Merge branch 'oauthapi'
This commit is contained in:
Fabio Comuni
108
mod/api.php
108
mod/api.php
@@ -2,7 +2,115 @@
|
||||
|
||||
require_once('include/api.php');
|
||||
|
||||
function oauth_get_client($request){
|
||||
|
||||
|
||||
$params = $request->get_parameters();
|
||||
$token = $params['oauth_token'];
|
||||
|
||||
$r = q("SELECT `clients`.*
|
||||
FROM `clients`, `tokens`
|
||||
WHERE `clients`.`client_id`=`tokens`.`client_id`
|
||||
AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
|
||||
dbesc($token));
|
||||
|
||||
if (!count($r))
|
||||
return null;
|
||||
|
||||
return $r[0];
|
||||
}
|
||||
|
||||
function api_post(&$a) {
|
||||
|
||||
if(! local_user()) {
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) {
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function api_content(&$a) {
|
||||
if ($a->cmd=='api/oauth/authorize'){
|
||||
/*
|
||||
* api/oauth/authorize interact with the user. return a standard page
|
||||
*/
|
||||
|
||||
$a->page['template'] = "minimal";
|
||||
|
||||
|
||||
// get consumer/client from request token
|
||||
try {
|
||||
$request = OAuthRequest::from_request();
|
||||
} catch(Exception $e) {
|
||||
echo "<pre>"; var_dump($e); killme();
|
||||
}
|
||||
|
||||
|
||||
if (x($_POST,'oauth_yes')){
|
||||
|
||||
$app = oauth_get_client($request);
|
||||
if (is_null($app)) return "Invalid request. Unknown token.";
|
||||
$consumer = new OAuthConsumer($app['client_id'], $app['pw'], $app['redirect_uri']);
|
||||
|
||||
$verifier = md5($app['secret'].local_user());
|
||||
set_config("oauth", $verifier, local_user());
|
||||
|
||||
|
||||
if ($consumer->callback_url!=null) {
|
||||
$params = $request->get_parameters();
|
||||
$glue="?";
|
||||
if (strstr($consumer->callback_url,$glue)) $glue="?";
|
||||
goaway($consumer->callback_url.$glue."oauth_token=".OAuthUtil::urlencode_rfc3986($params['oauth_token'])."&oauth_verifier=".OAuthUtil::urlencode_rfc3986($verifier));
|
||||
killme();
|
||||
}
|
||||
|
||||
|
||||
|
||||
$tpl = get_markup_template("oauth_authorize_done.tpl");
|
||||
$o = replace_macros($tpl, array(
|
||||
'$title' => t('Authorize application connection'),
|
||||
'$info' => t('Return to your app and insert this Securty Code:'),
|
||||
'$code' => $verifier,
|
||||
));
|
||||
|
||||
return $o;
|
||||
|
||||
|
||||
}
|
||||
|
||||
|
||||
if(! local_user()) {
|
||||
//TODO: we need login form to redirect to this page
|
||||
notice( t('Please login to continue.') . EOL );
|
||||
return login(false,$request->get_parameters());
|
||||
}
|
||||
//FKOAuth1::loginUser(4);
|
||||
|
||||
$app = oauth_get_client($request);
|
||||
if (is_null($app)) return "Invalid request. Unknown token.";
|
||||
|
||||
|
||||
|
||||
|
||||
$tpl = get_markup_template('oauth_authorize.tpl');
|
||||
$o = replace_macros($tpl, array(
|
||||
'$title' => t('Authorize application connection'),
|
||||
'$app' => $app,
|
||||
'$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
|
||||
'$yes' => t('Yes'),
|
||||
'$no' => t('No'),
|
||||
));
|
||||
|
||||
//echo "<pre>"; var_dump($app); killme();
|
||||
|
||||
return $o;
|
||||
}
|
||||
|
||||
echo api_call($a);
|
||||
killme();
|
||||
}
|
||||
|
||||
20
mod/notice.php
Normal file
20
mod/notice.php
Normal file
@@ -0,0 +1,20 @@
|
||||
<?php
|
||||
/* identi.ca -> friendika items permanent-url compatibility */
|
||||
|
||||
function notice_init(&$a){
|
||||
$id = $a->argv[1];
|
||||
$r = q("SELECT user.nickname FROM user LEFT JOIN item ON item.uid=user.uid WHERE item.id=%d",
|
||||
intval($id)
|
||||
);
|
||||
if (count($r)){
|
||||
$nick = $r[0]['nickname'];
|
||||
$url = $a->get_baseurl()."/display/$nick/$id";
|
||||
goaway($url);
|
||||
} else {
|
||||
$a->error = 404;
|
||||
notice( t('Item not found.') . EOL);
|
||||
|
||||
}
|
||||
return;
|
||||
|
||||
}
|
||||
136
mod/settings.php
136
mod/settings.php
@@ -47,6 +47,58 @@ function settings_post(&$a) {
|
||||
return;
|
||||
}
|
||||
|
||||
if(($a->argc > 1) && ($a->argv[1] === 'oauth') && x($_POST,'remove')){
|
||||
$key = $_POST['remove'];
|
||||
q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
|
||||
dbesc($key),
|
||||
local_user());
|
||||
goaway($a->get_baseurl()."/settings/oauth/");
|
||||
return;
|
||||
}
|
||||
|
||||
if(($a->argc > 2) && ($a->argv[1] === 'oauth') && ($a->argv[2] === 'edit') && x($_POST,'submit')) {
|
||||
|
||||
$name = ((x($_POST,'name')) ? $_POST['name'] : '');
|
||||
$key = ((x($_POST,'key')) ? $_POST['key'] : '');
|
||||
$secret = ((x($_POST,'secret')) ? $_POST['secret'] : '');
|
||||
$redirect = ((x($_POST,'redirect')) ? $_POST['redirect'] : '');
|
||||
$icon = ((x($_POST,'icon')) ? $_POST['icon'] : '');
|
||||
if ($name=="" || $key=="" || $secret==""){
|
||||
notice(t("Missing some important data!"));
|
||||
|
||||
} else {
|
||||
if ($_POST['submit']==t("Update")){
|
||||
$r = q("UPDATE clients SET
|
||||
client_id='%s',
|
||||
pw='%s',
|
||||
name='%s',
|
||||
redirect_uri='%s',
|
||||
icon='%s',
|
||||
uid=%d
|
||||
WHERE client_id='%s'",
|
||||
dbesc($key),
|
||||
dbesc($secret),
|
||||
dbesc($name),
|
||||
dbesc($redirect),
|
||||
dbesc($icon),
|
||||
local_user(),
|
||||
dbesc($key));
|
||||
} else {
|
||||
$r = q("INSERT INTO clients
|
||||
(client_id, pw, name, redirect_uri, icon, uid)
|
||||
VALUES ('%s','%s','%s','%s','%s',%d)",
|
||||
dbesc($key),
|
||||
dbesc($secret),
|
||||
dbesc($name),
|
||||
dbesc($redirect),
|
||||
dbesc($icon),
|
||||
local_user());
|
||||
}
|
||||
}
|
||||
goaway($a->get_baseurl()."/settings/oauth/");
|
||||
return;
|
||||
}
|
||||
|
||||
if(($a->argc > 1) && ($a->argv[1] == 'addon')) {
|
||||
call_hooks('plugin_settings_post', $_POST);
|
||||
return;
|
||||
@@ -341,6 +393,11 @@ function settings_content(&$a) {
|
||||
'url' => $a->get_baseurl().'/settings/addon',
|
||||
'sel' => (($a->argc > 1) && ($a->argv[1] === 'addon')?'active':''),
|
||||
),
|
||||
array(
|
||||
'label' => t('Connections'),
|
||||
'url' => $a->get_baseurl() . '/settings/oauth',
|
||||
'sel' => (($a->argc > 1) && ($a->argv[1] === 'oauth')?'active':''),
|
||||
),
|
||||
array(
|
||||
'label' => t('Export personal data'),
|
||||
'url' => $a->get_baseurl() . '/uexport',
|
||||
@@ -353,8 +410,83 @@ function settings_content(&$a) {
|
||||
'$tabs' => $tabs,
|
||||
));
|
||||
|
||||
|
||||
|
||||
if(($a->argc > 1) && ($a->argv[1] === 'oauth')) {
|
||||
|
||||
if(($a->argc > 2) && ($a->argv[2] === 'add')) {
|
||||
$tpl = get_markup_template("settings_oauth_edit.tpl");
|
||||
$o .= replace_macros($tpl, array(
|
||||
'$tabs' => $tabs,
|
||||
'$title' => t('Add application'),
|
||||
'$submit' => t('Submit'),
|
||||
'$cancel' => t('Cancel'),
|
||||
'$name' => array('name', t('Name'), '', ''),
|
||||
'$key' => array('key', t('Consumer Key'), '', ''),
|
||||
'$secret' => array('secret', t('Consumer Secret'), '', ''),
|
||||
'$redirect' => array('redirect', t('Redirect'), '', ''),
|
||||
'$icon' => array('icon', t('Icon url'), '', ''),
|
||||
));
|
||||
return $o;
|
||||
}
|
||||
|
||||
if(($a->argc > 3) && ($a->argv[2] === 'edit')) {
|
||||
$r = q("SELECT * FROM clients WHERE client_id='%s' AND uid=%d",
|
||||
dbesc($a->argv[3]),
|
||||
local_user());
|
||||
|
||||
if (!count($r)){
|
||||
notice(t("You can't edit this application."));
|
||||
return;
|
||||
}
|
||||
$app = $r[0];
|
||||
|
||||
$tpl = get_markup_template("settings_oauth_edit.tpl");
|
||||
$o .= replace_macros($tpl, array(
|
||||
'$tabs' => $tabs,
|
||||
'$title' => t('Add application'),
|
||||
'$submit' => t('Update'),
|
||||
'$cancel' => t('Cancel'),
|
||||
'$name' => array('name', t('Name'), $app['name'] , ''),
|
||||
'$key' => array('key', t('Consumer Key'), $app['client_id'], ''),
|
||||
'$secret' => array('secret', t('Consumer Secret'), $app['pw'], ''),
|
||||
'$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], ''),
|
||||
'$icon' => array('icon', t('Icon url'), $app['icon'], ''),
|
||||
));
|
||||
return $o;
|
||||
}
|
||||
|
||||
if(($a->argc > 3) && ($a->argv[2] === 'delete')) {
|
||||
$r = q("DELETE FROM clients WHERE client_id='%s' AND uid=%d",
|
||||
dbesc($a->argv[3]),
|
||||
local_user());
|
||||
goaway($a->get_baseurl()."/settings/oauth/");
|
||||
return;
|
||||
}
|
||||
|
||||
|
||||
$r = q("SELECT clients.*, tokens.id as oauth_token, (clients.uid=%d) AS my
|
||||
FROM clients
|
||||
LEFT JOIN tokens ON clients.client_id=tokens.client_id
|
||||
WHERE clients.uid IN (%d,0)",
|
||||
local_user(),
|
||||
local_user());
|
||||
|
||||
|
||||
$tpl = get_markup_template("settings_oauth.tpl");
|
||||
$o .= replace_macros($tpl, array(
|
||||
'$baseurl' => $a->get_baseurl(),
|
||||
'$title' => t('Connected Apps'),
|
||||
'$add' => t('Add application'),
|
||||
'$edit' => t('Edit'),
|
||||
'$delete' => t('Delete'),
|
||||
'$consumerkey' => t('Client key starts with'),
|
||||
'$noname' => t('No name'),
|
||||
'$remove' => t('Remove authorization'),
|
||||
'$tabs' => $tabs,
|
||||
'$apps' => $r,
|
||||
));
|
||||
return $o;
|
||||
|
||||
}
|
||||
if(($a->argc > 1) && ($a->argv[1] === 'addon')) {
|
||||
$settings_addons = "";
|
||||
|
||||
|
||||
Reference in New Issue
Block a user