aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Settings
diff options
context:
space:
mode:
authorMario Vavti <mario@mariovavti.com>2018-09-26 16:22:34 +0200
committerMario Vavti <mario@mariovavti.com>2018-09-26 16:22:34 +0200
commitaab97adb23c65dfc54f4f160742f8066fcd98032 (patch)
tree6c61d008133b91c12c52eaede830af56e1629dcf /Zotlabs/Module/Settings
parent91502b4104788b4f2d57da800ffc4c38585de94d (diff)
downloadvolse-hubzilla-aab97adb23c65dfc54f4f160742f8066fcd98032.tar.gz
volse-hubzilla-aab97adb23c65dfc54f4f160742f8066fcd98032.tar.bz2
volse-hubzilla-aab97adb23c65dfc54f4f160742f8066fcd98032.zip
oauth and oauth2 apps manager
Diffstat (limited to 'Zotlabs/Module/Settings')
-rw-r--r--Zotlabs/Module/Settings/Oauth.php161
-rw-r--r--Zotlabs/Module/Settings/Oauth2.php184
2 files changed, 0 insertions, 345 deletions
diff --git a/Zotlabs/Module/Settings/Oauth.php b/Zotlabs/Module/Settings/Oauth.php
deleted file mode 100644
index d6576c6de..000000000
--- a/Zotlabs/Module/Settings/Oauth.php
+++ /dev/null
@@ -1,161 +0,0 @@
-<?php
-
-namespace Zotlabs\Module\Settings;
-
-
-class Oauth {
-
-
- function post() {
-
- if(x($_POST,'remove')){
- check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
-
- $key = $_POST['remove'];
- q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
- dbesc($key),
- local_channel());
- goaway(z_root()."/settings/oauth/");
- return;
- }
-
- if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) {
-
- check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
-
- $name = ((x($_POST,'name')) ? escape_tags($_POST['name']) : '');
- $key = ((x($_POST,'key')) ? escape_tags($_POST['key']) : '');
- $secret = ((x($_POST,'secret')) ? escape_tags($_POST['secret']) : '');
- $redirect = ((x($_POST,'redirect')) ? escape_tags($_POST['redirect']) : '');
- $icon = ((x($_POST,'icon')) ? escape_tags($_POST['icon']) : '');
- $oauth2 = ((x($_POST,'oauth2')) ? intval($_POST['oauth2']) : 0);
- $ok = true;
- if($name == '') {
- $ok = false;
- notice( t('Name is required') . EOL);
- }
- if($key == '' || $secret == '') {
- $ok = false;
- notice( t('Key and Secret are required') . EOL);
- }
-
- if($ok) {
- if ($_POST['submit']==t("Update")){
- $r = q("UPDATE clients SET
- client_id='%s',
- pw='%s',
- clname='%s',
- redirect_uri='%s',
- icon='%s',
- uid=%d
- WHERE client_id='%s'",
- dbesc($key),
- dbesc($secret),
- dbesc($name),
- dbesc($redirect),
- dbesc($icon),
- intval(local_channel()),
- dbesc($key));
- } else {
- $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid)
- VALUES ('%s','%s','%s','%s','%s',%d)",
- dbesc($key),
- dbesc($secret),
- dbesc($name),
- dbesc($redirect),
- dbesc($icon),
- intval(local_channel())
- );
- $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
- dbesc($key),
- intval(local_channel()),
- dbesc('all')
- );
- }
- }
- goaway(z_root()."/settings/oauth/");
- return;
- }
- }
-
- function get() {
-
- if((argc() > 2) && (argv(2) === 'add')) {
- $tpl = get_markup_template("settings_oauth_edit.tpl");
- $o .= replace_macros($tpl, array(
- '$form_security_token' => get_form_security_token("settings_oauth"),
- '$title' => t('Add application'),
- '$submit' => t('Submit'),
- '$cancel' => t('Cancel'),
- '$name' => array('name', t('Name'), '', t('Name of application')),
- '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
- '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
- '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
- '$icon' => array('icon', t('Icon url'), '', t('Optional')),
- ));
- return $o;
- }
-
- if((argc() > 3) && (argv(2) === 'edit')) {
- $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d",
- dbesc(argv(3)),
- local_channel());
-
- if (!count($r)){
- notice(t('Application not found.'));
- return;
- }
- $app = $r[0];
-
- $tpl = get_markup_template("settings_oauth_edit.tpl");
- $o .= replace_macros($tpl, array(
- '$form_security_token' => get_form_security_token("settings_oauth"),
- '$title' => t('Add application'),
- '$submit' => t('Update'),
- '$cancel' => t('Cancel'),
- '$name' => array('name', t('Name'), $app['clname'] , ''),
- '$key' => array('key', t('Consumer Key'), $app['client_id'], ''),
- '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''),
- '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''),
- '$icon' => array('icon', t('Icon url'), $app['icon'], ''),
- ));
- return $o;
- }
-
- if((argc() > 3) && (argv(2) === 'delete')) {
- check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't');
-
- $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d",
- dbesc(argv(3)),
- local_channel());
- goaway(z_root()."/settings/oauth/");
- return;
- }
-
-
- $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my
- FROM clients
- LEFT JOIN tokens ON clients.client_id=tokens.client_id
- WHERE clients.uid IN (%d,0)",
- local_channel(),
- local_channel());
-
-
- $tpl = get_markup_template("settings_oauth.tpl");
- $o .= replace_macros($tpl, array(
- '$form_security_token' => get_form_security_token("settings_oauth"),
- '$baseurl' => z_root(),
- '$title' => t('Connected Apps'),
- '$add' => t('Add application'),
- '$edit' => t('Edit'),
- '$delete' => t('Delete'),
- '$consumerkey' => t('Client key starts with'),
- '$noname' => t('No name'),
- '$remove' => t('Remove authorization'),
- '$apps' => $r,
- ));
- return $o;
-
- }
-
-} \ No newline at end of file
diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php
deleted file mode 100644
index 70fd3a5c3..000000000
--- a/Zotlabs/Module/Settings/Oauth2.php
+++ /dev/null
@@ -1,184 +0,0 @@
-<?php
-
-namespace Zotlabs\Module\Settings;
-
-
-class Oauth2 {
-
-
- function post() {
-
- if(x($_POST,'remove')){
- check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
- $name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
- logger("REMOVE! ".$name." uid: ".local_channel());
- $key = $_POST['remove'];
- q("DELETE FROM oauth_authorization_codes WHERE client_id='%s' AND user_id=%d",
- dbesc($name),
- intval(local_channel())
- );
- q("DELETE FROM oauth_access_tokens WHERE client_id='%s' AND user_id=%d",
- dbesc($name),
- intval(local_channel())
- );
- q("DELETE FROM oauth_refresh_tokens WHERE client_id='%s' AND user_id=%d",
- dbesc($name),
- intval(local_channel())
- );
- goaway(z_root()."/settings/oauth2/");
- return;
- }
-
- if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) {
-
- check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
-
- $name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
- $secret = ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : '');
- $redirect = ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : '');
- $grant = ((x($_POST,'grant')) ? escape_tags(trim($_POST['grant'])) : '');
- $scope = ((x($_POST,'scope')) ? escape_tags(trim($_POST['scope'])) : '');
-
- $ok = true;
- if($name == '' || $secret == '') {
- $ok = false;
- notice( t('Name and Secret are required') . EOL);
- }
-
- if($ok) {
- if ($_POST['submit']==t("Update")){
- $r = q("UPDATE oauth_clients SET
- client_id = '%s',
- client_secret = '%s',
- redirect_uri = '%s',
- grant_types = '%s',
- scope = '%s',
- user_id = %d
- WHERE client_id='%s' and user_id = %s",
- dbesc($name),
- dbesc($secret),
- dbesc($redirect),
- dbesc($grant),
- dbesc($scope),
- intval(local_channel()),
- dbesc($name),
- intval(local_channel()));
- } else {
- $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
- VALUES ('%s','%s','%s','%s','%s',%d)",
- dbesc($name),
- dbesc($secret),
- dbesc($redirect),
- dbesc($grant),
- dbesc($scope),
- intval(local_channel())
- );
- $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
- dbesc($name),
- intval(local_channel()),
- dbesc('all')
- );
- }
- }
- goaway(z_root()."/settings/oauth2/");
- return;
- }
- }
-
- function get() {
-
- if((argc() > 2) && (argv(2) === 'add')) {
- $tpl = get_markup_template("settings_oauth2_edit.tpl");
- $o .= replace_macros($tpl, array(
- '$form_security_token' => get_form_security_token("settings_oauth2"),
- '$title' => t('Add OAuth2 application'),
- '$submit' => t('Submit'),
- '$cancel' => t('Cancel'),
- '$name' => array('name', t('Name'), '', t('Name of application')),
- '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
- '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
- '$grant' => array('grant', t('Grant Types'), '', t('leave blank unless your application sepcifically requires this')),
- '$scope' => array('scope', t('Authorization scope'), '', t('leave blank unless your application sepcifically requires this')),
- ));
- return $o;
- }
-
- if((argc() > 3) && (argv(2) === 'edit')) {
- $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= %d",
- dbesc(argv(3)),
- intval(local_channel())
- );
-
- if (! $r){
- notice(t('OAuth2 Application not found.'));
- return;
- }
-
- $app = $r[0];
-
- $tpl = get_markup_template("settings_oauth2_edit.tpl");
- $o .= replace_macros($tpl, array(
- '$form_security_token' => get_form_security_token("settings_oauth2"),
- '$title' => t('Add application'),
- '$submit' => t('Update'),
- '$cancel' => t('Cancel'),
- '$name' => array('name', t('Name'), $app['client_id'], t('Name of application')),
- '$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')),
- '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')),
- '$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application specifically requires this')),
- '$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application specifically requires this')),
- ));
- return $o;
- }
-
- if((argc() > 3) && (argv(2) === 'delete')) {
- check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't');
-
- $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = %d",
- dbesc(argv(3)),
- intval(local_channel())
- );
- $r = q("DELETE FROM oauth_access_tokens WHERE client_id = '%s' AND user_id = %d",
- dbesc(argv(3)),
- intval(local_channel())
- );
- $r = q("DELETE FROM oauth_authorization_codes WHERE client_id = '%s' AND user_id = %d",
- dbesc(argv(3)),
- intval(local_channel())
- );
- $r = q("DELETE FROM oauth_refresh_tokens WHERE client_id = '%s' AND user_id = %d",
- dbesc(argv(3)),
- intval(local_channel())
- );
- goaway(z_root()."/settings/oauth2/");
- return;
- }
-
-
- $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my
- FROM oauth_clients
- LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id AND
- oauth_clients.user_id=oauth_access_tokens.user_id
- WHERE oauth_clients.user_id IN (%d,0)",
- intval(local_channel()),
- intval(local_channel())
- );
-
- $tpl = get_markup_template("settings_oauth2.tpl");
- $o .= replace_macros($tpl, array(
- '$form_security_token' => get_form_security_token("settings_oauth2"),
- '$baseurl' => z_root(),
- '$title' => t('Connected OAuth2 Apps'),
- '$add' => t('Add application'),
- '$edit' => t('Edit'),
- '$delete' => t('Delete'),
- '$consumerkey' => t('Client key starts with'),
- '$noname' => t('No name'),
- '$remove' => t('Remove authorization'),
- '$apps' => $r,
- ));
- return $o;
-
- }
-
-}