aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs/Module/Api.php
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs/Module/Api.php')
-rw-r--r--Zotlabs/Module/Api.php122
1 files changed, 122 insertions, 0 deletions
diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php
new file mode 100644
index 000000000..3e7f23b6c
--- /dev/null
+++ b/Zotlabs/Module/Api.php
@@ -0,0 +1,122 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/api.php');
+
+
+
+class Api extends \Zotlabs\Web\Controller {
+
+ function post() {
+
+ if(! local_channel()) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) {
+ notice( t('Permission denied.') . EOL);
+ return;
+ }
+
+ }
+
+ function get() {
+ if(\App::$cmd=='api/oauth/authorize'){
+
+ /*
+ * api/oauth/authorize interact with the user. return a standard page
+ */
+
+ \App::$page['template'] = "minimal";
+
+ // get consumer/client from request token
+ try {
+ $request = OAuth1Request::from_request();
+ } catch(Exception $e) {
+ echo "<pre>"; var_dump($e); killme();
+ }
+
+
+ if(x($_POST,'oauth_yes')){
+
+ $app = $this->oauth_get_client($request);
+ if (is_null($app)) return "Invalid request. Unknown token.";
+ $consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
+
+ $verifier = md5($app['secret'].local_channel());
+ set_config("oauth", $verifier, local_channel());
+
+
+ if($consumer->callback_url!=null) {
+ $params = $request->get_parameters();
+ $glue="?";
+ if (strstr($consumer->callback_url,$glue)) $glue="?";
+ goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
+ killme();
+ }
+
+ $tpl = get_markup_template("oauth_authorize_done.tpl");
+ $o = replace_macros($tpl, array(
+ '$title' => t('Authorize application connection'),
+ '$info' => t('Return to your app and insert this Securty Code:'),
+ '$code' => $verifier,
+ ));
+
+ return $o;
+ }
+
+
+ if(! local_channel()) {
+ //TODO: we need login form to redirect to this page
+ notice( t('Please login to continue.') . EOL );
+ return login(false,'api-login',$request->get_parameters());
+ }
+ //FKOAuth1::loginUser(4);
+
+ $app = $this->oauth_get_client($request);
+ if (is_null($app)) return "Invalid request. Unknown token.";
+
+
+
+
+ $tpl = get_markup_template('oauth_authorize.tpl');
+ $o = replace_macros($tpl, array(
+ '$title' => t('Authorize application connection'),
+ '$app' => $app,
+ '$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
+ '$yes' => t('Yes'),
+ '$no' => t('No'),
+ ));
+
+ //echo "<pre>"; var_dump($app); killme();
+
+ return $o;
+ }
+
+ echo api_call($a);
+ killme();
+ }
+
+ function oauth_get_client($request){
+
+
+ $params = $request->get_parameters();
+ $token = $params['oauth_token'];
+
+ $r = q("SELECT `clients`.*
+ FROM `clients`, `tokens`
+ WHERE `clients`.`client_id`=`tokens`.`client_id`
+ AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
+ dbesc($token));
+
+ if (!count($r))
+ return null;
+
+ return $r[0];
+ }
+
+
+
+
+}