harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

An authorization token is received, but I had to modify the Request class in vendor/bshaffer/oauth2-server-php/ to accept $_REQUEST instead of $_POST.

Browse Source
This commit is contained in:
Andrew Manning
2018-02-25 08:36:40 -05:00
parent 497ebca54f
commit 70b8f3240f
4 changed files with 69 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
Zotlabs/Module/Authorize.php
View File

@@ -79,17 +79,18 @@ class Authorize extends \Zotlabs\Web\Controller {
$redirect_uri = $_POST['redirect_uri'] = 'https://fake.example.com';
}
$request = \OAuth2\Request::createFromGlobals();
$response = new \OAuth2\Response();
// If the client is not registered, add to the database
if (!$storage->getClientDetails($client_id)) {
$client_secret = random_string(16);
// Client apps are registered per channel
$user_id = local_channel();
$storage->setClientDetails($client_id, $client_secret, $redirect_uri, null, null, $user_id);
$storage->setClientDetails($client_id, $client_secret, $redirect_uri, 'authorization_code', null, $user_id);
$response->setParameter('client_secret', $client_secret);
}
$request = \OAuth2\Request::createFromGlobals();
$response = new \OAuth2\Response();
// validate the authorize request
if (!$s->validateAuthorizeRequest($request, $response)) {
$response->send();