diff options
| author | Andy Piper <[email protected]> | 2022-11-13 22:04:13 +0000 |
|---|---|---|
| committer | Andy Piper <[email protected]> | 2022-11-13 22:04:13 +0000 |
| commit | 3d10b13f3268e0d9988be2c8923397a76d9b1d43 (patch) | |
| tree | 9d795e7a41021acc2c573e1f0d4947e84648c393 /mastodon | |
| parent | cf25f694463bf0dc8745a5e61a08a2cb73d17919 (diff) | |
| parent | 7b9f07fc0c89eb7c5b3b0924201035239cdc138a (diff) | |
| download | mastodon.py-3d10b13f3268e0d9988be2c8923397a76d9b1d43.tar.gz | |
Merge branch 'master' into doc-updates
Diffstat (limited to 'mastodon')
| -rw-r--r-- | mastodon/Mastodon.py | 31 |
1 files changed, 28 insertions, 3 deletions
diff --git a/mastodon/Mastodon.py b/mastodon/Mastodon.py index 95a33b8..98578fb 100644 --- a/mastodon/Mastodon.py +++ b/mastodon/Mastodon.py | |||
| @@ -513,6 +513,8 @@ class Mastodon: | |||
| 513 | 513 | ||
| 514 | def auth_request_url(self, client_id=None, redirect_uris="urn:ietf:wg:oauth:2.0:oob", | 514 | def auth_request_url(self, client_id=None, redirect_uris="urn:ietf:wg:oauth:2.0:oob", |
| 515 | scopes=__DEFAULT_SCOPES, force_login=False): | 515 | scopes=__DEFAULT_SCOPES, force_login=False): |
| 516 | |||
| 517 | def auth_request_url(self, client_id=None, redirect_uris="urn:ietf:wg:oauth:2.0:oob", scopes=__DEFAULT_SCOPES, force_login=False, state=None): | ||
| 516 | """ | 518 | """ |
| 517 | Returns the URL that a client needs to request an OAuth grant from the server. | 519 | Returns the URL that a client needs to request an OAuth grant from the server. |
| 518 | 520 | ||
| @@ -526,6 +528,10 @@ class Mastodon: | |||
| 526 | 528 | ||
| 527 | Pass force_login if you want the user to always log in even when already logged | 529 | Pass force_login if you want the user to always log in even when already logged |
| 528 | into web Mastodon (i.e. when registering multiple different accounts in an app). | 530 | into web Mastodon (i.e. when registering multiple different accounts in an app). |
| 531 | |||
| 532 | State is the oauth `state`parameter to pass to the server. It is strongly suggested | ||
| 533 | to use a random, nonguessable value (i.e. nothing meaningful and no incrementing ID) | ||
| 534 | to preserve security guarantees. It can be left out for non-web login flows. | ||
| 529 | """ | 535 | """ |
| 530 | if client_id is None: | 536 | if client_id is None: |
| 531 | client_id = self.client_id | 537 | client_id = self.client_id |
| @@ -540,12 +546,11 @@ class Mastodon: | |||
| 540 | params['redirect_uri'] = redirect_uris | 546 | params['redirect_uri'] = redirect_uris |
| 541 | params['scope'] = " ".join(scopes) | 547 | params['scope'] = " ".join(scopes) |
| 542 | params['force_login'] = force_login | 548 | params['force_login'] = force_login |
| 549 | params['state'] = state | ||
| 543 | formatted_params = urlencode(params) | 550 | formatted_params = urlencode(params) |
| 544 | return "".join([self.api_base_url, "/oauth/authorize?", formatted_params]) | 551 | return "".join([self.api_base_url, "/oauth/authorize?", formatted_params]) |
| 545 | 552 | ||
| 546 | def log_in(self, username=None, password=None, | 553 | def log_in(self, username=None, password=None, code=None, redirect_uri="urn:ietf:wg:oauth:2.0:oob", refresh_token=None, scopes=__DEFAULT_SCOPES, to_file=None): |
| 547 | code=None, redirect_uri="urn:ietf:wg:oauth:2.0:oob", refresh_token=None, | ||
| 548 | scopes=__DEFAULT_SCOPES, to_file=None): | ||
| 549 | """ | 554 | """ |
| 550 | Get the access token for a user. | 555 | Get the access token for a user. |
| 551 | 556 | ||
| @@ -620,6 +625,26 @@ class Mastodon: | |||
| 620 | 625 | ||
| 621 | return response['access_token'] | 626 | return response['access_token'] |
| 622 | 627 | ||
| 628 | |||
| 629 | def revoke_access_token(self): | ||
| 630 | """ | ||
| 631 | Revoke the oauth token the user is currently authenticated with, effectively removing | ||
| 632 | the apps access and requiring the user to log in again. | ||
| 633 | """ | ||
| 634 | if self.access_token is None: | ||
| 635 | raise MastodonIllegalArgumentError("Not logged in, do not have a token to revoke.") | ||
| 636 | if self.client_id is None or self.client_secret is None: | ||
| 637 | raise MastodonIllegalArgumentError("Client authentication (id + secret) is required to revoke tokens.") | ||
| 638 | params = collections.OrderedDict([]) | ||
| 639 | params['client_id'] = self.client_id | ||
| 640 | params['client_secret'] = self.client_secret | ||
| 641 | params['token'] = self.access_token | ||
| 642 | self.__api_request('POST', '/oauth/revoke', params) | ||
| 643 | |||
| 644 | # We are now logged out, clear token and logged in id | ||
| 645 | self.access_token = None | ||
| 646 | self.__logged_in_id = None | ||
| 647 | |||
| 623 | @api_version("2.7.0", "2.7.0", "2.7.0") | 648 | @api_version("2.7.0", "2.7.0", "2.7.0") |
| 624 | def create_account(self, username, password, email, agreement=False, reason=None, locale="en", scopes=__DEFAULT_SCOPES, to_file=None): | 649 | def create_account(self, username, password, email, agreement=False, reason=None, locale="en", scopes=__DEFAULT_SCOPES, to_file=None): |
| 625 | """ | 650 | """ |