oauth: authorize view, wrong verifier.
This commit is contained in:
Fabio Comuni
parent
ff7fc68382
commit
69e41f7703
|
|
@ -5,7 +5,8 @@
|
|||
*
|
||||
*/
|
||||
|
||||
define('TOKEN_DURATION', 300);
|
||||
define('REQUEST_TOKEN_DURATION', 300);
|
||||
define('ACCESS_TOKEN_DURATION', 31536000);
|
||||
|
||||
require_once("library/OAuth1.php");
|
||||
require_once("library/oauth2-php/lib/OAuth2.inc");
|
||||
|
|
@ -62,7 +63,7 @@ class FKOAuthDataStore extends OAuthDataStore {
|
|||
dbesc($sec),
|
||||
dbesc($consumer->key),
|
||||
'request',
|
||||
intval(TOKEN_DURATION));
|
||||
intval(REQUEST_TOKEN_DURATION));
|
||||
if (!$r) return null;
|
||||
return new OAuthToken($key,$sec);
|
||||
}
|
||||
|
|
@ -75,7 +76,11 @@ class FKOAuthDataStore extends OAuthDataStore {
|
|||
|
||||
$ret=Null;
|
||||
|
||||
if (!is_null($token) && $token->expires > time()){
|
||||
// get verifier for this user
|
||||
$uverifier = get_pconfig(local_user(), "oauth", "verifier");
|
||||
|
||||
|
||||
if (is_null($verifier) || ($verifier==$uverifier)){
|
||||
|
||||
$key = $this->gen_token();
|
||||
$sec = $this->gen_token();
|
||||
|
|
@ -84,13 +89,22 @@ class FKOAuthDataStore extends OAuthDataStore {
|
|||
dbesc($sec),
|
||||
dbesc($consumer->$key),
|
||||
'access',
|
||||
intval(TOKEN_DURATION));
|
||||
intval(ACCESS_TOKEN_DURATION));
|
||||
if ($r)
|
||||
$ret = new OAuthToken($key,$sec);
|
||||
}
|
||||
|
||||
|
||||
q("DELETE FROM tokens WHERE id='%s'", $token->key);
|
||||
//q("DELETE FROM tokens WHERE id='%s'", $token->key);
|
||||
|
||||
|
||||
if (!is_null($ret)){
|
||||
//del_pconfig(local_user(), "oauth", "verifier");
|
||||
$apps = get_pconfig(local_user(), "oauth", "apps");
|
||||
if ($apps===false) $apps=array();
|
||||
$apps[] = $consumer->key;
|
||||
//set_pconfig(local_user(), "oauth", "apps", $apps);
|
||||
}
|
||||
|
||||
return $ret;
|
||||
|
||||
|
|
|
|||
11
mod/api.php
11
mod/api.php
|
|
@ -52,18 +52,15 @@ function api_content(&$a) {
|
|||
$app = oauth_get_client();
|
||||
if (is_null($app)) return "Invalid request. Unknown token.";
|
||||
$consumer = new OAuthConsumer($app['key'], $app['secret']);
|
||||
|
||||
// Rev A change
|
||||
$request = OAuthRequest::from_request();
|
||||
$callback = $request->get_parameter('oauth_callback');
|
||||
$datastore = new FKOAuthDataStore();
|
||||
$new_token = $datastore->new_request_token($consumer, $callback);
|
||||
|
||||
$verifier = md5($app['secret'].local_user());
|
||||
set_pconfig(local_user(), "oauth", "verifier", $verifier);
|
||||
|
||||
$tpl = get_markup_template("oauth_authorize_done.tpl");
|
||||
$o = replace_macros($tpl, array(
|
||||
'$title' => t('Authorize application connection'),
|
||||
'$info' => t('Return to your app and insert this Securty Code:'),
|
||||
'$code' => $new_token->key,
|
||||
'$code' => $verifier,
|
||||
));
|
||||
|
||||
return $o;
|
||||
|
|
|
|||
|
|
@ -362,7 +362,6 @@ function settings_content(&$a) {
|
|||
$o .= replace_macros($tpl, array(
|
||||
'$title' => t('Connected Apps'),
|
||||
'$tabs' => $tabs,
|
||||
'$settings_addons' => $settings_addons
|
||||
));
|
||||
return $o;
|
||||
|
||||
|
|
|
|||
11
view/oauth_authorize.tpl
Normal file
11
view/oauth_authorize.tpl
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
<h1>$title</h1>
|
||||
|
||||
<div class='oauthapp'>
|
||||
<img src='$app.icon'>
|
||||
<h4>$app.name</h4>
|
||||
<p>$app.client_id</p>
|
||||
</div>
|
||||
<h3>$authorize</h3>
|
||||
<form method="POST">
|
||||
<div class="submit"><input type="submit" name="oauth_yes" value="$yes" /></div>
|
||||
</form>
|
||||
4
view/oauth_authorize_done.tpl
Normal file
4
view/oauth_authorize_done.tpl
Normal file
|
|
@ -0,0 +1,4 @@
|
|||
<h1>$title</h1>
|
||||
|
||||
<p>$info</p>
|
||||
<code>$code</code>
|
||||
10
view/settings_oauth.tpl
Normal file
10
view/settings_oauth.tpl
Normal file
|
|
@ -0,0 +1,10 @@
|
|||
$tabs
|
||||
|
||||
<h1>$title</h1>
|
||||
|
||||
|
||||
<form action="settings/addon" method="post" autocomplete="off">
|
||||
|
||||
$settings_addons
|
||||
|
||||
</form>
|
||||
Loading…
Reference in a new issue