From 729bf77efb0812d0aed6234576fdd06effa5019e Mon Sep 17 00:00:00 2001
From: Vika <vika@fireburn.ru>
Date: Mon, 24 Oct 2022 00:51:46 +0300
Subject: indieauth: parse application metadata

---
 kittybox-rs/src/bin/kittybox-indieauth-helper.rs | 29 +++++++++++++++++++-----
 1 file changed, 23 insertions(+), 6 deletions(-)

(limited to 'kittybox-rs/src/bin')

diff --git a/kittybox-rs/src/bin/kittybox-indieauth-helper.rs b/kittybox-rs/src/bin/kittybox-indieauth-helper.rs
index 37eee5b..e5836d2 100644
--- a/kittybox-rs/src/bin/kittybox-indieauth-helper.rs
+++ b/kittybox-rs/src/bin/kittybox-indieauth-helper.rs
@@ -1,8 +1,13 @@
-use kittybox_indieauth::{AuthorizationRequest, PKCEVerifier, PKCEChallenge, PKCEMethod, GrantRequest, Scope, AuthorizationResponse, TokenData, GrantResponse};
+use kittybox_indieauth::{
+    AuthorizationRequest, PKCEVerifier,
+    PKCEChallenge, PKCEMethod, GrantRequest, Scope,
+    AuthorizationResponse, TokenData, GrantResponse
+};
 use clap::Parser;
 use std::{borrow::Cow, io::Write};
 
 const DEFAULT_CLIENT_ID: &str = "https://kittybox.fireburn.ru/indieauth-helper";
+const DEFAULT_REDIRECT_URI: &str = "http://localhost:60000/callback";
 
 #[derive(Debug, thiserror::Error)]
 enum Error {
@@ -38,6 +43,9 @@ struct Args {
     /// Client ID to use when requesting a token.
     #[clap(short, long, value_parser, default_value = DEFAULT_CLIENT_ID)]
     client_id: url::Url,
+    /// Redirect URI to declare. Note: This will break the flow, use only for testing UI.
+    #[clap(long, value_parser)]
+    redirect_uri: Option<url::Url>
 }
 
 fn append_query_string<T: serde::Serialize>(
@@ -69,7 +77,9 @@ async fn main() -> Result<(), Error> {
         builder.build().unwrap()
     };
 
-    let redirect_uri: url::Url = "http://localhost:60000/callback".parse().unwrap();
+    let redirect_uri: url::Url = args.redirect_uri
+        .clone()
+        .unwrap_or_else(|| DEFAULT_REDIRECT_URI.parse().unwrap());
     
     eprintln!("Checking .well-known for metadata...");
     let metadata = http.get(args.me.join("/.well-known/oauth-authorization-server")?)
@@ -86,7 +96,7 @@ async fn main() -> Result<(), Error> {
         client_id: args.client_id.clone(),
         redirect_uri: redirect_uri.clone(),
         state: kittybox_indieauth::State::new(),
-        code_challenge: PKCEChallenge::new(verifier.clone(), PKCEMethod::default()),
+        code_challenge: PKCEChallenge::new(&verifier, PKCEMethod::default()),
         scope: Some(kittybox_indieauth::Scopes::new(args.scope)),
         me: Some(args.me)
     };
@@ -96,6 +106,13 @@ async fn main() -> Result<(), Error> {
         authorization_request
     )?;
 
+    eprintln!("Please visit the following URL in your browser:\n\n   {}\n", indieauth_url.as_str());
+
+    if args.redirect_uri.is_some() {
+        eprintln!("Custom redirect URI specified, won't be able to catch authorization response.");
+        std::process::exit(0);
+    }
+    
     // Prepare a callback
     let (tx, rx) = tokio::sync::oneshot::channel::<AuthorizationResponse>();
     let server = {
@@ -136,8 +153,6 @@ async fn main() -> Result<(), Error> {
         tokio::task::spawn(server)
     };
     
-    eprintln!("Please visit the following URL in your browser:\n\n   {}\n", indieauth_url.as_str());
-
     let authorization_response = rx.await.unwrap();
 
     // Clean up after the server
@@ -177,7 +192,9 @@ async fn main() -> Result<(), Error> {
         profile,
         access_token,
         expires_in,
-        refresh_token
+        refresh_token,
+        token_type,
+        scope
     } = grant_response {
         eprintln!("Congratulations, {}, access token is ready! {}",
                   me.as_str(),
-- 
cgit 1.4.1