Page Menu
Home
Phorge
Search
Configure Global Search
Log In
Files
F12553947
o_auth_scopes_plug.ex
No One
Temporary
Actions
Download File
Edit File
Delete File
View Transforms
Subscribe
Award Token
Flag For Later
Size
1 KB
Referenced Files
None
Subscribers
None
o_auth_scopes_plug.ex
View Options
# Pleroma: A lightweight social networking server
# Copyright © 2017-2022 Pleroma Authors <https://pleroma.social/>
# SPDX-License-Identifier: AGPL-3.0-only
defmodule
Pleroma.Web.Plugs.OAuthScopesPlug
do
import
Plug.Conn
import
Pleroma.Web.Gettext
alias
Pleroma.Helpers.AuthHelper
use
Pleroma.Web
,
:plug
def
init
(%{
scopes
:
_
}
=
options
),
do
:
options
@impl
true
def
perform
(%
Plug.Conn
{
assigns
:
assigns
}
=
conn
,
%{
scopes
:
scopes
}
=
options
)
do
op
=
options
[
:op
]
||
:|
token
=
assigns
[
:token
]
matched_scopes
=
(
token
&&
filter_descendants
(
scopes
,
token
.
scopes
))
||
[]
cond
do
token
&&
op
==
:|
&&
Enum
.
any?
(
matched_scopes
)
->
conn
token
&&
op
==
:&
&&
matched_scopes
==
scopes
->
conn
options
[
:fallback
]
==
:proceed_unauthenticated
->
AuthHelper
.
drop_auth_info
(
conn
)
true
->
missing_scopes
=
scopes
--
matched_scopes
permissions
=
Enum
.
join
(
missing_scopes
,
"
#{
op
}
"
)
error_message
=
dgettext
(
"errors"
,
"Insufficient permissions: %{permissions}."
,
permissions
:
permissions
)
conn
|>
put_resp_content_type
(
"application/json"
)
|>
send_resp
(
:forbidden
,
Jason
.
encode!
(%{
error
:
error_message
}))
|>
halt
()
end
end
@doc
"Keeps those of `scopes` which are descendants of `supported_scopes`"
def
filter_descendants
(
scopes
,
supported_scopes
)
do
Enum
.
filter
(
scopes
,
fn
scope
->
Enum
.
find
(
supported_scopes
,
&
(
scope
==
&1
||
String
.
starts_with?
(
scope
,
&1
<>
":"
))
)
end
)
end
end
File Metadata
Details
Attached
Mime Type
text/x-ruby
Expires
Sat, Nov 15, 2:42 AM (8 h, 5 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
633087
Default Alt Text
o_auth_scopes_plug.ex (1 KB)
Attached To
Mode
rPUBE pleroma-upstream
Attached
Detach File
Event Timeline
Log In to Comment