From: Mickaël Rémond <mremond@process-one.net>
Date: Thu, 28 Jul 2016 12:57:48 +0000 (+0200)
Subject: Merge pull request #1211 from processone/expand_api
X-Git-Tag: 16.08~15
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=7a74a4836ab5bba4eef1706876d8fd1d07cb1e10;p=ejabberd

Merge pull request #1211 from processone/expand_api

There is still work to do, be we reached a stable state and can merge up to this point.
---

7a74a4836ab5bba4eef1706876d8fd1d07cb1e10
diff --cc src/ejabberd_oauth.erl
index d4b1ff87e,0ac18b7ef..0af158562
--- a/src/ejabberd_oauth.erl
+++ b/src/ejabberd_oauth.erl
@@@ -65,12 -64,17 +65,12 @@@
  %%   * Using the web form/api results in the token being generated in behalf of the user providing the user/pass
  %%   * Using the command line and oauth_issue_token command, the token is generated in behalf of ejabberd' sysadmin
  %%    (as it has access to ejabberd command line).
 --record(oauth_token, {
 -          token = {<<"">>, <<"">>} :: {binary(), binary()},
 -          us = {<<"">>, <<"">>}    :: {binary(), binary()},
 -          scope = []               :: [binary()],
 -          expire                   :: integer()
 -         }).
  
- -define(EXPIRE, 3600).
+ -define(EXPIRE, 31536000).
  
  start() ->
 -    init_db(mnesia, ?MYNAME),
 +    DBMod = get_db_backend(),
 +    DBMod:init(),
      Expire = expire(),
      application:set_env(oauth2, backend, ejabberd_oauth),
      application:set_env(oauth2, expiry_time, Expire),
@@@ -530,24 -543,25 +525,34 @@@ process(_Handlers
  process(_Handlers, _Request) ->
      ejabberd_web:error(not_found).
  
 +-spec get_db_backend() -> module().
 +
 +get_db_backend() ->
 +    DBType = ejabberd_config:get_option(
 +               oauth_db_type,
 +               fun(T) -> ejabberd_config:v_db(?MODULE, T) end,
 +               mnesia),
 +    list_to_atom("ejabberd_oauth_" ++ atom_to_list(DBType)).
 +
  
- %% Headers as per RFC 6749 
+ %% Headers as per RFC 6749
  json_response(Code, Body) ->
      {Code, [{<<"Content-Type">>, <<"application/json;charset=UTF-8">>},
-            {<<"Cache-Control">>, <<"no-store">>}, 
-            {<<"Pragma">>, <<"no-cache">>}], 
+            {<<"Cache-Control">>, <<"no-store">>},
+            {<<"Pragma">>, <<"no-cache">>}],
       jiffy:encode(Body)}.
  
+ %% OAauth error are defined in:
+ %% https://tools.ietf.org/html/draft-ietf-oauth-v2-25#section-5.2
+ json_error(Code, Error, Reason) ->
+     Desc = json_error_desc(Reason),
+     Body = {[{<<"error">>, Error},
+              {<<"error_description">>, Desc}]},
+     json_response(Code, Body).
  
+ json_error_desc(access_denied)          -> <<"Access denied">>;
+ json_error_desc(unsupported_grant_type) -> <<"Unsupported grant type">>;
+ json_error_desc(invalid_scope)          -> <<"Invalid scope">>.
  
  web_head() ->
      [?XA(<<"meta">>, [{<<"http-equiv">>, <<"X-UA-Compatible">>},