aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Lib/Chatroom.php2
-rw-r--r--Zotlabs/Module/Acl.php2
-rw-r--r--Zotlabs/Module/Authorize.php99
-rw-r--r--Zotlabs/Module/Chatsvc.php4
-rw-r--r--Zotlabs/Module/Connedit.php6
-rw-r--r--Zotlabs/Module/Directory.php4
-rw-r--r--Zotlabs/Module/Display.php3
-rw-r--r--Zotlabs/Module/Hashtags.php2
-rw-r--r--Zotlabs/Module/Item.php2
-rw-r--r--Zotlabs/Module/Like.php3
-rw-r--r--Zotlabs/Module/Mail.php4
-rw-r--r--Zotlabs/Module/Oauth2testvehicle.php151
-rw-r--r--Zotlabs/Module/Settings/Channel.php6
-rw-r--r--Zotlabs/Module/Tagger.php13
-rw-r--r--Zotlabs/Module/Token.php3
-rw-r--r--Zotlabs/Module/Wiki.php4
-rw-r--r--Zotlabs/Storage/ZotOauth2Pdo.php10
-rw-r--r--Zotlabs/Update/_1210.php78
18 files changed, 338 insertions, 58 deletions
diff --git a/Zotlabs/Lib/Chatroom.php b/Zotlabs/Lib/Chatroom.php
index e762620ae..882c846cd 100644
--- a/Zotlabs/Lib/Chatroom.php
+++ b/Zotlabs/Lib/Chatroom.php
@@ -266,7 +266,7 @@ class Chatroom {
intval($room_id),
dbesc($xchan),
dbesc(datetime_convert()),
- dbesc($arr['chat_text'])
+ dbesc(str_rot47(base64url_encode($arr['chat_text'])))
);
$ret['success'] = true;
diff --git a/Zotlabs/Module/Acl.php b/Zotlabs/Module/Acl.php
index 245b0a9b7..ef901aef1 100644
--- a/Zotlabs/Module/Acl.php
+++ b/Zotlabs/Module/Acl.php
@@ -95,7 +95,7 @@ class Acl extends \Zotlabs\Web\Controller {
. "' IN xchan_name) else position('" . protect_sprintf(dbesc(punify($search))) . "' IN xchan_addr) end, ";
$col = ((strpos($search,'@') !== false) ? 'xchan_addr' : 'xchan_name' );
- $sql_extra3 = "AND $col like " . protect_sprintf( "'%" . dbesc($search) . "%'" ) . " ";
+ $sql_extra3 = "AND $col like " . protect_sprintf( "'%" . dbesc(($col === 'xchan_addr') ? punify($search) : $search) . "%'" ) . " ";
}
else {
diff --git a/Zotlabs/Module/Authorize.php b/Zotlabs/Module/Authorize.php
index 254700b4e..bfb76150f 100644
--- a/Zotlabs/Module/Authorize.php
+++ b/Zotlabs/Module/Authorize.php
@@ -4,60 +4,89 @@ namespace Zotlabs\Module;
use Zotlabs\Identity\OAuth2Storage;
-
class Authorize extends \Zotlabs\Web\Controller {
- function init() {
-
- // workaround for HTTP-auth in CGI mode
- if (x($_SERVER, 'REDIRECT_REMOTE_USER')) {
- $userpass = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"], 6)) ;
- if(strlen($userpass)) {
- list($name, $password) = explode(':', $userpass);
- $_SERVER['PHP_AUTH_USER'] = $name;
- $_SERVER['PHP_AUTH_PW'] = $password;
- }
+ function get() {
+ if (!local_channel()) {
+ return login();
+ } else {
+ // TODO: Fully implement the dynamic client registration protocol:
+ // OpenID Connect Dynamic Client Registration 1.0 Client Metadata
+ // http://openid.net/specs/openid-connect-registration-1_0.html
+ $app = array(
+ 'name' => (x($_REQUEST, 'client_name') ? urldecode($_REQUEST['client_name']) : t('Unknown App')),
+ 'icon' => (x($_REQUEST, 'logo_uri') ? urldecode($_REQUEST['logo_uri']) : z_root() . '/images/icons/plugin.png'),
+ 'url' => (x($_REQUEST, 'client_uri') ? urldecode($_REQUEST['client_uri']) : ''),
+ );
+ $o .= replace_macros(get_markup_template('oauth_authorize.tpl'), array(
+ '$title' => t('Authorize'),
+ '$authorize' => sprintf( t('Do you authorize the app %s to access your channel data?'), '<a style="float: none;" href="' . $app['url'] . '">' . $app['name'] . '</a> '),
+ '$app' => $app,
+ '$yes' => t('Allow'),
+ '$no' => t('Deny'),
+ '$client_id' => (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : ''),
+ '$redirect_uri' => (x($_REQUEST, 'redirect_uri') ? $_REQUEST['redirect_uri'] : ''),
+ '$state' => (x($_REQUEST, 'state') ? $_REQUEST['state'] : ''),
+ ));
+ return $o;
}
+ }
- if (x($_SERVER, 'HTTP_AUTHORIZATION')) {
- $userpass = base64_decode(substr($_SERVER["HTTP_AUTHORIZATION"], 6)) ;
- if(strlen($userpass)) {
- list($name, $password) = explode(':', $userpass);
- $_SERVER['PHP_AUTH_USER'] = $name;
- $_SERVER['PHP_AUTH_PW'] = $password;
- }
+ function post() {
+ if (! local_channel()) {
+ return;
}
- $s = new \Zotlabs\Identity\OAuth2Server(new OAuth2Storage(\DBA::$dba->db));
+ $storage = new OAuth2Storage(\DBA::$dba->db);
+ $s = new \Zotlabs\Identity\OAuth2Server($storage);
+
+ // TODO: The automatic client registration protocol below should adhere more
+ // closely to "OAuth 2.0 Dynamic Client Registration Protocol" defined
+ // at https://tools.ietf.org/html/rfc7591
+
+ // If no client_id was provided, generate a new one.
+ if (x($_POST, 'client_id')) {
+ $client_id = $_POST['client_id'];
+ } else {
+ $client_id = $_POST['client_id'] = random_string(16);
+ }
+ // If no redirect_uri was provided, generate a fake one.
+ if (x($_POST, 'redirect_uri')) {
+ $redirect_uri = $_POST['redirect_uri'];
+ } else {
+ $redirect_uri = $_POST['redirect_uri'] = 'https://fake.example.com/oauth';
+ }
$request = \OAuth2\Request::createFromGlobals();
$response = new \OAuth2\Response();
- // validate the authorize request
- if (! $s->validateAuthorizeRequest($request, $response)) {
+ // If the client is not registered, add to the database
+ if (!$client = $storage->getClientDetails($client_id)) {
+ $client_secret = random_string(16);
+ // Client apps are registered per channel
+ $user_id = local_channel();
+ $storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', null, $user_id);
+
+ }
+ if (!$client = $storage->getClientDetails($client_id)) {
+ // There was an error registering the client.
$response->send();
killme();
}
+ $response->setParameter('client_secret', $client['client_secret']);
- // display an authorization form
- if (empty($_POST)) {
-
- return '
-<form method="post">
- <label>Do You Authorize TestClient?</label><br />
- <input type="submit" name="authorized" value="yes">
- <input type="submit" name="authorized" value="no">
-</form>';
+ // validate the authorize request
+ if (!$s->validateAuthorizeRequest($request, $response)) {
+ $response->send();
+ killme();
}
// print the authorization code if the user has authorized your client
- $is_authorized = ($_POST['authorized'] === 'yes');
+ $is_authorized = ($_POST['authorize'] === 'allow');
$s->handleAuthorizeRequest($request, $response, $is_authorized, local_channel());
if ($is_authorized) {
- // this is only here so that you get to see your code in the cURL request. Otherwise,
- // we'd redirect back to the client
- $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=')+5, 40);
- echo("SUCCESS! Authorization Code: $code");
+ $code = substr($response->getHttpHeader('Location'), strpos($response->getHttpHeader('Location'), 'code=') + 5, 40);
+ logger('Authorization Code: ' . $code);
}
$response->send();
diff --git a/Zotlabs/Module/Chatsvc.php b/Zotlabs/Module/Chatsvc.php
index 0f79e3b4c..b4657e84d 100644
--- a/Zotlabs/Module/Chatsvc.php
+++ b/Zotlabs/Module/Chatsvc.php
@@ -60,7 +60,7 @@ class Chatsvc extends \Zotlabs\Web\Controller {
intval(\App::$data['chat']['room_id']),
dbesc(get_observer_hash()),
dbesc(datetime_convert()),
- dbesc($arr['chat_text'])
+ dbesc(str_rot47(base64url_encode($arr['chat_text'])))
);
$ret['success'] = true;
@@ -157,7 +157,7 @@ class Chatsvc extends \Zotlabs\Web\Controller {
'name' => $rr['xchan_name'],
'isotime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'c'),
'localtime' => datetime_convert('UTC', date_default_timezone_get(), $rr['created'], 'r'),
- 'text' => zidify_links(smilies(bbcode($rr['chat_text']))),
+ 'text' => zidify_links(smilies(bbcode(base64url_decode(str_rot47($rr['chat_text']))))),
'self' => ((get_observer_hash() == $rr['chat_xchan']) ? 'self' : '')
);
}
diff --git a/Zotlabs/Module/Connedit.php b/Zotlabs/Module/Connedit.php
index f359175c1..cb9c19cf0 100644
--- a/Zotlabs/Module/Connedit.php
+++ b/Zotlabs/Module/Connedit.php
@@ -828,7 +828,7 @@ class Connedit extends \Zotlabs\Web\Controller {
$locstr = locations_by_netid($contact['xchan_hash']);
if(! $locstr)
- $locstr = $contact['xchan_url'];
+ $locstr = unpunify($contact['xchan_url']);
$clone_warn = '';
$clonable = (in_array($contact['xchan_network'],['zot','rss']) ? true : false);
@@ -852,8 +852,8 @@ class Connedit extends \Zotlabs\Web\Controller {
'$permcat' => [ 'permcat', t('Permission role'), '', '<span class="loading invisible">' . t('Loading') . '<span class="jumping-dots"><span class="dot-1">.</span><span class="dot-2">.</span><span class="dot-3">.</span></span></span>',$permcats ],
'$permcat_new' => t('Add permission role'),
'$permcat_enable' => feature_enabled(local_channel(),'permcats'),
- '$addr' => $contact['xchan_addr'],
- '$primeurl' => $contact['xchan_url'],
+ '$addr' => unpunify($contact['xchan_addr']),
+ '$primeurl' => unpunify($contact['xchan_url']),
'$section' => $section,
'$sections' => $sections,
'$vcard' => $vcard,
diff --git a/Zotlabs/Module/Directory.php b/Zotlabs/Module/Directory.php
index 62a1670f9..87387ef56 100644
--- a/Zotlabs/Module/Directory.php
+++ b/Zotlabs/Module/Directory.php
@@ -299,9 +299,9 @@ class Directory extends \Zotlabs\Web\Controller {
if(strlen($out))
$out .= ', ';
if($marr && in_arrayi($k,$marr))
- $out .= '<strong>' . $k . '</strong>';
+ $out .= '<a href="' . z_root() . '/directory/f=&keywords=' . urlencode($k) .'"><strong>' . $k . '</strong></a>';
else
- $out .= $k;
+ $out .= '<a href="' . z_root() . '/directory/f=&keywords=' . urlencode($k) .'">' . $k . '</a>';
}
}
diff --git a/Zotlabs/Module/Display.php b/Zotlabs/Module/Display.php
index d3047bc59..30f2a7f5f 100644
--- a/Zotlabs/Module/Display.php
+++ b/Zotlabs/Module/Display.php
@@ -114,7 +114,8 @@ class Display extends \Zotlabs\Web\Controller {
dbesc($target_item['author_xchan'])
);
if($x) {
- \App::$poi = $x[0];
+// not yet ready for prime time
+// \App::$poi = $x[0];
}
//if the item is to be moderated redirect to /moderate
diff --git a/Zotlabs/Module/Hashtags.php b/Zotlabs/Module/Hashtags.php
index edb631871..300485196 100644
--- a/Zotlabs/Module/Hashtags.php
+++ b/Zotlabs/Module/Hashtags.php
@@ -18,7 +18,7 @@ class Hashtags extends \Zotlabs\Web\Controller {
);
if($r) {
foreach($r as $rv) {
- $result[] = [ 'text' => strtolower($rv['term']) ];
+ $result[] = [ 'text' => $rv['term'] ];
}
}
diff --git a/Zotlabs/Module/Item.php b/Zotlabs/Module/Item.php
index fba2ef7a4..ad72d9ccd 100644
--- a/Zotlabs/Module/Item.php
+++ b/Zotlabs/Module/Item.php
@@ -542,7 +542,7 @@ class Item extends \Zotlabs\Web\Controller {
// Look for tags and linkify them
$results = linkify_tags($a, $body, ($uid) ? $uid : $profile_uid);
-
+
if($results) {
// Set permissions based on tag replacements
diff --git a/Zotlabs/Module/Like.php b/Zotlabs/Module/Like.php
index 6d9fde17c..12de86e72 100644
--- a/Zotlabs/Module/Like.php
+++ b/Zotlabs/Module/Like.php
@@ -296,10 +296,11 @@ class Like extends \Zotlabs\Web\Controller {
notice( t('Permission denied') . EOL);
killme();
}
-
+
$r = q("select * from xchan where xchan_hash = '%s' limit 1",
dbesc($item['owner_xchan'])
);
+
if($r)
$thread_owner = $r[0];
else
diff --git a/Zotlabs/Module/Mail.php b/Zotlabs/Module/Mail.php
index b58b169d0..ca183f644 100644
--- a/Zotlabs/Module/Mail.php
+++ b/Zotlabs/Module/Mail.php
@@ -67,14 +67,14 @@ class Mail extends \Zotlabs\Web\Controller {
if(! $recipient) {
$channel = \App::get_channel();
- $j = \Zotlabs\Zot\Finger::run($rstr,$channel);
+ $j = \Zotlabs\Zot\Finger::run(punify($rstr),$channel);
if(! $j['success']) {
notice( t('Unable to lookup recipient.') . EOL);
return;
}
- logger('message_post: lookup: ' . $url . ' ' . print_r($j,true));
+ logger('message_post: lookup: ' . $rstr . ' ' . print_r($j,true));
if(! $j['guid']) {
notice( t('Unable to communicate with requested channel.'));
diff --git a/Zotlabs/Module/Oauth2testvehicle.php b/Zotlabs/Module/Oauth2testvehicle.php
new file mode 100644
index 000000000..5ae278e8c
--- /dev/null
+++ b/Zotlabs/Module/Oauth2testvehicle.php
@@ -0,0 +1,151 @@
+<?php
+
+namespace Zotlabs\Module;
+
+/**
+ * The OAuth2TestVehicle class is a way to test the registration of an OAuth2
+ * client app. It allows you to walk through the steps of registering a client,
+ * requesting an authorization code for that client, and then requesting an
+ * access token for use in authentication against the Hubzilla API endpoints.
+ */
+class OAuth2TestVehicle extends \Zotlabs\Web\Controller {
+
+ function init() {
+
+ killme();
+
+ // If there is a 'code' and 'state' parameter then this is a client app
+ // callback issued after the authorization code request
+ // TODO: Check state value and compare to original sent value
+ // "You should first compare this state value to ensure it matches the
+ // one you started with. You can typically store the state value in a
+ // cookie, and compare it when the user comes back. This ensures your
+ // redirection endpoint isn't able to be tricked into attempting to
+ // exchange arbitrary authorization codes."
+ $_SESSION['redirect_uri'] = z_root() . '/oauth2testvehicle';
+ $_SESSION['authorization_code'] = (x($_REQUEST, 'code') ? $_REQUEST['code'] : $_SESSION['authorization_code']);
+ $_SESSION['state'] = (x($_REQUEST, 'state') ? $_REQUEST['state'] : $_SESSION['state'] );
+ $_SESSION['client_id'] = (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : $_SESSION['client_id'] );
+ $_SESSION['client_secret'] = (x($_REQUEST, 'client_secret') ? $_REQUEST['client_secret'] : $_SESSION['client_secret']);
+ $_SESSION['access_token'] = (x($_REQUEST, 'access_token') ? $_REQUEST['access_token'] : $_SESSION['access_token'] );
+ $_SESSION['api_response'] = (x($_SESSION, 'api_response') ? $_SESSION['api_response'] : '');
+ }
+ function get() {
+
+ $o .= replace_macros(get_markup_template('oauth2testvehicle.tpl'), array(
+ '$baseurl' => z_root(),
+ '$api_response' => $_SESSION['api_response'],
+ /*
+ endpoints => array(
+ array(
+ 'path_to_endpoint',
+ array(
+ array('field_name_1', 'value'),
+ array('field_name_2', 'value'),
+ ...
+ ),
+ 'submit_button_name',
+ 'Description of API action'
+ )
+ )
+ */
+ '$endpoints' => array(
+ array(
+ 'authorize',
+ array(
+ array('response_type', 'code'),
+ array('client_id', (x($_REQUEST, 'client_id') ? $_REQUEST['client_id'] : 'oauth2_test_app')),
+ array('redirect_uri', $_SESSION['redirect_uri']),
+ array('state', 'xyz'),
+ // OpenID Connect Dynamic Client Registration 1.0 Client Metadata
+ // http://openid.net/specs/openid-connect-registration-1_0.html
+ array('client_name', 'OAuth2 Test App'),
+ array('logo_uri', urlencode(z_root() . '/images/icons/plugin.png')),
+ array('client_uri', urlencode('https://client.example.com/website')),
+ array('application_type', 'web'), // would be 'native' for mobile app
+ ),
+ 'oauth_authorize',
+ 'Authorize a test client app',
+ 'GET',
+ (($_REQUEST['code'] && $_REQUEST['state']) ? true : false),
+ ),
+ array(
+ 'oauth2testvehicle',
+ array(
+ array('action', 'request_token'),
+ array('grant_type', 'authorization_code'),
+ array('code', $_SESSION['authorization_code']),
+ array('redirect_uri', $_SESSION['redirect_uri']),
+ array('client_id', ($_SESSION['client_id'] ? $_SESSION['client_id'] : 'oauth2_test_app')),
+ array('client_secret', $_SESSION['client_secret']),
+ ),
+ 'oauth_token_request',
+ 'Request a token',
+ 'POST',
+ ($_SESSION['success'] === 'request_token'),
+ ),
+ array(
+ 'oauth2testvehicle',
+ array(
+ array('action', 'api_files'),
+ array('access_token', $_SESSION['access_token']),
+ ),
+ 'oauth_api_files',
+ 'API: Get channel files',
+ 'POST',
+ ($_SESSION['success'] === 'api_files'),
+ )
+ )
+ ));
+ $_SESSION['success'] = '';
+ return $o;
+ }
+
+ function post() {
+
+ switch ($_POST['action']) {
+ case 'api_files':
+ $access_token = $_SESSION['access_token'];
+ $url = z_root() . '/api/z/1.0/files/';
+ $headers = [];
+ $headers[] = 'Authorization: Bearer ' . $access_token;
+ $post = z_fetch_url($url, false, 0, array(
+ 'custom' => 'GET',
+ 'headers' => $headers,
+ ));
+ logger(json_encode($post, JSON_PRETTY_PRINT), LOGGER_DEBUG);
+ $response = json_decode($post['body'], true);
+ $_SESSION['api_response'] = json_encode($response, JSON_PRETTY_PRINT);
+ break;
+ case 'request_token':
+ $grant_type = (x($_POST, 'grant_type') ? $_POST['grant_type'] : '');
+ $redirect_uri = (x($_POST, 'redirect_uri') ? $_POST['redirect_uri'] : '');
+ $client_id = (x($_POST, 'client_id') ? $_POST['client_id'] : '');
+ $code = (x($_POST, 'code') ? $_POST['code'] : '');
+ $client_secret = (x($_POST, 'client_secret') ? $_POST['client_secret'] : '');
+ $url = z_root() . '/token/';
+ $params = http_build_query(array(
+ 'grant_type' => $grant_type,
+ 'redirect_uri' => urlencode($redirect_uri),
+ 'client_id' => $client_id,
+ 'code' => $code,
+ ));
+ $post = z_post_url($url, $params, 0, array(
+ 'http_auth' => $client_id . ':' . $client_secret,
+ ));
+ logger(json_encode($post, JSON_PRETTY_PRINT), LOGGER_DEBUG);
+ $response = json_decode($post['body'], true);
+ logger(json_encode($response, JSON_PRETTY_PRINT), LOGGER_DEBUG);
+ if($response['access_token']) {
+ info('Access token received: ' . $response['access_token'] . EOL);
+ $_SESSION['success'] = 'request_token';
+ $_SESSION['access_token'] = $response['access_token'];
+ }
+ break;
+
+ default:
+ break;
+ }
+ }
+
+}
diff --git a/Zotlabs/Module/Settings/Channel.php b/Zotlabs/Module/Settings/Channel.php
index 139e5f966..a7dfdd790 100644
--- a/Zotlabs/Module/Settings/Channel.php
+++ b/Zotlabs/Module/Settings/Channel.php
@@ -412,12 +412,16 @@ class Channel {
));
$subdir = ((strlen(\App::get_path())) ? '<br />' . t('or') . ' ' . z_root() . '/channel/' . $nickname : '');
+
+ $webbie = $nickname . '@' . \App::get_hostname();
+ $intl_nickname = unpunify($nickname) . '@' . unpunify(\App::get_hostname());
+
$tpl_addr = get_markup_template("settings_nick_set.tpl");
$prof_addr = replace_macros($tpl_addr,array(
'$desc' => t('Your channel address is'),
- '$nickname' => $nickname,
+ '$nickname' => (($intl_nickname === $webbie) ? $webbie : $intl_nickname . '&nbsp;(' . $webbie . ')'),
'$subdir' => $subdir,
'$davdesc' => t('Your files/photos are accessible via WebDAV at'),
'$davpath' => ((get_account_techlevel() > 3) ? z_root() . '/dav/' . $nickname : ''),
diff --git a/Zotlabs/Module/Tagger.php b/Zotlabs/Module/Tagger.php
index 603a95f2b..24adf1bde 100644
--- a/Zotlabs/Module/Tagger.php
+++ b/Zotlabs/Module/Tagger.php
@@ -80,6 +80,8 @@ class Tagger extends \Zotlabs\Web\Controller {
break;
}
+
+ $clean_term = trim($term,'"\' ');
$links = array(array('rel' => 'alternate','type' => 'text/html',
'href' => z_root() . '/display/' . gen_link_id($item['mid'])));
@@ -103,15 +105,15 @@ class Tagger extends \Zotlabs\Web\Controller {
),
));
- $tagid = z_root() . '/search?tag=' . $term;
+ $tagid = z_root() . '/search?tag=' . $clean_term;
$objtype = ACTIVITY_OBJ_TAGTERM;
$obj = json_encode(array(
'type' => $objtype,
'id' => $tagid,
'link' => array(array('rel' => 'alternate','type' => 'text/html', 'href' => $tagid)),
- 'title' => $term,
- 'content' => $term
+ 'title' => $clean_term,
+ 'content' => $clean_term
));
$bodyverb = t('%1$s tagged %2$s\'s %3$s with %4$s');
@@ -119,7 +121,7 @@ class Tagger extends \Zotlabs\Web\Controller {
// saving here for reference
// also check out x22d5 and x2317 and x0d6b and x0db8 and x24d0 and xff20 !!!
- $termlink = html_entity_decode('&#x22d5;') . '[zrl=' . z_root() . '/search?tag=' . urlencode($term) . ']'. $term . '[/zrl]';
+ $termlink = html_entity_decode('&#x22d5;') . '[zrl=' . z_root() . '/search?tag=' . urlencode($clean_term) . ']'. $clean_term . '[/zrl]';
$channel = \App::get_channel();
@@ -143,8 +145,7 @@ class Tagger extends \Zotlabs\Web\Controller {
$arr['obj_type'] = $objtype;
$arr['obj'] = $obj;
$arr['parent_mid'] = $item['mid'];
-
- store_item_tag($item['uid'],$item['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$term,$tagid);
+ store_item_tag($item['uid'],$item['id'],TERM_OBJ_POST,TERM_COMMUNITYTAG,$clean_term,$tagid);
$ret = post_activity_item($arr);
if($ret['success']) {
diff --git a/Zotlabs/Module/Token.php b/Zotlabs/Module/Token.php
index f7c074233..32cf95c61 100644
--- a/Zotlabs/Module/Token.php
+++ b/Zotlabs/Module/Token.php
@@ -29,7 +29,8 @@ class Token extends \Zotlabs\Web\Controller {
}
$s = new \Zotlabs\Identity\OAuth2Server(new OAuth2Storage(\DBA::$dba->db));
- $s->handleTokenRequest(\OAuth2\Request::createFromGlobals())->send();
+ $request = \OAuth2\Request::createFromGlobals();
+ $s->handleTokenRequest($request)->send();
killme();
}
diff --git a/Zotlabs/Module/Wiki.php b/Zotlabs/Module/Wiki.php
index ae543eb98..7dc8eb1bc 100644
--- a/Zotlabs/Module/Wiki.php
+++ b/Zotlabs/Module/Wiki.php
@@ -284,6 +284,8 @@ class Wiki extends \Zotlabs\Web\Controller {
$wikiheaderPage = urldecode($pageUrlName);
$renamePage = (($wikiheaderPage === 'Home') ? '' : t('Rename page'));
+ $sharePage = t('Share');
+
$p = [];
if(! $ignore_language) {
@@ -354,6 +356,8 @@ class Wiki extends \Zotlabs\Web\Controller {
'$wikiheaderName' => $wikiheaderName,
'$wikiheaderPage' => $wikiheaderPage,
'$renamePage' => $renamePage,
+ '$sharePage' => $sharePage,
+ '$shareLink' => urlencode('#^[zrl=' . z_root() . '/wiki/' . argv(1) . '/' . $wikiUrlName . '/' . $pageUrlName . ']' . '[ ' . $owner['channel_name'] . ' ] ' . $wikiheaderName . ' - ' . $wikiheaderPage . '[/zrl]'),
'$showPageControls' => $showPageControls,
'$editOrSourceLabel' => (($showPageControls) ? t('Edit') : t('Source')),
'$tools_label' => 'Page Tools',
diff --git a/Zotlabs/Storage/ZotOauth2Pdo.php b/Zotlabs/Storage/ZotOauth2Pdo.php
new file mode 100644
index 000000000..b2c3ce228
--- /dev/null
+++ b/Zotlabs/Storage/ZotOauth2Pdo.php
@@ -0,0 +1,10 @@
+<?php
+
+namespace Zotlabs\Storage;
+
+class ZotOauth2Pdo extends \OAuth2\Storage\Pdo {
+ public function getConfig()
+ {
+ return $this->config;
+ }
+}
diff --git a/Zotlabs/Update/_1210.php b/Zotlabs/Update/_1210.php
new file mode 100644
index 000000000..813e3fe82
--- /dev/null
+++ b/Zotlabs/Update/_1210.php
@@ -0,0 +1,78 @@
+<?php
+
+namespace Zotlabs\Update;
+
+class _1210 {
+
+ function run() {
+
+ $sql = "CREATE TABLE oauth_clients (
+ client_id VARCHAR(80) NOT NULL,
+ client_secret VARCHAR(80),
+ redirect_uri VARCHAR(2000),
+ grant_types VARCHAR(80),
+ scope VARCHAR(4000),
+ user_id VARCHAR(80),
+ PRIMARY KEY (client_id)
+);
+
+CREATE TABLE oauth_access_tokens (
+ access_token VARCHAR(40) NOT NULL,
+ client_id VARCHAR(80) NOT NULL,
+ user_id VARCHAR(255),
+ expires TIMESTAMP NOT NULL,
+ scope VARCHAR(4000),
+ PRIMARY KEY (access_token)
+);
+
+CREATE TABLE oauth_authorization_codes (
+ authorization_code VARCHAR(40) NOT NULL,
+ client_id VARCHAR(80) NOT NULL,
+ user_id VARCHAR(255),
+ redirect_uri VARCHAR(2000),
+ expires TIMESTAMP NOT NULL,
+ scope VARCHAR(4000),
+ id_token VARCHAR(1000),
+ PRIMARY KEY (authorization_code)
+);
+
+CREATE TABLE oauth_refresh_tokens (
+ refresh_token VARCHAR(40) NOT NULL,
+ client_id VARCHAR(80) NOT NULL,
+ user_id VARCHAR(255),
+ expires TIMESTAMP NOT NULL,
+ scope VARCHAR(4000),
+ PRIMARY KEY (refresh_token)
+);
+
+CREATE TABLE oauth_scopes (
+ scope VARCHAR(191) NOT NULL,
+ is_default SMALLINT,
+ PRIMARY KEY (scope)
+);
+
+CREATE TABLE oauth_jwt (
+ client_id VARCHAR(80) NOT NULL,
+ subject VARCHAR(80),
+ public_key VARCHAR(2000) NOT NULL
+);
+";
+
+ $arr = explode(';', $sql);
+ $errors = 0;
+ foreach($arr as $a) {
+ if(strlen(trim($a))) {
+ $r = dbq(trim($a));
+ if(! $r) {
+ $errors ++;
+ }
+ }
+ }
+
+ if(! $errors)
+ return UPDATE_SUCCESS;
+ return UPDATE_FAILED;
+
+ }
+
+}
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-21 01:56:21 +0000