[feature] Refactor tokens, allow multiple app redirect_uris (#3849)

* [feature] Refactor tokens, allow multiple app redirect_uris * move + tweak handlers a bit * return error for unset oauth2.ClientStore funcs * wrap UpdateToken with cache * panic handling * cheeky little time optimization * unlock on error
2025-06-05 21:59:39 +02:00 · 2025-03-03 16:03:36 +01:00
parent c80810eae8
commit 1b37944f8b
77 changed files with 963 additions and 594 deletions
--- a/internal/oauth/clientstore.go
+++ b/internal/oauth/clientstore.go
@@ -21,45 +21,30 @@ import (
 	"context"

 	"codeberg.org/superseriousbusiness/oauth2/v4"
-	"codeberg.org/superseriousbusiness/oauth2/v4/models"
-	"github.com/superseriousbusiness/gotosocial/internal/db"
-	"github.com/superseriousbusiness/gotosocial/internal/gtsmodel"
+	"codeberg.org/superseriousbusiness/oauth2/v4/errors"
+	"github.com/superseriousbusiness/gotosocial/internal/state"
 )

 type clientStore struct {
-	db db.DB
+	state *state.State
 }

-// NewClientStore returns an implementation of the oauth2 ClientStore interface, using the given db as a storage backend.
-func NewClientStore(db db.DB) oauth2.ClientStore {
-	pts := &clientStore{
-		db: db,
-	}
-	return pts
+// NewClientStore returns a minimal implementation of
+// oauth2.ClientStore interface, using state as storage.
+//
+// Only GetByID is implemented, Set and Delete are stubs.
+func NewClientStore(state *state.State) oauth2.ClientStore {
+	return &clientStore{state: state}
 }

 func (cs *clientStore) GetByID(ctx context.Context, clientID string) (oauth2.ClientInfo, error) {
-	client, err := cs.db.GetClientByID(ctx, clientID)
-	if err != nil {
-		return nil, err
-	}
-	return models.New(
-		client.ID,
-		client.Secret,
-		client.Domain,
-		client.UserID,
-	), nil
+	return cs.state.DB.GetApplicationByClientID(ctx, clientID)
 }

-func (cs *clientStore) Set(ctx context.Context, id string, cli oauth2.ClientInfo) error {
-	return cs.db.PutClient(ctx, &gtsmodel.Client{
-		ID:     cli.GetID(),
-		Secret: cli.GetSecret(),
-		Domain: cli.GetDomain(),
-		UserID: cli.GetUserID(),
-	})
+func (cs *clientStore) Set(_ context.Context, _ string, _ oauth2.ClientInfo) error {
+	return errors.New("func oauth2.ClientStore.Set not implemented")
 }

-func (cs *clientStore) Delete(ctx context.Context, id string) error {
-	return cs.db.DeleteClientByID(ctx, id)
+func (cs *clientStore) Delete(_ context.Context, _ string) error {
+	return errors.New("func oauth2.ClientStore.Delete not implemented")
 }