[twitter] Make twitter callback private

kibicara-frontend/src/app/core/api/api/twitter.service.ts

@@ -88,19 +88,23 @@ export class TwitterService {
      * Twitter Read Callback
      * @param oauthToken 
      * @param oauthVerifier 
+     * @param hoodId 
      * @param observe set whether or not to return the data Observable as the body, response or events. defaults to returning the body.
      * @param reportProgress flag to report request and response progress.
      */
-    public callbackTwitter(oauthToken: string, oauthVerifier: string, observe?: 'body', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable<any>;
-    public callbackTwitter(oauthToken: string, oauthVerifier: string, observe?: 'response', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable<HttpResponse<any>>;
-    public callbackTwitter(oauthToken: string, oauthVerifier: string, observe?: 'events', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable<HttpEvent<any>>;
-    public callbackTwitter(oauthToken: string, oauthVerifier: string, observe: any = 'body', reportProgress: boolean = false, options?: {httpHeaderAccept?: 'application/json'}): Observable<any> {
+    public callbackTwitter(oauthToken: string, oauthVerifier: string, hoodId: number, observe?: 'body', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable<any>;
+    public callbackTwitter(oauthToken: string, oauthVerifier: string, hoodId: number, observe?: 'response', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable<HttpResponse<any>>;
+    public callbackTwitter(oauthToken: string, oauthVerifier: string, hoodId: number, observe?: 'events', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable<HttpEvent<any>>;
+    public callbackTwitter(oauthToken: string, oauthVerifier: string, hoodId: number, observe: any = 'body', reportProgress: boolean = false, options?: {httpHeaderAccept?: 'application/json'}): Observable<any> {
         if (oauthToken === null || oauthToken === undefined) {
             throw new Error('Required parameter oauthToken was null or undefined when calling callbackTwitter.');
         }
         if (oauthVerifier === null || oauthVerifier === undefined) {
             throw new Error('Required parameter oauthVerifier was null or undefined when calling callbackTwitter.');
         }
+        if (hoodId === null || hoodId === undefined) {
+            throw new Error('Required parameter hoodId was null or undefined when calling callbackTwitter.');
+        }
 
         let queryParameters = new HttpParams({encoder: this.encoder});
         if (oauthToken !== undefined && oauthToken !== null) {
@@ -111,9 +115,21 @@ export class TwitterService {
           queryParameters = this.addToHttpParams(queryParameters,
             <any>oauthVerifier, 'oauth_verifier');
         }
+        if (hoodId !== undefined && hoodId !== null) {
+          queryParameters = this.addToHttpParams(queryParameters,
+            <any>hoodId, 'hood_id');
+        }
 
         let headers = this.defaultHeaders;
 
+        // authentication (OAuth2PasswordBearer) required
+        if (this.configuration.accessToken) {
+            const accessToken = typeof this.configuration.accessToken === 'function'
+                ? this.configuration.accessToken()
+                : this.configuration.accessToken;
+            headers = headers.set('Authorization', 'Bearer ' + accessToken);
+        }
+
         let httpHeaderAcceptSelected: string | undefined = options && options.httpHeaderAccept;
         if (httpHeaderAcceptSelected === undefined) {
             // to determine the Accept header

kibicara-frontend/src/app/platforms/twitter/twitter-callback/twitter-callback.component.ts

@@ -23,7 +23,8 @@ export class TwitterCallbackComponent implements OnInit {
       this.twitterService
         .callbackTwitter(
           this.route.snapshot.queryParams.oauth_token,
-          this.route.snapshot.queryParams.oauth_verifier
+          this.route.snapshot.queryParams.oauth_verifier,
+          this.route.snapshot.queryParams.hood
         )
         .subscribe(() => {
           this.router.navigate([

kibicara/platforms/twitter/webapi.py

@@ -147,7 +147,9 @@ async def twitter_create(response: Response, hood=Depends(get_hood)):
     # TODO response_model
     operation_id='callback_twitter',
 )
-async def twitter_read_callback(oauth_token: str, oauth_verifier: str):
+async def twitter_read_callback(
+    oauth_token: str, oauth_verifier: str, hood=Depends(get_hood)
+):
     try:
         twitter = await Twitter.objects.filter(access_token=oauth_token).get()
         access_token = await get_access_token(

tests/test_api_twitter_create_bot.py

@@ -99,7 +99,9 @@ def test_twitter_create_bot(
     # Twitter callback endpoint should enable bot
     response = client.get(
         '/api/twitter/callback',
+        headers=auth_header,
         params={
+            'hood_id': hood_id,
             'oauth_token': twitter_request_response['oauth_token'],
             'oauth_verifier': 'oauth_verifier123',
         },
@@ -113,9 +115,11 @@ def test_twitter_create_bot(
     assert twitter.enabled
 
 
-def test_twitter_callback_invalid_oauth_token(client):
+def test_twitter_callback_invalid_oauth_token(client, auth_header):
     response = client.get(
-        '/api/twitter/callback', params={'oauth_token': 'abc', 'oauth_verifier': 'def'}
+        '/api/twitter/callback',
+        headers=auth_header,
+        params={'hood_id': '1', 'oauth_token': 'abc', 'oauth_verifier': 'def'},
     )
     assert response.status_code == status.HTTP_404_NOT_FOUND