diff options
author | redmatrix <redmatrix@redmatrix.me> | 2015-05-25 21:31:23 -0700 |
---|---|---|
committer | redmatrix <redmatrix@redmatrix.me> | 2015-05-25 21:31:23 -0700 |
commit | 9e6e41c6cb7b43da80b771e651a5dbdfc3960688 (patch) | |
tree | 01bbc1dde19b4b67eb00f8c5232b7a9d4f10d988 | |
parent | 9a0264f5d23f08d8dc9b4484c93f630dd91738b8 (diff) | |
download | volse-hubzilla-9e6e41c6cb7b43da80b771e651a5dbdfc3960688.tar.gz volse-hubzilla-9e6e41c6cb7b43da80b771e651a5dbdfc3960688.tar.bz2 volse-hubzilla-9e6e41c6cb7b43da80b771e651a5dbdfc3960688.zip |
slow but forward progress on dynamic client registration
-rw-r--r-- | include/api.php | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/include/api.php b/include/api.php index 788a84208..fa4910833 100644 --- a/include/api.php +++ b/include/api.php @@ -435,6 +435,48 @@ require_once('include/items.php'); } + function api_client_register(&$a,$type) { + + // This currently isn't providing the correct authentication flow. + + if(! api_user()) + return false; + + $ret = array(); + $key = random_string(16); + $secret = random_string(16); + $name = trim(escape_tags($_REQUEST['application_name'])); + if(! $name) + json_return_and_die($ret); + if(is_array($_REQUEST['redirect_uris'])) + $redirect = trim($_REQUEST['redirect_uris'][0]); + else + $redirect = trim($_REQUEST['redirect_uris']); + $icon = trim($_REQUEST['logo_uri']); + $r = q("INSERT INTO clients (client_id, pw, name, redirect_uri, icon, uid) + VALUES ('%s','%s','%s','%s','%s',%d)", + dbesc($key), + dbesc($secret), + dbesc($name), + dbesc($redirect), + dbesc($icon), + intval(api_user()), + ); + $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", + dbesc($key), + intval(api_user()), + dbesc('all') + ); + + $ret['client_id'] = $key; + $ret['client_secret'] = $secret; + $ret['expires_at'] = 0; + json_return_and_die($ret); + } + + api_register_func('api/client/register','api_client_register', false); + + function api_item_get_user(&$a, $item) { global $usercache; |