aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Zotlabs/Module/Settings/Oauth.php11
-rw-r--r--Zotlabs/Module/Settings/Oauth2.php160
-rw-r--r--Zotlabs/Widget/Settings_menu.php10
-rw-r--r--include/features.php13
-rwxr-xr-xview/tpl/settings_oauth2.tpl35
-rwxr-xr-xview/tpl/settings_oauth2_edit.tpl21
-rwxr-xr-xview/tpl/settings_oauth_edit.tpl1
7 files changed, 242 insertions, 9 deletions
diff --git a/Zotlabs/Module/Settings/Oauth.php b/Zotlabs/Module/Settings/Oauth.php
index c612c7667..d6576c6de 100644
--- a/Zotlabs/Module/Settings/Oauth.php
+++ b/Zotlabs/Module/Settings/Oauth.php
@@ -23,11 +23,12 @@ class Oauth {
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
- $name = ((x($_POST,'name')) ? $_POST['name'] : '');
- $key = ((x($_POST,'key')) ? $_POST['key'] : '');
- $secret = ((x($_POST,'secret')) ? $_POST['secret'] : '');
- $redirect = ((x($_POST,'redirect')) ? $_POST['redirect'] : '');
- $icon = ((x($_POST,'icon')) ? $_POST['icon'] : '');
+ $name = ((x($_POST,'name')) ? escape_tags($_POST['name']) : '');
+ $key = ((x($_POST,'key')) ? escape_tags($_POST['key']) : '');
+ $secret = ((x($_POST,'secret')) ? escape_tags($_POST['secret']) : '');
+ $redirect = ((x($_POST,'redirect')) ? escape_tags($_POST['redirect']) : '');
+ $icon = ((x($_POST,'icon')) ? escape_tags($_POST['icon']) : '');
+ $oauth2 = ((x($_POST,'oauth2')) ? intval($_POST['oauth2']) : 0);
$ok = true;
if($name == '') {
$ok = false;
diff --git a/Zotlabs/Module/Settings/Oauth2.php b/Zotlabs/Module/Settings/Oauth2.php
new file mode 100644
index 000000000..88bbea3b8
--- /dev/null
+++ b/Zotlabs/Module/Settings/Oauth2.php
@@ -0,0 +1,160 @@
+<?php
+
+namespace Zotlabs\Module\Settings;
+
+
+class Oauth2 {
+
+
+ function post() {
+
+ if(x($_POST,'remove')){
+ check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
+
+ $key = $_POST['remove'];
+ q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
+ dbesc($key),
+ local_channel());
+ goaway(z_root()."/settings/oauth2/");
+ return;
+ }
+
+ if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) {
+
+ check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
+
+ $name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
+ $secret = ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : '');
+ $redirect = ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : '');
+ $grant = ((x($_POST,'grant')) ? escape_tags(trim($_POST['grant'])) : '');
+ $scope = ((x($_POST,'scope')) ? escape_tags(trim($_POST['scope'])) : '');
+
+ $ok = true;
+ if($name == '' || $secret == '') {
+ $ok = false;
+ notice( t('Name and Secret are required') . EOL);
+ }
+
+ if($ok) {
+ if ($_POST['submit']==t("Update")){
+ $r = q("UPDATE oauth_clients SET
+ client_id = '%s',
+ client_secret = '%s',
+ redirect_uri = '%s',
+ grant_types = '%s',
+ scope = '%s',
+ user_id = '%s'
+ WHERE client_id='%s'",
+ dbesc($name),
+ dbesc($secret),
+ dbesc($redirect),
+ dbesc($grant),
+ dbesc($scope),
+ dbesc(local_channel()),
+ dbesc($name));
+ } else {
+ $r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
+ VALUES ('%s','%s','%s','%s','%s','%s')",
+ dbesc($name),
+ dbesc($secret),
+ dbesc($redirect),
+ dbesc($grant),
+ dbesc($scope),
+ dbesc(local_channel())
+ );
+ $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
+ dbesc($name),
+ intval(local_channel()),
+ dbesc('all')
+ );
+ }
+ }
+ goaway(z_root()."/settings/oauth2/");
+ return;
+ }
+ }
+
+ function get() {
+
+ if((argc() > 2) && (argv(2) === 'add')) {
+ $tpl = get_markup_template("settings_oauth2_edit.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_oauth2"),
+ '$title' => t('Add OAuth2 application'),
+ '$submit' => t('Submit'),
+ '$cancel' => t('Cancel'),
+ '$name' => array('name', t('Name'), '', t('Name of application')),
+ '$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
+ '$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
+ '$grant' => array('grant', t('Grant Types'), '', t('leave blank unless your application sepcifically requires this')),
+ '$scope' => array('scope', t('Authorization scope'), '', t('leave blank unless your application sepcifically requires this')),
+ ));
+ return $o;
+ }
+
+ if((argc() > 3) && (argv(2) === 'edit')) {
+ $r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= '%s'",
+ dbesc(argv(3)),
+ dbesc(local_channel())
+ );
+
+ if (! $r){
+ notice(t('OAuth2 Application not found.'));
+ return;
+ }
+
+ $app = $r[0];
+
+ $tpl = get_markup_template("settings_oauth2_edit.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_oauth2"),
+ '$title' => t('Add application'),
+ '$submit' => t('Update'),
+ '$cancel' => t('Cancel'),
+ '$name' => array('name', t('Name'), $app['client_id'], t('Name of application')),
+ '$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')),
+ '$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')),
+ '$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application sepcifically requires this')),
+ '$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application sepcifically requires this')),
+ ));
+ return $o;
+ }
+
+ if((argc() > 3) && (argv(2) === 'delete')) {
+ check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't');
+
+ $r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = '%s'",
+ dbesc(argv(3)),
+ dbesc(local_channel())
+ );
+ goaway(z_root()."/settings/oauth2/");
+ return;
+ }
+
+
+ $r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = '%s') AS my
+ FROM oauth_clients
+ LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id
+ WHERE oauth_clients.user_id IN ('%s',0)",
+ dbesc(local_channel()),
+ dbesc(local_channel())
+ );
+
+ $tpl = get_markup_template("settings_oauth2.tpl");
+ $o .= replace_macros($tpl, array(
+ '$form_security_token' => get_form_security_token("settings_oauth2"),
+ '$baseurl' => z_root(),
+ '$title' => t('Connected OAuth2 Apps'),
+ '$add' => t('Add application'),
+ '$edit' => t('Edit'),
+ '$delete' => t('Delete'),
+ '$consumerkey' => t('Client key starts with'),
+ '$noname' => t('No name'),
+ '$remove' => t('Remove authorization'),
+ '$apps' => $r,
+ ));
+ return $o;
+
+ }
+
+} \ No newline at end of file
diff --git a/Zotlabs/Widget/Settings_menu.php b/Zotlabs/Widget/Settings_menu.php
index 455fdcb9b..9574becc3 100644
--- a/Zotlabs/Widget/Settings_menu.php
+++ b/Zotlabs/Widget/Settings_menu.php
@@ -81,12 +81,20 @@ class Settings_menu {
if(feature_enabled(local_channel(),'oauth_clients')) {
$tabs[] = array(
- 'label' => t('Connected apps'),
+ 'label' => t('OAuth1 apps'),
'url' => z_root() . '/settings/oauth',
'selected' => ((argv(1) === 'oauth') ? 'active' : ''),
);
}
+ if(feature_enabled(local_channel(),'oauth2_clients')) {
+ $tabs[] = array(
+ 'label' => t('OAuth2 apps'),
+ 'url' => z_root() . '/settings/oauth2',
+ 'selected' => ((argv(1) === 'oauth2') ? 'active' : ''),
+ );
+ }
+
if(feature_enabled(local_channel(),'access_tokens')) {
$tabs[] = array(
'label' => t('Guest Access Tokens'),
diff --git a/include/features.php b/include/features.php
index 5481c37a4..4859a01db 100644
--- a/include/features.php
+++ b/include/features.php
@@ -246,14 +246,23 @@ function get_features($filtered = true) {
[
'oauth_clients',
- t('OAuth Clients'),
- t('Manage authenticatication tokens for mobile and remote apps.'),
+ t('OAuth1 Clients'),
+ t('Manage OAuth1 authenticatication tokens for mobile and remote apps.'),
false,
get_config('feature_lock','oauth_clients'),
feature_level('oauth_clients',1),
],
[
+ 'oauth2_clients',
+ t('OAuth2 Clients'),
+ t('Manage OAuth2 authenticatication tokens for mobile and remote apps.'),
+ false,
+ get_config('feature_lock','oauth2_clients'),
+ feature_level('oauth2_clients',1),
+ ],
+
+ [
'access_tokens',
t('Access Tokens'),
t('Create access tokens so that non-members can access private content.'),
diff --git a/view/tpl/settings_oauth2.tpl b/view/tpl/settings_oauth2.tpl
new file mode 100755
index 000000000..882d34ea9
--- /dev/null
+++ b/view/tpl/settings_oauth2.tpl
@@ -0,0 +1,35 @@
+<div class="generic-content-wrapper">
+<div class="section-title-wrapper">
+ <h2>{{$title}}</h2>
+</div>
+
+<div class="section-content-tools-wrapper">
+<form action="settings/oauth2" method="post" autocomplete="off">
+<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
+
+ <div id="profile-edit-links">
+ <ul>
+ <li>
+ <a id="profile-edit-view-link" href="{{$baseurl}}/settings/oauth2/add">{{$add}}</a>
+ </li>
+ </ul>
+ </div>
+
+ {{foreach $apps as $app}}
+ <div class='oauthapp'>
+ {{if $app.client_id}}<h4>{{$app.client_id}}</h4>{{else}}<h4>{{$noname}}</h4>{{/if}}
+ {{if $app.my}}
+ {{if $app.oauth_token}}
+ <div class="settings-submit-wrapper" ><button class="settings-submit" type="submit" name="remove" value="{{$app.oauth_token}}">{{$remove}}</button></div>
+ {{/if}}
+ {{/if}}
+ {{if $app.my}}
+ <a href="{{$baseurl}}/settings/oauth2/edit/{{$app.client_id}}" title="{{$edit}}"><i class="fa fa-pencil btn btn-outline-secondary"></i></a>
+ <a href="{{$baseurl}}/settings/oauth2/delete/{{$app.client_id}}?t={{$form_security_token}}" title="{{$delete}}"><i class="fa fa-trash-o btn btn-outline-secondary"></i></a>
+ {{/if}}
+ </div>
+ {{/foreach}}
+
+</form>
+</div>
+</div>
diff --git a/view/tpl/settings_oauth2_edit.tpl b/view/tpl/settings_oauth2_edit.tpl
new file mode 100755
index 000000000..399c64977
--- /dev/null
+++ b/view/tpl/settings_oauth2_edit.tpl
@@ -0,0 +1,21 @@
+<div class="generic-content-wrapper">
+ <div class="section-title-wrapper">
+ <h2>{{$title}}</h2>
+ </div>
+<div class="section-content-tools-wrapper">
+<form method="POST">
+<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
+{{include file="field_input.tpl" field=$name}}
+{{include file="field_input.tpl" field=$secret}}
+{{include file="field_input.tpl" field=$redirect}}
+{{include file="field_input.tpl" field=$grant}}
+{{include file="field_input.tpl" field=$scope}}
+
+<div class="settings-submit-wrapper" >
+<input type="submit" name="submit" class="settings-submit" value="{{$submit}}" />
+<input type="submit" name="cancel" class="settings-submit" value="{{$cancel}}" />
+</div>
+
+</form>
+</div>
+</div>
diff --git a/view/tpl/settings_oauth_edit.tpl b/view/tpl/settings_oauth_edit.tpl
index b94dec48a..e44b44723 100755
--- a/view/tpl/settings_oauth_edit.tpl
+++ b/view/tpl/settings_oauth_edit.tpl
@@ -5,7 +5,6 @@
<div class="section-content-tools-wrapper">
<form method="POST">
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
-
{{include file="field_input.tpl" field=$name}}
{{include file="field_input.tpl" field=$key}}
{{include file="field_input.tpl" field=$secret}}