From d469f16670df2d1748a6377d1bebe9b730dc25be Mon Sep 17 00:00:00 2001
From: clarkzjw <i@jinwei.me>
Date: Wed, 22 Feb 2023 16:56:21 -0800
Subject: fix oauth login flow

---
 bot.py      | 22 ++++++++++++++++++++--
 callback.py | 18 +++++++++++++-----
 config.py   |  1 +
 toot.py     | 20 --------------------
 4 files changed, 34 insertions(+), 27 deletions(-)
 delete mode 100644 toot.py

diff --git a/bot.py b/bot.py
index 3b45906..79fba5d 100644
--- a/bot.py
+++ b/bot.py
@@ -56,8 +56,11 @@ from config import (
     LOCATION_CONFIRMATION,
     ADD_MEDIA,
     ADD_COMMENT,
-    BOT_TOKEN
+    BOT_TOKEN,
+    BOT_SCOPE
 )
+from mastodon import Mastodon
+
 
 # Enable logging
 logging.basicConfig(
@@ -85,7 +88,22 @@ class FediLoginCallbackContext(CallbackContext[ExtBot, dict, dict, dict]):
 
 
 async def process_oauth_login_callback(update: FediLoginCallbackUpdate, context: FediLoginCallbackContext) -> None:
-    text = "Login success, your OAuth code is: {}".format(update.code)
+    # query client_id and client_secret from in memory database
+    client_id = ""
+    client_secret = ""
+    home_instance = ""
+
+    mastodon_client = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance)
+    access_token = mastodon_client.log_in(
+        code=update.code,
+        redirect_uri="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
+        scopes=BOT_SCOPE
+    )
+
+    # TODO
+    # save access_token to database
+
+    text = "You have successfully logged in to your Mastodon account!"
     await context.bot.send_message(chat_id=update.state, text=text)
 
 
diff --git a/callback.py b/callback.py
index d2f3ae7..c7cb60c 100644
--- a/callback.py
+++ b/callback.py
@@ -10,7 +10,10 @@ from command import *
 from dbstore.dbm_store import get_loc
 from foursquare.poi import OSM_ENDPOINT
 from foursquare.poi import query_poi
-from toot import mastodon_client
+# from toot import mastodon_client
+from config import BOT_SCOPE
+
+mastodon_client = None
 
 
 def generate_toot_text(poi_name, poi_locality, poi_region, poi_lat, poi_lon):
@@ -59,16 +62,21 @@ async def process_media_group(context: CallbackContext):
 
 async def callback_generate_fedi_login_url(update: Update, context: ContextTypes.DEFAULT_TYPE) -> int:
     # generate fedi OAuth login url
+    global mastodon_client
+
     home_instance = update.effective_message.text
     client_id, client_secret = Mastodon.create_app(
         "Checkin.bot",
-        scopes=['write:media', 'write:statuses'],
+        scopes=BOT_SCOPE,
         redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
         api_base_url=home_instance,
     )
-    mastodon_client = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance)
-    oauth_url = mastodon_client.auth_request_url(redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
-                                                 scopes=['write:media', 'write:statuses'],
+    m = Mastodon(client_id=client_id, client_secret=client_secret, api_base_url=home_instance)
+
+    # TODO
+    # generate random string as OAuth state
+    oauth_url = m.auth_request_url(redirect_uris="{}{}".format(BOT_DOMAIN, FEDI_LOGIN_CALLBACK_URL),
+                                                 scopes=BOT_SCOPE,
                                                  state=update.effective_user.id)
 
     await update.message.reply_text(PROMPT_FEDI_LOGIN,
diff --git a/config.py b/config.py
index 7ae0c21..3b5767b 100644
--- a/config.py
+++ b/config.py
@@ -50,3 +50,4 @@ HEALTHCHECK_URL = "/checkinbot/healthcheck"
 FEDI_LOGIN_CALLBACK_URL = "/checkinbot/fedi_login_callback"
 BOT_DOMAIN = "https://zjw.social"
 BOT_PORT = 30010
+BOT_SCOPE = ['read:accounts', 'write:media', 'write:statuses']
diff --git a/toot.py b/toot.py
deleted file mode 100644
index 659d232..0000000
--- a/toot.py
+++ /dev/null
@@ -1,20 +0,0 @@
-from mastodon import Mastodon
-
-from config import TOOT_API_BASE_URL, TOOT_CLIENT_SECRET, TOOT_ACCESS_TOKEN, TOOT_CLIENT_ID, MASTODON_CLIENT_ID_FILE
-
-'''
-https://mastodonpy.readthedocs.io/en/stable/index.html
-'''
-
-mastodon_client = Mastodon(client_id=MASTODON_CLIENT_ID_FILE,
-                           api_base_url=TOOT_API_BASE_URL)
-
-url = mastodon_client.auth_request_url(redirect_uris="https://zjw.social/checkinbot/fedi_login_callback", scopes=['write:media', 'write:statuses'])
-print(url)
-
-# mastodon_client.log_in(
-#     username="checkinbottest@jinwei.me",
-#     code='2RnDpj9lMGLWuIeppl-Cghy-iwSXzlJFWU6mQaKYD9o',
-#     # redirect_uri="urn:ietf:wg:oauth:2.0:oob",
-#     scopes=['write:media', 'write:statuses']
-# )
-- 
cgit v1.2.3