aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Api.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module/Api.php')
-rw-r--r--Zotlabs/Module/Api.php55
1 files changed, 23 insertions, 32 deletions
diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php
index e4744c29f..7f8aed48d 100644
--- a/Zotlabs/Module/Api.php
+++ b/Zotlabs/Module/Api.php
@@ -8,20 +8,15 @@ require_once('include/api.php');
class Api extends \Zotlabs\Web\Controller {
function post() {
-
if(! local_channel()) {
notice( t('Permission denied.') . EOL);
return;
}
- if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) {
- notice( t('Permission denied.') . EOL);
- return;
- }
-
}
- function get() {
+ function get() {
+
if(\App::$cmd=='api/oauth/authorize'){
/*
@@ -33,7 +28,8 @@ class Api extends \Zotlabs\Web\Controller {
// get consumer/client from request token
try {
$request = OAuth1Request::from_request();
- } catch(Exception $e) {
+ }
+ catch(Exception $e) {
echo "<pre>"; var_dump($e); killme();
}
@@ -41,17 +37,20 @@ class Api extends \Zotlabs\Web\Controller {
if(x($_POST,'oauth_yes')){
$app = $this->oauth_get_client($request);
- if (is_null($app)) return "Invalid request. Unknown token.";
+ if (is_null($app))
+ return "Invalid request. Unknown token.";
+
$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
$verifier = md5($app['secret'].local_channel());
set_config("oauth", $verifier, local_channel());
- if($consumer->callback_url!=null) {
+ if($consumer->callback_url != null) {
$params = $request->get_parameters();
- $glue="?";
- if (strstr($consumer->callback_url,$glue)) $glue="?";
+ $glue = '?';
+ if(strstr($consumer->callback_url,$glue))
+ $glue = '?';
goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
killme();
}
@@ -59,7 +58,7 @@ class Api extends \Zotlabs\Web\Controller {
$tpl = get_markup_template("oauth_authorize_done.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Authorize application connection'),
- '$info' => t('Return to your app and insert this Securty Code:'),
+ '$info' => t('Return to your app and insert this Security Code:'),
'$code' => $verifier,
));
@@ -72,14 +71,11 @@ class Api extends \Zotlabs\Web\Controller {
notice( t('Please login to continue.') . EOL );
return login(false,'api-login',$request->get_parameters());
}
- //FKOAuth1::loginUser(4);
$app = $this->oauth_get_client($request);
- if (is_null($app)) return "Invalid request. Unknown token.";
-
-
-
-
+ if (is_null($app))
+ return "Invalid request. Unknown token.";
+
$tpl = get_markup_template('oauth_authorize.tpl');
$o = replace_macros($tpl, array(
'$title' => t('Authorize application connection'),
@@ -100,23 +96,18 @@ class Api extends \Zotlabs\Web\Controller {
function oauth_get_client($request){
-
$params = $request->get_parameters();
- $token = $params['oauth_token'];
+ $token = $params['oauth_token'];
- $r = q("SELECT `clients`.*
- FROM `clients`, `tokens`
- WHERE `clients`.`client_id`=`tokens`.`client_id`
- AND `tokens`.`id`='%s' AND `tokens`.`auth_scope`='request'",
- dbesc($token));
+ $r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id
+ AND tokens.id = '%s' AND tokens.auth_scope = 'request' ",
+ dbesc($token)
+ );
+ if($r)
+ return $r[0];
- if (!count($r))
- return null;
+ return null;
- return $r[0];
}
-
-
-
}