aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Oauth.php
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2018-09-26 16:22:34 +0200
committerMario Vavti <mario@mariovavti.com>2018-09-26 16:22:34 +0200
commitaab97adb23c65dfc54f4f160742f8066fcd98032 (patch)
tree6c61d008133b91c12c52eaede830af56e1629dcf /Zotlabs/Module/Oauth.php
parent91502b4104788b4f2d57da800ffc4c38585de94d (diff)
downloadvolse-hubzilla-aab97adb23c65dfc54f4f160742f8066fcd98032.tar.gz
volse-hubzilla-aab97adb23c65dfc54f4f160742f8066fcd98032.tar.bz2
volse-hubzilla-aab97adb23c65dfc54f4f160742f8066fcd98032.zip
oauth and oauth2 apps manager
Diffstat (limited to 'Zotlabs/Module/Oauth.php')
-rw-r--r--Zotlabs/Module/Oauth.php177
1 files changed, 177 insertions, 0 deletions
diff --git a/Zotlabs/Module/Oauth.php b/Zotlabs/Module/Oauth.php
new file mode 100644
index 000000000..196209308
--- /dev/null
+++ b/Zotlabs/Module/Oauth.php
@@ -0,0 +1,177 @@
+<?php
+
+namespace Zotlabs\Module;
+
+use App;
+use Zotlabs\Lib\Apps;
+use Zotlabs\Web\Controller;
+
+class Oauth extends Controller {
+
+
+ function post() {
+
+ if(! Apps::system_app_installed(local_channel(), 'OAuth'))
+ return;
+
+ if(x($_POST,'remove')){
+ check_form_security_token_redirectOnErr('/oauth', 'oauth');
+
+ $key = $_POST['remove'];
+ q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
+ dbesc($key),
+ local_channel());
+ goaway(z_root()."/oauth");
+ return;
+ }
+
+ if((argc() > 1) && (argv(1) === 'edit' || argv(1) === 'add') && x($_POST,'submit')) {
+
+ check_form_security_token_redirectOnErr('oauth', 'oauth');
+
+ $name = ((x($_POST,'name')) ? escape_tags($_POST['name']) : '');
+ $key = ((x($_POST,'key')) ? escape_tags($_POST['key']) : '');
+ $secret = ((x($_POST,'secret')) ? escape_tags($_POST['secret']) : '');
+ $redirect = ((x($_POST,'redirect')) ? escape_tags($_POST['redirect']) : '');
+ $icon = ((x($_POST,'icon')) ? escape_tags($_POST['icon']) : '');
+ $oauth2 = ((x($_POST,'oauth2')) ? intval($_POST['oauth2']) : 0);
+ $ok = true;
+ if($name == '') {
+ $ok = false;
+ notice( t('Name is required') . EOL);
+ }
+ if($key == '' || $secret == '') {
+ $ok = false;
+ notice( t('Key and Secret are required') . EOL);
+ }
+
+ if($ok) {
+ if ($_POST['submit']==t("Update")){
+ $r = q("UPDATE clients SET
+ client_id='%s',
+ pw='%s',
+ clname='%s',
+ redirect_uri='%s',
+ icon='%s',
+ uid=%d
+ WHERE client_id='%s'",
+ dbesc($key),
+ dbesc($secret),
+ dbesc($name),
+ dbesc($redirect),
+ dbesc($icon),
+ intval(local_channel()),
+ dbesc($key));
+ } else {
+ $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid)
+ VALUES ('%s','%s','%s','%s','%s',%d)",
+ dbesc($key),
+ dbesc($secret),
+ dbesc($name),
+ dbesc($redirect),
+ dbesc($icon),
+ intval(local_channel())
+ );
+ $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
+ dbesc($key),
+ intval(local_channel()),
+ dbesc('all')
+ );
+ }
+ }
+ goaway(z_root()."/oauth");
+ return;
+ }
+ }
+
+ function get() {
+
+ if(! Apps::system_app_installed(local_channel(), 'OAuth Apps Manager')) {
+ //Do not display any associated widgets at this point
+ App::$pdl = '';
+
+ $o = '<b>OAuth App (Not Installed):</b><br>';
+ $o .= t('An OAuth apps manager');
+ return $o;
+ }
+
+
+ if((argc() > 1) && (argv(1) === 'add')) {
+ $tpl = get_markup_template("oauth_edit.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("oauth"),
+ '$title' => t('Add application'),
+ '$submit' => t('Submit'),
+ '$cancel' => t('Cancel'),
+ '$name' => array('name', t('Name'), '', t('Name of application')),
+ '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
+ '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
+ '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
+ '$icon' => array('icon', t('Icon url'), '', t('Optional')),
+ ));
+ return $o;
+ }
+
+ if((argc() > 2) && (argv(1) === 'edit')) {
+ $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d",
+ dbesc(argv(2)),
+ local_channel());
+
+ if (!count($r)){
+ notice(t('Application not found.'));
+ return;
+ }
+ $app = $r[0];
+
+ $tpl = get_markup_template("oauth_edit.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("oauth"),
+ '$title' => t('Add application'),
+ '$submit' => t('Update'),
+ '$cancel' => t('Cancel'),
+ '$name' => array('name', t('Name'), $app['clname'] , ''),
+ '$key' => array('key', t('Consumer Key'), $app['client_id'], ''),
+ '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''),
+ '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''),
+ '$icon' => array('icon', t('Icon url'), $app['icon'], ''),
+ ));
+ return $o;
+ }
+
+ if((argc() > 2) && (argv(1) === 'delete')) {
+ check_form_security_token_redirectOnErr('/oauth', 'oauth', 't');
+
+ $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d",
+ dbesc(argv(2)),
+ local_channel());
+ goaway(z_root()."/oauth");
+ return;
+ }
+
+
+ $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my
+ FROM clients
+ LEFT JOIN tokens ON clients.client_id=tokens.client_id
+ WHERE clients.uid IN (%d,0)",
+ local_channel(),
+ local_channel());
+
+
+ $tpl = get_markup_template("oauth.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("oauth"),
+ '$baseurl' => z_root(),
+ '$title' => t('Connected OAuth Apps'),
+ '$add' => t('Add application'),
+ '$edit' => t('Edit'),
+ '$delete' => t('Delete'),
+ '$consumerkey' => t('Client key starts with'),
+ '$noname' => t('No name'),
+ '$remove' => t('Remove authorization'),
+ '$apps' => $r,
+ ));
+ return $o;
+
+ }
+
+}