From 2a4e8972e0edfa3156d9ce54d68ce0e54c0ec289 Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Mon, 18 Apr 2016 20:38:38 -0700
Subject: module updates

---
 Zotlabs/Module/Api.php | 122 +++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 122 insertions(+)
 create mode 100644 Zotlabs/Module/Api.php

(limited to 'Zotlabs/Module/Api.php')

diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php
new file mode 100644
index 000000000..3e7f23b6c
--- /dev/null
+++ b/Zotlabs/Module/Api.php
@@ -0,0 +1,122 @@
+<?php
+namespace Zotlabs\Module;
+
+require_once('include/api.php');
+
+
+
+class Api extends \Zotlabs\Web\Controller {
+
+	function post() {
+	
+		if(! local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+		if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) {
+			notice( t('Permission denied.') . EOL);
+			return;
+		}
+	
+	}
+	
+		function get() {
+		if(\App::$cmd=='api/oauth/authorize'){
+	
+			/* 
+			 * api/oauth/authorize interact with the user. return a standard page
+			 */
+			
+			\App::$page['template'] = "minimal";
+					
+			// get consumer/client from request token
+			try {
+				$request = OAuth1Request::from_request();
+			} catch(Exception $e) {
+				echo "<pre>"; var_dump($e); killme();
+			}
+			
+			
+			if(x($_POST,'oauth_yes')){
+			
+				$app = $this->oauth_get_client($request);
+				if (is_null($app)) return "Invalid request. Unknown token.";
+				$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
+	
+				$verifier = md5($app['secret'].local_channel());
+				set_config("oauth", $verifier, local_channel());
+				
+				
+				if($consumer->callback_url!=null) {
+					$params = $request->get_parameters();
+					$glue="?";
+					if (strstr($consumer->callback_url,$glue)) $glue="?";
+					goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
+					killme();
+				}
+							
+				$tpl = get_markup_template("oauth_authorize_done.tpl");
+				$o = replace_macros($tpl, array(
+					'$title' => t('Authorize application connection'),
+					'$info' => t('Return to your app and insert this Securty Code:'),
+					'$code' => $verifier,
+				));
+			
+				return $o;
+			}
+			
+			
+			if(! local_channel()) {
+				//TODO: we need login form to redirect to this page
+				notice( t('Please login to continue.') . EOL );
+				return login(false,'api-login',$request->get_parameters());
+			}
+			//FKOAuth1::loginUser(4);
+			
+			$app = $this->oauth_get_client($request);
+			if (is_null($app)) return "Invalid request. Unknown token.";
+			
+			
+	
+			
+			$tpl = get_markup_template('oauth_authorize.tpl');
+			$o = replace_macros($tpl, array(
+				'$title' => t('Authorize application connection'),
+				'$app' => $app,
+				'$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
+				'$yes'	=> t('Yes'),
+				'$no'	=> t('No'),
+			));
+			
+			//echo "<pre>"; var_dump($app); killme();
+			
+			return $o;
+		}
+		
+		echo api_call($a);
+		killme();
+	}
+
+	function oauth_get_client($request){
+
+	
+		$params = $request->get_parameters();
+		$token = $params['oauth_token'];
+	
+		$r = q("SELECT `clients`.* 
+			FROM `clients`, `tokens` 
+			WHERE `clients`.`client_id`=`tokens`.`client_id` 
+			AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
+			dbesc($token));
+
+		if (!count($r))
+			return null;
+	
+		return $r[0];
+	}
+	
+	
+	
+	
+}
-- 
cgit v1.2.3