use Friendica\Object\Image;
use Friendica\Protocol\Activity;
use Friendica\Protocol\Diaspora;
-use Friendica\Security\FKOAuth1;
use Friendica\Security\OAuth;
-use Friendica\Security\OAuth1\OAuthRequest;
-use Friendica\Security\OAuth1\OAuthUtil;
use Friendica\Util\DateTimeFormat;
use Friendica\Util\Images;
use Friendica\Util\Network;
}
/**
- * Log in user via OAuth1 or Simple HTTP Auth.
+ * Log in user via Simple HTTP Auth.
* Simple Auth allow username in form of <pre>user@server</pre>, ignoring server part
*
* @param App $a App
}
if (empty($_SERVER['PHP_AUTH_USER'])) {
- // Try OAuth when no user is provided
- $oauth1 = new FKOAuth1();
- // login with oauth
- try {
- $request = OAuthRequest::from_request();
- list($consumer, $token) = $oauth1->verify_request($request);
- if (!is_null($token)) {
- $oauth1->loginUser($token->uid);
- Session::set('allow_api', true);
- return;
- }
- echo __FILE__.__LINE__.__FUNCTION__ . "<pre>";
- var_dump($consumer, $token);
- die();
- } catch (Exception $e) {
- Logger::warning(API_LOG_PREFIX . 'OAuth error', ['module' => 'api', 'action' => 'login', 'exception' => $e->getMessage()]);
- }
-
Logger::debug(API_LOG_PREFIX . 'failed', ['module' => 'api', 'action' => 'login', 'parameters' => $_SERVER]);
header('WWW-Authenticate: Basic realm="Friendica"');
throw new UnauthorizedException("This API requires login");
api_register_func('api/direct_messages/sent', 'api_direct_messages_sentbox', true);
api_register_func('api/direct_messages', 'api_direct_messages_inbox', true);
-/**
- * Returns an OAuth Request Token.
- *
- * @see https://oauth.net/core/1.0/#auth_step1
- */
-function api_oauth_request_token()
-{
- $oauth1 = new FKOAuth1();
- try {
- $r = $oauth1->fetch_request_token(OAuthRequest::from_request());
- } catch (Exception $e) {
- echo "error=" . OAuthUtil::urlencode_rfc3986($e->getMessage());
- exit();
- }
- echo $r;
- exit();
-}
-
-/**
- * Returns an OAuth Access Token.
- *
- * @return array|string
- * @see https://oauth.net/core/1.0/#auth_step3
- */
-function api_oauth_access_token()
-{
- $oauth1 = new FKOAuth1();
- try {
- $r = $oauth1->fetch_access_token(OAuthRequest::from_request());
- } catch (Exception $e) {
- echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage());
- exit();
- }
- echo $r;
- exit();
-}
-
-/// @TODO move to top of file or somewhere better
-api_register_func('api/oauth/request_token', 'api_oauth_request_token', false);
-api_register_func('api/oauth/access_token', 'api_oauth_access_token', false);
-
-
/**
* delete a complete photoalbum with all containing photos from database through api
*
return $data;
}
-
-/**
- * Similar as /mod/redir.php
- * redirect to 'url' after dfrn auth
- *
- * Why this when there is mod/redir.php already?
- * This use api_user() and api_login()
- *
- * params
- * c_url: url of remote contact to auth to
- * url: string, url to redirect after auth
- */
-function api_friendica_remoteauth()
-{
- $url = $_GET['url'] ?? '';
- $c_url = $_GET['c_url'] ?? '';
-
- if ($url === '' || $c_url === '') {
- throw new BadRequestException("Wrong parameters.");
- }
-
- $c_url = Strings::normaliseLink($c_url);
-
- // traditional DFRN
-
- $contact = DBA::selectFirst('contact', [], ['uid' => api_user(), 'nurl' => $c_url]);
- if (!DBA::isResult($contact)) {
- throw new BadRequestException("Unknown contact");
- }
-
- $cid = $contact['id'];
-
- $dfrn_id = $contact['issued-id'] ?: $contact['dfrn-id'];
-
- if (($contact['network'] !== Protocol::DFRN) || empty($dfrn_id)) {
- System::externalRedirect($url ?: $c_url);
- }
-
- if ($contact['duplex'] && $contact['issued-id']) {
- $orig_id = $contact['issued-id'];
- $dfrn_id = '1:' . $orig_id;
- }
- if ($contact['duplex'] && $contact['dfrn-id']) {
- $orig_id = $contact['dfrn-id'];
- $dfrn_id = '0:' . $orig_id;
- }
-
- $sec = Strings::getRandomHex();
-
- $fields = ['uid' => api_user(), 'cid' => $cid, 'dfrn_id' => $dfrn_id,
- 'sec' => $sec, 'expire' => time() + 45];
- DBA::insert('profile_check', $fields);
-
- Logger::info(API_LOG_PREFIX . 'for contact {contact}', ['module' => 'api', 'action' => 'friendica_remoteauth', 'contact' => $contact['name'], 'hey' => $sec]);
- $dest = ($url ? '&destination_url=' . $url : '');
-
- System::externalRedirect(
- $contact['poll'] . '?dfrn_id=' . $dfrn_id
- . '&dfrn_version=' . DFRN_PROTOCOL_VERSION
- . '&type=profile&sec=' . $sec . $dest
- );
-}
-api_register_func('api/friendica/remoteauth', 'api_friendica_remoteauth', true);
-
/**
* Return an item with announcer data if it had been announced
*