oauthapi: authorize app
This commit is contained in:
		
					parent
					
						
							
								b06588ffa1
							
						
					
				
			
			
				commit
				
					
						ff7fc68382
					
				
			
		
					 5 changed files with 125 additions and 8 deletions
				
			
		|  | @ -1158,9 +1158,8 @@ | |||
| 		echo "oauth_token=".$r->key."&oauth_secret=".$r->secret; | ||||
| 		killme();			 | ||||
| 	} | ||||
| 	function api_oauth_authorize(&$a, $type){ | ||||
| 	} | ||||
| 
 | ||||
| 	api_register_func('api/oauth/request_token', 'api_oauth_request_token', false); | ||||
| 	api_register_func('api/oauth/access_token', 'api_oauth_access_token', false); | ||||
| 	api_register_func('api/oauth/authorize', 'api_oauth_authorize', false); | ||||
| 
 | ||||
| 
 | ||||
|  |  | |||
|  | @ -101,6 +101,7 @@ class FKOAuth1 extends OAuthServer { | |||
| 	function __construct() { | ||||
| 		parent::__construct(new FKOAuthDataStore()); | ||||
| 		$this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT()); | ||||
| 		$this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1()); | ||||
| 	} | ||||
| } | ||||
| 
 | ||||
|  |  | |||
|  | @ -85,7 +85,8 @@ abstract class OAuthSignatureMethod { | |||
|    */ | ||||
|   public function check_signature($request, $consumer, $token, $signature) { | ||||
|     $built = $this->build_signature($request, $consumer, $token); | ||||
|     return $built == $signature; | ||||
|     //echo "<pre>"; var_dump($signature, $built, ($built == $signature)); killme();
 | ||||
|     return ($built == $signature); | ||||
|   } | ||||
| } | ||||
| 
 | ||||
|  | @ -113,7 +114,9 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { | |||
|     $key_parts = OAuthUtil::urlencode_rfc3986($key_parts); | ||||
|     $key = implode('&', $key_parts); | ||||
| 
 | ||||
|     return base64_encode(hash_hmac('sha1', $base_string, $key, true)); | ||||
| 
 | ||||
|     $r = base64_encode(hash_hmac('sha1', $base_string, $key, true)); | ||||
|     return $r; | ||||
|   } | ||||
| } | ||||
| 
 | ||||
|  | @ -282,7 +285,12 @@ class OAuthRequest { | |||
|       } | ||||
| 
 | ||||
|     } | ||||
| 
 | ||||
|     // fix for friendika redirect system
 | ||||
|      | ||||
|     $http_url =  substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q'])); | ||||
|     unset( $parameters['q'] ); | ||||
|      | ||||
| 	//echo "<pre>".__function__."\n"; var_dump($http_method, $http_url, $parameters, $_SERVER['REQUEST_URI']); killme();
 | ||||
|     return new OAuthRequest($http_method, $http_url, $parameters); | ||||
|   } | ||||
| 
 | ||||
|  | @ -642,6 +650,7 @@ class OAuthServer { | |||
|       $token, | ||||
|       $signature | ||||
|     ); | ||||
| 	 | ||||
| 
 | ||||
|     if (!$valid_sig) { | ||||
|       throw new OAuthException("Invalid signature"); | ||||
|  |  | |||
							
								
								
									
										94
									
								
								mod/api.php
									
										
									
									
									
								
							
							
						
						
									
										94
									
								
								mod/api.php
									
										
									
									
									
								
							|  | @ -2,7 +2,101 @@ | |||
| 
 | ||||
| require_once('include/api.php'); | ||||
| 
 | ||||
| function oauth_get_client(){ | ||||
| 	// get consumer/client from request token
 | ||||
| 	try { | ||||
| 		$request = OAuthRequest::from_request(); | ||||
| 	} catch(Exception $e) { | ||||
| 		echo "<pre>"; var_dump($e); killme(); | ||||
| 	} | ||||
| 	 | ||||
| 	$params = $request->get_parameters(); | ||||
| 	$token = $params['oauth_token']; | ||||
| 	 | ||||
| 	$r = q("SELECT `clients`.* 
 | ||||
| 			FROM `clients`, `tokens`  | ||||
| 			WHERE `clients`.`client_id`=`tokens`.`client_id`  | ||||
| 			AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
 | ||||
| 			dbesc($token)); | ||||
| 
 | ||||
| 	if (!count($r)) | ||||
| 		return null; | ||||
| 	 | ||||
| 	return $r[0]; | ||||
| } | ||||
| 
 | ||||
| function api_post(&$a) { | ||||
| 
 | ||||
| 	if(! local_user()) { | ||||
| 		notice( t('Permission denied.') . EOL); | ||||
| 		return; | ||||
| 	} | ||||
| 
 | ||||
| 	if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) { | ||||
| 		notice( t('Permission denied.') . EOL); | ||||
| 		return; | ||||
| 	} | ||||
| 
 | ||||
| } | ||||
| 
 | ||||
| function api_content(&$a) { | ||||
| 	if ($a->cmd=='api/oauth/authorize'){ | ||||
| 		/*  | ||||
| 		 * api/oauth/authorize interact with the user. return a standard page | ||||
| 		 */ | ||||
| 		 | ||||
| 		 | ||||
| 		if (x($_POST,'oauth_yes')){ | ||||
| 		 | ||||
| 		 | ||||
| 			$app = oauth_get_client(); | ||||
| 			if (is_null($app)) return "Invalid request. Unknown token."; | ||||
| 			$consumer = new OAuthConsumer($app['key'], $app['secret']); | ||||
| 			 | ||||
| 			// Rev A change
 | ||||
| 			$request = OAuthRequest::from_request(); | ||||
| 			$callback = $request->get_parameter('oauth_callback'); | ||||
| 			$datastore = new FKOAuthDataStore(); | ||||
| 			$new_token = $datastore->new_request_token($consumer, $callback); | ||||
| 			 | ||||
| 			$tpl = get_markup_template("oauth_authorize_done.tpl"); | ||||
| 			$o = replace_macros($tpl, array( | ||||
| 				'$title' => t('Authorize application connection'), | ||||
| 				'$info' => t('Return to your app and insert this Securty Code:'), | ||||
| 				'$code' => $new_token->key, | ||||
| 			)); | ||||
| 		 | ||||
| 			return $o; | ||||
| 		 | ||||
| 		 | ||||
| 		} | ||||
| 	 | ||||
| 		 | ||||
| 		 | ||||
| 		if(! local_user()) { | ||||
| 			//TODO: we need login form to redirect to this page
 | ||||
| 			notice( t('Please login to continue.') . EOL ); | ||||
| 			return login(false); | ||||
| 		} | ||||
| 		 | ||||
| 		$app = oauth_get_client(); | ||||
| 		if (is_null($app)) return "Invalid request. Unknown token."; | ||||
| 		 | ||||
| 		 | ||||
| 		$tpl = get_markup_template('oauth_authorize.tpl'); | ||||
| 		$o = replace_macros($tpl, array( | ||||
| 			'$title' => t('Authorize application connection'), | ||||
| 			'$app' => $app, | ||||
| 			'$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'), | ||||
| 			'$yes'	=> t('Yes'), | ||||
| 			'$no'	=> t('No'), | ||||
| 		)); | ||||
| 		 | ||||
| 		//echo "<pre>"; var_dump($app); killme();
 | ||||
| 		 | ||||
| 		return $o; | ||||
| 	} | ||||
| 	 | ||||
| 	echo api_call($a); | ||||
| 	killme(); | ||||
| } | ||||
|  |  | |||
|  | @ -339,6 +339,11 @@ function settings_content(&$a) { | |||
| 			'url' 	=> $a->get_baseurl().'/settings/addon', | ||||
| 			'sel'	=> (($a->argc > 1) && ($a->argv[1] === 'addon')?'active':''), | ||||
| 		), | ||||
| 		array( | ||||
| 			'label' => t('Connections'), | ||||
| 			'url' => $a->get_baseurl() . '/settings/oauth', | ||||
| 			'sel' => (($a->argc > 1) && ($a->argv[1] === 'oauth')?'active':''), | ||||
| 		), | ||||
| 		array( | ||||
| 			'label' => t('Export personal data'), | ||||
| 			'url' => $a->get_baseurl() . '/uexport', | ||||
|  | @ -351,8 +356,17 @@ function settings_content(&$a) { | |||
| 		'$tabs' => $tabs, | ||||
| 	)); | ||||
| 		 | ||||
| 	 | ||||
| 
 | ||||
| 	if(($a->argc > 1) && ($a->argv[1] === 'oauth')) { | ||||
| 		 | ||||
| 		$tpl = get_markup_template("settings_oauth.tpl"); | ||||
| 		$o .= replace_macros($tpl, array( | ||||
| 			'$title'	=> t('Connected Apps'), | ||||
| 			'$tabs'		=> $tabs, | ||||
| 			'$settings_addons' => $settings_addons | ||||
| 		)); | ||||
| 		return $o; | ||||
| 		 | ||||
| 	} | ||||
| 	if(($a->argc > 1) && ($a->argv[1] === 'addon')) { | ||||
| 		$settings_addons = ""; | ||||
| 		 | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue