					return Promise.all([
						dispatch(oauth.setAdmin(true)),
						dispatch(admin.setBlockedInstances(data))
					]);
				}).catch(AuthenticationError, () => {
					return dispatch(oauth.setAdmin(false));
				});
			};
		},
		logout: function logout() {
			return function (dispatch, _getState) {
				// TODO: GoToSocial does not have a logout API route yet
				return dispatch(oauth.remove());
			};
		}
	};
};
 |