<?php
/**
- * @copyright Copyright (C) 2010-2022, the Friendica project
+ * @copyright Copyright (C) 2010-2023, the Friendica project
*
* @license GNU AGPL version 3 or any later version
*
use Friendica\Model\User;
use Friendica\Module\BaseApi;
use Friendica\Util\DateTimeFormat;
+use GuzzleHttp\Psr7\Uri;
/**
* OAuth Server
if (Contact\Relation::areSuggestionsOutdated($token['uid'])) {
Worker::add(Worker::PRIORITY_MEDIUM, 'UpdateSuggestions', $token['uid']);
}
-
+
return $token;
}
if (!empty($client_secret)) {
$condition['client_secret'] = $client_secret;
}
+
if (!empty($redirect_uri)) {
- $condition['redirect_uri'] = $redirect_uri;
+ $uri = new Uri($redirect_uri);
+ $redirect_uri = $uri->getScheme() . '://' . $uri->getHost() . $uri->getPath();
+ $condition = DBA::mergeConditions($condition, ["`redirect_uri` LIKE ?", '%' . $redirect_uri . '%']);
}
$application = DBA::selectFirst('application', [], $condition);
Logger::warning('Application not found', $condition);
return [];
}
+
+ // The redirect_uri could contain several URI that are separated by spaces.
+ if (($application['redirect_uri'] != $redirect_uri) && !in_array($redirect_uri, explode(' ', $application['redirect_uri']))) {
+ return [];
+ }
+
return $application;
}
'write' => (stripos($scope, BaseApi::SCOPE_WRITE) !== false),
'follow' => (stripos($scope, BaseApi::SCOPE_FOLLOW) !== false),
'push' => (stripos($scope, BaseApi::SCOPE_PUSH) !== false),
- 'created_at' => DateTimeFormat::utcNow()];
+ 'created_at' => DateTimeFormat::utcNow()
+ ];
foreach ([BaseApi::SCOPE_READ, BaseApi::SCOPE_WRITE, BaseApi::SCOPE_WRITE, BaseApi::SCOPE_PUSH] as $scope) {
if ($fields[$scope] && !$application[$scope]) {
projects / friendica.git / blobdiff