diff options
author | zotlabs <mike@macgirvin.com> | 2017-07-05 15:35:05 -0700 |
---|---|---|
committer | zotlabs <mike@macgirvin.com> | 2017-07-05 15:35:05 -0700 |
commit | fca8e0aa6ac9d4f2084371486e906d7e3726a5a5 (patch) | |
tree | 81d27ea002828a42c53541f741bad44684a2c601 /Zotlabs/Module/Authorize.php | |
parent | 41111bcdadcd16ebc4f078fc812eb5a290f185e5 (diff) | |
parent | 8dd9ab05a97f92f9eca5d527e48272f3a44010a8 (diff) | |
download | volse-hubzilla-fca8e0aa6ac9d4f2084371486e906d7e3726a5a5.tar.gz volse-hubzilla-fca8e0aa6ac9d4f2084371486e906d7e3726a5a5.tar.bz2 volse-hubzilla-fca8e0aa6ac9d4f2084371486e906d7e3726a5a5.zip |
Merge branch 'dev' of https://github.com/redmatrix/hubzilla into dev_merge
Diffstat (limited to 'Zotlabs/Module/Authorize.php')
-rw-r--r-- | Zotlabs/Module/Authorize.php | 71 |
1 files changed, 71 insertions, 0 deletions
diff --git a/Zotlabs/Module/Authorize.php b/Zotlabs/Module/Authorize.php new file mode 100644 index 000000000..06f66c456 --- /dev/null +++ b/Zotlabs/Module/Authorize.php @@ -0,0 +1,71 @@ +<?php + +namespace Zotlabs\Module; + + +class Authorize extends \Zotlabs\Web\Controller { + + + function get() { + + + // workaround for HTTP-auth in CGI mode + if (x($_SERVER, 'REDIRECT_REMOTE_USER')) { + $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + if (x($_SERVER, 'HTTP_AUTHORIZATION')) { + $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ; + if(strlen($userpass)) { + list($name, $password) = explode(':', $userpass); + $_SERVER['PHP_AUTH_USER'] = $name; + $_SERVER['PHP_AUTH_PW'] = $password; + } + } + + + + + require_once('include/oauth2.php'); + + $request = \OAuth2\Request::createFromGlobals(); + $response = new \OAuth2\Response(); + + // validate the authorize request + if (! $oauth2_server->validateAuthorizeRequest($request, $response)) { + $response->send(); + killme(); + } + + // display an authorization form + if (empty($_POST)) { + + return ' +<form method="post"> + <label>Do You Authorize TestClient?</label><br /> + <input type="submit" name="authorized" value="yes"> + <input type="submit" name="authorized" value="no"> +</form>'; + } + + // print the authorization code if the user has authorized your client + $is_authorized = ($_POST['authorized'] === 'yes'); + $oauth2_server->handleAuthorizeRequest($request, $response, $is_authorized); + if ($is_authorized) { + // this is only here so that you get to see your code in the cURL request. Otherwise, + // we'd redirect back to the client + $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40); + echo("SUCCESS! Authorization Code: $code"); + + } + + $response->send(); + killme(); + } + +}
\ No newline at end of file |