natty
/
calckey
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Enable multipart for masto oauth endpoints to fix Ivory

This commit is contained in:
Luna 2023-03-01 21:37:49 -05:00
parent 7449b8b840
commit b7ffa05848
No known key found for this signature in database
GPG Key ID: 1899404574D6EEFC
2 changed files with 11 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
packages/backend/src/server/index.ts
View File

@ -78,6 +78,7 @@ const mastoRouter = new Router();
mastoRouter.use( mastoRouter.use(
koaBody({ koaBody({
urlencoded: true, urlencoded: true,
multipart: true,
}), }),
); );
@ -171,6 +172,7 @@ mastoRouter.get("/oauth/authorize", async (ctx) => {
mastoRouter.post("/oauth/token", async (ctx) => { mastoRouter.post("/oauth/token", async (ctx) => {
const body: any = ctx.request.body || ctx.request.query; const body: any = ctx.request.body || ctx.request.query;
console.log('token-request', body) console.log('token-request', body)
console.log('token-query', ctx.request.query)
let client_id: any = ctx.request.query.client_id; let client_id: any = ctx.request.query.client_id;
const BASE_URL = `${ctx.request.protocol}://${ctx.request.hostname}`; const BASE_URL = `${ctx.request.protocol}://${ctx.request.hostname}`;
const generator = (megalodon as any).default; const generator = (megalodon as any).default;
@ -178,13 +180,14 @@ mastoRouter.post("/oauth/token", async (ctx) => {
let m = null; let m = null;
let token = null; let token = null;
if (body.code) { if (body.code) {
m = body.code.match(/^([a-zA-Z0-9]{8})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{12})/); //m = body.code.match(/^([a-zA-Z0-9]{8})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{4})([a-zA-Z0-9]{12})/);
if (!m.length) { //if (!m.length) {
ctx.body = { error: "Invalid code" }; // ctx.body = { error: "Invalid code" };
return; // return;
} //}
token = `${m[1]}-${m[2]}-${m[3]}-${m[4]}-${m[5]}` //token = `${m[1]}-${m[2]}-${m[3]}-${m[4]}-${m[5]}`
console.log(body.code, token) console.log(body.code, token)
token = body.code
} }
if (client_id instanceof Array) { if (client_id instanceof Array) {
client_id = client_id.toString(); client_id = client_id.toString();

5
packages/client/src/pages/auth.vue
View File

@ -88,11 +88,10 @@ export default defineComponent({
const getUrlParams = () => window.location.search.substring(1).split('&').reduce((result, query) => { const [k, v] = query.split('='); result[k] = decodeURI(v); return result; }, {}); const getUrlParams = () => window.location.search.substring(1).split('&').reduce((result, query) => { const [k, v] = query.split('='); result[k] = decodeURI(v); return result; }, {});
const isMastodon = !!getUrlParams().mastodon const isMastodon = !!getUrlParams().mastodon
if (this.session.app.callbackUrl && isMastodon) { if (this.session.app.callbackUrl && isMastodon) {
const state = getUrlParams().state const stateParam = !!getUrlParams().state ? `&state=$(getUrlParams().state)` : '';
const stateParam = `&state=${state}`
const tokenRaw = this.session.token const tokenRaw = this.session.token
const token = tokenRaw.replaceAll('-', '') const token = tokenRaw.replaceAll('-', '')
location.href = `${this.session.app.callbackUrl}?code=${token}${stateParam}`; location.href = `${this.session.app.callbackUrl}?code=${tokenRaw}${stateParam}`;
} else if (this.session.app.callbackUrl) { } else if (this.session.app.callbackUrl) {
const url = new URL(this.session.app.callbackUrl); const url = new URL(this.session.app.callbackUrl);
if (['javascript:', 'file:', 'data:', 'mailto:', 'tel:'].includes(url.protocol)) throw new Error('invalid url'); if (['javascript:', 'file:', 'data:', 'mailto:', 'tel:'].includes(url.protocol)) throw new Error('invalid url');