diff options
author | Andrew Manning <tamanning@zoho.com> | 2016-04-20 21:05:01 -0400 |
---|---|---|
committer | Andrew Manning <tamanning@zoho.com> | 2016-04-20 21:05:01 -0400 |
commit | b96eb1c8230ae2f5986d6f22934c606bbca9728e (patch) | |
tree | fecd2279927b61da28801094dc7d6b1cfa8d98fe /Zotlabs/Module/Api.php | |
parent | 7594796ee11c0b245d02d145868a13ac3d84ebfc (diff) | |
parent | 635580091a227529cb491e6441a5acbfff3177be (diff) | |
download | volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.tar.gz volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.tar.bz2 volse-hubzilla-b96eb1c8230ae2f5986d6f22934c606bbca9728e.zip |
Merge branch 'dev' into toggle-context-help
Diffstat (limited to 'Zotlabs/Module/Api.php')
-rw-r--r-- | Zotlabs/Module/Api.php | 122 |
1 files changed, 122 insertions, 0 deletions
diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php new file mode 100644 index 000000000..3e7f23b6c --- /dev/null +++ b/Zotlabs/Module/Api.php @@ -0,0 +1,122 @@ +<?php +namespace Zotlabs\Module; + +require_once('include/api.php'); + + + +class Api extends \Zotlabs\Web\Controller { + + function post() { + + if(! local_channel()) { + notice( t('Permission denied.') . EOL); + return; + } + + if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) { + notice( t('Permission denied.') . EOL); + return; + } + + } + + function get() { + if(\App::$cmd=='api/oauth/authorize'){ + + /* + * api/oauth/authorize interact with the user. return a standard page + */ + + \App::$page['template'] = "minimal"; + + // get consumer/client from request token + try { + $request = OAuth1Request::from_request(); + } catch(Exception $e) { + echo "<pre>"; var_dump($e); killme(); + } + + + if(x($_POST,'oauth_yes')){ + + $app = $this->oauth_get_client($request); + if (is_null($app)) return "Invalid request. Unknown token."; + $consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']); + + $verifier = md5($app['secret'].local_channel()); + set_config("oauth", $verifier, local_channel()); + + + if($consumer->callback_url!=null) { + $params = $request->get_parameters(); + $glue="?"; + if (strstr($consumer->callback_url,$glue)) $glue="?"; + goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier)); + killme(); + } + + $tpl = get_markup_template("oauth_authorize_done.tpl"); + $o = replace_macros($tpl, array( + '$title' => t('Authorize application connection'), + '$info' => t('Return to your app and insert this Securty Code:'), + '$code' => $verifier, + )); + + return $o; + } + + + if(! local_channel()) { + //TODO: we need login form to redirect to this page + notice( t('Please login to continue.') . EOL ); + return login(false,'api-login',$request->get_parameters()); + } + //FKOAuth1::loginUser(4); + + $app = $this->oauth_get_client($request); + if (is_null($app)) return "Invalid request. Unknown token."; + + + + + $tpl = get_markup_template('oauth_authorize.tpl'); + $o = replace_macros($tpl, array( + '$title' => t('Authorize application connection'), + '$app' => $app, + '$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'), + '$yes' => t('Yes'), + '$no' => t('No'), + )); + + //echo "<pre>"; var_dump($app); killme(); + + return $o; + } + + echo api_call($a); + killme(); + } + + function oauth_get_client($request){ + + + $params = $request->get_parameters(); + $token = $params['oauth_token']; + + $r = q("SELECT `clients`.* + FROM `clients`, `tokens` + WHERE `clients`.`client_id`=`tokens`.`client_id` + AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'", + dbesc($token)); + + if (!count($r)) + return null; + + return $r[0]; + } + + + + +} |