SuperSeriousBusiness/GoToSocial
1
1
Fork 0
mirror of https://github.com/superseriousbusiness/gotosocial synced 2025-06-05 21:59:39 +02:00
Code Issues Projects Releases Wiki Activity

[feature] Enforce OAuth token scopes (#3835)

Browse Source 
* move tokenauth to apiutil

* enforce scopes

* docs

* update test models, remove deprecated "follow"

* file header

* tests

* tweak scope matcher

* simplify...

* fix tests

* log user out of settings panel in case of oauth error
This commit is contained in:
tobi
2025-02-26 13:04:55 +01:00
committed by GitHub
parent f734a94c1c
commit eb720241da
213 changed files with 1762 additions and 1082 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
internal/api/client/push/pushsubscriptionpost_test.go
View File

@@ -116,7 +116,7 @@ func (suite *PushTestSuite) postSubscription(
func (suite *PushTestSuite) TestPostSubscription() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
tokenFixtureName := "local_account_1_push_only"
endpoint := "https://example.test/push"
auth := "cgna/fzrYLDQyPf5hD7IsA=="
@@ -152,7 +152,7 @@ func (suite *PushTestSuite) TestPostSubscription() {
func (suite *PushTestSuite) TestPostSubscriptionMinimal() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
tokenFixtureName := "local_account_1_push_only"
endpoint := "https://example.test/push"
auth := "cgna/fzrYLDQyPf5hD7IsA=="
@@ -186,7 +186,7 @@ func (suite *PushTestSuite) TestPostSubscriptionMinimal() {
func (suite *PushTestSuite) TestPostInvalidSubscription() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
tokenFixtureName := "local_account_1_push_only"
// No endpoint.
auth := "cgna/fzrYLDQyPf5hD7IsA=="
@@ -212,7 +212,7 @@ func (suite *PushTestSuite) TestPostInvalidSubscription() {
func (suite *PushTestSuite) TestPostSubscriptionJSON() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
tokenFixtureName := "local_account_1_push_only"
requestJson := `{
"subscription": {
@@ -258,7 +258,7 @@ func (suite *PushTestSuite) TestPostSubscriptionJSON() {
func (suite *PushTestSuite) TestPostSubscriptionJSONMinimal() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
tokenFixtureName := "local_account_1_push_only"
requestJson := `{
"subscription": {
@@ -298,7 +298,7 @@ func (suite *PushTestSuite) TestPostSubscriptionJSONMinimal() {
func (suite *PushTestSuite) TestPostInvalidSubscriptionJSON() {
accountFixtureName := "local_account_1"
// This token should not have a subscription.
tokenFixtureName := "local_account_1_user_authorization_token"
tokenFixtureName := "local_account_1_push_only"
// No endpoint.
requestJson := `{