friendica/mod/api.php

<?php

require_once('include/api.php');

function oauth_get_client($request){


	$params = $request->get_parameters();
	$token = $params['oauth_token'];

	$r = q("SELECT `clients`.*
			FROM `clients`, `tokens`
			WHERE `clients`.`client_id`=`tokens`.`client_id`
			AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
			dbesc($token));

	if (!count($r))
		return null;

	return $r[0];
}

function api_post(&$a) {

	if(! local_user()) {
		notice( t('Permission denied.') . EOL);
		return;
	}

	if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) {
		notice( t('Permission denied.') . EOL);
		return;
	}

}

function api_content(&$a) {
	if ($a->cmd=='api/oauth/authorize'){
		/*
		 * api/oauth/authorize interact with the user. return a standard page
		 */

		$a->page['template'] = "minimal";


		// get consumer/client from request token
		try {
			$request = OAuthRequest::from_request();
		} catch(Exception $e) {
			echo "<pre>"; var_dump($e); killme();
		}


		if (x($_POST,'oauth_yes')){

			$app = oauth_get_client($request);
			if (is_null($app)) return "Invalid request. Unknown token.";
			$consumer = new OAuthConsumer($app['client_id'], $app['pw'], $app['redirect_uri']);

			$verifier = md5($app['secret'].local_user());
			set_config("oauth", $verifier, local_user());


			if ($consumer->callback_url!=null) {
				$params = $request->get_parameters();
				$glue="?";
				if (strstr($consumer->callback_url,$glue)) $glue="?";
				goaway($consumer->callback_url.$glue."oauth_token=".OAuthUtil::urlencode_rfc3986($params['oauth_token'])."&oauth_verifier=".OAuthUtil::urlencode_rfc3986($verifier));
				killme();
			}


			$tpl = get_markup_template("oauth_authorize_done.tpl");
			$o = replace_macros($tpl, array(
				'$title' => t('Authorize application connection'),
				'$info' => t('Return to your app and insert this Securty Code:'),
				'$code' => $verifier,
			));

			return $o;


		}


		if(! local_user()) {
			/// @TODO We need login form to redirect to this page
			notice( t('Please login to continue.') . EOL );
			return login(false,$request->get_parameters());
		}
		//FKOAuth1::loginUser(4);

		$app = oauth_get_client($request);
		if (is_null($app)) return "Invalid request. Unknown token.";


		$tpl = get_markup_template('oauth_authorize.tpl');
		$o = replace_macros($tpl, array(
			'$title' => t('Authorize application connection'),
			'$app' => $app,
			'$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
			'$yes'	=> t('Yes'),
			'$no'	=> t('No'),
		));

		//echo "<pre>"; var_dump($app); killme();

		return $o;
	}

	echo api_call($a);
	killme();
}
First attemp of api 2011-02-15 12:24:21 +01:00			`<?php`
Revert "Updated modules to allow for partial overrides without errors" This reverts commit db949bb802448184bfe5164d8d3dd86ddf51b187. 2016-02-07 15:11:34 +01:00
First attemp of api 2011-02-15 12:24:21 +01:00			`require_once('include/api.php');`

oauth: authorize 2011-11-07 17:36:41 +01:00			`function oauth_get_client($request){`
Revert "Updated modules to allow for partial overrides without errors" This reverts commit db949bb802448184bfe5164d8d3dd86ddf51b187. 2016-02-07 15:11:34 +01:00

oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`$params = $request->get_parameters();`
			`$token = $params['oauth_token'];`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00
			$r = q("SELECT `clients`.*
			FROM `clients`, `tokens`
			WHERE `clients`.`client_id`=`tokens`.`client_id`
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
			`dbesc($token));`

			`if (!count($r))`
			`return null;`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`return $r[0];`
			`}`

			`function api_post(&$a) {`
Revert "Updated modules to allow for partial overrides without errors" This reverts commit db949bb802448184bfe5164d8d3dd86ddf51b187. 2016-02-07 15:11:34 +01:00
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`if(! local_user()) {`
			`notice( t('Permission denied.') . EOL);`
			`return;`
			`}`

			`if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) {`
			`notice( t('Permission denied.') . EOL);`
			`return;`
			`}`
Revert "Updated modules to allow for partial overrides without errors" This reverts commit db949bb802448184bfe5164d8d3dd86ddf51b187. 2016-02-07 15:11:34 +01:00
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`}`

First attemp of api 2011-02-15 12:24:21 +01:00			`function api_content(&$a) {`
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`if ($a->cmd=='api/oauth/authorize'){`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00			`/*`
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`* api/oauth/authorize interact with the user. return a standard page`
			`*/`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00
oauth: authorize 2011-11-07 17:36:41 +01:00			`$a->page['template'] = "minimal";`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00

oauth: authorize 2011-11-07 17:36:41 +01:00			`// get consumer/client from request token`
			`try {`
			`$request = OAuthRequest::from_request();`
			`} catch(Exception $e) {`
			`echo "<pre>"; var_dump($e); killme();`
			`}`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00

oauth: authorize 2011-11-07 17:36:41 +01:00			`if (x($_POST,'oauth_yes')){`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00
oauth: authorize 2011-11-07 17:36:41 +01:00			`$app = oauth_get_client($request);`
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`if (is_null($app)) return "Invalid request. Unknown token.";`
oauth: authorize 2011-11-07 17:36:41 +01:00			`$consumer = new OAuthConsumer($app['client_id'], $app['pw'], $app['redirect_uri']);`
oauth: authorize view, wrong verifier. 2011-11-02 09:54:07 +01:00
			`$verifier = md5($app['secret'].local_user());`
oauth: authorize 2011-11-07 17:36:41 +01:00			`set_config("oauth", $verifier, local_user());`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00

oauth: authorize 2011-11-07 17:36:41 +01:00			`if ($consumer->callback_url!=null) {`
			`$params = $request->get_parameters();`
			`$glue="?";`
			`if (strstr($consumer->callback_url,$glue)) $glue="?";`
			`goaway($consumer->callback_url.$glue."oauth_token=".OAuthUtil::urlencode_rfc3986($params['oauth_token'])."&oauth_verifier=".OAuthUtil::urlencode_rfc3986($verifier));`
			`killme();`
			`}`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00


oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`$tpl = get_markup_template("oauth_authorize_done.tpl");`
			`$o = replace_macros($tpl, array(`
			`'$title' => t('Authorize application connection'),`
			`'$info' => t('Return to your app and insert this Securty Code:'),`
oauth: authorize view, wrong verifier. 2011-11-02 09:54:07 +01:00			`'$code' => $verifier,`
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`));`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`return $o;`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00

oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`}`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00

oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`if(! local_user()) {`
reformat todo according to doxygen style 2015-12-25 23:17:34 +01:00			`/// @TODO We need login form to redirect to this page`
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`notice( t('Please login to continue.') . EOL );`
oauth: authorize 2011-11-07 17:36:41 +01:00			`return login(false,$request->get_parameters());`
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`}`
oauth: authorize 2011-11-07 17:36:41 +01:00			`//FKOAuth1::loginUser(4);`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00
oauth: authorize 2011-11-07 17:36:41 +01:00			`$app = oauth_get_client($request);`
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`if (is_null($app)) return "Invalid request. Unknown token.";`
oauth: authorize 2011-11-07 17:36:41 +01:00
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00


oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`$tpl = get_markup_template('oauth_authorize.tpl');`
			`$o = replace_macros($tpl, array(`
			`'$title' => t('Authorize application connection'),`
			`'$app' => $app,`
			`'$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),`
			`'$yes' => t('Yes'),`
			`'$no' => t('No'),`
			`));`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`//echo "<pre>"; var_dump($app); killme();`
New versions of Twidere crashed during posting. 2015-08-17 22:38:05 +02:00
oauthapi: authorize app 2011-10-26 17:15:36 +02:00			`return $o;`
			`}`
API: API is reworked in many parts so that it should be compatible to more statusnet clients then before (like AndStatus) 2013-12-15 23:00:47 +01:00
First attemp of api 2011-02-15 12:24:21 +01:00			`echo api_call($a);`
			`killme();`
			`}`