mirror of
https://forgejo.ellis.link/continuwuation/continuwuity.git
synced 2026-05-26 20:49:55 +00:00
Ginger
39 lines
1.1 KiB
Rust
39 lines
1.1 KiB
Rust
use std::time::Duration;
|
|
|
|
use axum::extract::State;
|
|
use conduwuit::{Err, Result, utils};
|
|
use ruma::{api::client::account, authentication::TokenType};
|
|
|
|
use super::TOKEN_LENGTH;
|
|
use crate::Ruma;
|
|
|
|
/// # `POST /_matrix/client/v3/user/{userId}/openid/request_token`
|
|
///
|
|
/// Request an OpenID token to verify identity with third-party services.
|
|
///
|
|
/// - The token generated is only valid for the OpenID API
|
|
pub(crate) async fn create_openid_token_route(
|
|
State(services): State<crate::State>,
|
|
body: Ruma<account::request_openid_token::v3::Request>,
|
|
) -> Result<account::request_openid_token::v3::Response> {
|
|
let sender_user = body.identity.sender_user();
|
|
|
|
if sender_user != body.user_id {
|
|
return Err!(Request(InvalidParam(
|
|
"Not allowed to request OpenID tokens on behalf of other users",
|
|
)));
|
|
}
|
|
|
|
let access_token = utils::random_string(TOKEN_LENGTH);
|
|
let expires_in = services
|
|
.users
|
|
.create_openid_token(&body.user_id, &access_token)?;
|
|
|
|
Ok(account::request_openid_token::v3::Response::new(
|
|
access_token,
|
|
TokenType::Bearer,
|
|
services.server.name.clone(),
|
|
Duration::from_secs(expires_in),
|
|
))
|
|
}
|