https://github.com/bonfire-networks/bonfire-app/issues/918

lib/provider/oauth.ex

@@ -0,0 +1,5 @@
+defmodule Bonfire.OpenID.Provider.OAuth do
+  def redirect_uri_validate(uri) do
+    nil
+  end
+end

lib/server/clients.ex → lib/provider/provider_client_apps.ex

@@ -1,4 +1,4 @@
-defmodule Bonfire.OpenID.Clients do
+defmodule Bonfire.OpenID.Provider.ClientApps do
   defdelegate list_clients, to: Boruta.Ecto.Admin
   defdelegate list_scopes, to: Boruta.Ecto.Admin
   defdelegate list_active_tokens, to: Boruta.Ecto.Admin

lib/runtime_config.ex

@@ -14,7 +14,8 @@ defmodule Bonfire.OpenID.RuntimeConfig do
     #   modularity: :disabled
 
     config :boruta, Boruta.Oauth,
-      issuer: System.get_env("OAUTH_ISSUER", "https://bonfirenetworks.org")
+      issuer: System.get_env("OAUTH_ISSUER", "https://bonfirenetworks.org"),
+      redirect_uri_validation_fun: {Bonfire.OpenID.Provider.OAuth, :redirect_uri_validate}
 
     main_discovery_document_uri = System.get_env("OPENID_1_DISCOVERY")
 

lib/web/controllers/server/app_controller.ex → lib/web/controllers/provider/app_controller.ex

@@ -11,8 +11,9 @@ defmodule Bonfire.API.MastoCompatible.AppController do
     # -F 'website=https://myapp.example' \
     # https://instance.example/api/v1/apps
 
+    # TODO: don't re-create if one already exists
     with {:ok, client} <-
-           Bonfire.OpenID.Clients.new(%{
+           Bonfire.OpenID.Provider.ClientApps.new(%{
              name: String.trim("#{params["client_name"]} #{params["website"]}"),
              redirect_uris: List.wrap(params["redirect_uris"])
              # _: params["scopes"], # TODO

lib/web/controllers/server/oauth/token_controller.ex → lib/web/controllers/provider/oauth/token_controller.ex

@@ -16,6 +16,8 @@ defmodule Bonfire.OpenID.Web.Oauth.TokenController do
 
   @impl Boruta.Oauth.TokenApplication
   def token_success(conn, %TokenResponse{} = response) do
+    debug(response)
+
     conn
     |> put_resp_header("pragma", "no-cache")
     |> put_resp_header("cache-control", "no-store")

lib/web/views/oauth_view.ex

@@ -15,7 +15,7 @@ defmodule Bonfire.OpenID.Web.OauthView do
       }) do
     Enum.filter(
       %{
-        token_type: token_type,
+        token_type: String.capitalize(token_type || "Bearer"),
         access_token: access_token,
         expires_in: expires_in,
         refresh_token: refresh_token,
@@ -26,7 +26,8 @@ defmodule Bonfire.OpenID.Web.OauthView do
         _ -> true
       end
     )
-    |> Enum.into(%{})
+    |> Enum.into(%{created_at: System.os_time(:second)})
+    |> debug()
   end
 
   def render("introspect.json", %{