API: Accept "redirect_uris" as both array and string

diff --git a/src/Factory/Api/Mastodon/Error.php b/src/Factory/Api/Mastodon/Error.php
index 3870770323e53338e0b34f2b54423638d87db0b2..32ca03a62a55f481a16cad2de131fb2e0f4dd55b 100644 (file)
--- a/src/Factory/Api/Mastodon/Error.php
+++ b/src/Factory/Api/Mastodon/Error.php
@@ -70,10 +70,9 @@ class Error extends BaseFactory
                System::jsonError(422, $errorObj->toArray());
        }
 
-       public function Unauthorized(string $error = '')
+       public function Unauthorized(string $error = '', string $error_description = '')
        {
                $error             = $error ?: $this->l10n->t('Unauthorized');
-               $error_description = '';
                $errorObj          = new \Friendica\Object\Api\Mastodon\Error($error, $error_description);
 
                $this->logError(401, $error);

diff --git a/src/Module/Api/Mastodon/Apps.php b/src/Module/Api/Mastodon/Apps.php
index f78cb07098956918042f4236477b6a1d8da8fdd2..8071c7568fcfe51935d1e4b7f46440cc17f7608a 100644 (file)
--- a/src/Module/Api/Mastodon/Apps.php
+++ b/src/Module/Api/Mastodon/Apps.php
@@ -44,6 +44,10 @@ class Apps extends BaseApi
         */
        protected function post(array $request = [])
        {
+               if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) {
+                       $request['redirect_uris'] = $request['redirect_uris'][0];
+               }
+
                $request = $this->getRequest([
                        'client_name'   => '',
                        'redirect_uris' => '',
@@ -58,6 +62,10 @@ class Apps extends BaseApi
                        if (!empty($postrequest) && is_array($postrequest)) {
                                $request = array_merge($request, $postrequest);
                        }
+
+                       if (!empty($request['redirect_uris']) && is_array($request['redirect_uris'])) {
+                               $request['redirect_uris'] = $request['redirect_uris'][0];
+                       }       
                }
 
                if (empty($request['client_name']) || empty($request['redirect_uris'])) {

diff --git a/src/Module/OAuth/Token.php b/src/Module/OAuth/Token.php
index 1fdb57aba92553e5aad1b45d0da425198f32db17..7481bf75f538b202678d78ddef9818e4531be51a 100644 (file)
--- a/src/Module/OAuth/Token.php
+++ b/src/Module/OAuth/Token.php
@@ -32,7 +32,7 @@ use Friendica\Util\DateTimeFormat;
 use Psr\Http\Message\ResponseInterface;
 
 /**
- * @see https://docs.joinmastodon.org/spec/oauth/
+ * @see https://docs.joinmastodon.org/methods/oauth/#token
  * @see https://aaronparecki.com/oauth-2-simplified/
  */
 class Token extends BaseApi
@@ -69,13 +69,13 @@ class Token extends BaseApi
                }
 
                if (empty($request['client_id']) || empty($request['client_secret'])) {
-                       Logger::warning('Incomplete request data', ['request' => $_REQUEST]);
-                       DI::mstdnError()->UnprocessableEntity(DI::l10n()->t('Incomplete request data'));
+                       Logger::warning('Incomplete request data', ['request' => $request]);
+                       DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Incomplete request data'));
                }
 
                $application = OAuth::getApplication($request['client_id'], $request['client_secret'], $request['redirect_uri']);
                if (empty($application)) {
-                       DI::mstdnError()->UnprocessableEntity();
+                       DI::mstdnError()->Unauthorized('invalid_client', DI::l10n()->t('Invalid data or unknown client'));
                }
 
                if ($request['grant_type'] == 'client_credentials') {