default to identity in url path, extend facebook tokens

2025-01-01 19:46:36 +03:00 · 2016-01-26 12:32:52 -08:00 · 2016-01-26 12:32:52 -08:00 · db981d4db3
commit db981d4db3
parent c7196a689c
4 changed files with 17 additions and 11 deletions
--- a/arvo/eyre.hoon
+++ b/arvo/eyre.hoon
@ -1716,7 +1716,7 @@
        ?>((~(nest ut p:!>(*sec-move)) %& p.b) ~)
      =+  opt=|.((sa (turn a head)))
      |-
-      ?~  a  ~|(allowed=*opt !!)
+      ?~  a  ~|(allowed=(opt) !!)
      ?:  =(p.i.a -.q.b)
        (q.i.a (spec b))
      $(a t.a)
@ -1737,6 +1737,7 @@
      %+  on-error  dead-this  |.
      %-  allow  :~
        give/do-give
+        send/(do-send %in)
        redo/,_pump(..vi (give-html 200 ~ exit:xml))
      ==
    ::
--- a/lib/oauth2.hoon
+++ b/lib/oauth2.hoon
@ -37,7 +37,7 @@
 ::::
  ::
 |=  [dialog=[p=host q=path r=quay] code-exchange=path]
-=+  state-usr=&
+=+  state-usr=|
 |_  [(bale keys) scope=(list cord)]
 ++  client-id      cid:(decode-keys key)
 ++  client-secret  cis:(decode-keys key)
@ -67,7 +67,7 @@
  ?~  refresh  (otherwise a)
  ?:  (lth expires (add now ~m1))
    (otherwise a)
-  [%send toke-url (toke-req 'refresh_token' refresh-token/refresh ~)]
+  (toke-req 'refresh_token' refresh-token/refresh ~)
 ::  
 ++  out-filtered
  |=  [tok=token aut=$+(hiss hiss)]
@ -86,7 +86,8 @@
  |=(a=hiss %_(a q.q (~(add ja q.q.a) hed)))
 ::
 ++  toke-req
-  |=  [grant-type=cord quy=quay]  ^-  moth 
+  |=  [grant-type=cord quy=quay]  ^-  [%send hiss]
+  :+  %send  toke-url
  :+  %post  (mo ~[content-type/~['application/x-www-form-urlencoded']])
  =-  `(tact +:(tail:earn -))
  %-  fass
@ -100,7 +101,7 @@
 ++  in-code
  |=  a=quay  ^-  sec-move
  =+  code=~|(%no-code (~(got by (mo a)) %code))
-  [%send toke-url (toke-req 'authorization_code' code/code ~)]
+  (toke-req 'authorization_code' code/code ~)
 ::
 ++  token-type  'token_type'^(cu cass sa):jo
 ++  expires-in  'expires_in'^ni:jo
--- a/sec/com/facebook/graph.hoon
+++ b/sec/com/facebook/graph.hoon
@ -9,9 +9,13 @@
 ++  out  (out-quay:auth 'access_token'^access-token)
 ++  in   in-code:auth
 ++  bak
-  %-  (bak-parse-access:auth . expires-in.aut ~)
-  |=  [access-token=token.aut expires-in=@u]
-  =+  token-expires=`@da`(add now.bal (mul ~s1 expires-in))
-  ~&  authenticated-until/token-expires   :: XX handle timeout
-  +>.$(access-token access-token)
+  |=  res=httr
+  =+  a=auth
+  ?:  (bad-response.a p.res)  [%redo ~]
+  =+  ^-  [access-token=@t expires-in=@u]
+      (grab-json.a res (ot:jo access-token expires-in ~):a)
+  ?:  (lth expires-in ^~((div ~d7 ~s1)))  ::  short-lived token
+    (toke-req:a 'fb_exchange_token' fb-exchange-token/access-token ~)
+  [[%redo ~] ..bak(access-token access-token)]
+::++  wipe  !!
 --
--- a/sec/com/slack.hoon
+++ b/sec/com/slack.hoon
@ -4,7 +4,7 @@
  ::
 =+  aut=(oauth2 [`/com/slack /oauth/authorize ~] /api/'oauth.access')
 |_  [(bale keys:oauth2) tok=token.aut]
-++  aut  ~(. ^aut(state-usr |) +<- /client/admin)
++  aut  ~(. ^aut +<- /client/admin)
 ++  out  (out-quay:aut 'token'^tok)
 ++  in   in-code:aut
 ++  bak  ((bak-parse-access:aut . ~) |=(tok=token:aut +>(tok tok)))