From 3ba4b2c1c1ffa8275337857e10c250b338e15170 Mon Sep 17 00:00:00 2001
From: redmatrix <git@macgirvin.com>
Date: Thu, 11 Aug 2016 17:02:52 -0700
Subject: A bit of api cleanup. Don't get excited. This is like a 0.005%
 cleanup but you have to start somewhere.

---
 Zotlabs/Lib/Api_router.php | 24 ++++++++++++++++++++
 Zotlabs/Module/Api.php     | 55 +++++++++++++++++++---------------------------
 2 files changed, 47 insertions(+), 32 deletions(-)
 create mode 100644 Zotlabs/Lib/Api_router.php

(limited to 'Zotlabs')

diff --git a/Zotlabs/Lib/Api_router.php b/Zotlabs/Lib/Api_router.php
new file mode 100644
index 000000000..404678bd9
--- /dev/null
+++ b/Zotlabs/Lib/Api_router.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Zotlabs\Lib;
+
+
+class Api_router {
+
+	static private $routes = array();
+
+	static function register($path,$fn,$auth_required) {
+		self::$routes[$path] = [ 'func' => $fn, 'auth' => $auth_required ];
+	}
+
+	static function find($path) {
+		if(array_key_exists($path,self::$routes))
+			return self::$routes[$path];
+		return null;
+	}
+
+	static function dbg() {
+		return self::$routes;
+	}
+
+}
\ No newline at end of file
diff --git a/Zotlabs/Module/Api.php b/Zotlabs/Module/Api.php
index e4744c29f..7f8aed48d 100644
--- a/Zotlabs/Module/Api.php
+++ b/Zotlabs/Module/Api.php
@@ -8,20 +8,15 @@ require_once('include/api.php');
 class Api extends \Zotlabs\Web\Controller {
 
 	function post() {
-	
 		if(! local_channel()) {
 			notice( t('Permission denied.') . EOL);
 			return;
 		}
 	
-		if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) {
-			notice( t('Permission denied.') . EOL);
-			return;
-		}
-	
 	}
 	
-		function get() {
+	function get() {
+
 		if(\App::$cmd=='api/oauth/authorize'){
 	
 			/* 
@@ -33,7 +28,8 @@ class Api extends \Zotlabs\Web\Controller {
 			// get consumer/client from request token
 			try {
 				$request = OAuth1Request::from_request();
-			} catch(Exception $e) {
+			}
+			catch(Exception $e) {
 				echo "<pre>"; var_dump($e); killme();
 			}
 			
@@ -41,17 +37,20 @@ class Api extends \Zotlabs\Web\Controller {
 			if(x($_POST,'oauth_yes')){
 			
 				$app = $this->oauth_get_client($request);
-				if (is_null($app)) return "Invalid request. Unknown token.";
+				if (is_null($app)) 
+					return "Invalid request. Unknown token.";
+
 				$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
 	
 				$verifier = md5($app['secret'].local_channel());
 				set_config("oauth", $verifier, local_channel());
 				
 				
-				if($consumer->callback_url!=null) {
+				if($consumer->callback_url != null) {
 					$params = $request->get_parameters();
-					$glue="?";
-					if (strstr($consumer->callback_url,$glue)) $glue="?";
+					$glue = '?';
+					if(strstr($consumer->callback_url,$glue))
+						$glue = '?';
 					goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
 					killme();
 				}
@@ -59,7 +58,7 @@ class Api extends \Zotlabs\Web\Controller {
 				$tpl = get_markup_template("oauth_authorize_done.tpl");
 				$o = replace_macros($tpl, array(
 					'$title' => t('Authorize application connection'),
-					'$info' => t('Return to your app and insert this Securty Code:'),
+					'$info' => t('Return to your app and insert this Security Code:'),
 					'$code' => $verifier,
 				));
 			
@@ -72,14 +71,11 @@ class Api extends \Zotlabs\Web\Controller {
 				notice( t('Please login to continue.') . EOL );
 				return login(false,'api-login',$request->get_parameters());
 			}
-			//FKOAuth1::loginUser(4);
 			
 			$app = $this->oauth_get_client($request);
-			if (is_null($app)) return "Invalid request. Unknown token.";
-			
-			
-	
-			
+			if (is_null($app))
+				return "Invalid request. Unknown token.";
+						
 			$tpl = get_markup_template('oauth_authorize.tpl');
 			$o = replace_macros($tpl, array(
 				'$title' => t('Authorize application connection'),
@@ -100,23 +96,18 @@ class Api extends \Zotlabs\Web\Controller {
 
 	function oauth_get_client($request){
 
-	
 		$params = $request->get_parameters();
-		$token = $params['oauth_token'];
+		$token  = $params['oauth_token'];
 	
-		$r = q("SELECT `clients`.* 
-			FROM `clients`, `tokens` 
-			WHERE `clients`.`client_id`=`tokens`.`client_id` 
-			AND `tokens`.`id`='%s' AND `tokens`.`auth_scope`='request'",
-			dbesc($token));
+		$r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id 
+			AND tokens.id = '%s' AND tokens.auth_scope = 'request' ",
+			dbesc($token)
+		);
+		if($r)
+			return $r[0];
 
-		if (!count($r))
-			return null;
+		return null;
 	
-		return $r[0];
 	}
 	
-	
-	
-	
 }
-- 
cgit v1.2.3