account registration flow working

2021-03-31 23:59:48 +02:00
parent 4f3b90d158
commit bcfa4b8881
8 changed files with 82 additions and 13 deletions
--- a/internal/apimodule/account/accountcreate.go
+++ b/internal/apimodule/account/accountcreate.go
@ -99,16 +99,16 @@ func (m *accountModule) accountCreate(form *mastotypes.AccountCreateRequest, sig
 	}

 	l.Tracef("generating a token for user %s with account %s and application %s", user.ID, user.AccountID, app.ID)
-	ti, err := m.oauthServer.GenerateUserAccessToken(token, app.ClientSecret, user.ID)
+	accessToken, err := m.oauthServer.GenerateUserAccessToken(token, app.ClientSecret, user.ID)
 	if err != nil {
 		return nil, fmt.Errorf("error creating new access token for user %s: %s", user.ID, err)
 	}

 	return &mastotypes.Token{
-		AccessToken: ti.GetCode(),
+		AccessToken: accessToken.GetAccess(),
 		TokenType:   "Bearer",
-		Scope:       ti.GetScope(),
-		CreatedAt:   ti.GetCodeCreateAt().Unix(),
+		Scope:       accessToken.GetScope(),
+		CreatedAt:   accessToken.GetAccessCreateAt().Unix(),
 	}, nil
 }

--- a/internal/apimodule/fileserver/fileserver.go
+++ b/internal/apimodule/fileserver/fileserver.go
@ -7,6 +7,7 @@ import (
 	"github.com/superseriousbusiness/gotosocial/internal/apimodule"
 	"github.com/superseriousbusiness/gotosocial/internal/config"
 	"github.com/superseriousbusiness/gotosocial/internal/db"
+	"github.com/superseriousbusiness/gotosocial/internal/db/model"
 	"github.com/superseriousbusiness/gotosocial/internal/router"
 	"github.com/superseriousbusiness/gotosocial/internal/storage"
 )
@ -40,3 +41,23 @@ func (m *fileServer) Route(s router.Router) error {
 	// s.AttachHandler(http.MethodPost, appsPath, m.appsPOSTHandler)
 	return nil
 }
+
+func (m *fileServer) CreateTables(db db.DB) error {
+	models := []interface{}{
+		&model.User{},
+		&model.Account{},
+		&model.Follow{},
+		&model.FollowRequest{},
+		&model.Status{},
+		&model.Application{},
+		&model.EmailDomainBlock{},
+		&model.MediaAttachment{},
+	}
+
+	for _, m := range models {
+		if err := db.CreateTable(m); err != nil {
+			return fmt.Errorf("error creating table: %s", err)
+		}
+	}
+	return nil
+}
--- a/internal/db/model/user.go
+++ b/internal/db/model/user.go
@ -33,7 +33,7 @@ type User struct {
 	// id of this user in the local database; the end-user will never need to know this, it's strictly internal
 	ID string `pg:"type:uuid,default:gen_random_uuid(),pk,notnull,unique"`
 	// confirmed email address for this user, this should be unique -- only one email address registered per instance, multiple users per email are not supported
-	Email string `pg:"default:'',notnull,unique"`
+	Email string `pg:"default:null,unique"`
 	// The id of the local gtsmodel.Account entry for this user, if it exists (unconfirmed users don't have an account yet)
 	AccountID string `pg:"default:'',notnull,unique"`
 	// The encrypted password of this user, generated using https://pkg.go.dev/golang.org/x/crypto/bcrypt#GenerateFromPassword. A salt is included so we're safe against 🌈 tables
--- a/internal/gotosocial/actions.go
+++ b/internal/gotosocial/actions.go
@ -77,6 +77,9 @@ var Run action.GTSAction = func(ctx context.Context, c *config.Config, log *logr
 		if err := m.Route(router); err != nil {
 			return fmt.Errorf("routing error: %s", err)
 		}
+		if err := m.CreateTables(dbService); err != nil {
+			return fmt.Errorf("table creation error: %s", err)
+		}
 	}

 	gts, err := New(dbService, &cache.MockCache{}, router, federation.New(dbService), c)
--- a/internal/oauth/server.go
+++ b/internal/oauth/server.go
@ -20,6 +20,7 @@ package oauth

 import (
 	"context"
+	"fmt"
 	"net/http"

 	"github.com/gin-gonic/gin"
@ -169,19 +170,40 @@ func (s *s) ValidationBearerToken(r *http.Request) (oauth2.TokenInfo, error) {
 //
 // The ti parameter refers to an existing Application token that was used to make the upstream
 // request. This token needs to be validated and exist in database in order to create a new token.
-func (s *s) GenerateUserAccessToken(ti oauth2.TokenInfo, clientSecret string, userID string) (accessToken oauth2.TokenInfo, err error) {
-	tgr := &oauth2.TokenGenerateRequest{
+func (s *s) GenerateUserAccessToken(ti oauth2.TokenInfo, clientSecret string, userID string) (oauth2.TokenInfo, error) {
+
+	authToken, err := s.server.Manager.GenerateAuthToken(context.Background(), oauth2.Code, &oauth2.TokenGenerateRequest{
 		ClientID:     ti.GetClientID(),
 		ClientSecret: clientSecret,
 		UserID:       userID,
 		RedirectURI:  ti.GetRedirectURI(),
 		Scope:        ti.GetScope(),
-		Code:         ti.GetCode(),
-		// CodeChallenge:       ti.GetCodeChallenge(),
-		// CodeChallengeMethod: ti.GetCodeChallengeMethod(),
+	})
+	if err != nil {
+		return nil, fmt.Errorf("error generating first auth token: %s", err)
 	}
+	if authToken == nil {
+		return nil, errors.New("generated auth token was empty")
+	}
+	s.log.Tracef("obtained auth token: %+v", authToken)

-	return s.server.Manager.GenerateAccessToken(context.Background(), oauth2.AuthorizationCode, tgr)
+	accessToken, err := s.server.Manager.GenerateAccessToken(context.Background(), oauth2.AuthorizationCode, &oauth2.TokenGenerateRequest{
+		ClientID:     authToken.GetClientID(),
+		ClientSecret: clientSecret,
+		// UserID:       userID,
+		RedirectURI:  authToken.GetRedirectURI(),
+		Scope:        authToken.GetScope(),
+		Code:         authToken.GetCode(),
+	})
+
+	if err != nil {
+		return nil, fmt.Errorf("error generating first auth token: %s", err)
+	}
+	if accessToken == nil {
+		return nil, errors.New("generated access token was empty")
+	}
+	s.log.Tracef("obtained access token: %+v", accessToken)
+	return accessToken, nil
 }

 func New(database db.DB, log *logrus.Logger) Server {
@ -228,5 +250,6 @@ func New(database db.DB, log *logrus.Logger) Server {
 	srv.SetClientInfoHandler(server.ClientFormHandler)
 	return &s{
 		server: srv,
+		log: log,
 	}
 }
--- a/internal/oauth/tokenstore.go
+++ b/internal/oauth/tokenstore.go
@ -121,6 +121,9 @@ func (pts *tokenStore) RemoveByRefresh(ctx context.Context, refresh string) erro

 // GetByCode selects a token from the DB based on the Code field
 func (pts *tokenStore) GetByCode(ctx context.Context, code string) (oauth2.TokenInfo, error) {
+	if code == "" {
+		return nil, nil
+	}
 	pgt := &Token{
 		Code: code,
 	}
@ -132,6 +135,9 @@ func (pts *tokenStore) GetByCode(ctx context.Context, code string) (oauth2.Token

 // GetByAccess selects a token from the DB based on the Access field
 func (pts *tokenStore) GetByAccess(ctx context.Context, access string) (oauth2.TokenInfo, error) {
+	if access == "" {
+		return nil, nil
+	}
 	pgt := &Token{
 		Access: access,
 	}
@ -143,6 +149,9 @@ func (pts *tokenStore) GetByAccess(ctx context.Context, access string) (oauth2.T

 // GetByRefresh selects a token from the DB based on the Refresh field
 func (pts *tokenStore) GetByRefresh(ctx context.Context, refresh string) (oauth2.TokenInfo, error) {
+	if refresh == "" {
+		return nil, nil
+	}
 	pgt := &Token{
 		Refresh: refresh,
 	}