gotosocial/internal/processing/oauth.go

// GoToSocial
// Copyright (C) GoToSocial Authors admin@gotosocial.org
// SPDX-License-Identifier: AGPL-3.0-or-later
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program.  If not, see <http://www.gnu.org/licenses/>.

package processing

import (
	"context"
	"net/http"

	"code.superseriousbusiness.org/oauth2/v4"
	"github.com/superseriousbusiness/gotosocial/internal/gtserror"
)

func (p *Processor) OAuthHandleAuthorizeRequest(w http.ResponseWriter, r *http.Request) gtserror.WithCode {
	// todo: some kind of metrics stuff here
	return p.oauthServer.HandleAuthorizeRequest(w, r)
}

func (p *Processor) OAuthHandleTokenRequest(r *http.Request) (map[string]interface{}, gtserror.WithCode) {
	// todo: some kind of metrics stuff here
	return p.oauthServer.HandleTokenRequest(r)
}

func (p *Processor) OAuthValidateBearerToken(r *http.Request) (oauth2.TokenInfo, error) {
	// todo: some kind of metrics stuff here
	return p.oauthServer.ValidationBearerToken(r)
}

func (p *Processor) OAuthRevokeAccessToken(
	ctx context.Context,
	clientID string,
	clientSecret string,
	accessToken string,
) gtserror.WithCode {
	return p.oauthServer.RevokeAccessToken(
		ctx,
		clientID,
		clientSecret,
		accessToken,
	)
}
[chore] Improve copyright header handling (#1608) * [chore] Remove years from all license headers Years or year ranges aren't required in license headers. Many projects have removed them in recent years and it avoids a bit of yearly toil. In many cases our copyright claim was also a bit dodgy since we added the 2021-2023 header to files created after 2021 but you can't claim copyright into the past that way. * [chore] Add license header check This ensures a license header is always added to any new file. This avoids maintainers/reviewers needing to remember to check for and ask for it in case a contribution doesn't include it. * [chore] Add missing license headers * [chore] Further updates to license header * Use the more common // indentend comment format * Remove the hack we had for the linter now that we use the // format * Add SPDX license identifier 2023-03-12 16:00:57 +01:00			`// GoToSocial`
			`// Copyright (C) GoToSocial Authors admin@gotosocial.org`
			`// SPDX-License-Identifier: AGPL-3.0-or-later`
			`//`
			`// This program is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU Affero General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// This program is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU Affero General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU Affero General Public License`
			`// along with this program. If not, see <http://www.gnu.org/licenses/>.`
[feature] Add `created_at` and `error_description` to `/oauth/token` endpoint (#645) * start fiddling about with oauth server * start returning more helpful errors from oauth * test helpful(ish) token errors * add missing license header 2022-06-11 10:39:39 +02:00
			`package processing`

			`import (`
[feature] Implement /oauth/revoke for token revocation (#3983) 2025-04-10 16:24:17 +02:00			`"context"`
[feature] Add `created_at` and `error_description` to `/oauth/token` endpoint (#645) * start fiddling about with oauth server * start returning more helpful errors from oauth * test helpful(ish) token errors * add missing license header 2022-06-11 10:39:39 +02:00			`"net/http"`

oauth2's turn 2025-04-25 12:05:45 +02:00			`"code.superseriousbusiness.org/oauth2/v4"`
[feature] Add `created_at` and `error_description` to `/oauth/token` endpoint (#645) * start fiddling about with oauth server * start returning more helpful errors from oauth * test helpful(ish) token errors * add missing license header 2022-06-11 10:39:39 +02:00			`"github.com/superseriousbusiness/gotosocial/internal/gtserror"`
			`)`

[chore] Deinterface processor and subprocessors (#1501) * [chore] Deinterface processor and subprocessors * expose subprocessors via function calls * missing license header 2023-02-22 16:05:26 +01:00			`func (p Processor) OAuthHandleAuthorizeRequest(w http.ResponseWriter, r http.Request) gtserror.WithCode {`
[feature] Add `created_at` and `error_description` to `/oauth/token` endpoint (#645) * start fiddling about with oauth server * start returning more helpful errors from oauth * test helpful(ish) token errors * add missing license header 2022-06-11 10:39:39 +02:00			`// todo: some kind of metrics stuff here`
			`return p.oauthServer.HandleAuthorizeRequest(w, r)`
			`}`

[chore] Deinterface processor and subprocessors (#1501) * [chore] Deinterface processor and subprocessors * expose subprocessors via function calls * missing license header 2023-02-22 16:05:26 +01:00			`func (p Processor) OAuthHandleTokenRequest(r http.Request) (map[string]interface{}, gtserror.WithCode) {`
[feature] Add `created_at` and `error_description` to `/oauth/token` endpoint (#645) * start fiddling about with oauth server * start returning more helpful errors from oauth * test helpful(ish) token errors * add missing license header 2022-06-11 10:39:39 +02:00			`// todo: some kind of metrics stuff here`
			`return p.oauthServer.HandleTokenRequest(r)`
			`}`
[chore] The Big Middleware and API Refactor (tm) (#1250) * interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths 2023-01-02 13:10:50 +01:00
[chore] Deinterface processor and subprocessors (#1501) * [chore] Deinterface processor and subprocessors * expose subprocessors via function calls * missing license header 2023-02-22 16:05:26 +01:00			`func (p Processor) OAuthValidateBearerToken(r http.Request) (oauth2.TokenInfo, error) {`
[chore] The Big Middleware and API Refactor (tm) (#1250) * interim commit: start refactoring middlewares into package under router * another interim commit, this is becoming a big job * another fucking massive interim commit * refactor bookmarks to new style * ambassador, wiz zeze commits you are spoiling uz * she compiles, we're getting there * we're just normal men; we're just innocent men * apiutil * whoopsie * i'm glad noone reads commit msgs haha :blob_sweat: * use that weirdo go-bytesize library for maxMultipartMemory * fix media module paths 2023-01-02 13:10:50 +01:00			`// todo: some kind of metrics stuff here`
			`return p.oauthServer.ValidationBearerToken(r)`
			`}`
[feature] Implement /oauth/revoke for token revocation (#3983) 2025-04-10 16:24:17 +02:00
			`func (p *Processor) OAuthRevokeAccessToken(`
			`ctx context.Context,`
			`clientID string,`
			`clientSecret string,`
			`accessToken string,`
			`) gtserror.WithCode {`
			`return p.oauthServer.RevokeAccessToken(`
			`ctx,`
			`clientID,`
			`clientSecret,`
			`accessToken,`
			`)`
			`}`