From 0310640bbe03a3de2acf434f4c536030b86bec07 Mon Sep 17 00:00:00 2001
From: Mayel de Borniol <git@mayel.space>
Date: Sat, 27 Apr 2024 20:20:35 +0100
Subject: [PATCH] https://github.com/bonfire-networks/bonfire-app/issues/918

---
 lib/provider/oauth.ex                                        | 5 +++++
 lib/{server/clients.ex => provider/provider_client_apps.ex}  | 2 +-
 lib/runtime_config.ex                                        | 3 ++-
 lib/web/controllers/{server => provider}/app_controller.ex   | 3 ++-
 .../{server => provider}/oauth/authorize_controller.ex       | 0
 .../{server => provider}/oauth/introspect_controller.ex      | 0
 .../{server => provider}/oauth/ready_controller.ex           | 0
 .../{server => provider}/oauth/revoke_controller.ex          | 0
 .../{server => provider}/oauth/token_controller.ex           | 2 ++
 .../{server => provider}/openid/authorize_controller.ex      | 0
 .../{server => provider}/openid/jwks_controller.ex           | 0
 .../{server => provider}/openid/userinfo_controller.ex       | 0
 lib/web/views/oauth_view.ex                                  | 5 +++--
 13 files changed, 15 insertions(+), 5 deletions(-)
 create mode 100644 lib/provider/oauth.ex
 rename lib/{server/clients.ex => provider/provider_client_apps.ex} (98%)
 rename lib/web/controllers/{server => provider}/app_controller.ex (92%)
 rename lib/web/controllers/{server => provider}/oauth/authorize_controller.ex (100%)
 rename lib/web/controllers/{server => provider}/oauth/introspect_controller.ex (100%)
 rename lib/web/controllers/{server => provider}/oauth/ready_controller.ex (100%)
 rename lib/web/controllers/{server => provider}/oauth/revoke_controller.ex (100%)
 rename lib/web/controllers/{server => provider}/oauth/token_controller.ex (98%)
 rename lib/web/controllers/{server => provider}/openid/authorize_controller.ex (100%)
 rename lib/web/controllers/{server => provider}/openid/jwks_controller.ex (100%)
 rename lib/web/controllers/{server => provider}/openid/userinfo_controller.ex (100%)

diff --git a/lib/provider/oauth.ex b/lib/provider/oauth.ex
new file mode 100644
index 0000000..c7ddf1d
--- /dev/null
+++ b/lib/provider/oauth.ex
@@ -0,0 +1,5 @@
+defmodule Bonfire.OpenID.Provider.OAuth do
+  def redirect_uri_validate(uri) do
+    nil
+  end
+end
diff --git a/lib/server/clients.ex b/lib/provider/provider_client_apps.ex
similarity index 98%
rename from lib/server/clients.ex
rename to lib/provider/provider_client_apps.ex
index 5ee7de0..f057c74 100644
--- a/lib/server/clients.ex
+++ b/lib/provider/provider_client_apps.ex
@@ -1,4 +1,4 @@
-defmodule Bonfire.OpenID.Clients do
+defmodule Bonfire.OpenID.Provider.ClientApps do
   defdelegate list_clients, to: Boruta.Ecto.Admin
   defdelegate list_scopes, to: Boruta.Ecto.Admin
   defdelegate list_active_tokens, to: Boruta.Ecto.Admin
diff --git a/lib/runtime_config.ex b/lib/runtime_config.ex
index 5917401..13e78c9 100644
--- a/lib/runtime_config.ex
+++ b/lib/runtime_config.ex
@@ -14,7 +14,8 @@ defmodule Bonfire.OpenID.RuntimeConfig do
     #   modularity: :disabled
 
     config :boruta, Boruta.Oauth,
-      issuer: System.get_env("OAUTH_ISSUER", "https://bonfirenetworks.org")
+      issuer: System.get_env("OAUTH_ISSUER", "https://bonfirenetworks.org"),
+      redirect_uri_validation_fun: {Bonfire.OpenID.Provider.OAuth, :redirect_uri_validate}
 
     main_discovery_document_uri = System.get_env("OPENID_1_DISCOVERY")
 
diff --git a/lib/web/controllers/server/app_controller.ex b/lib/web/controllers/provider/app_controller.ex
similarity index 92%
rename from lib/web/controllers/server/app_controller.ex
rename to lib/web/controllers/provider/app_controller.ex
index 941a79d..78d21db 100644
--- a/lib/web/controllers/server/app_controller.ex
+++ b/lib/web/controllers/provider/app_controller.ex
@@ -11,8 +11,9 @@ defmodule Bonfire.API.MastoCompatible.AppController do
     # -F 'website=https://myapp.example' \
     # https://instance.example/api/v1/apps
 
+    # TODO: don't re-create if one already exists
     with {:ok, client} <-
-           Bonfire.OpenID.Clients.new(%{
+           Bonfire.OpenID.Provider.ClientApps.new(%{
              name: String.trim("#{params["client_name"]} #{params["website"]}"),
              redirect_uris: List.wrap(params["redirect_uris"])
              # _: params["scopes"], # TODO
diff --git a/lib/web/controllers/server/oauth/authorize_controller.ex b/lib/web/controllers/provider/oauth/authorize_controller.ex
similarity index 100%
rename from lib/web/controllers/server/oauth/authorize_controller.ex
rename to lib/web/controllers/provider/oauth/authorize_controller.ex
diff --git a/lib/web/controllers/server/oauth/introspect_controller.ex b/lib/web/controllers/provider/oauth/introspect_controller.ex
similarity index 100%
rename from lib/web/controllers/server/oauth/introspect_controller.ex
rename to lib/web/controllers/provider/oauth/introspect_controller.ex
diff --git a/lib/web/controllers/server/oauth/ready_controller.ex b/lib/web/controllers/provider/oauth/ready_controller.ex
similarity index 100%
rename from lib/web/controllers/server/oauth/ready_controller.ex
rename to lib/web/controllers/provider/oauth/ready_controller.ex
diff --git a/lib/web/controllers/server/oauth/revoke_controller.ex b/lib/web/controllers/provider/oauth/revoke_controller.ex
similarity index 100%
rename from lib/web/controllers/server/oauth/revoke_controller.ex
rename to lib/web/controllers/provider/oauth/revoke_controller.ex
diff --git a/lib/web/controllers/server/oauth/token_controller.ex b/lib/web/controllers/provider/oauth/token_controller.ex
similarity index 98%
rename from lib/web/controllers/server/oauth/token_controller.ex
rename to lib/web/controllers/provider/oauth/token_controller.ex
index 98f251f..e5f27ea 100644
--- a/lib/web/controllers/server/oauth/token_controller.ex
+++ b/lib/web/controllers/provider/oauth/token_controller.ex
@@ -16,6 +16,8 @@ defmodule Bonfire.OpenID.Web.Oauth.TokenController do
 
   @impl Boruta.Oauth.TokenApplication
   def token_success(conn, %TokenResponse{} = response) do
+    debug(response)
+
     conn
     |> put_resp_header("pragma", "no-cache")
     |> put_resp_header("cache-control", "no-store")
diff --git a/lib/web/controllers/server/openid/authorize_controller.ex b/lib/web/controllers/provider/openid/authorize_controller.ex
similarity index 100%
rename from lib/web/controllers/server/openid/authorize_controller.ex
rename to lib/web/controllers/provider/openid/authorize_controller.ex
diff --git a/lib/web/controllers/server/openid/jwks_controller.ex b/lib/web/controllers/provider/openid/jwks_controller.ex
similarity index 100%
rename from lib/web/controllers/server/openid/jwks_controller.ex
rename to lib/web/controllers/provider/openid/jwks_controller.ex
diff --git a/lib/web/controllers/server/openid/userinfo_controller.ex b/lib/web/controllers/provider/openid/userinfo_controller.ex
similarity index 100%
rename from lib/web/controllers/server/openid/userinfo_controller.ex
rename to lib/web/controllers/provider/openid/userinfo_controller.ex
diff --git a/lib/web/views/oauth_view.ex b/lib/web/views/oauth_view.ex
index a5d063f..bf88eb4 100644
--- a/lib/web/views/oauth_view.ex
+++ b/lib/web/views/oauth_view.ex
@@ -15,7 +15,7 @@ defmodule Bonfire.OpenID.Web.OauthView do
       }) do
     Enum.filter(
       %{
-        token_type: token_type,
+        token_type: String.capitalize(token_type || "Bearer"),
         access_token: access_token,
         expires_in: expires_in,
         refresh_token: refresh_token,
@@ -26,7 +26,8 @@ defmodule Bonfire.OpenID.Web.OauthView do
         _ -> true
       end
     )
-    |> Enum.into(%{})
+    |> Enum.into(%{created_at: System.os_time(:second)})
+    |> debug()
   end
 
   def render("introspect.json", %{