Merge pull request #4009 from zeroadam/OAuth-hotfix

OAuth hotfix
This commit is contained in:
Hypolite Petovan 2017-12-04 21:32:52 -05:00 committed by GitHub
commit 82df294e31
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 17 additions and 10 deletions

View file

@ -157,11 +157,12 @@ function api_register_func($path, $func, $auth = false, $method = API_METHOD_ANY
*/
function api_login(App $a)
{
$oauth1 = new FKOAuth1();
// login with oauth
try {
list($consumer, $token) = FKOAuth1::verify_request(OAuthRequest::from_request());
list($consumer, $token) = $oauth1->verify_request(OAuthRequest::from_request());
if (!is_null($token)) {
FKOAuth1::loginUser($token->uid);
$oauth1->loginUser($token->uid);
call_hooks('logged_in', $a->user);
return;
}
@ -3363,8 +3364,9 @@ api_register_func('api/direct_messages', 'api_direct_messages_inbox', true);
function api_oauth_request_token($type)
{
$oauth1 = new FKOAuth1();
try {
$r = FKOAuth1::fetch_request_token(OAuthRequest::from_request());
$r = $oauth1->fetch_request_token(OAuthRequest::from_request());
} catch (Exception $e) {
echo "error=" . OAuthUtil::urlencode_rfc3986($e->getMessage());
killme();
@ -3375,8 +3377,9 @@ function api_oauth_request_token($type)
function api_oauth_access_token($type)
{
$oauth1 = new FKOAuth1();
try {
$r = FKOAuth1::fetch_access_token(OAuthRequest::from_request());
$r = $oauth1->fetch_access_token(OAuthRequest::from_request());
} catch (Exception $e) {
echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage());
killme();

View file

@ -10,6 +10,9 @@ use Friendica\Core\System;
use Friendica\Database\DBM;
use Friendica\Network\FKOAuthDataStore;
use dba;
use OAuthServer;
use OAuthSignatureMethod_PLAINTEXT;
use OAuthSignatureMethod_HMAC_SHA1;
require_once "library/OAuth1.php";
require_once "include/plugin.php";
@ -33,7 +36,7 @@ class FKOAuth1 extends OAuthServer
* @param string $uid user id
* @return void
*/
public static function loginUser($uid)
public function loginUser($uid)
{
logger("FKOAuth1::loginUser $uid");
$a = get_app();

View file

@ -12,6 +12,7 @@ use Friendica\Core\Config;
use Friendica\Core\System;
use Friendica\Database\DBM;
use dba;
use OAuthDataStore;
define('REQUEST_TOKEN_DURATION', 300);
define('ACCESS_TOKEN_DURATION', 31536000);
@ -36,7 +37,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $consumer_key key
* @return mixed
*/
public static function lookup_consumer($consumer_key)
public function lookup_consumer($consumer_key)
{
logger(__function__.":".$consumer_key);
@ -56,7 +57,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $token token
* @return mixed
*/
public static function lookup_token($consumer, $token_type, $token)
public function lookup_token($consumer, $token_type, $token)
{
logger(__function__.":".$consumer.", ". $token_type.", ".$token);
@ -81,7 +82,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $timestamp timestamp
* @return mixed
*/
public static function lookup_nonce($consumer, $token, $nonce, $timestamp)
public function lookup_nonce($consumer, $token, $nonce, $timestamp)
{
$r = dba::select('tokens', ['id', 'secret'], ['client_id' => $consumer->key, 'id' => $nonce, 'expires' => $timestamp], ['limit' => 1]);
@ -97,7 +98,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $callback optional, default null
* @return mixed
*/
public static function new_request_token($consumer, $callback = null)
public function new_request_token($consumer, $callback = null)
{
logger(__function__.":".$consumer.", ". $callback);
$key = self::genToken();
@ -132,7 +133,7 @@ class FKOAuthDataStore extends OAuthDataStore
* @param string $verifier optional, defult null
* @return object
*/
public static function new_access_token($token, $consumer, $verifier = null)
public function new_access_token($token, $consumer, $verifier = null)
{
logger(__function__.":".$token.", ". $consumer.", ". $verifier);