aboutsummaryrefslogtreecommitdiffstats
path: root/include
diff options
context:
space:
mode:
authorFabio Comuni <fabrix.xm@gmail.com>2011-11-02 09:54:07 +0100
committerFabio Comuni <fabrix.xm@gmail.com>2011-11-02 09:54:07 +0100
commit69e41f7703bff03dc88e7181961a717ae41330c4 (patch)
tree57b45681f2fa3608bacd76159ad95b425ef0e07e /include
parentff7fc68382bf1359adc31bd65bb6786b7f63e31a (diff)
downloadvolse-hubzilla-69e41f7703bff03dc88e7181961a717ae41330c4.tar.gz
volse-hubzilla-69e41f7703bff03dc88e7181961a717ae41330c4.tar.bz2
volse-hubzilla-69e41f7703bff03dc88e7181961a717ae41330c4.zip
oauth: authorize view, wrong verifier.
Diffstat (limited to 'include')
-rw-r--r--include/oauth.php24
1 files changed, 19 insertions, 5 deletions
diff --git a/include/oauth.php b/include/oauth.php
index 506172491..b84309207 100644
--- a/include/oauth.php
+++ b/include/oauth.php
@@ -5,7 +5,8 @@
*
*/
-define('TOKEN_DURATION', 300);
+define('REQUEST_TOKEN_DURATION', 300);
+define('ACCESS_TOKEN_DURATION', 31536000);
require_once("library/OAuth1.php");
require_once("library/oauth2-php/lib/OAuth2.inc");
@@ -62,7 +63,7 @@ class FKOAuthDataStore extends OAuthDataStore {
dbesc($sec),
dbesc($consumer->key),
'request',
- intval(TOKEN_DURATION));
+ intval(REQUEST_TOKEN_DURATION));
if (!$r) return null;
return new OAuthToken($key,$sec);
}
@@ -75,7 +76,11 @@ class FKOAuthDataStore extends OAuthDataStore {
$ret=Null;
- if (!is_null($token) && $token->expires > time()){
+ // get verifier for this user
+ $uverifier = get_pconfig(local_user(), "oauth", "verifier");
+
+
+ if (is_null($verifier) || ($verifier==$uverifier)){
$key = $this->gen_token();
$sec = $this->gen_token();
@@ -84,13 +89,22 @@ class FKOAuthDataStore extends OAuthDataStore {
dbesc($sec),
dbesc($consumer->$key),
'access',
- intval(TOKEN_DURATION));
+ intval(ACCESS_TOKEN_DURATION));
if ($r)
$ret = new OAuthToken($key,$sec);
}
- q("DELETE FROM tokens WHERE id='%s'", $token->key);
+ //q("DELETE FROM tokens WHERE id='%s'", $token->key);
+
+
+ if (!is_null($ret)){
+ //del_pconfig(local_user(), "oauth", "verifier");
+ $apps = get_pconfig(local_user(), "oauth", "apps");
+ if ($apps===false) $apps=array();
+ $apps[] = $consumer->key;
+ //set_pconfig(local_user(), "oauth", "apps", $apps);
+ }
return $ret;