From d469f16670df2d1748a6377d1bebe9b730dc25be Mon Sep 17 00:00:00 2001 From: clarkzjw Date: Wed, 22 Feb 2023 16:56:21 -0800 Subject: fix oauth login flow --- bot.py | 22 ++++++++++++++++++++-- callback.py | 18 +++++++++++++----- config.py | 1 + toot.py | 20 -------------------- 4 files changed, 34 insertions(+), 27 deletions(-) delete mode 100644 toot.py diff --git a/bot.py b/bot.py index 3b45906..79fba5d 100644 --- a/bot.py +++ b/bot.py @@ -56,8 +56,11 @@ from config import ( LOCATION_CONFIRMATION, ADD_MEDIA, ADD_COMMENT, - BOT_TOKEN + BOT_TOKEN, + BOT_SCOPE ) +from mastodon import Mastodon + # Enable logging logging.basicConfig( @@ -85,7 +88,22 @@ class FediLoginCallbackContext(CallbackContext[ExtBot, dict, dict, dict]): async def process_oauth_login_callback(update: FediLoginCallbackUpdate, context: FediLoginCallbackContext) -> None: - text = "Login success, your OAuth code is: {}".format(update.code) + # query client_id and client_secret from in memory database + client_id = "" + client_secret = "" + home_instance = "" + + mastodon_client = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance) + access_token = mastodon_client.log_in( + code=update.code, + redirect_uri="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL), + scopes=BOT_SCOPE + ) + + # TODO + # save access_token to database + + text = "You have successfully logged in to your Mastodon account!" await context.bot.send_message(chat_id=update.state, text=text) diff --git a/callback.py b/callback.py index d2f3ae7..c7cb60c 100644 --- a/callback.py +++ b/callback.py @@ -10,7 +10,10 @@ from command import * from dbstore.dbm_store import get_loc from foursquare.poi import OSM_ENDPOINT from foursquare.poi import query_poi -from toot import mastodon_client +# from toot import mastodon_client +from config import BOT_SCOPE + +mastodon_client = None def generate_toot_text(poi_name, poi_locality, poi_region, poi_lat, poi_lon): @@ -59,16 +62,21 @@ async def process_media_group(context: CallbackContext): async def callback_generate_fedi_login_url(update: Update, context: ContextTypes.DEFAULT_TYPE) -> int: # generate fedi OAuth login url + global mastodon_client + home_instance = update.effective_message.text client_id, client_secret = Mastodon.create_app( "Checkin.bot", - scopes=['write:media', 'write:statuses'], + scopes=BOT_SCOPE, redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL), api_base_url=home_instance, ) - mastodon_client = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance) - oauth_url = mastodon_client.auth_request_url(redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL), - scopes=['write:media', 'write:statuses'], + m = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance) + + # TODO + # generate random string as OAuth state + oauth_url = m.auth_request_url(redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL), + scopes=BOT_SCOPE, state=update.effective_user.id) await update.message.reply_text(PROMPT_FEDI_LOGIN, diff --git a/config.py b/config.py index 7ae0c21..3b5767b 100644 --- a/config.py +++ b/config.py @@ -50,3 +50,4 @@ HEALTHCHECK_URL = "/checkinbot/healthcheck" FEDI_LOGIN_CALLBACK_URL = "/checkinbot/fedi_login_callback" BOT_DOMAIN = "https://zjw.social" BOT_PORT = 30010 +BOT_SCOPE = ['read:accounts', 'write:media', 'write:statuses'] diff --git a/toot.py b/toot.py deleted file mode 100644 index 659d232..0000000 --- a/toot.py +++ /dev/null @@ -1,20 +0,0 @@ -from mastodon import Mastodon - -from config import TOOT_API_BASE_URL, TOOT_CLIENT_SECRET, TOOT_ACCESS_TOKEN, TOOT_CLIENT_ID, MASTODON_CLIENT_ID_FILE - -''' -https://mastodonpy.readthedocs.io/en/stable/index.html -''' - -mastodon_client = Mastodon(client_id=MASTODON_CLIENT_ID_FILE, - api_base_url=TOOT_API_BASE_URL) - -url = mastodon_client.auth_request_url(redirect_uris="https://zjw.social/checkinbot/fedi_login_callback", scopes=['write:media', 'write:statuses']) -print(url) - -# mastodon_client.log_in( -# username="checkinbottest@jinwei.me", -# code='2RnDpj9lMGLWuIeppl-Cghy-iwSXzlJFWU6mQaKYD9o', -# # redirect_uri="urn:ietf:wg:oauth:2.0:oob", -# scopes=['write:media', 'write:statuses'] -# ) -- cgit v1.2.3