aboutsummaryrefslogtreecommitdiffstats
path: root/Zotlabs
diff options
context:
space:
mode:
Diffstat (limited to 'Zotlabs')
-rw-r--r--Zotlabs/Lib/Api_router.php24
-rw-r--r--Zotlabs/Module/Api.php55
2 files changed, 47 insertions, 32 deletions
diff --git a/Zotlabs/Lib/Api_router.php b/Zotlabs/Lib/Api_router.php
new file mode 100644
index 000000000..404678bd9
--- /dev/null
+++ b/Zotlabs/Lib/Api_router.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Api_router {
+
+ static private $routes = array();
+
+ static function register($path,$fn,$auth_required) {
+ self::$routes[$path] = [ 'func' => $fn, 'auth' => $auth_required ];
+ }
+
+ static function find($path) {
+ if(array_key_exists($path,self::$routes))
+ return self::$routes[$path];
+ return null;
+ }
+
+ static function dbg() {
+ return self::$routes;
+ }
+
+} \ No newline at end of file
diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php
index e4744c29f..7f8aed48d 100644
--- a/Zotlabs/Module/Api.php
+++ b/Zotlabs/Module/Api.php
@@ -8,20 +8,15 @@ require_once('include/api.php');
class Api extends \Zotlabs\Web\Controller {
function post() {
-
if(! local_channel()) {
notice( t('Permission denied.') . EOL);
return;
}
- if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) {
- notice( t('Permission denied.') . EOL);
- return;
- }
-
}
- function get() {
+ function get() {
+
if(\App::$cmd=='api/oauth/authorize'){
/*
@@ -33,7 +28,8 @@ class Api extends \Zotlabs\Web\Controller {
// get consumer/client from request token
try {
$request = OAuth1Request::from_request();
- } catch(Exception $e) {
+ }
+ catch(Exception $e) {
echo "<pre>"; var_dump($e); killme();
}
@@ -41,17 +37,20 @@ class Api extends \Zotlabs\Web\Controller {
if(x($_POST,'oauth_yes')){
$app = $this->oauth_get_client($request);
- if (is_null($app)) return "Invalid request. Unknown token.";
+ if (is_null($app))
+ return "Invalid request. Unknown token.";
+
$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
$verifier = md5($app['secret'].local_channel());
set_config("oauth", $verifier, local_channel());
- if($consumer->callback_url!=null) {
+ if($consumer->callback_url != null) {
$params = $request->get_parameters();
- $glue="?";
- if (strstr($consumer->callback_url,$glue)) $glue="?";
+ $glue = '?';
+ if(strstr($consumer->callback_url,$glue))
+ $glue = '?';
goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
killme();
}
@@ -59,7 +58,7 @@ class Api extends \Zotlabs\Web\Controller {
$tpl = get_markup_template("oauth_authorize_done.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Authorize application connection'),
- '$info' => t('Return to your app and insert this Securty Code:'),
+ '$info' => t('Return to your app and insert this Security Code:'),
'$code' => $verifier,
));
@@ -72,14 +71,11 @@ class Api extends \Zotlabs\Web\Controller {
notice( t('Please login to continue.') . EOL );
return login(false,'api-login',$request->get_parameters());
}
- //FKOAuth1::loginUser(4);
$app = $this->oauth_get_client($request);
- if (is_null($app)) return "Invalid request. Unknown token.";
-
-
-
-
+ if (is_null($app))
+ return "Invalid request. Unknown token.";
+
$tpl = get_markup_template('oauth_authorize.tpl');
$o = replace_macros($tpl, array(
'$title' => t('Authorize application connection'),
@@ -100,23 +96,18 @@ class Api extends \Zotlabs\Web\Controller {
function oauth_get_client($request){
-
$params = $request->get_parameters();
- $token = $params['oauth_token'];
+ $token = $params['oauth_token'];
- $r = q("SELECT `clients`.*
- FROM `clients`, `tokens`
- WHERE `clients`.`client_id`=`tokens`.`client_id`
- AND `tokens`.`id`='%s' AND `tokens`.`auth_scope`='request'",
- dbesc($token));
+ $r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id
+ AND tokens.id = '%s' AND tokens.auth_scope = 'request' ",
+ dbesc($token)
+ );
+ if($r)
+ return $r[0];
- if (!count($r))
- return null;
+ return null;
- return $r[0];
}
-
-
-
}