diff options
| -rw-r--r-- | include/api.php | 5 | ||||
| -rw-r--r-- | include/oauth.php | 1 | ||||
| -rw-r--r-- | library/OAuth1.php | 15 | ||||
| -rw-r--r-- | mod/api.php | 94 | ||||
| -rw-r--r-- | mod/settings.php | 18 |
5 files changed, 125 insertions, 8 deletions
diff --git a/include/api.php b/include/api.php index 252caeb8e..2de965681 100644 --- a/include/api.php +++ b/include/api.php @@ -1158,9 +1158,8 @@ echo "oauth_token=".$r->key."&oauth_secret=".$r->secret; killme(); } - function api_oauth_authorize(&$a, $type){ - } + api_register_func('api/oauth/request_token', 'api_oauth_request_token', false); api_register_func('api/oauth/access_token', 'api_oauth_access_token', false); - api_register_func('api/oauth/authorize', 'api_oauth_authorize', false); + diff --git a/include/oauth.php b/include/oauth.php index 63d5fcd92..506172491 100644 --- a/include/oauth.php +++ b/include/oauth.php @@ -101,6 +101,7 @@ class FKOAuth1 extends OAuthServer { function __construct() { parent::__construct(new FKOAuthDataStore()); $this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT()); + $this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1()); } } diff --git a/library/OAuth1.php b/library/OAuth1.php index 67a94c479..604945265 100644 --- a/library/OAuth1.php +++ b/library/OAuth1.php @@ -85,7 +85,8 @@ abstract class OAuthSignatureMethod { */ public function check_signature($request, $consumer, $token, $signature) { $built = $this->build_signature($request, $consumer, $token); - return $built == $signature; + //echo "<pre>"; var_dump($signature, $built, ($built == $signature)); killme(); + return ($built == $signature); } } @@ -113,7 +114,9 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { $key_parts = OAuthUtil::urlencode_rfc3986($key_parts); $key = implode('&', $key_parts); - return base64_encode(hash_hmac('sha1', $base_string, $key, true)); + + $r = base64_encode(hash_hmac('sha1', $base_string, $key, true)); + return $r; } } @@ -282,7 +285,12 @@ class OAuthRequest { } } - + // fix for friendika redirect system + + $http_url = substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q'])); + unset( $parameters['q'] ); + + //echo "<pre>".__function__."\n"; var_dump($http_method, $http_url, $parameters, $_SERVER['REQUEST_URI']); killme(); return new OAuthRequest($http_method, $http_url, $parameters); } @@ -642,6 +650,7 @@ class OAuthServer { $token, $signature ); + if (!$valid_sig) { throw new OAuthException("Invalid signature"); diff --git a/mod/api.php b/mod/api.php index fa5e43de9..bc5de0340 100644 --- a/mod/api.php +++ b/mod/api.php @@ -2,7 +2,101 @@ require_once('include/api.php'); +function oauth_get_client(){ + // get consumer/client from request token + try { + $request = OAuthRequest::from_request(); + } catch(Exception $e) { + echo "<pre>"; var_dump($e); killme(); + } + + $params = $request->get_parameters(); + $token = $params['oauth_token']; + + $r = q("SELECT `clients`.* + FROM `clients`, `tokens` + WHERE `clients`.`client_id`=`tokens`.`client_id` + AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'", + dbesc($token)); + + if (!count($r)) + return null; + + return $r[0]; +} + +function api_post(&$a) { + + if(! local_user()) { + notice( t('Permission denied.') . EOL); + return; + } + + if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) { + notice( t('Permission denied.') . EOL); + return; + } + +} + function api_content(&$a) { + if ($a->cmd=='api/oauth/authorize'){ + /* + * api/oauth/authorize interact with the user. return a standard page + */ + + + if (x($_POST,'oauth_yes')){ + + + $app = oauth_get_client(); + if (is_null($app)) return "Invalid request. Unknown token."; + $consumer = new OAuthConsumer($app['key'], $app['secret']); + + // Rev A change + $request = OAuthRequest::from_request(); + $callback = $request->get_parameter('oauth_callback'); + $datastore = new FKOAuthDataStore(); + $new_token = $datastore->new_request_token($consumer, $callback); + + $tpl = get_markup_template("oauth_authorize_done.tpl"); + $o = replace_macros($tpl, array( + '$title' => t('Authorize application connection'), + '$info' => t('Return to your app and insert this Securty Code:'), + '$code' => $new_token->key, + )); + + return $o; + + + } + + + + if(! local_user()) { + //TODO: we need login form to redirect to this page + notice( t('Please login to continue.') . EOL ); + return login(false); + } + + $app = oauth_get_client(); + if (is_null($app)) return "Invalid request. Unknown token."; + + + $tpl = get_markup_template('oauth_authorize.tpl'); + $o = replace_macros($tpl, array( + '$title' => t('Authorize application connection'), + '$app' => $app, + '$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'), + '$yes' => t('Yes'), + '$no' => t('No'), + )); + + //echo "<pre>"; var_dump($app); killme(); + + return $o; + } + echo api_call($a); killme(); } diff --git a/mod/settings.php b/mod/settings.php index 84f66d263..da2b57cd5 100644 --- a/mod/settings.php +++ b/mod/settings.php @@ -340,6 +340,11 @@ function settings_content(&$a) { 'sel' => (($a->argc > 1) && ($a->argv[1] === 'addon')?'active':''), ), array( + 'label' => t('Connections'), + 'url' => $a->get_baseurl() . '/settings/oauth', + 'sel' => (($a->argc > 1) && ($a->argv[1] === 'oauth')?'active':''), + ), + array( 'label' => t('Export personal data'), 'url' => $a->get_baseurl() . '/uexport', 'sel' => '' @@ -351,8 +356,17 @@ function settings_content(&$a) { '$tabs' => $tabs, )); - - + if(($a->argc > 1) && ($a->argv[1] === 'oauth')) { + + $tpl = get_markup_template("settings_oauth.tpl"); + $o .= replace_macros($tpl, array( + '$title' => t('Connected Apps'), + '$tabs' => $tabs, + '$settings_addons' => $settings_addons + )); + return $o; + + } if(($a->argc > 1) && ($a->argv[1] === 'addon')) { $settings_addons = ""; |