diff options
author | Mario Vavti <mario@mariovavti.com> | 2017-08-16 10:32:35 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2017-08-16 10:32:35 +0200 |
commit | 4a7384bc0ce1893a432bf4b7d67bca23796fe9db (patch) | |
tree | 5623c66a3f66445284529d6207e4ab4a2edb2810 /Zotlabs/Module/Authorize.php | |
parent | c664a4bdcd1bd578f5ec3c2884f7c97e9f68d2d7 (diff) | |
parent | 90bc21f2d560d879d7eaf05a85af6d6dca53ebac (diff) | |
download | volse-hubzilla-2.6.tar.gz volse-hubzilla-2.6.tar.bz2 volse-hubzilla-2.6.zip |
Merge branch '2.6RC'2.6
Diffstat (limited to 'Zotlabs/Module/Authorize.php')
-rw-r--r-- | Zotlabs/Module/Authorize.php | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/Zotlabs/Module/Authorize.php b/Zotlabs/Module/Authorize.php new file mode 100644 index 000000000..06f66c456 --- /dev/null +++ b/Zotlabs/Module/Authorize.php @@ -0,0 +1,71 @@ +<?php + +namespace Zotlabs\Module; + + +class Authorize extends \Zotlabs\Web\Controller { + + + function get() { + + + // workaround for HTTP-auth in CGI mode + if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { + $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + if (x($_SERVER, 'HTTP_AUTHORIZATION')) { + $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + + + + require_once('include/oauth2.php'); + + $request = \OAuth2\Request::createFromGlobals(); + $response = new \OAuth2\Response(); + + // validate the authorize request + if (! $oauth2_server->validateAuthorizeRequest($request, $response)) { + $response->send(); + killme(); + } + + // display an authorization form + if (empty($_POST)) { + + return ' +<form method="post"> + <label>Do You Authorize TestClient?</label><br /> + <input type="submit" name="authorized" value="yes"> + <input type="submit" name="authorized" value="no"> +</form>'; + } + + // print the authorization code if the user has authorized your client + $is_authorized = ($_POST['authorized'] === 'yes'); + $oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized); + if ($is_authorized) { + // this is only here so that you get to see your code in the cURL request. Otherwise, + // we'd redirect back to the client + $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40); + echo("SUCCESS! Authorization Code: $code"); + + } + + $response->send(); + killme(); + } + +}
\ No newline at end of file |