func regenerateOAuthSecret(c *Context, w http.ResponseWriter, r *http.Request) { if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider { c.Err = model.NewLocAppError("registerOAuthApp", "api.oauth.register_oauth_app.turn_off.app_error", nil, "") c.Err.StatusCode = http.StatusNotImplemented return } isSystemAdmin := c.IsSystemAdmin() if *utils.Cfg.ServiceSettings.EnableOnlyAdminIntegrations { if !isSystemAdmin { c.Err = model.NewLocAppError("registerOAuthApp", "api.command.admin_only.app_error", nil, "") c.Err.StatusCode = http.StatusForbidden return } } params := mux.Vars(r) id := params["id"] if len(id) == 0 { c.SetInvalidParam("regenerateOAuthSecret", "id") return } var app *model.OAuthApp if result := <-Srv.Store.OAuth().GetApp(id); result.Err != nil { c.Err = model.NewLocAppError("regenerateOAuthSecret", "api.oauth.allow_oauth.database.app_error", nil, "") return } else { app = result.Data.(*model.OAuthApp) //validate that is a System Admin or the same user that registered the app if !isSystemAdmin && app.CreatorId != c.Session.UserId { c.Err = model.NewLocAppError("regenerateOAuthSecret", "api.oauth.regenerate_secret.app_error", nil, "") return } app.ClientSecret = model.NewId() if update := <-Srv.Store.OAuth().UpdateApp(app); update.Err != nil { c.Err = update.Err return } w.Write([]byte(app.ToJson())) return } }
func getOAuthAppInfo(c *Context, w http.ResponseWriter, r *http.Request) { if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider { c.Err = model.NewLocAppError("getOAuthAppInfo", "api.oauth.allow_oauth.turn_off.app_error", nil, "") c.Err.StatusCode = http.StatusNotImplemented return } params := mux.Vars(r) clientId := params["client_id"] var app *model.OAuthApp if result := <-Srv.Store.OAuth().GetApp(clientId); result.Err != nil { c.Err = model.NewLocAppError("getOAuthAppInfo", "api.oauth.allow_oauth.database.app_error", nil, "") return } else { app = result.Data.(*model.OAuthApp) } app.Sanitize() w.Write([]byte(app.ToJson())) }
func regenerateOAuthSecret(c *Context, w http.ResponseWriter, r *http.Request) { if !utils.Cfg.ServiceSettings.EnableOAuthServiceProvider { c.Err = model.NewLocAppError("registerOAuthApp", "api.oauth.register_oauth_app.turn_off.app_error", nil, "") c.Err.StatusCode = http.StatusNotImplemented return } params := mux.Vars(r) id := params["id"] if len(id) == 0 { c.SetInvalidParam("regenerateOAuthSecret", "id") return } var app *model.OAuthApp if result := <-Srv.Store.OAuth().GetApp(id); result.Err != nil { c.Err = model.NewLocAppError("regenerateOAuthSecret", "api.oauth.allow_oauth.database.app_error", nil, "") return } else { app = result.Data.(*model.OAuthApp) if app.CreatorId != c.Session.UserId && !HasPermissionToContext(c, model.PERMISSION_MANAGE_SYSTEM_WIDE_OAUTH) { c.Err = model.NewLocAppError("registerOAuthApp", "api.command.admin_only.app_error", nil, "") c.Err.StatusCode = http.StatusForbidden return } app.ClientSecret = model.NewId() if update := <-Srv.Store.OAuth().UpdateApp(app); update.Err != nil { c.Err = update.Err return } w.Write([]byte(app.ToJson())) return } }