Merge pull request #4009 from zeroadam/OAuth-hotfix

OAuth hotfix
This commit is contained in:
Hypolite Petovan 2017-12-04 21:32:52 -05:00 committed by GitHub
commit 82df294e31
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 17 additions and 10 deletions

View file

@ -157,11 +157,12 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY
*/ */
function api_login(App $a) function api_login(App $a)
{ {
$oauth1 = new FKOAuth1();
// login with oauth // login with oauth
try { try {
list($consumer, $token) = FKOAuth1::verify_request(OAuthRequest::from_request()); list($consumer, $token) = $oauth1->verify_request(OAuthRequest::from_request());
if (!is_null($token)) { if (!is_null($token)) {
FKOAuth1::loginUser($token->uid); $oauth1->loginUser($token->uid);
call_hooks('logged_in', $a->user); call_hooks('logged_in', $a->user);
return; return;
} }
@ -3363,8 +3364,9 @@ api_register_func('api/direct_messages', 'api_direct_messages_inbox', true);
function api_oauth_request_token($type) function api_oauth_request_token($type)
{ {
$oauth1 = new FKOAuth1();
try { try {
$r = FKOAuth1::fetch_request_token(OAuthRequest::from_request()); $r = $oauth1->fetch_request_token(OAuthRequest::from_request());
} catch (Exception $e) { } catch (Exception $e) {
echo "error=" . OAuthUtil::urlencode_rfc3986($e->getMessage()); echo "error=" . OAuthUtil::urlencode_rfc3986($e->getMessage());
killme(); killme();
@ -3375,8 +3377,9 @@ function api_oauth_request_token($type)
function api_oauth_access_token($type) function api_oauth_access_token($type)
{ {
$oauth1 = new FKOAuth1();
try { try {
$r = FKOAuth1::fetch_access_token(OAuthRequest::from_request()); $r = $oauth1->fetch_access_token(OAuthRequest::from_request());
} catch (Exception $e) { } catch (Exception $e) {
echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage()); echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage());
killme(); killme();

View file

@ -10,6 +10,9 @@ use Friendica\Core\System;
use Friendica\Database\DBM; use Friendica\Database\DBM;
use Friendica\Network\FKOAuthDataStore; use Friendica\Network\FKOAuthDataStore;
use dba; use dba;
use OAuthServer;
use OAuthSignatureMethod_PLAINTEXT;
use OAuthSignatureMethod_HMAC_SHA1;
require_once "library/OAuth1.php"; require_once "library/OAuth1.php";
require_once "include/plugin.php"; require_once "include/plugin.php";
@ -33,7 +36,7 @@ class FKOAuth1 extends OAuthServer
* @param string $uid user id * @param string $uid user id
* @return void * @return void
*/ */
public static function loginUser($uid) public function loginUser($uid)
{ {
logger("FKOAuth1::loginUser $uid"); logger("FKOAuth1::loginUser $uid");
$a = get_app(); $a = get_app();

View file

@ -12,6 +12,7 @@ use Friendica\Core\Config;
use Friendica\Core\System; use Friendica\Core\System;
use Friendica\Database\DBM; use Friendica\Database\DBM;
use dba; use dba;
use OAuthDataStore;
define('REQUEST_TOKEN_DURATION', 300); define('REQUEST_TOKEN_DURATION', 300);
define('ACCESS_TOKEN_DURATION', 31536000); define('ACCESS_TOKEN_DURATION', 31536000);
@ -36,7 +37,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $consumer_key key * @param string $consumer_key key
* @return mixed * @return mixed
*/ */
public static function lookup_consumer($consumer_key) public function lookup_consumer($consumer_key)
{ {
logger(__function__.":".$consumer_key); logger(__function__.":".$consumer_key);
@ -56,7 +57,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $token token * @param string $token token
* @return mixed * @return mixed
*/ */
public static function lookup_token($consumer, $token_type, $token) public function lookup_token($consumer, $token_type, $token)
{ {
logger(__function__.":".$consumer.", ". $token_type.", ".$token); logger(__function__.":".$consumer.", ". $token_type.", ".$token);
@ -81,7 +82,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $timestamp timestamp * @param string $timestamp timestamp
* @return mixed * @return mixed
*/ */
public static function lookup_nonce($consumer, $token, $nonce, $timestamp) public function lookup_nonce($consumer, $token, $nonce, $timestamp)
{ {
$r = dba::select('tokens', ['id', 'secret'], ['client_id' => $consumer->key, 'id' => $nonce, 'expires' => $timestamp], ['limit' => 1]); $r = dba::select('tokens', ['id', 'secret'], ['client_id' => $consumer->key, 'id' => $nonce, 'expires' => $timestamp], ['limit' => 1]);
@ -97,7 +98,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $callback optional, default null * @param string $callback optional, default null
* @return mixed * @return mixed
*/ */
public static function new_request_token($consumer, $callback = null) public function new_request_token($consumer, $callback = null)
{ {
logger(__function__.":".$consumer.", ". $callback); logger(__function__.":".$consumer.", ". $callback);
$key = self::genToken(); $key = self::genToken();
@ -132,7 +133,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $verifier optional, defult null * @param string $verifier optional, defult null
* @return object * @return object
*/ */
public static function new_access_token($token, $consumer, $verifier = null) public function new_access_token($token, $consumer, $verifier = null)
{ {
logger(__function__.":".$token.", ". $consumer.", ". $verifier); logger(__function__.":".$token.", ". $consumer.", ". $verifier);