aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorhalcy <halcy@ARARAGI-KUN>2022-11-13 22:32:04 +0200
committerhalcy <halcy@ARARAGI-KUN>2022-11-13 22:32:04 +0200
commit24c686f6b274e04082b13f159ea10d995c2ca281 (patch)
tree57b0095298f0564f6a5730a9b6a3ac9cdacb85b9 /mastodon
parent5b328d479c17e44a6dde96408d6c8680b6c11ee0 (diff)
downloadmastodon.py-24c686f6b274e04082b13f159ea10d995c2ca281.tar.gz
Improve auth support
Diffstat (limited to 'mastodon')
-rw-r--r--mastodon/Mastodon.py31
1 files changed, 26 insertions, 5 deletions
diff --git a/mastodon/Mastodon.py b/mastodon/Mastodon.py
index e84df6d..48d850b 100644
--- a/mastodon/Mastodon.py
+++ b/mastodon/Mastodon.py
@@ -486,8 +486,7 @@ class Mastodon:
486 """ 486 """
487 return Mastodon.__SUPPORTED_MASTODON_VERSION 487 return Mastodon.__SUPPORTED_MASTODON_VERSION
488 488
489 def auth_request_url(self, client_id=None, redirect_uris="urn:ietf:wg:oauth:2.0:oob", 489 def auth_request_url(self, client_id=None, redirect_uris="urn:ietf:wg:oauth:2.0:oob", scopes=__DEFAULT_SCOPES, force_login=False, state=None):
490 scopes=__DEFAULT_SCOPES, force_login=False):
491 """ 490 """
492 Returns the url that a client needs to request an oauth grant from the server. 491 Returns the url that a client needs to request an oauth grant from the server.
493 492
@@ -501,6 +500,10 @@ class Mastodon:
501 500
502 Pass force_login if you want the user to always log in even when already logged 501 Pass force_login if you want the user to always log in even when already logged
503 into web mastodon (i.e. when registering multiple different accounts in an app). 502 into web mastodon (i.e. when registering multiple different accounts in an app).
503
504 State is the oauth `state`parameter to pass to the server. It is strongly suggested
505 to use a random, nonguessable value (i.e. nothing meaningful and no incrementing ID)
506 to preserve security guarantees. It can be left out for non-web login flows.
504 """ 507 """
505 if client_id is None: 508 if client_id is None:
506 client_id = self.client_id 509 client_id = self.client_id
@@ -515,12 +518,11 @@ class Mastodon:
515 params['redirect_uri'] = redirect_uris 518 params['redirect_uri'] = redirect_uris
516 params['scope'] = " ".join(scopes) 519 params['scope'] = " ".join(scopes)
517 params['force_login'] = force_login 520 params['force_login'] = force_login
521 params['state'] = state
518 formatted_params = urlencode(params) 522 formatted_params = urlencode(params)
519 return "".join([self.api_base_url, "/oauth/authorize?", formatted_params]) 523 return "".join([self.api_base_url, "/oauth/authorize?", formatted_params])
520 524
521 def log_in(self, username=None, password=None, 525 def log_in(self, username=None, password=None, code=None, redirect_uri="urn:ietf:wg:oauth:2.0:oob", refresh_token=None, scopes=__DEFAULT_SCOPES, to_file=None):
522 code=None, redirect_uri="urn:ietf:wg:oauth:2.0:oob", refresh_token=None,
523 scopes=__DEFAULT_SCOPES, to_file=None):
524 """ 526 """
525 Get the access token for a user. 527 Get the access token for a user.
526 528
@@ -588,6 +590,25 @@ class Mastodon:
588 590
589 return response['access_token'] 591 return response['access_token']
590 592
593 def revoke_access_token(self):
594 """
595 Revoke the oauth token the user is currently authenticated with, effectively removing
596 the apps access and requiring the user to log in again.
597 """
598 if self.access_token is None:
599 raise MastodonIllegalArgumentError("Not logged in, do not have a token to revoke.")
600 if self.client_id is None or self.client_secret is None:
601 raise MastodonIllegalArgumentError("Client authentication (id + secret) is required to revoke tokens.")
602 params = collections.OrderedDict([])
603 params['client_id'] = self.client_id
604 params['client_secret'] = self.client_secret
605 params['token'] = self.access_token
606 self.__api_request('POST', '/oauth/revoke', params)
607
608 # We are now logged out, clear token and logged in id
609 self.access_token = None
610 self.__logged_in_id = None
611
591 @api_version("2.7.0", "2.7.0", "2.7.0") 612 @api_version("2.7.0", "2.7.0", "2.7.0")
592 def create_account(self, username, password, email, agreement=False, reason=None, locale="en", scopes=__DEFAULT_SCOPES, to_file=None): 613 def create_account(self, username, password, email, agreement=False, reason=None, locale="en", scopes=__DEFAULT_SCOPES, to_file=None):
593 """ 614 """
Powered by cgit v1.2.3 (git 2.41.0)