3 require_once('include/api.php');
5 function oauth_get_client($request){
8 $params = $request->get_parameters();
9 $token = $params['oauth_token'];
11 $r = q("SELECT `clients`.*
12 FROM `clients`, `tokens`
13 WHERE `clients`.`client_id`=`tokens`.`client_id`
14 AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
23 function api_post(&$a) {
26 notice( t('Permission denied.') . EOL);
30 if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) {
31 notice( t('Permission denied.') . EOL);
37 function api_content(&$a) {
38 if ($a->cmd=='api/oauth/authorize'){
40 * api/oauth/authorize interact with the user. return a standard page
43 $a->page['template'] = "minimal";
46 // get consumer/client from request token
48 $request = OAuthRequest::from_request();
49 } catch(Exception $e) {
50 echo "<pre>"; var_dump($e); killme();
54 if (x($_POST,'oauth_yes')){
56 $app = oauth_get_client($request);
57 if (is_null($app)) return "Invalid request. Unknown token.";
58 $consumer = new OAuthConsumer($app['client_id'], $app['pw'], $app['redirect_uri']);
60 $verifier = md5($app['secret'].local_user());
61 set_config("oauth", $verifier, local_user());
64 if ($consumer->callback_url!=null) {
65 $params = $request->get_parameters();
67 if (strstr($consumer->callback_url,$glue)) $glue="?";
68 goaway($consumer->callback_url.$glue."oauth_token=".OAuthUtil::urlencode_rfc3986($params['oauth_token'])."&oauth_verifier=".OAuthUtil::urlencode_rfc3986($verifier));
74 $tpl = get_markup_template("oauth_authorize_done.tpl");
75 $o = replace_macros($tpl, array(
76 '$title' => t('Authorize application connection'),
77 '$info' => t('Return to your app and insert this Securty Code:'),
88 //TODO: we need login form to redirect to this page
89 notice( t('Please login to continue.') . EOL );
90 return login(false,$request->get_parameters());
92 //FKOAuth1::loginUser(4);
94 $app = oauth_get_client($request);
95 if (is_null($app)) return "Invalid request. Unknown token.";
100 $tpl = get_markup_template('oauth_authorize.tpl');
101 $o = replace_macros($tpl, array(
102 '$title' => t('Authorize application connection'),
104 '$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
109 //echo "<pre>"; var_dump($app); killme();