objective categorical abstract machine language personal data server
Fix oauth par request parsing and requestCrawl
+56
-17
+4
-2
pegasus/lib/oauth/client.ml
+4
-2
pegasus/lib/oauth/client.ml
···
17
17
| Error err ->
18
18
failwith err
19
19
in
20
-
if metadata.client_id <> client_id then failwith "client_id mismatch"
20
+
if metadata.client_id <> Some client_id then failwith "client_id mismatch"
21
21
else
22
-
let scopes = String.split_on_char ' ' metadata.scope in
22
+
let scopes =
23
+
String.split_on_char ' ' (Option.value metadata.scope ~default:"")
24
+
in
23
25
if not (List.mem "atproto" scopes) then
24
26
failwith "scope must include 'atproto'"
25
27
else
+20
-8
pegasus/lib/oauth/types.ml
+20
-8
pegasus/lib/oauth/types.ml
···
25
25
[@@deriving yojson {strict= false}]
26
26
27
27
type client_metadata =
28
-
{ client_id: string
28
+
{ client_id: string option [@default None]
29
29
; client_name: string option [@default None]
30
-
; client_uri: string
30
+
; client_uri: string option [@default None]
31
+
; policy_uri: string option [@default None]
32
+
; tos_uri: string option [@default None]
33
+
; logo_uri: string option [@default None]
31
34
; redirect_uris: string list
32
-
; grant_types: string list
33
-
; response_types: string list
34
-
; scope: string
35
-
; token_endpoint_auth_method: string
35
+
; grant_types: string list [@default ["authorization_code"]]
36
+
; response_types: string list [@default ["code"]]
37
+
; scope: string option [@default None]
38
+
; token_endpoint_auth_method: string [@default "client_secret_basic"]
36
39
; token_endpoint_auth_signing_alg: string option [@default None]
37
-
; application_type: string
38
-
; dpop_bound_access_tokens: bool
40
+
; userinfo_signed_response_alg: string option [@default None]
41
+
; userinfo_encrypted_response_alg: string option [@default None]
42
+
; application_type: string [@default "web"]
43
+
; subject_type: string [@default "public"]
44
+
; request_object_signing_alg: string option [@default None]
45
+
; id_token_signed_response_alg: string option [@default None]
46
+
; authorization_signed_response_alg: string [@default "RS256"]
47
+
; authorization_encrypted_response_enc: string option [@default None]
48
+
; authorization_encrypted_response_alg: string option [@default None]
49
+
; authorization_details_types: string list option [@default None]
50
+
; dpop_bound_access_tokens: bool option [@default None]
39
51
; jwks_uri: string option [@default None]
40
52
; jwks: Yojson.Safe.t option [@default None] }
41
53
[@@deriving yojson {strict= false}]
+1
-1
pegasus/lib/sequencer.ml
+1
-1
pegasus/lib/sequencer.ml
+24
-2
pegasus/lib/xrpc.ml
+24
-2
pegasus/lib/xrpc.ml
···
150
150
let parse_body (req : Dream.request)
151
151
(of_yojson : Yojson.Safe.t -> ('a, string) result) : 'a Lwt.t =
152
152
try%lwt
153
-
let%lwt body = Dream.body req in
154
-
match body |> Yojson.Safe.from_string |> of_yojson with
153
+
let%lwt body_assoc =
154
+
match Dream.header req "content-type" with
155
+
| None ->
156
+
Lwt.return (`Assoc [])
157
+
| Some content_type -> (
158
+
match String.split_on_char ';' content_type with
159
+
| "application/x-www-form-urlencoded" :: _ -> (
160
+
match%lwt Dream.form ~csrf:false req with
161
+
| `Ok form ->
162
+
Lwt.return
163
+
(`Assoc
164
+
(List.map
165
+
(fun (k, v) ->
166
+
(k, try Yojson.Safe.from_string v with _ -> `String v) )
167
+
form ) )
168
+
| _ ->
169
+
Errors.internal_error () )
170
+
| "application/json" :: _ ->
171
+
let%lwt body = Dream.body req in
172
+
Lwt.return @@ Yojson.Safe.from_string body
173
+
| _ ->
174
+
Lwt.return (`Assoc []) )
175
+
in
176
+
match of_yojson body_assoc with
155
177
| Error e ->
156
178
Dream.debug (fun log -> log "error parsing body: %s" e) ;
157
179
Errors.internal_error ()