aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFabio Comuni <fabrix.xm@gmail.com>2011-10-26 17:15:36 +0200
committerFabio Comuni <fabrix.xm@gmail.com>2011-10-26 17:15:36 +0200
commitff7fc68382bf1359adc31bd65bb6786b7f63e31a (patch)
tree1ab031d66e2f281df964f81ad98c2fbe571162f2
parentb06588ffa1c925d0a008a34bf8fa5c316b964b87 (diff)
downloadvolse-hubzilla-ff7fc68382bf1359adc31bd65bb6786b7f63e31a.tar.gz
volse-hubzilla-ff7fc68382bf1359adc31bd65bb6786b7f63e31a.tar.bz2
volse-hubzilla-ff7fc68382bf1359adc31bd65bb6786b7f63e31a.zip
oauthapi: authorize app
-rw-r--r--include/api.php5
-rw-r--r--include/oauth.php1
-rw-r--r--library/OAuth1.php15
-rw-r--r--mod/api.php94
-rw-r--r--mod/settings.php18
5 files changed, 125 insertions, 8 deletions
diff --git a/include/api.php b/include/api.php
index 252caeb8e..2de965681 100644
--- a/include/api.php
+++ b/include/api.php
@@ -1158,9 +1158,8 @@
echo "oauth_token=".$r->key."&oauth_secret=".$r->secret;
killme();
}
- function api_oauth_authorize(&$a, $type){
- }
+
api_register_func('api/oauth/request_token', 'api_oauth_request_token', false);
api_register_func('api/oauth/access_token', 'api_oauth_access_token', false);
- api_register_func('api/oauth/authorize', 'api_oauth_authorize', false);
+
diff --git a/include/oauth.php b/include/oauth.php
index 63d5fcd92..506172491 100644
--- a/include/oauth.php
+++ b/include/oauth.php
@@ -101,6 +101,7 @@ class FKOAuth1 extends OAuthServer {
function __construct() {
parent::__construct(new FKOAuthDataStore());
$this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
+ $this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
}
}
diff --git a/library/OAuth1.php b/library/OAuth1.php
index 67a94c479..604945265 100644
--- a/library/OAuth1.php
+++ b/library/OAuth1.php
@@ -85,7 +85,8 @@ abstract class OAuthSignatureMethod {
*/
public function check_signature($request, $consumer, $token, $signature) {
$built = $this->build_signature($request, $consumer, $token);
- return $built == $signature;
+ //echo "<pre>"; var_dump($signature, $built, ($built == $signature)); killme();
+ return ($built == $signature);
}
}
@@ -113,7 +114,9 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
$key = implode('&', $key_parts);
- return base64_encode(hash_hmac('sha1', $base_string, $key, true));
+
+ $r = base64_encode(hash_hmac('sha1', $base_string, $key, true));
+ return $r;
}
}
@@ -282,7 +285,12 @@ class OAuthRequest {
}
}
-
+ // fix for friendika redirect system
+
+ $http_url = substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q']));
+ unset( $parameters['q'] );
+
+ //echo "<pre>".__function__."\n"; var_dump($http_method, $http_url, $parameters, $_SERVER['REQUEST_URI']); killme();
return new OAuthRequest($http_method, $http_url, $parameters);
}
@@ -642,6 +650,7 @@ class OAuthServer {
$token,
$signature
);
+
if (!$valid_sig) {
throw new OAuthException("Invalid signature");
diff --git a/mod/api.php b/mod/api.php
index fa5e43de9..bc5de0340 100644
--- a/mod/api.php
+++ b/mod/api.php
@@ -2,7 +2,101 @@
require_once('include/api.php');
+function oauth_get_client(){
+ // get consumer/client from request token
+ try {
+ $request = OAuthRequest::from_request();
+ } catch(Exception $e) {
+ echo "<pre>"; var_dump($e); killme();
+ }
+
+ $params = $request->get_parameters();
+ $token = $params['oauth_token'];
+
+ $r = q("SELECT `clients`.*
+ FROM `clients`, `tokens`
+ WHERE `clients`.`client_id`=`tokens`.`client_id`
+ AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
+ dbesc($token));
+
+ if (!count($r))
+ return null;
+
+ return $r[0];
+}
+
+function api_post(&$a) {
+
+ if(! local_user()) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+}
+
function api_content(&$a) {
+ if ($a->cmd=='api/oauth/authorize'){
+ /*
+ * api/oauth/authorize interact with the user. return a standard page
+ */
+
+
+ if (x($_POST,'oauth_yes')){
+
+
+ $app = oauth_get_client();
+ if (is_null($app)) return "Invalid request. Unknown token.";
+ $consumer = new OAuthConsumer($app['key'], $app['secret']);
+
+ // Rev A change
+ $request = OAuthRequest::from_request();
+ $callback = $request->get_parameter('oauth_callback');
+ $datastore = new FKOAuthDataStore();
+ $new_token = $datastore->new_request_token($consumer, $callback);
+
+ $tpl = get_markup_template("oauth_authorize_done.tpl");
+ $o = replace_macros($tpl, array(
+ '$title' => t('Authorize application connection'),
+ '$info' => t('Return to your app and insert this Securty Code:'),
+ '$code' => $new_token->key,
+ ));
+
+ return $o;
+
+
+ }
+
+
+
+ if(! local_user()) {
+ //TODO: we need login form to redirect to this page
+ notice( t('Please login to continue.') . EOL );
+ return login(false);
+ }
+
+ $app = oauth_get_client();
+ if (is_null($app)) return "Invalid request. Unknown token.";
+
+
+ $tpl = get_markup_template('oauth_authorize.tpl');
+ $o = replace_macros($tpl, array(
+ '$title' => t('Authorize application connection'),
+ '$app' => $app,
+ '$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
+ '$yes' => t('Yes'),
+ '$no' => t('No'),
+ ));
+
+ //echo "<pre>"; var_dump($app); killme();
+
+ return $o;
+ }
+
echo api_call($a);
killme();
}
diff --git a/mod/settings.php b/mod/settings.php
index 84f66d263..da2b57cd5 100644
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -340,6 +340,11 @@ function settings_content(&$a) {
'sel' => (($a->argc > 1) && ($a->argv[1] === 'addon')?'active':''),
),
array(
+ 'label' => t('Connections'),
+ 'url' => $a->get_baseurl() . '/settings/oauth',
+ 'sel' => (($a->argc > 1) && ($a->argv[1] === 'oauth')?'active':''),
+ ),
+ array(
'label' => t('Export personal data'),
'url' => $a->get_baseurl() . '/uexport',
'sel' => ''
@@ -351,8 +356,17 @@ function settings_content(&$a) {
'$tabs' => $tabs,
));
-
-
+ if(($a->argc > 1) && ($a->argv[1] === 'oauth')) {
+
+ $tpl = get_markup_template("settings_oauth.tpl");
+ $o .= replace_macros($tpl, array(
+ '$title' => t('Connected Apps'),
+ '$tabs' => $tabs,
+ '$settings_addons' => $settings_addons
+ ));
+ return $o;
+
+ }
if(($a->argc > 1) && ($a->argv[1] === 'addon')) {
$settings_addons = "";