diff options
author | Fabio Comuni <fabrix.xm@gmail.com> | 2011-10-26 17:15:36 +0200 |
---|---|---|
committer | Fabio Comuni <fabrix.xm@gmail.com> | 2011-10-26 17:15:36 +0200 |
commit | ff7fc68382bf1359adc31bd65bb6786b7f63e31a (patch) | |
tree | 1ab031d66e2f281df964f81ad98c2fbe571162f2 /mod | |
parent | b06588ffa1c925d0a008a34bf8fa5c316b964b87 (diff) | |
download | volse-hubzilla-ff7fc68382bf1359adc31bd65bb6786b7f63e31a.tar.gz volse-hubzilla-ff7fc68382bf1359adc31bd65bb6786b7f63e31a.tar.bz2 volse-hubzilla-ff7fc68382bf1359adc31bd65bb6786b7f63e31a.zip |
oauthapi: authorize app
Diffstat (limited to 'mod')
-rw-r--r-- | mod/api.php | 94 | ||||
-rw-r--r-- | mod/settings.php | 18 |
2 files changed, 110 insertions, 2 deletions
diff --git a/mod/api.php b/mod/api.php index fa5e43de9..bc5de0340 100644 --- a/mod/api.php +++ b/mod/api.php @@ -2,7 +2,101 @@ require_once('include/api.php'); +function oauth_get_client(){ + // get consumer/client from request token + try { + $request = OAuthRequest::from_request(); + } catch(Exception $e) { + echo "<pre>"; var_dump($e); killme(); + } + + $params = $request->get_parameters(); + $token = $params['oauth_token']; + + $r = q("SELECT `clients`.* + FROM `clients`, `tokens` + WHERE `clients`.`client_id`=`tokens`.`client_id` + AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'", + dbesc($token)); + + if (!count($r)) + return null; + + return $r[0]; +} + +function api_post(&$a) { + + if(! local_user()) { + notice( t('Permission denied.') . EOL); + return; + } + + if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) { + notice( t('Permission denied.') . EOL); + return; + } + +} + function api_content(&$a) { + if ($a->cmd=='api/oauth/authorize'){ + /* + * api/oauth/authorize interact with the user. return a standard page + */ + + + if (x($_POST,'oauth_yes')){ + + + $app = oauth_get_client(); + if (is_null($app)) return "Invalid request. Unknown token."; + $consumer = new OAuthConsumer($app['key'], $app['secret']); + + // Rev A change + $request = OAuthRequest::from_request(); + $callback = $request->get_parameter('oauth_callback'); + $datastore = new FKOAuthDataStore(); + $new_token = $datastore->new_request_token($consumer, $callback); + + $tpl = get_markup_template("oauth_authorize_done.tpl"); + $o = replace_macros($tpl, array( + '$title' => t('Authorize application connection'), + '$info' => t('Return to your app and insert this Securty Code:'), + '$code' => $new_token->key, + )); + + return $o; + + + } + + + + if(! local_user()) { + //TODO: we need login form to redirect to this page + notice( t('Please login to continue.') . EOL ); + return login(false); + } + + $app = oauth_get_client(); + if (is_null($app)) return "Invalid request. Unknown token."; + + + $tpl = get_markup_template('oauth_authorize.tpl'); + $o = replace_macros($tpl, array( + '$title' => t('Authorize application connection'), + '$app' => $app, + '$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'), + '$yes' => t('Yes'), + '$no' => t('No'), + )); + + //echo "<pre>"; var_dump($app); killme(); + + return $o; + } + echo api_call($a); killme(); } diff --git a/mod/settings.php b/mod/settings.php index 84f66d263..da2b57cd5 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -340,6 +340,11 @@ function settings_content(&$a) { 'sel' => (($a->argc > 1) && ($a->argv[1] === 'addon')?'active':''), ), array( + 'label' => t('Connections'), + 'url' => $a->get_baseurl() . '/settings/oauth', + 'sel' => (($a->argc > 1) && ($a->argv[1] === 'oauth')?'active':''), + ), + array( 'label' => t('Export personal data'), 'url' => $a->get_baseurl() . '/uexport', 'sel' => '' @@ -351,8 +356,17 @@ function settings_content(&$a) { '$tabs' => $tabs, )); - - + if(($a->argc > 1) && ($a->argv[1] === 'oauth')) { + + $tpl = get_markup_template("settings_oauth.tpl"); + $o .= replace_macros($tpl, array( + '$title' => t('Connected Apps'), + '$tabs' => $tabs, + '$settings_addons' => $settings_addons + )); + return $o; + + } if(($a->argc > 1) && ($a->argv[1] === 'addon')) { $settings_addons = ""; |