mirror of
https://akkoma.dev/AkkomaGang/akkoma.git
synced 2025-01-06 07:30:13 +00:00
da4923f2e5
Enforcement of OAuth scopes check for authenticated API endpoints See merge request pleroma/pleroma!2349
32 lines
772 B
Elixir
32 lines
772 B
Elixir
# Pleroma: A lightweight social networking server
|
|
# Copyright © 2017-2020 Pleroma Authors <https://pleroma.social/>
|
|
# SPDX-License-Identifier: AGPL-3.0-only
|
|
|
|
# A test controller reachable only in :test env.
|
|
# Serves to test OAuth scopes check skipping / enforcement.
|
|
defmodule Pleroma.Tests.OAuthTestController do
|
|
@moduledoc false
|
|
|
|
use Pleroma.Web, :controller
|
|
|
|
alias Pleroma.Plugs.OAuthScopesPlug
|
|
|
|
plug(:skip_plug, OAuthScopesPlug when action == :skipped_oauth)
|
|
|
|
plug(OAuthScopesPlug, %{scopes: ["read"]} when action != :missed_oauth)
|
|
|
|
def skipped_oauth(conn, _params) do
|
|
noop(conn)
|
|
end
|
|
|
|
def performed_oauth(conn, _params) do
|
|
noop(conn)
|
|
end
|
|
|
|
def missed_oauth(conn, _params) do
|
|
noop(conn)
|
|
end
|
|
|
|
defp noop(conn), do: json(conn, %{})
|
|
end
|