2024-07-02 21:51:11 -04:00
|
|
|
use std::time::Duration;
|
|
|
|
|
|
2024-07-16 08:05:25 +00:00
|
|
|
use axum::extract::State;
|
2025-04-26 23:50:03 +00:00
|
|
|
use conduwuit::{Err, Result, utils};
|
|
|
|
|
use ruma::{api::client::account, authentication::TokenType};
|
2024-07-02 21:51:11 -04:00
|
|
|
|
|
|
|
|
use super::TOKEN_LENGTH;
|
2025-04-04 03:30:13 +00:00
|
|
|
use crate::Ruma;
|
2024-07-02 21:51:11 -04:00
|
|
|
|
|
|
|
|
/// # `POST /_matrix/client/v3/user/{userId}/openid/request_token`
|
|
|
|
|
///
|
|
|
|
|
/// Request an OpenID token to verify identity with third-party services.
|
|
|
|
|
///
|
|
|
|
|
/// - The token generated is only valid for the OpenID API
|
|
|
|
|
pub(crate) async fn create_openid_token_route(
|
2024-12-15 00:05:47 -05:00
|
|
|
State(services): State<crate::State>,
|
|
|
|
|
body: Ruma<account::request_openid_token::v3::Request>,
|
2024-07-02 21:51:11 -04:00
|
|
|
) -> Result<account::request_openid_token::v3::Response> {
|
2025-04-26 23:06:43 +00:00
|
|
|
let sender_user = body.sender_user();
|
2024-07-02 21:51:11 -04:00
|
|
|
|
2025-04-26 23:06:43 +00:00
|
|
|
if sender_user != body.user_id {
|
2025-04-26 23:50:03 +00:00
|
|
|
return Err!(Request(InvalidParam(
|
2024-07-02 21:51:11 -04:00
|
|
|
"Not allowed to request OpenID tokens on behalf of other users",
|
2025-04-26 23:50:03 +00:00
|
|
|
)));
|
2024-07-02 21:51:11 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
let access_token = utils::random_string(TOKEN_LENGTH);
|
2024-07-16 08:05:25 +00:00
|
|
|
let expires_in = services
|
2024-07-02 21:51:11 -04:00
|
|
|
.users
|
|
|
|
|
.create_openid_token(&body.user_id, &access_token)?;
|
|
|
|
|
|
|
|
|
|
Ok(account::request_openid_token::v3::Response {
|
|
|
|
|
access_token,
|
|
|
|
|
token_type: TokenType::Bearer,
|
2025-01-25 23:41:39 +00:00
|
|
|
matrix_server_name: services.server.name.clone(),
|
2024-07-02 21:51:11 -04:00
|
|
|
expires_in: Duration::from_secs(expires_in),
|
|
|
|
|
})
|
|
|
|
|
}
|
