diff options
author | Mario Vavti <mario@mariovavti.com> | 2018-09-26 16:22:34 +0200 |
---|---|---|
committer | Mario Vavti <mario@mariovavti.com> | 2018-09-26 16:22:34 +0200 |
commit | aab97adb23c65dfc54f4f160742f8066fcd98032 (patch) | |
tree | 6c61d008133b91c12c52eaede830af56e1629dcf /Zotlabs/Module/Settings | |
parent | 91502b4104788b4f2d57da800ffc4c38585de94d (diff) | |
download | volse-hubzilla-aab97adb23c65dfc54f4f160742f8066fcd98032.tar.gz volse-hubzilla-aab97adb23c65dfc54f4f160742f8066fcd98032.tar.bz2 volse-hubzilla-aab97adb23c65dfc54f4f160742f8066fcd98032.zip |
oauth and oauth2 apps manager
Diffstat (limited to 'Zotlabs/Module/Settings')
-rw-r--r-- | Zotlabs/Module/Settings/Oauth.php | 161 | ||||
-rw-r--r-- | Zotlabs/Module/Settings/Oauth2.php | 184 |
2 files changed, 0 insertions, 345 deletions
diff --git a/Zotlabs/Module/Settings/Oauth.php b/Zotlabs/Module/Settings/Oauth.php deleted file mode 100644 index d6576c6de..000000000 --- a/Zotlabs/Module/Settings/Oauth.php +++ /dev/null @@ -1,161 +0,0 @@ -<?php - -namespace Zotlabs\Module\Settings; - - -class Oauth { - - - function post() { - - if(x($_POST,'remove')){ - check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); - - $key = $_POST['remove']; - q("DELETE FROM tokens WHERE id='%s' AND uid=%d", - dbesc($key), - local_channel()); - goaway(z_root()."/settings/oauth/"); - return; - } - - if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) { - - check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth'); - - $name = ((x($_POST,'name')) ? escape_tags($_POST['name']) : ''); - $key = ((x($_POST,'key')) ? escape_tags($_POST['key']) : ''); - $secret = ((x($_POST,'secret')) ? escape_tags($_POST['secret']) : ''); - $redirect = ((x($_POST,'redirect')) ? escape_tags($_POST['redirect']) : ''); - $icon = ((x($_POST,'icon')) ? escape_tags($_POST['icon']) : ''); - $oauth2 = ((x($_POST,'oauth2')) ? intval($_POST['oauth2']) : 0); - $ok = true; - if($name == '') { - $ok = false; - notice( t('Name is required') . EOL); - } - if($key == '' || $secret == '') { - $ok = false; - notice( t('Key and Secret are required') . EOL); - } - - if($ok) { - if ($_POST['submit']==t("Update")){ - $r = q("UPDATE clients SET - client_id='%s', - pw='%s', - clname='%s', - redirect_uri='%s', - icon='%s', - uid=%d - WHERE client_id='%s'", - dbesc($key), - dbesc($secret), - dbesc($name), - dbesc($redirect), - dbesc($icon), - intval(local_channel()), - dbesc($key)); - } else { - $r = q("INSERT INTO clients (client_id, pw, clname, redirect_uri, icon, uid) - VALUES ('%s','%s','%s','%s','%s',%d)", - dbesc($key), - dbesc($secret), - dbesc($name), - dbesc($redirect), - dbesc($icon), - intval(local_channel()) - ); - $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", - dbesc($key), - intval(local_channel()), - dbesc('all') - ); - } - } - goaway(z_root()."/settings/oauth/"); - return; - } - } - - function get() { - - if((argc() > 2) && (argv(2) === 'add')) { - $tpl = get_markup_template("settings_oauth_edit.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_oauth"), - '$title' => t('Add application'), - '$submit' => t('Submit'), - '$cancel' => t('Cancel'), - '$name' => array('name', t('Name'), '', t('Name of application')), - '$key' => array('key', t('Consumer Key'), random_string(16), t('Automatically generated - change if desired. Max length 20')), - '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), - '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), - '$icon' => array('icon', t('Icon url'), '', t('Optional')), - )); - return $o; - } - - if((argc() > 3) && (argv(2) === 'edit')) { - $r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d", - dbesc(argv(3)), - local_channel()); - - if (!count($r)){ - notice(t('Application not found.')); - return; - } - $app = $r[0]; - - $tpl = get_markup_template("settings_oauth_edit.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_oauth"), - '$title' => t('Add application'), - '$submit' => t('Update'), - '$cancel' => t('Cancel'), - '$name' => array('name', t('Name'), $app['clname'] , ''), - '$key' => array('key', t('Consumer Key'), $app['client_id'], ''), - '$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''), - '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''), - '$icon' => array('icon', t('Icon url'), $app['icon'], ''), - )); - return $o; - } - - if((argc() > 3) && (argv(2) === 'delete')) { - check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth', 't'); - - $r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d", - dbesc(argv(3)), - local_channel()); - goaway(z_root()."/settings/oauth/"); - return; - } - - - $r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my - FROM clients - LEFT JOIN tokens ON clients.client_id=tokens.client_id - WHERE clients.uid IN (%d,0)", - local_channel(), - local_channel()); - - - $tpl = get_markup_template("settings_oauth.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_oauth"), - '$baseurl' => z_root(), - '$title' => t('Connected Apps'), - '$add' => t('Add application'), - '$edit' => t('Edit'), - '$delete' => t('Delete'), - '$consumerkey' => t('Client key starts with'), - '$noname' => t('No name'), - '$remove' => t('Remove authorization'), - '$apps' => $r, - )); - return $o; - - } - -}
\ No newline at end of file diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php deleted file mode 100644 index 70fd3a5c3..000000000 --- a/Zotlabs/Module/Settings/Oauth2.php +++ /dev/null @@ -1,184 +0,0 @@ -<?php - -namespace Zotlabs\Module\Settings; - - -class Oauth2 { - - - function post() { - - if(x($_POST,'remove')){ - check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2'); - $name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : ''); - logger("REMOVE! ".$name." uid: ".local_channel()); - $key = $_POST['remove']; - q("DELETE FROM oauth_authorization_codes WHERE client_id='%s' AND user_id=%d", - dbesc($name), - intval(local_channel()) - ); - q("DELETE FROM oauth_access_tokens WHERE client_id='%s' AND user_id=%d", - dbesc($name), - intval(local_channel()) - ); - q("DELETE FROM oauth_refresh_tokens WHERE client_id='%s' AND user_id=%d", - dbesc($name), - intval(local_channel()) - ); - goaway(z_root()."/settings/oauth2/"); - return; - } - - if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) { - - check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2'); - - $name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : ''); - $secret = ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : ''); - $redirect = ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : ''); - $grant = ((x($_POST,'grant')) ? escape_tags(trim($_POST['grant'])) : ''); - $scope = ((x($_POST,'scope')) ? escape_tags(trim($_POST['scope'])) : ''); - - $ok = true; - if($name == '' || $secret == '') { - $ok = false; - notice( t('Name and Secret are required') . EOL); - } - - if($ok) { - if ($_POST['submit']==t("Update")){ - $r = q("UPDATE oauth_clients SET - client_id = '%s', - client_secret = '%s', - redirect_uri = '%s', - grant_types = '%s', - scope = '%s', - user_id = %d - WHERE client_id='%s' and user_id = %s", - dbesc($name), - dbesc($secret), - dbesc($redirect), - dbesc($grant), - dbesc($scope), - intval(local_channel()), - dbesc($name), - intval(local_channel())); - } else { - $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id) - VALUES ('%s','%s','%s','%s','%s',%d)", - dbesc($name), - dbesc($secret), - dbesc($redirect), - dbesc($grant), - dbesc($scope), - intval(local_channel()) - ); - $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", - dbesc($name), - intval(local_channel()), - dbesc('all') - ); - } - } - goaway(z_root()."/settings/oauth2/"); - return; - } - } - - function get() { - - if((argc() > 2) && (argv(2) === 'add')) { - $tpl = get_markup_template("settings_oauth2_edit.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_oauth2"), - '$title' => t('Add OAuth2 application'), - '$submit' => t('Submit'), - '$cancel' => t('Cancel'), - '$name' => array('name', t('Name'), '', t('Name of application')), - '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')), - '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')), - '$grant' => array('grant', t('Grant Types'), '', t('leave blank unless your application sepcifically requires this')), - '$scope' => array('scope', t('Authorization scope'), '', t('leave blank unless your application sepcifically requires this')), - )); - return $o; - } - - if((argc() > 3) && (argv(2) === 'edit')) { - $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= %d", - dbesc(argv(3)), - intval(local_channel()) - ); - - if (! $r){ - notice(t('OAuth2 Application not found.')); - return; - } - - $app = $r[0]; - - $tpl = get_markup_template("settings_oauth2_edit.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_oauth2"), - '$title' => t('Add application'), - '$submit' => t('Update'), - '$cancel' => t('Cancel'), - '$name' => array('name', t('Name'), $app['client_id'], t('Name of application')), - '$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')), - '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')), - '$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application specifically requires this')), - '$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application specifically requires this')), - )); - return $o; - } - - if((argc() > 3) && (argv(2) === 'delete')) { - check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't'); - - $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = %d", - dbesc(argv(3)), - intval(local_channel()) - ); - $r = q("DELETE FROM oauth_access_tokens WHERE client_id = '%s' AND user_id = %d", - dbesc(argv(3)), - intval(local_channel()) - ); - $r = q("DELETE FROM oauth_authorization_codes WHERE client_id = '%s' AND user_id = %d", - dbesc(argv(3)), - intval(local_channel()) - ); - $r = q("DELETE FROM oauth_refresh_tokens WHERE client_id = '%s' AND user_id = %d", - dbesc(argv(3)), - intval(local_channel()) - ); - goaway(z_root()."/settings/oauth2/"); - return; - } - - - $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = %d) AS my - FROM oauth_clients - LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id AND - oauth_clients.user_id=oauth_access_tokens.user_id - WHERE oauth_clients.user_id IN (%d,0)", - intval(local_channel()), - intval(local_channel()) - ); - - $tpl = get_markup_template("settings_oauth2.tpl"); - $o .= replace_macros($tpl, array( - '$form_security_token' => get_form_security_token("settings_oauth2"), - '$baseurl' => z_root(), - '$title' => t('Connected OAuth2 Apps'), - '$add' => t('Add application'), - '$edit' => t('Edit'), - '$delete' => t('Delete'), - '$consumerkey' => t('Client key starts with'), - '$noname' => t('No name'), - '$remove' => t('Remove authorization'), - '$apps' => $r, - )); - return $o; - - } - -} |