- $callback = $params['oauth_callback'];
-
- if ($this->arg('accept')) {
- if (!$this->authorizeToken($params)) {
- $this->clientError(_('Error authorizing token'));
- }
- if (!$this->saveRemoteProfile($params)) {
- $this->clientError(_('Error saving remote profile'));
- }
- if (!$callback) {
- $this->showAcceptMessage($params['oauth_token']);
- } else {
- $newparams = array();
- $newparams['oauth_token'] = $params['oauth_token'];
- $newparams['omb_version'] = OMB_VERSION_01;
- $user = User::staticGet('uri', $params['omb_listener']);
- $profile = $user->getProfile();
- if (!$profile) {
- common_log_db_error($user, 'SELECT', __FILE__);
- $this->serverError(_('User without matching profile'));
- return;
- }
- $newparams['omb_listener_nickname'] = $user->nickname;
- $newparams['omb_listener_profile'] = common_local_url('showstream',
- array('nickname' => $user->nickname));
- if (!is_null($profile->fullname)) {
- $newparams['omb_listener_fullname'] = $profile->fullname;
- }
- if (!is_null($profile->homepage)) {
- $newparams['omb_listener_homepage'] = $profile->homepage;
- }
- if (!is_null($profile->bio)) {
- $newparams['omb_listener_bio'] = $profile->bio;
- }
- if (!is_null($profile->location)) {
- $newparams['omb_listener_location'] = $profile->location;
- }
- $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
- if ($avatar) {
- $newparams['omb_listener_avatar'] = $avatar->url;
- }
- $parts = array();
- foreach ($newparams as $k => $v) {
- $parts[] = $k . '=' . OAuthUtil::urlencode_rfc3986($v);
- }
- $query_string = implode('&', $parts);
- $parsed = parse_url($callback);
- $url = $callback . (($parsed['query']) ? '&' : '?') . $query_string;
- common_redirect($url, 303);
- }
- } else {
- if (!$callback) {
- $this->showRejectMessage();
- } else {
- # XXX: not 100% sure how to signal failure... just redirect without token?
- common_redirect($callback, 303);
- }
- }
- }
-
- function authorizeToken(&$params)
- {
- $token_field = $params['oauth_token'];
- $rt = new Token();
- $rt->tok = $token_field;
- $rt->type = 0;
- $rt->state = 0;
- if ($rt->find(true)) {
- $orig_rt = clone($rt);
- $rt->state = 1; # Authorized but not used
- if ($rt->update($orig_rt)) {
- return true;
- }
- }
- return false;
- }
-
- # XXX: refactor with similar code in finishremotesubscribe.php
-
- function saveRemoteProfile(&$params)
- {
- # FIXME: we should really do this when the consumer comes
- # back for an access token. If they never do, we've got stuff in a
- # weird state.
-
- $nickname = $params['omb_listenee_nickname'];
- $fullname = $params['omb_listenee_fullname'];
- $profile_url = $params['omb_listenee_profile'];
- $homepage = $params['omb_listenee_homepage'];
- $bio = $params['omb_listenee_bio'];
- $location = $params['omb_listenee_location'];
- $avatar_url = $params['omb_listenee_avatar'];
-
- $listenee = $params['omb_listenee'];
- $remote = Remote_profile::staticGet('uri', $listenee);
-
- if ($remote) {
- $exists = true;
- $profile = Profile::staticGet($remote->id);
- $orig_remote = clone($remote);
- $orig_profile = clone($profile);
- } else {
- $exists = false;
- $remote = new Remote_profile();
- $remote->uri = $listenee;
- $profile = new Profile();
- }
-
- $profile->nickname = $nickname;
- $profile->profileurl = $profile_url;
-
- if (!is_null($fullname)) {
- $profile->fullname = $fullname;
- }
- if (!is_null($homepage)) {
- $profile->homepage = $homepage;
- }
- if (!is_null($bio)) {
- $profile->bio = $bio;
- }
- if (!is_null($location)) {
- $profile->location = $location;
- }
-
- if ($exists) {
- $profile->update($orig_profile);
- } else {
- $profile->created = DB_DataObject_Cast::dateTime(); # current time
- $id = $profile->insert();
- if (!$id) {
- return false;
- }
- $remote->id = $id;