Allow authenticating via client-sent events

author: tusooa <tusooa@kazv.moe> 2023-03-31 23:19:57 -0400
committer: tusooa <tusooa@kazv.moe> 2023-10-15 17:19:49 -0400
commit: 21395aa5090f2a53bdbe0ef5fac46693d16025ed (patch)
tree: ac236fe9d154a9786c97079ba6a528a9113e7a5a
parent: 273cda63ad79b61f4d37e4b7603694908e894e4f (diff)
3 files changed, 118 insertions, 0 deletions
diff --git a/lib/pleroma/web/mastodon_api/websocket_handler.ex b/lib/pleroma/web/mastodon_api/websocket_handler.ex
index a42a9a63c..6233c3340 100644
--- a/lib/pleroma/web/mastodon_api/websocket_handler.ex
+++ b/lib/pleroma/web/mastodon_api/websocket_handler.ex
@@ -214,6 +214,42 @@ defmodule Pleroma.Web.MastodonAPI.WebsocketHandler do
     end
   end
 
+  defp handle_client_event(
+         %{"type" => "pleroma.authenticate", "token" => access_token} = _params,
+         state
+       ) do
+    with {:auth, nil, nil} <- {:auth, state.user, state.oauth_token},
+         {:ok, user, oauth_token} <- authenticate_request(access_token, nil) do
+      {[
+         {:text,
+          StreamerView.render("pleroma_respond.json", %{
+            type: "pleroma.authenticate",
+            result: "success"
+          })}
+       ], %{state | user: user, oauth_token: oauth_token}}
+    else
+      {:auth, _, _} ->
+        {[
+           {:text,
+            StreamerView.render("pleroma_respond.json", %{
+              type: "pleroma.authenticate",
+              result: "error",
+              error: :already_authenticated
+            })}
+         ], state}
+
+      _ ->
+        {[
+           {:text,
+            StreamerView.render("pleroma_respond.json", %{
+              type: "pleroma.authenticate",
+              result: "error",
+              error: :unauthorized
+            })}
+         ], state}
+    end
+  end
+
   defp handle_client_event(params, state) do
     Logger.error("#{__MODULE__} received unknown event: #{inspect(params)}")
     {[], state}
diff --git a/lib/pleroma/web/views/streamer_view.ex b/lib/pleroma/web/views/streamer_view.ex
index 19f098783..0cdcb1918 100644
--- a/lib/pleroma/web/views/streamer_view.ex
+++ b/lib/pleroma/web/views/streamer_view.ex
@@ -152,5 +152,6 @@ defmodule Pleroma.Web.StreamerView do
 
   defp maybe_error(%{error: :bad_topic}), do: %{error: "bad_topic"}
   defp maybe_error(%{error: :unauthorized}), do: %{error: "unauthorized"}
+  defp maybe_error(%{error: :already_authenticated}), do: %{error: "already_authenticated"}
   defp maybe_error(_), do: %{}
 end
diff --git a/test/pleroma/integration/mastodon_websocket_test.exs b/test/pleroma/integration/mastodon_websocket_test.exs
index 9db0f714f..827c7b5b0 100644
--- a/test/pleroma/integration/mastodon_websocket_test.exs
+++ b/test/pleroma/integration/mastodon_websocket_test.exs
@@ -224,6 +224,87 @@ defmodule Pleroma.Integration.MastodonWebsocketTest do
       end)
     end
 
+    test "accepts valid token on client-sent event", %{token: token} do
+      assert {:ok, pid} = start_socket()
+
+      WebsocketClient.send_text(
+        pid,
+        %{type: "pleroma.authenticate", token: token.token} |> Jason.encode!()
+      )
+
+      assert_receive {:text, raw_json}, 1_000
+
+      assert {:ok,
+              %{
+                "event" => "pleroma.respond",
+                "payload" => %{"type" => "pleroma.authenticate", "result" => "success"}
+              }} = decode_json(raw_json)
+
+      WebsocketClient.send_text(pid, %{type: "subscribe", stream: "user"} |> Jason.encode!())
+      assert_receive {:text, raw_json}, 1_000
+
+      assert {:ok,
+              %{
+                "event" => "pleroma.respond",
+                "payload" => %{"type" => "subscribe", "result" => "success"}
+              }} = decode_json(raw_json)
+    end
+
+    test "rejects invalid token on client-sent event" do
+      assert {:ok, pid} = start_socket()
+
+      WebsocketClient.send_text(
+        pid,
+        %{type: "pleroma.authenticate", token: "Something else"} |> Jason.encode!()
+      )
+
+      assert_receive {:text, raw_json}, 1_000
+
+      assert {:ok,
+              %{
+                "event" => "pleroma.respond",
+                "payload" => %{
+                  "type" => "pleroma.authenticate",
+                  "result" => "error",
+                  "error" => "unauthorized"
+                }
+              }} = decode_json(raw_json)
+    end
+
+    test "rejects new authenticate request if already logged-in", %{token: token} do
+      assert {:ok, pid} = start_socket()
+
+      WebsocketClient.send_text(
+        pid,
+        %{type: "pleroma.authenticate", token: token.token} |> Jason.encode!()
+      )
+
+      assert_receive {:text, raw_json}, 1_000
+
+      assert {:ok,
+              %{
+                "event" => "pleroma.respond",
+                "payload" => %{"type" => "pleroma.authenticate", "result" => "success"}
+              }} = decode_json(raw_json)
+
+      WebsocketClient.send_text(
+        pid,
+        %{type: "pleroma.authenticate", token: "Something else"} |> Jason.encode!()
+      )
+
+      assert_receive {:text, raw_json}, 1_000
+
+      assert {:ok,
+              %{
+                "event" => "pleroma.respond",
+                "payload" => %{
+                  "type" => "pleroma.authenticate",
+                  "result" => "error",
+                  "error" => "already_authenticated"
+                }
+              }} = decode_json(raw_json)
+    end
+
     test "disconnect when token is revoked", %{app: app, user: user, token: token} do
       assert {:ok, _} = start_socket("?stream=user:notification&access_token=#{token.token}")
       assert {:ok, _} = start_socket("?stream=user&access_token=#{token.token}")
author	tusooa <tusooa@kazv.moe>	2023-03-31 23:19:57 -0400
committer	tusooa <tusooa@kazv.moe>	2023-10-15 17:19:49 -0400
commit	21395aa5090f2a53bdbe0ef5fac46693d16025ed (patch)
tree	ac236fe9d154a9786c97079ba6a528a9113e7a5a
parent	273cda63ad79b61f4d37e4b7603694908e894e4f (diff)