aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Authorize.php
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2018-08-14 13:04:37 +0200
committerMario Vavti <mario@mariovavti.com>2018-08-14 13:04:37 +0200
commit10c5b46e3bb4cfa76cbe7158f5eba54809cd0d79 (patch)
treedfa20f7e1010f76a9f4b6b7b395cdb57744725e3 /Zotlabs/Module/Authorize.php
parentb503ef8761e3efd04bf1d1498109344d9ecdb738 (diff)
parentf15c1c4e54a49d1e76747ca5e3034ca2cef909aa (diff)
downloadvolse-hubzilla-10c5b46e3bb4cfa76cbe7158f5eba54809cd0d79.tar.gz
volse-hubzilla-10c5b46e3bb4cfa76cbe7158f5eba54809cd0d79.tar.bz2
volse-hubzilla-10c5b46e3bb4cfa76cbe7158f5eba54809cd0d79.zip
Merge remote-tracking branch 'mike/master' into dev
Diffstat (limited to 'Zotlabs/Module/Authorize.php')
-rw-r--r--Zotlabs/Module/Authorize.php58
1 files changed, 32 insertions, 26 deletions
diff --git a/Zotlabs/Module/Authorize.php b/Zotlabs/Module/Authorize.php
index e042848d8..c6709f602 100644
--- a/Zotlabs/Module/Authorize.php
+++ b/Zotlabs/Module/Authorize.php
@@ -7,27 +7,34 @@ use Zotlabs\Identity\OAuth2Storage;
class Authorize extends \Zotlabs\Web\Controller {
function get() {
- if (!local_channel()) {
+ if (! local_channel()) {
return login();
- } else {
- // TODO: Fully implement the dynamic client registration protocol:
- // OpenID Connect Dynamic Client Registration 1.0 Client Metadata
- // http://openid.net/specs/openid-connect-registration-1_0.html
- $app = array(
- 'name' => (x($_REQUEST, 'client_name') ? urldecode($_REQUEST['client_name']) : t('Unknown App')),
- 'icon' => (x($_REQUEST, 'logo_uri') ? urldecode($_REQUEST['logo_uri']) : z_root() . '/images/icons/plugin.png'),
- 'url' => (x($_REQUEST, 'client_uri') ? urldecode($_REQUEST['client_uri']) : ''),
- );
- $o .= replace_macros(get_markup_template('oauth_authorize.tpl'), array(
- '$title' => t('Authorize'),
- '$authorize' => sprintf( t('Do you authorize the app %s to access your channel data?'), '<a style="float: none;" href="' . $app['url'] . '">' . $app['name'] . '</a> '),
- '$app' => $app,
- '$yes' => t('Allow'),
- '$no' => t('Deny'),
- '$client_id' => (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : ''),
+ }
+ else {
+
+ $name = $_REQUEST['client_name'];
+ if(! $name) {
+ $name = (($_REQUEST['client_id']) ?: t('Unknown App'));
+ }
+
+ $app = [
+ 'name' => $name,
+ 'icon' => (x($_REQUEST, 'logo_uri') ? $_REQUEST['logo_uri'] : z_root() . '/images/icons/plugin.png'),
+ 'url' => (x($_REQUEST, 'client_uri') ? $_REQUEST['client_uri'] : ''),
+ ];
+
+ $link = (($app['url']) ? '<a style="float: none;" href="' . $app['url'] . '">' . $app['name'] . '</a> ' : $app['name']);
+
+ $o .= replace_macros(get_markup_template('oauth_authorize.tpl'), [
+ '$title' => t('Authorize'),
+ '$authorize' => sprintf( t('Do you authorize the app %s to access your channel data?'), $link ),
+ '$app' => $app,
+ '$yes' => t('Allow'),
+ '$no' => t('Deny'),
+ '$client_id' => (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : ''),
'$redirect_uri' => (x($_REQUEST, 'redirect_uri') ? $_REQUEST['redirect_uri'] : ''),
- '$state' => (x($_REQUEST, 'state') ? $_REQUEST['state'] : ''),
- ));
+ '$state' => (x($_REQUEST, 'state') ? $_REQUEST['state'] : ''),
+ ]);
return $o;
}
}
@@ -60,17 +67,16 @@ class Authorize extends \Zotlabs\Web\Controller {
$request = \OAuth2\Request::createFromGlobals();
$response = new \OAuth2\Response();
- // Note, "sub" field must match type and content. $user_id is used to populate - make sure it's a string.
- $channel = channelx_by_n(local_channel());
- $user_id = $channel["channel_id"];
+ // Note, "sub" field must match type and content. $user_id is used to populate - make sure it's a string.
+ $channel = channelx_by_n(local_channel());
+ $user_id = $channel['channel_id'];
// If the client is not registered, add to the database
if (!$client = $storage->getClientDetails($client_id)) {
- // Until "Dynamic Client Registration" is pursued - allow new clients to assign their own secret in the REQUEST
- $client_secret = (isset($_REQUEST["client_secret"])) ? $_REQUEST["client_secret"] : random_string(16);
+ // Until "Dynamic Client Registration" is pursued - allow new clients to assign their own secret in the REQUEST
+ $client_secret = (isset($_REQUEST['client_secret'])) ? $_REQUEST['client_secret'] : random_string(16);
// Client apps are registered per channel
- $storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', urldecode($_REQUEST["scope"]), $user_id);
-
+ $storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', $_REQUEST['scope'], $user_id);
}
if (!$client = $storage->getClientDetails($client_id)) {
// There was an error registering the client.