A bit of api cleanup. Don't get excited. This is like a 0.005% cleanup but you have to start somewhere.
This commit is contained in:
redmatrix
@@ -8,20 +8,15 @@ require_once('include/api.php');
|
||||
class Api extends \Zotlabs\Web\Controller {
|
||||
|
||||
function post() {
|
||||
|
||||
if(! local_channel()) {
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
if(count(\App::$user) && x(\App::$user,'uid') && \App::$user['uid'] != local_channel()) {
|
||||
notice( t('Permission denied.') . EOL);
|
||||
return;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
function get() {
|
||||
function get() {
|
||||
|
||||
if(\App::$cmd=='api/oauth/authorize'){
|
||||
|
||||
/*
|
||||
@@ -33,7 +28,8 @@ class Api extends \Zotlabs\Web\Controller {
|
||||
// get consumer/client from request token
|
||||
try {
|
||||
$request = OAuth1Request::from_request();
|
||||
} catch(Exception $e) {
|
||||
}
|
||||
catch(Exception $e) {
|
||||
echo "<pre>"; var_dump($e); killme();
|
||||
}
|
||||
|
||||
@@ -41,17 +37,20 @@ class Api extends \Zotlabs\Web\Controller {
|
||||
if(x($_POST,'oauth_yes')){
|
||||
|
||||
$app = $this->oauth_get_client($request);
|
||||
if (is_null($app)) return "Invalid request. Unknown token.";
|
||||
if (is_null($app))
|
||||
return "Invalid request. Unknown token.";
|
||||
|
||||
$consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
|
||||
|
||||
$verifier = md5($app['secret'].local_channel());
|
||||
set_config("oauth", $verifier, local_channel());
|
||||
|
||||
|
||||
if($consumer->callback_url!=null) {
|
||||
if($consumer->callback_url != null) {
|
||||
$params = $request->get_parameters();
|
||||
$glue="?";
|
||||
if (strstr($consumer->callback_url,$glue)) $glue="?";
|
||||
$glue = '?';
|
||||
if(strstr($consumer->callback_url,$glue))
|
||||
$glue = '?';
|
||||
goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
|
||||
killme();
|
||||
}
|
||||
@@ -59,7 +58,7 @@ class Api extends \Zotlabs\Web\Controller {
|
||||
$tpl = get_markup_template("oauth_authorize_done.tpl");
|
||||
$o = replace_macros($tpl, array(
|
||||
'$title' => t('Authorize application connection'),
|
||||
'$info' => t('Return to your app and insert this Securty Code:'),
|
||||
'$info' => t('Return to your app and insert this Security Code:'),
|
||||
'$code' => $verifier,
|
||||
));
|
||||
|
||||
@@ -72,14 +71,11 @@ class Api extends \Zotlabs\Web\Controller {
|
||||
notice( t('Please login to continue.') . EOL );
|
||||
return login(false,'api-login',$request->get_parameters());
|
||||
}
|
||||
//FKOAuth1::loginUser(4);
|
||||
|
||||
$app = $this->oauth_get_client($request);
|
||||
if (is_null($app)) return "Invalid request. Unknown token.";
|
||||
|
||||
|
||||
|
||||
|
||||
if (is_null($app))
|
||||
return "Invalid request. Unknown token.";
|
||||
|
||||
$tpl = get_markup_template('oauth_authorize.tpl');
|
||||
$o = replace_macros($tpl, array(
|
||||
'$title' => t('Authorize application connection'),
|
||||
@@ -100,23 +96,18 @@ class Api extends \Zotlabs\Web\Controller {
|
||||
|
||||
function oauth_get_client($request){
|
||||
|
||||
|
||||
$params = $request->get_parameters();
|
||||
$token = $params['oauth_token'];
|
||||
$token = $params['oauth_token'];
|
||||
|
||||
$r = q("SELECT `clients`.*
|
||||
FROM `clients`, `tokens`
|
||||
WHERE `clients`.`client_id`=`tokens`.`client_id`
|
||||
AND `tokens`.`id`='%s' AND `tokens`.`auth_scope`='request'",
|
||||
dbesc($token));
|
||||
$r = q("SELECT clients.* FROM clients, tokens WHERE clients.client_id = tokens.client_id
|
||||
AND tokens.id = '%s' AND tokens.auth_scope = 'request' ",
|
||||
dbesc($token)
|
||||
);
|
||||
if($r)
|
||||
return $r[0];
|
||||
|
||||
if (!count($r))
|
||||
return null;
|
||||
return null;
|
||||
|
||||
return $r[0];
|
||||
}
|
||||
|
||||
|
||||
|
||||
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user