From a24e5ff4f952888a88fba3586ecae3cfde391870 Mon Sep 17 00:00:00 2001 From: Cathy Hu Date: Sat, 5 Sep 2020 21:32:10 +0200 Subject: [PATCH] [twitter] Make twitter callback private --- .../src/app/core/api/api/twitter.service.ts | 24 +++++++++++++++---- .../twitter-callback.component.ts | 3 ++- kibicara/platforms/twitter/webapi.py | 4 +++- tests/test_api_twitter_create_bot.py | 8 +++++-- 4 files changed, 31 insertions(+), 8 deletions(-) diff --git a/kibicara-frontend/src/app/core/api/api/twitter.service.ts b/kibicara-frontend/src/app/core/api/api/twitter.service.ts index e8c09de..229a575 100644 --- a/kibicara-frontend/src/app/core/api/api/twitter.service.ts +++ b/kibicara-frontend/src/app/core/api/api/twitter.service.ts @@ -88,19 +88,23 @@ export class TwitterService { * Twitter Read Callback * @param oauthToken * @param oauthVerifier + * @param hoodId * @param observe set whether or not to return the data Observable as the body, response or events. defaults to returning the body. * @param reportProgress flag to report request and response progress. */ - public callbackTwitter(oauthToken: string, oauthVerifier: string, observe?: 'body', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable; - public callbackTwitter(oauthToken: string, oauthVerifier: string, observe?: 'response', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable>; - public callbackTwitter(oauthToken: string, oauthVerifier: string, observe?: 'events', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable>; - public callbackTwitter(oauthToken: string, oauthVerifier: string, observe: any = 'body', reportProgress: boolean = false, options?: {httpHeaderAccept?: 'application/json'}): Observable { + public callbackTwitter(oauthToken: string, oauthVerifier: string, hoodId: number, observe?: 'body', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable; + public callbackTwitter(oauthToken: string, oauthVerifier: string, hoodId: number, observe?: 'response', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable>; + public callbackTwitter(oauthToken: string, oauthVerifier: string, hoodId: number, observe?: 'events', reportProgress?: boolean, options?: {httpHeaderAccept?: 'application/json'}): Observable>; + public callbackTwitter(oauthToken: string, oauthVerifier: string, hoodId: number, observe: any = 'body', reportProgress: boolean = false, options?: {httpHeaderAccept?: 'application/json'}): Observable { if (oauthToken === null || oauthToken === undefined) { throw new Error('Required parameter oauthToken was null or undefined when calling callbackTwitter.'); } if (oauthVerifier === null || oauthVerifier === undefined) { throw new Error('Required parameter oauthVerifier was null or undefined when calling callbackTwitter.'); } + if (hoodId === null || hoodId === undefined) { + throw new Error('Required parameter hoodId was null or undefined when calling callbackTwitter.'); + } let queryParameters = new HttpParams({encoder: this.encoder}); if (oauthToken !== undefined && oauthToken !== null) { @@ -111,9 +115,21 @@ export class TwitterService { queryParameters = this.addToHttpParams(queryParameters, oauthVerifier, 'oauth_verifier'); } + if (hoodId !== undefined && hoodId !== null) { + queryParameters = this.addToHttpParams(queryParameters, + hoodId, 'hood_id'); + } let headers = this.defaultHeaders; + // authentication (OAuth2PasswordBearer) required + if (this.configuration.accessToken) { + const accessToken = typeof this.configuration.accessToken === 'function' + ? this.configuration.accessToken() + : this.configuration.accessToken; + headers = headers.set('Authorization', 'Bearer ' + accessToken); + } + let httpHeaderAcceptSelected: string | undefined = options && options.httpHeaderAccept; if (httpHeaderAcceptSelected === undefined) { // to determine the Accept header diff --git a/kibicara-frontend/src/app/platforms/twitter/twitter-callback/twitter-callback.component.ts b/kibicara-frontend/src/app/platforms/twitter/twitter-callback/twitter-callback.component.ts index 47f28a0..ef0fde3 100644 --- a/kibicara-frontend/src/app/platforms/twitter/twitter-callback/twitter-callback.component.ts +++ b/kibicara-frontend/src/app/platforms/twitter/twitter-callback/twitter-callback.component.ts @@ -23,7 +23,8 @@ export class TwitterCallbackComponent implements OnInit { this.twitterService .callbackTwitter( this.route.snapshot.queryParams.oauth_token, - this.route.snapshot.queryParams.oauth_verifier + this.route.snapshot.queryParams.oauth_verifier, + this.route.snapshot.queryParams.hood ) .subscribe(() => { this.router.navigate([ diff --git a/kibicara/platforms/twitter/webapi.py b/kibicara/platforms/twitter/webapi.py index 522b355..b1cd51f 100644 --- a/kibicara/platforms/twitter/webapi.py +++ b/kibicara/platforms/twitter/webapi.py @@ -147,7 +147,9 @@ async def twitter_create(response: Response, hood=Depends(get_hood)): # TODO response_model operation_id='callback_twitter', ) -async def twitter_read_callback(oauth_token: str, oauth_verifier: str): +async def twitter_read_callback( + oauth_token: str, oauth_verifier: str, hood=Depends(get_hood) +): try: twitter = await Twitter.objects.filter(access_token=oauth_token).get() access_token = await get_access_token( diff --git a/tests/test_api_twitter_create_bot.py b/tests/test_api_twitter_create_bot.py index bfa8468..c49b124 100644 --- a/tests/test_api_twitter_create_bot.py +++ b/tests/test_api_twitter_create_bot.py @@ -99,7 +99,9 @@ def test_twitter_create_bot( # Twitter callback endpoint should enable bot response = client.get( '/api/twitter/callback', + headers=auth_header, params={ + 'hood_id': hood_id, 'oauth_token': twitter_request_response['oauth_token'], 'oauth_verifier': 'oauth_verifier123', }, @@ -113,9 +115,11 @@ def test_twitter_create_bot( assert twitter.enabled -def test_twitter_callback_invalid_oauth_token(client): +def test_twitter_callback_invalid_oauth_token(client, auth_header): response = client.get( - '/api/twitter/callback', params={'oauth_token': 'abc', 'oauth_verifier': 'def'} + '/api/twitter/callback', + headers=auth_header, + params={'hood_id': '1', 'oauth_token': 'abc', 'oauth_verifier': 'def'}, ) assert response.status_code == status.HTTP_404_NOT_FOUND