From 9e6e41c6cb7b43da80b771e651a5dbdfc3960688 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Mon, 25 May 2015 21:31:23 -0700 Subject: slow but forward progress on dynamic client registration --- include/api.php | 42 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 42 insertions(+) (limited to 'include/api.php') diff --git a/include/api.php b/include/api.php index 788a84208..fa4910833 100644 --- a/include/api.php +++ b/include/api.php @@ -435,6 +435,48 @@ require_once('include/items.php'); } + function api_client_register(&$a,$type) { + + // This currently isn't providing the correct authentication flow. + + if(! api_user()) + return false; + + $ret = array(); + $key = random_string(16); + $secret = random_string(16); + $name = trim(escape_tags($_REQUEST['application_name'])); + if(! $name) + json_return_and_die($ret); + if(is_array($_REQUEST['redirect_uris'])) + $redirect = trim($_REQUEST['redirect_uris'][0]); + else + $redirect = trim($_REQUEST['redirect_uris']); + $icon = trim($_REQUEST['logo_uri']); + $r = q("INSERT INTO clients (client_id, pw, name, redirect_uri, icon, uid) + VALUES ('%s','%s','%s','%s','%s',%d)", + dbesc($key), + dbesc($secret), + dbesc($name), + dbesc($redirect), + dbesc($icon), + intval(api_user()), + ); + $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", + dbesc($key), + intval(api_user()), + dbesc('all') + ); + + $ret['client_id'] = $key; + $ret['client_secret'] = $secret; + $ret['expires_at'] = 0; + json_return_and_die($ret); + } + + api_register_func('api/client/register','api_client_register', false); + + function api_item_get_user(&$a, $item) { global $usercache; -- cgit v1.2.3 From 06eae98e53e7ac781a64eff4a85e793969124ad7 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Mon, 25 May 2015 22:50:36 -0700 Subject: placeholder for dynamic rego --- include/api.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'include/api.php') diff --git a/include/api.php b/include/api.php index fa4910833..cf0086c35 100644 --- a/include/api.php +++ b/include/api.php @@ -439,8 +439,8 @@ require_once('include/items.php'); // This currently isn't providing the correct authentication flow. - if(! api_user()) - return false; + if(! local_channel()) + goaway(z_root() . '/login'); $ret = array(); $key = random_string(16); -- cgit v1.2.3 From ae69bf54a62629f88a3d1a9ea416c85e23c1b8a4 Mon Sep 17 00:00:00 2001 From: jeroenpraat Date: Tue, 26 May 2015 22:20:45 +0200 Subject: Update api.php one comma to much --- include/api.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'include/api.php') diff --git a/include/api.php b/include/api.php index cf0086c35..50a46dadc 100644 --- a/include/api.php +++ b/include/api.php @@ -460,7 +460,7 @@ require_once('include/items.php'); dbesc($name), dbesc($redirect), dbesc($icon), - intval(api_user()), + intval(api_user()) ); $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", dbesc($key), -- cgit v1.2.3 From 11301d51a58d04843ba3056b4c9e92d59ced1334 Mon Sep 17 00:00:00 2001 From: redmatrix Date: Wed, 27 May 2015 17:30:36 -0700 Subject: some high-level stuff we may need for shareable menus. Also make the client register function do the right thing even though I refuse to make it work. If **you** want service federation with things like pumpio and openid connect, it's time for **you** to put your own skin in the game and quit treating project volunteers like excrement just because you can't get up off your lazy buttocks. --- include/api.php | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) (limited to 'include/api.php') diff --git a/include/api.php b/include/api.php index 50a46dadc..6eede68f4 100644 --- a/include/api.php +++ b/include/api.php @@ -437,11 +437,6 @@ require_once('include/items.php'); function api_client_register(&$a,$type) { - // This currently isn't providing the correct authentication flow. - - if(! local_channel()) - goaway(z_root() . '/login'); - $ret = array(); $key = random_string(16); $secret = random_string(16); @@ -460,12 +455,7 @@ require_once('include/items.php'); dbesc($name), dbesc($redirect), dbesc($icon), - intval(api_user()) - ); - $r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ", - dbesc($key), - intval(api_user()), - dbesc('all') + intval(0) ); $ret['client_id'] = $key; -- cgit v1.2.3