diff options
Diffstat (limited to 'Zotlabs/Module/Api.php')
| -rw-r--r-- | Zotlabs/Module/Api.php | 54 |
1 files changed, 27 insertions, 27 deletions
diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php index aa0fca54d..5b835ac51 100644 --- a/Zotlabs/Module/Api.php +++ b/Zotlabs/Module/Api.php @@ -24,42 +24,42 @@ class Api extends \Zotlabs\Web\Controller { notice( t('Permission denied.') . EOL); return; } - + } - + function get() { if(\App::$cmd === 'api/oauth/authorize'){ - - /* + + /* * api/oauth/authorize interact with the user. return a standard page */ - + \App::$page['template'] = 'minimal'; - + // get consumer/client from request token try { $request = \OAuth1Request::from_request(); } catch(\Exception $e) { logger('OAuth exception: ' . print_r($e,true)); - // echo "<pre>"; var_dump($e); + // echo "<pre>"; var_dump($e); killme(); } - - + + if(x($_POST,'oauth_yes')){ - + $app = $this->oauth_get_client($request); - if (is_null($app)) + if (is_null($app)) return "Invalid request. Unknown token."; $consumer = new \OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']); - + $verifier = md5($app['secret'] . local_channel()); set_config('oauth', $verifier, local_channel()); - - + + if($consumer->callback_url != null) { $params = $request->get_parameters(); $glue = '?'; @@ -68,28 +68,28 @@ class Api extends \Zotlabs\Web\Controller { goaway($consumer->callback_url . $glue . "oauth_token=" . \OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . \OAuth1Util::urlencode_rfc3986($verifier)); killme(); } - + $tpl = get_markup_template("oauth_authorize_done.tpl"); $o = replace_macros($tpl, array( '$title' => t('Authorize application connection'), '$info' => t('Return to your app and insert this Security Code:'), '$code' => $verifier, )); - + return $o; } - - + + if(! local_channel()) { //TODO: we need login form to redirect to this page notice( t('Please login to continue.') . EOL ); return login(false,'api-login',$request->get_parameters()); } - + $app = $this->oauth_get_client($request); if (is_null($app)) return "Invalid request. Unknown token."; - + $tpl = get_markup_template('oauth_authorize.tpl'); $o = replace_macros($tpl, array( '$title' => t('Authorize application connection'), @@ -98,12 +98,12 @@ class Api extends \Zotlabs\Web\Controller { '$yes' => t('Yes'), '$no' => t('No'), )); - + //echo "<pre>"; var_dump($app); killme(); - + return $o; } - + echo api_call(); killme(); } @@ -112,8 +112,8 @@ class Api extends \Zotlabs\Web\Controller { $params = $request->get_parameters(); $token = $params['oauth_token']; - - $r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id + + $r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id AND tokens.id = '%s' AND tokens.auth_scope = 'request' ", dbesc($token) ); @@ -121,7 +121,7 @@ class Api extends \Zotlabs\Web\Controller { return $r[0]; return null; - + } - + } |