oauth: authorize view, wrong verifier.
This commit is contained in:
		
					parent
					
						
							
								ff7fc68382
							
						
					
				
			
			
				commit
				
					
						69e41f7703
					
				
			
		
					 6 changed files with 48 additions and 13 deletions
				
			
		|  | @ -5,7 +5,8 @@ | |||
|  *  | ||||
|  */ | ||||
| 
 | ||||
| define('TOKEN_DURATION', 300); | ||||
| define('REQUEST_TOKEN_DURATION', 300); | ||||
| define('ACCESS_TOKEN_DURATION', 31536000); | ||||
| 
 | ||||
| require_once("library/OAuth1.php"); | ||||
| require_once("library/oauth2-php/lib/OAuth2.inc"); | ||||
|  | @ -62,7 +63,7 @@ class FKOAuthDataStore extends OAuthDataStore { | |||
| 				dbesc($sec), | ||||
| 				dbesc($consumer->key), | ||||
| 				'request', | ||||
| 				intval(TOKEN_DURATION)); | ||||
| 				intval(REQUEST_TOKEN_DURATION)); | ||||
| 		if (!$r) return null; | ||||
| 		return new OAuthToken($key,$sec); | ||||
|   } | ||||
|  | @ -75,7 +76,11 @@ class FKOAuthDataStore extends OAuthDataStore { | |||
|      | ||||
|     $ret=Null; | ||||
|      | ||||
|     if (!is_null($token) && $token->expires > time()){ | ||||
|     // get verifier for this user
 | ||||
|     $uverifier = get_pconfig(local_user(), "oauth", "verifier"); | ||||
|      | ||||
|      | ||||
|     if (is_null($verifier) || ($verifier==$uverifier)){ | ||||
| 		 | ||||
| 		$key = $this->gen_token(); | ||||
| 		$sec = $this->gen_token(); | ||||
|  | @ -84,13 +89,22 @@ class FKOAuthDataStore extends OAuthDataStore { | |||
| 				dbesc($sec), | ||||
| 				dbesc($consumer->$key), | ||||
| 				'access', | ||||
| 				intval(TOKEN_DURATION)); | ||||
| 				intval(ACCESS_TOKEN_DURATION)); | ||||
| 		if ($r) | ||||
| 			$ret = new OAuthToken($key,$sec);		 | ||||
| 	} | ||||
| 		 | ||||
| 		 | ||||
| 	q("DELETE FROM tokens WHERE id='%s'", $token->key); | ||||
| 	//q("DELETE FROM tokens WHERE id='%s'", $token->key);
 | ||||
| 	 | ||||
| 	 | ||||
| 	if (!is_null($ret)){ | ||||
| 		//del_pconfig(local_user(), "oauth", "verifier");
 | ||||
| 		$apps = get_pconfig(local_user(), "oauth", "apps"); | ||||
| 		if ($apps===false) $apps=array(); | ||||
| 		$apps[] = $consumer->key; | ||||
| 		//set_pconfig(local_user(), "oauth", "apps", $apps);
 | ||||
| 	} | ||||
| 		 | ||||
|     return $ret; | ||||
|      | ||||
|  |  | |||
							
								
								
									
										11
									
								
								mod/api.php
									
										
									
									
									
								
							
							
						
						
									
										11
									
								
								mod/api.php
									
										
									
									
									
								
							|  | @ -52,18 +52,15 @@ function api_content(&$a) { | |||
| 			$app = oauth_get_client(); | ||||
| 			if (is_null($app)) return "Invalid request. Unknown token."; | ||||
| 			$consumer = new OAuthConsumer($app['key'], $app['secret']); | ||||
| 			 | ||||
| 			// Rev A change
 | ||||
| 			$request = OAuthRequest::from_request(); | ||||
| 			$callback = $request->get_parameter('oauth_callback'); | ||||
| 			$datastore = new FKOAuthDataStore(); | ||||
| 			$new_token = $datastore->new_request_token($consumer, $callback); | ||||
| 
 | ||||
| 			$verifier = md5($app['secret'].local_user()); | ||||
| 			set_pconfig(local_user(), "oauth", "verifier", $verifier); | ||||
| 			 | ||||
| 			$tpl = get_markup_template("oauth_authorize_done.tpl"); | ||||
| 			$o = replace_macros($tpl, array( | ||||
| 				'$title' => t('Authorize application connection'), | ||||
| 				'$info' => t('Return to your app and insert this Securty Code:'), | ||||
| 				'$code' => $new_token->key, | ||||
| 				'$code' => $verifier, | ||||
| 			)); | ||||
| 		 | ||||
| 			return $o; | ||||
|  |  | |||
|  | @ -362,7 +362,6 @@ function settings_content(&$a) { | |||
| 		$o .= replace_macros($tpl, array( | ||||
| 			'$title'	=> t('Connected Apps'), | ||||
| 			'$tabs'		=> $tabs, | ||||
| 			'$settings_addons' => $settings_addons | ||||
| 		)); | ||||
| 		return $o; | ||||
| 		 | ||||
|  |  | |||
							
								
								
									
										11
									
								
								view/oauth_authorize.tpl
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										11
									
								
								view/oauth_authorize.tpl
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,11 @@ | |||
| <h1>$title</h1> | ||||
| 
 | ||||
| <div class='oauthapp'> | ||||
| 	<img src='$app.icon'> | ||||
| 	<h4>$app.name</h4> | ||||
| 	<p>$app.client_id</p> | ||||
| </div> | ||||
| <h3>$authorize</h3> | ||||
| <form method="POST"> | ||||
| <div class="submit"><input type="submit" name="oauth_yes" value="$yes" /></div> | ||||
| </form> | ||||
							
								
								
									
										4
									
								
								view/oauth_authorize_done.tpl
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										4
									
								
								view/oauth_authorize_done.tpl
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,4 @@ | |||
| <h1>$title</h1> | ||||
| 
 | ||||
| <p>$info</p> | ||||
| <code>$code</code> | ||||
							
								
								
									
										10
									
								
								view/settings_oauth.tpl
									
										
									
									
									
										Normal file
									
								
							
							
						
						
									
										10
									
								
								view/settings_oauth.tpl
									
										
									
									
									
										Normal file
									
								
							|  | @ -0,0 +1,10 @@ | |||
| $tabs | ||||
| 
 | ||||
| <h1>$title</h1> | ||||
| 
 | ||||
| 
 | ||||
| <form action="settings/addon" method="post" autocomplete="off"> | ||||
| 
 | ||||
| $settings_addons | ||||
| 
 | ||||
| </form> | ||||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue