fix oauth login flow

author: clarkzjw <[email protected]> 2023-02-22 16:56:21 -0800
committer: clarkzjw <[email protected]> 2023-02-23 12:07:32 -0800
commit: d469f16670df2d1748a6377d1bebe9b730dc25be (patch)
tree: c8b84c1a2f97a5c0170f29e431c54e4b99f8e716
parent: 6af01f18c2bb4f641d85d4b3caa00b4e2e842a77 (diff)
download: swarm2fediverse-d469f16670df2d1748a6377d1bebe9b730dc25be.tar.gz
4 files changed, 34 insertions, 27 deletions
diff --git a/bot.py b/bot.py
index 3b45906..79fba5d 100644
--- a/bot.py
+++ b/bot.py
@@ -56,8 +56,11 @@ from config import (
    LOCATION_CONFIRMATION,
    ADD_MEDIA,
    ADD_COMMENT,
-    BOT_TOKEN
+    BOT_TOKEN,
+    BOT_SCOPE
 )
+from mastodon import Mastodon
 # Enable logging
 logging.basicConfig(
@@ -85,7 +88,22 @@ class FediLoginCallbackContext(CallbackContext[ExtBot, dict, dict, dict]):
 async def process_oauth_login_callback(update: FediLoginCallbackUpdate, context: FediLoginCallbackContext) -> None:
-    text = "Login success, your OAuth code is: {}".format(update.code)
+    # query client_id and client_secret from in memory database
+    client_id = ""
+    client_secret = ""
+    home_instance = ""
+    mastodon_client = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance)
+    access_token = mastodon_client.log_in(
+        code=update.code,
+        redirect_uri="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
+        scopes=BOT_SCOPE
+    )
+    # TODO
+    # save access_token to database
+    text = "You have successfully logged in to your Mastodon account!"
    await context.bot.send_message(chat_id=update.state, text=text)
diff --git a/callback.py b/callback.py
index d2f3ae7..c7cb60c 100644
--- a/callback.py
+++ b/callback.py
@@ -10,7 +10,10 @@ from command import *
 from dbstore.dbm_store import get_loc
 from foursquare.poi import OSM_ENDPOINT
 from foursquare.poi import query_poi
-from toot import mastodon_client
+# from toot import mastodon_client
+from config import BOT_SCOPE
+mastodon_client = None
 def generate_toot_text(poi_name, poi_locality, poi_region, poi_lat, poi_lon):
@@ -59,16 +62,21 @@ async def process_media_group(context: CallbackContext):
 async def callback_generate_fedi_login_url(update: Update, context: ContextTypes.DEFAULT_TYPE) -> int:
    # generate fedi OAuth login url
+    global mastodon_client
    home_instance = update.effective_message.text
    client_id, client_secret = Mastodon.create_app(
        "Checkin.bot",
-        scopes=['write:media', 'write:statuses'],
+        scopes=BOT_SCOPE,
        redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
        api_base_url=home_instance,
    )
-    mastodon_client = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance)
+    m = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance)
-    oauth_url = mastodon_client.auth_request_url(redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
-                                                 scopes=['write:media', 'write:statuses'],
+    # TODO
+    # generate random string as OAuth state
+    oauth_url = m.auth_request_url(redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
+                                                 scopes=BOT_SCOPE,
                                                 state=update.effective_user.id)
    await update.message.reply_text(PROMPT_FEDI_LOGIN,
diff --git a/config.py b/config.py
index 7ae0c21..3b5767b 100644
--- a/config.py
+++ b/config.py
@@ -50,3 +50,4 @@ HEALTHCHECK_URL = "/checkinbot/healthcheck"
 FEDI_LOGIN_CALLBACK_URL = "/checkinbot/fedi_login_callback"
 BOT_DOMAIN = "https://zjw.social"
 BOT_PORT = 30010
+BOT_SCOPE = ['read:accounts', 'write:media', 'write:statuses']
diff --git a/toot.py b/toot.py
deleted file mode 100644
index 659d232..0000000
--- a/toot.py
+++ /dev/null
@@ -1,20 +0,0 @@
-from mastodon import Mastodon
-from config import TOOT_API_BASE_URL, TOOT_CLIENT_SECRET, TOOT_ACCESS_TOKEN, TOOT_CLIENT_ID, MASTODON_CLIENT_ID_FILE
-'''
-https://mastodonpy.readthedocs.io/en/stable/index.html
-'''
-mastodon_client = Mastodon(client_id=MASTODON_CLIENT_ID_FILE,
-                           api_base_url=TOOT_API_BASE_URL)
-url = mastodon_client.auth_request_url(redirect_uris="https://zjw.social/checkinbot/fedi_login_callback", scopes=['write:media', 'write:statuses'])
-print(url)
-# mastodon_client.log_in(
-#     username="[email protected]",
-#     code='2RnDpj9lMGLWuIeppl-Cghy-iwSXzlJFWU6mQaKYD9o',
-#     # redirect_uri="urn:ietf:wg:oauth:2.0:oob",
-#     scopes=['write:media', 'write:statuses']
-# )
author	clarkzjw <[email protected]>	2023-02-22 16:56:21 -0800
committer	clarkzjw <[email protected]>	2023-02-23 12:07:32 -0800
commit	d469f16670df2d1748a6377d1bebe9b730dc25be (patch)
tree	c8b84c1a2f97a5c0170f29e431c54e4b99f8e716
parent	6af01f18c2bb4f641d85d4b3caa00b4e2e842a77 (diff)
download	swarm2fediverse-d469f16670df2d1748a6377d1bebe9b730dc25be.tar.gz

diff --git a/bot.py b/bot.py index 3b45906..79fba5d 100644 --- a/bot.py +++ b/bot.py
@@ -56,8 +56,11 @@ from config import (
56	LOCATION_CONFIRMATION,	56	LOCATION_CONFIRMATION,
57	ADD_MEDIA,	57	ADD_MEDIA,
58	ADD_COMMENT,	58	ADD_COMMENT,
59	BOT_TOKEN	59	BOT_TOKEN,
		60	BOT_SCOPE
60	)	61	)
		62	from mastodon import Mastodon
		63
61		64
62	# Enable logging	65	# Enable logging
63	logging.basicConfig(	66	logging.basicConfig(
@@ -85,7 +88,22 @@ class FediLoginCallbackContext(CallbackContext[ExtBot, dict, dict, dict]):
85		88
86		89
87	async def process_oauth_login_callback(update: FediLoginCallbackUpdate, context: FediLoginCallbackContext) -> None:	90	async def process_oauth_login_callback(update: FediLoginCallbackUpdate, context: FediLoginCallbackContext) -> None:
88	text = "Login success, your OAuth code is: {}".format(update.code)	91	# query client_id and client_secret from in memory database
		92	client_id = ""
		93	client_secret = ""
		94	home_instance = ""
		95
		96	mastodon_client = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance)
		97	access_token = mastodon_client.log_in(
		98	code=update.code,
		99	redirect_uri="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
		100	scopes=BOT_SCOPE
		101	)
		102
		103	# TODO
		104	# save access_token to database
		105
		106	text = "You have successfully logged in to your Mastodon account!"
89	await context.bot.send_message(chat_id=update.state, text=text)	107	await context.bot.send_message(chat_id=update.state, text=text)
90		108
91		109


diff --git a/callback.py b/callback.py index d2f3ae7..c7cb60c 100644 --- a/callback.py +++ b/callback.py
@@ -10,7 +10,10 @@ from command import *
10	from dbstore.dbm_store import get_loc	10	from dbstore.dbm_store import get_loc
11	from foursquare.poi import OSM_ENDPOINT	11	from foursquare.poi import OSM_ENDPOINT
12	from foursquare.poi import query_poi	12	from foursquare.poi import query_poi
13	from toot import mastodon_client	13	# from toot import mastodon_client
		14	from config import BOT_SCOPE
		15
		16	mastodon_client = None
14		17
15		18
16	def generate_toot_text(poi_name, poi_locality, poi_region, poi_lat, poi_lon):	19	def generate_toot_text(poi_name, poi_locality, poi_region, poi_lat, poi_lon):
@@ -59,16 +62,21 @@ async def process_media_group(context: CallbackContext):
59		62
60	async def callback_generate_fedi_login_url(update: Update, context: ContextTypes.DEFAULT_TYPE) -> int:	63	async def callback_generate_fedi_login_url(update: Update, context: ContextTypes.DEFAULT_TYPE) -> int:
61	# generate fedi OAuth login url	64	# generate fedi OAuth login url
		65	global mastodon_client
		66
62	home_instance = update.effective_message.text	67	home_instance = update.effective_message.text
63	client_id, client_secret = Mastodon.create_app(	68	client_id, client_secret = Mastodon.create_app(
64	"Checkin.bot",	69	"Checkin.bot",
65	scopes=['write:media', 'write:statuses'],	70	scopes=BOT_SCOPE,
66	redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),	71	redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
67	api_base_url=home_instance,	72	api_base_url=home_instance,
68	)	73	)
69	mastodon_client = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance)	74	m = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance)
70	oauth_url = mastodon_client.auth_request_url(redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),	75
71	scopes=['write:media', 'write:statuses'],	76	# TODO
		77	# generate random string as OAuth state
		78	oauth_url = m.auth_request_url(redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
		79	scopes=BOT_SCOPE,
72	state=update.effective_user.id)	80	state=update.effective_user.id)
73		81
74	await update.message.reply_text(PROMPT_FEDI_LOGIN,	82	await update.message.reply_text(PROMPT_FEDI_LOGIN,


diff --git a/config.py b/config.py index 7ae0c21..3b5767b 100644 --- a/config.py +++ b/config.py
@@ -50,3 +50,4 @@ HEALTHCHECK_URL = "/checkinbot/healthcheck"
50	FEDI_LOGIN_CALLBACK_URL = "/checkinbot/fedi_login_callback"	50	FEDI_LOGIN_CALLBACK_URL = "/checkinbot/fedi_login_callback"
51	BOT_DOMAIN = "https://zjw.social"	51	BOT_DOMAIN = "https://zjw.social"
52	BOT_PORT = 30010	52	BOT_PORT = 30010
		53	BOT_SCOPE = ['read:accounts', 'write:media', 'write:statuses']


diff --git a/toot.py b/toot.py deleted file mode 100644 index 659d232..0000000 --- a/toot.py +++ /dev/null
@@ -1,20 +0,0 @@
1	from mastodon import Mastodon
2
3	from config import TOOT_API_BASE_URL, TOOT_CLIENT_SECRET, TOOT_ACCESS_TOKEN, TOOT_CLIENT_ID, MASTODON_CLIENT_ID_FILE
4
5	'''
6	https://mastodonpy.readthedocs.io/en/stable/index.html
7	'''
8
9	mastodon_client = Mastodon(client_id=MASTODON_CLIENT_ID_FILE,
10	api_base_url=TOOT_API_BASE_URL)
11
12	url = mastodon_client.auth_request_url(redirect_uris="https://zjw.social/checkinbot/fedi_login_callback", scopes=['write:media', 'write:statuses'])
13	print(url)
14
15	# mastodon_client.log_in(
16	# username="[email protected]",
17	# code='2RnDpj9lMGLWuIeppl-Cghy-iwSXzlJFWU6mQaKYD9o',
18	# # redirect_uri="urn:ietf:wg:oauth:2.0:oob",
19	# scopes=['write:media', 'write:statuses']
20	# )