Browse Source

oauth: authorize view, wrong verifier.

pull/2/head
Fabio Comuni 10 years ago
parent
commit
69e41f7703
6 changed files with 48 additions and 13 deletions
  1. +19
    -5
      include/oauth.php
  2. +4
    -7
      mod/api.php
  3. +0
    -1
      mod/settings.php
  4. +11
    -0
      view/oauth_authorize.tpl
  5. +4
    -0
      view/oauth_authorize_done.tpl
  6. +10
    -0
      view/settings_oauth.tpl

+ 19
- 5
include/oauth.php View File

@ -5,7 +5,8 @@
*
*/
define('TOKEN_DURATION', 300);
define('REQUEST_TOKEN_DURATION', 300);
define('ACCESS_TOKEN_DURATION', 31536000);
require_once("library/OAuth1.php");
require_once("library/oauth2-php/lib/OAuth2.inc");
@ -62,7 +63,7 @@ class FKOAuthDataStore extends OAuthDataStore {
dbesc($sec),
dbesc($consumer->key),
'request',
intval(TOKEN_DURATION));
intval(REQUEST_TOKEN_DURATION));
if (!$r) return null;
return new OAuthToken($key,$sec);
}
@ -75,7 +76,11 @@ class FKOAuthDataStore extends OAuthDataStore {
$ret=Null;
if (!is_null($token) && $token->expires > time()){
// get verifier for this user
$uverifier = get_pconfig(local_user(), "oauth", "verifier");
if (is_null($verifier) || ($verifier==$uverifier)){
$key = $this->gen_token();
$sec = $this->gen_token();
@ -84,13 +89,22 @@ class FKOAuthDataStore extends OAuthDataStore {
dbesc($sec),
dbesc($consumer->$key),
'access',
intval(TOKEN_DURATION));
intval(ACCESS_TOKEN_DURATION));
if ($r)
$ret = new OAuthToken($key,$sec);
}
q("DELETE FROM tokens WHERE id='%s'", $token->key);
//q("DELETE FROM tokens WHERE id='%s'", $token->key);
if (!is_null($ret)){
//del_pconfig(local_user(), "oauth", "verifier");
$apps = get_pconfig(local_user(), "oauth", "apps");
if ($apps===false) $apps=array();
$apps[] = $consumer->key;
//set_pconfig(local_user(), "oauth", "apps", $apps);
}
return $ret;


+ 4
- 7
mod/api.php View File

@ -52,18 +52,15 @@ function api_content(&$a) {
$app = oauth_get_client();
if (is_null($app)) return "Invalid request. Unknown token.";
$consumer = new OAuthConsumer($app['key'], $app['secret']);
// Rev A change
$request = OAuthRequest::from_request();
$callback = $request->get_parameter('oauth_callback');
$datastore = new FKOAuthDataStore();
$new_token = $datastore->new_request_token($consumer, $callback);
$verifier = md5($app['secret'].local_user());
set_pconfig(local_user(), "oauth", "verifier", $verifier);
$tpl = get_markup_template("oauth_authorize_done.tpl");
$o = replace_macros($tpl, array(
'$title' => t('Authorize application connection'),
'$info' => t('Return to your app and insert this Securty Code:'),
'$code' => $new_token->key,
'$code' => $verifier,
));
return $o;


+ 0
- 1
mod/settings.php View File

@ -362,7 +362,6 @@ function settings_content(&$a) {
$o .= replace_macros($tpl, array(
'$title' => t('Connected Apps'),
'$tabs' => $tabs,
'$settings_addons' => $settings_addons
));
return $o;


+ 11
- 0
view/oauth_authorize.tpl View File

@ -0,0 +1,11 @@
<h1>$title</h1>
<div class='oauthapp'>
<img src='$app.icon'>
<h4>$app.name</h4>
<p>$app.client_id</p>
</div>
<h3>$authorize</h3>
<form method="POST">
<div class="submit"><input type="submit" name="oauth_yes" value="$yes" /></div>
</form>

+ 4
- 0
view/oauth_authorize_done.tpl View File

@ -0,0 +1,4 @@
<h1>$title</h1>
<p>$info</p>
<code>$code</code>

+ 10
- 0
view/settings_oauth.tpl View File

@ -0,0 +1,10 @@
$tabs
<h1>$title</h1>
<form action="settings/addon" method="post" autocomplete="off">
$settings_addons
</form>

Loading…
Cancel
Save