aboutsummaryrefslogtreecommitdiffstats
path: root/include/api.php
diff options
context:
space:
mode:
authorredmatrix <redmatrix@redmatrix.me>2015-05-25 21:31:23 -0700
committerredmatrix <redmatrix@redmatrix.me>2015-05-25 21:31:23 -0700
commit9e6e41c6cb7b43da80b771e651a5dbdfc3960688 (patch)
tree01bbc1dde19b4b67eb00f8c5232b7a9d4f10d988 /include/api.php
parent9a0264f5d23f08d8dc9b4484c93f630dd91738b8 (diff)
downloadvolse-hubzilla-9e6e41c6cb7b43da80b771e651a5dbdfc3960688.tar.gz
volse-hubzilla-9e6e41c6cb7b43da80b771e651a5dbdfc3960688.tar.bz2
volse-hubzilla-9e6e41c6cb7b43da80b771e651a5dbdfc3960688.zip
slow but forward progress on dynamic client registration
Diffstat (limited to 'include/api.php')
-rw-r--r--include/api.php42
1 files changed, 42 insertions, 0 deletions
diff --git a/include/api.php b/include/api.php
index 788a84208..fa4910833 100644
--- a/include/api.php
+++ b/include/api.php
@@ -435,6 +435,48 @@ require_once('include/items.php');
}
+ function api_client_register(&$a,$type) {
+
+ // This currently isn't providing the correct authentication flow.
+
+ if(! api_user())
+ return false;
+
+ $ret = array();
+ $key = random_string(16);
+ $secret = random_string(16);
+ $name = trim(escape_tags($_REQUEST['application_name']));
+ if(! $name)
+ json_return_and_die($ret);
+ if(is_array($_REQUEST['redirect_uris']))
+ $redirect = trim($_REQUEST['redirect_uris'][0]);
+ else
+ $redirect = trim($_REQUEST['redirect_uris']);
+ $icon = trim($_REQUEST['logo_uri']);
+ $r = q("INSERT INTO clients (client_id, pw, name, redirect_uri, icon, uid)
+ VALUES ('%s','%s','%s','%s','%s',%d)",
+ dbesc($key),
+ dbesc($secret),
+ dbesc($name),
+ dbesc($redirect),
+ dbesc($icon),
+ intval(api_user()),
+ );
+ $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
+ dbesc($key),
+ intval(api_user()),
+ dbesc('all')
+ );
+
+ $ret['client_id'] = $key;
+ $ret['client_secret'] = $secret;
+ $ret['expires_at'] = 0;
+ json_return_and_die($ret);
+ }
+
+ api_register_func('api/client/register','api_client_register', false);
+
+
function api_item_get_user(&$a, $item) {
global $usercache;