More mastoapi work.

httpd.c

@@ -176,6 +176,9 @@ void httpd_connection(FILE *f)
         if (status == 0)
             status = activitypub_get_handler(req, q_path, &body, &b_size, &ctype);
 
+        if (status == 0)
+            status = oauth_get_handler(req, q_path, &body, &b_size, &ctype);
+
         if (status == 0)
             status = html_get_handler(req, q_path, &body, &b_size, &ctype);
     }

mastoapi.c

@@ -8,14 +8,40 @@
 
 #include "snac.h"
 
-int oauth_post_handler(xs_dict *req, char *q_path, char *payload, int p_size,
+static xs_str *random_str(void)
+/* just what is says in the tin */
+{
+    unsigned int data[4] = {0};
+    FILE *f;
+
+    if ((f = fopen("/dev/random", "r")) != NULL) {
+        fread(data, sizeof(data), 1, f);
+        fclose(f);
+    }
+    else {
+        data[0] = random() % 0xffffffff;
+        data[1] = random() % 0xffffffff;
+        data[2] = random() % 0xffffffff;
+        data[3] = random() % 0xffffffff;
+    }
+
+    return xs_hex_enc((char *)data, sizeof(data));
+}
+
+
+int oauth_get_handler(const xs_dict *req, const char *q_path,
                       char **body, int *b_size, char **ctype)
 {
     if (!xs_startswith(q_path, "/oauth/"))
         return 0;
 
+    {
+        xs *j = xs_json_dumps_pp(req, 4);
+        printf("oauth:\n%s\n", j);
+    }
+
     int status   = 404;
-    xs_dict *msg = xs_dict_get(req, "p_vars");
+    xs_dict *msg = xs_dict_get(req, "q_vars");
     xs *cmd      = xs_replace(q_path, "/oauth", "");
 
     if (strcmp(cmd, "/authorize") == 0) {
@@ -25,11 +51,32 @@ int oauth_post_handler(xs_dict *req, char *q_path, char *payload, int p_size,
         const char *scope = xs_dict_get(msg, "scope");
 
         if (cid && ruri && rtype && strcmp(rtype, "code") == 0) {
+            /* redirect to an identification page */
+            status = 303;
+//            *body  = xs_fmt("%s/test1/admin?redir=%s", srv_baseurl, ruri);
+            *body  = xs_fmt("%s/test1/admin", srv_baseurl);
         }
         else
             status = 400;
     }
-    else
+
+    return status;
+}
+
+
+int oauth_post_handler(const xs_dict *req, const char *q_path,
+                      const char *payload, int p_size,
+                      char **body, int *b_size, char **ctype)
+{
+    if (!xs_startswith(q_path, "/oauth/"))
+        return 0;
+
+    int status   = 404;
+    xs_dict *msg = xs_dict_get(req, "p_vars");
+    xs *cmd      = xs_replace(q_path, "/oauth", "");
+
+    printf("oauth: %s\n", q_path);
+
     if (strcmp(cmd, "/token") == 0) {
         const char *gtype = xs_dict_get(msg, "grant_type");
         const char *code  = xs_dict_get(msg, "code");
@@ -41,8 +88,9 @@ int oauth_post_handler(xs_dict *req, char *q_path, char *payload, int p_size,
         if (gtype && code && cid && csec && ruri) {
             xs *rsp   = xs_dict_new();
             xs *cat   = xs_number_new(time(NULL));
+            xs *token = random_str();
 
-            rsp = xs_dict_append(rsp, "access_token", "abcde");
+            rsp = xs_dict_append(rsp, "access_token", token);
             rsp = xs_dict_append(rsp, "token_type",   "Bearer");
             rsp = xs_dict_append(rsp, "scope",        scope);
             rsp = xs_dict_append(rsp, "created_at",   cat);
@@ -56,13 +104,25 @@ int oauth_post_handler(xs_dict *req, char *q_path, char *payload, int p_size,
     }
     else
     if (strcmp(cmd, "/revoke") == 0) {
+        const char *cid   = xs_dict_get(msg, "client_id");
+        const char *csec  = xs_dict_get(msg, "client_secret");
+        const char *token = xs_dict_get(msg, "token");
+
+        if (cid && csec && token) {
+            *body  = xs_str_new("{}");
+            *ctype = "application/json";
+            status = 200;
+        }
+        else
+            status = 400;
     }
 
     return status;
 }
 
 
-int mastoapi_post_handler(xs_dict *req, char *q_path, char *payload, int p_size,
+int mastoapi_post_handler(const xs_dict *req, const char *q_path,
+                      const char *payload, int p_size,
                       char **body, int *b_size, char **ctype)
 {
     if (!xs_startswith(q_path, "/api/v1/"))
@@ -98,12 +158,15 @@ int mastoapi_post_handler(xs_dict *req, char *q_path, char *payload, int p_size,
         if (name && ruri) {
             xs *app  = xs_dict_new();
             xs *id   = xs_replace_i(tid(0), ".", "");
+            xs *cid  = random_str();
+            xs *csec = random_str();
+            xs *vkey = random_str();
 
             app = xs_dict_append(app, "name",          name);
             app = xs_dict_append(app, "redirect_uri",  ruri);
-            app = xs_dict_append(app, "client_id", "abcde");
-            app = xs_dict_append(app, "client_secret", "abcde");
-            app = xs_dict_append(app, "vapid_key", "abcde");
+            app = xs_dict_append(app, "client_id",     cid);
+            app = xs_dict_append(app, "client_secret", csec);
+            app = xs_dict_append(app, "vapid_key",     vkey);
             app = xs_dict_append(app, "id",            id);
 
             *body  = xs_json_dumps_pp(app, 4);

snac.h

@@ -224,7 +224,11 @@ int job_fifo_ready(void);
 void job_post(const xs_val *job, int urgent);
 void job_wait(xs_val **job);
 
-int mastoapi_post_handler(xs_dict *req, char *q_path, char *payload, int p_size,
+int mastoapi_post_handler(const xs_dict *req, const char *q_path,
+                      const char *payload, int p_size,
                       char **body, int *b_size, char **ctype);
-int oauth_post_handler(xs_dict *req, char *q_path, char *payload, int p_size,
+int oauth_get_handler(const xs_dict *req, const char *q_path,
+                      char **body, int *b_size, char **ctype);
+int oauth_post_handler(const xs_dict *req, const char *q_path,
+                      const char *payload, int p_size,
                       char **body, int *b_size, char **ctype);