Merge pull request #11107 from annando/api-oauth

API: Fix for OAuth endpoints that mustn't be authorized
This commit is contained in:
Philipp 2021-12-17 18:38:15 +01:00 committed by GitHub
commit 96a3991dfd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 19 additions and 0 deletions

View File

@ -37,6 +37,7 @@ class Apps extends BaseApi
{ {
return parent::run($request, false); return parent::run($request, false);
} }
/** /**
* @throws \Friendica\Network\HTTPException\InternalServerErrorException * @throws \Friendica\Network\HTTPException\InternalServerErrorException
*/ */

View File

@ -24,12 +24,18 @@ namespace Friendica\Module\OAuth;
use Friendica\Core\Renderer; use Friendica\Core\Renderer;
use Friendica\DI; use Friendica\DI;
use Friendica\Module\BaseApi; use Friendica\Module\BaseApi;
use Psr\Http\Message\ResponseInterface;
/** /**
* Acknowledgement of OAuth requests * Acknowledgement of OAuth requests
*/ */
class Acknowledge extends BaseApi class Acknowledge extends BaseApi
{ {
public function run(array $request = [], bool $scopecheck = true): ResponseInterface
{
return parent::run($request, false);
}
protected function post(array $request = []) protected function post(array $request = [])
{ {
DI::session()->set('oauth_acknowledge', true); DI::session()->set('oauth_acknowledge', true);

View File

@ -26,12 +26,18 @@ use Friendica\Core\System;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\DI; use Friendica\DI;
use Friendica\Module\BaseApi; use Friendica\Module\BaseApi;
use Psr\Http\Message\ResponseInterface;
/** /**
* @see https://docs.joinmastodon.org/spec/oauth/ * @see https://docs.joinmastodon.org/spec/oauth/
*/ */
class Revoke extends BaseApi class Revoke extends BaseApi
{ {
public function run(array $request = [], bool $scopecheck = true): ResponseInterface
{
return parent::run($request, false);
}
protected function post(array $request = []) protected function post(array $request = [])
{ {
$request = $this->getRequest([ $request = $this->getRequest([

View File

@ -28,6 +28,7 @@ use Friendica\DI;
use Friendica\Module\BaseApi; use Friendica\Module\BaseApi;
use Friendica\Security\OAuth; use Friendica\Security\OAuth;
use Friendica\Util\DateTimeFormat; use Friendica\Util\DateTimeFormat;
use Psr\Http\Message\ResponseInterface;
/** /**
* @see https://docs.joinmastodon.org/spec/oauth/ * @see https://docs.joinmastodon.org/spec/oauth/
@ -35,6 +36,11 @@ use Friendica\Util\DateTimeFormat;
*/ */
class Token extends BaseApi class Token extends BaseApi
{ {
public function run(array $request = [], bool $scopecheck = true): ResponseInterface
{
return parent::run($request, false);
}
protected function post(array $request = []) protected function post(array $request = [])
{ {
$request = $this->getRequest([ $request = $this->getRequest([