X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=mod%2Fapi.php;h=e3b5ea3a929e76ff77a687adcad1fbb39a40b7b7;hb=389b7de451eb8e684b48e2c96598f1d12c1465d9;hp=5903caee60c7dfeac28ee5e20ab08437faf494cd;hpb=69e41f7703bff03dc88e7181961a717ae41330c4;p=friendica.git

diff --git a/mod/api.php b/mod/api.php
index 5903caee60..e3b5ea3a92 100644
--- a/mod/api.php
+++ b/mod/api.php
@@ -2,26 +2,21 @@
 
 require_once('include/api.php');
 
-function oauth_get_client(){
-	// get consumer/client from request token
-	try {
-		$request = OAuthRequest::from_request();
-	} catch(Exception $e) {
-		echo "<pre>"; var_dump($e); killme();
-	}
-	
+function oauth_get_client($request){
+
+
 	$params = $request->get_parameters();
 	$token = $params['oauth_token'];
-	
-	$r = q("SELECT `clients`.* 
-			FROM `clients`, `tokens` 
-			WHERE `clients`.`client_id`=`tokens`.`client_id` 
+
+	$r = q("SELECT `clients`.*
+			FROM `clients`, `tokens`
+			WHERE `clients`.`client_id`=`tokens`.`client_id`
 			AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
 			dbesc($token));
 
 	if (!count($r))
 		return null;
-	
+
 	return $r[0];
 }
 
@@ -41,45 +36,67 @@ function api_post(&$a) {
 
 function api_content(&$a) {
 	if ($a->cmd=='api/oauth/authorize'){
-		/* 
+		/*
 		 * api/oauth/authorize interact with the user. return a standard page
 		 */
-		
-		
+
+		$a->page['template'] = "minimal";
+
+
+		// get consumer/client from request token
+		try {
+			$request = OAuthRequest::from_request();
+		} catch(Exception $e) {
+			echo "<pre>"; var_dump($e); killme();
+		}
+
+
 		if (x($_POST,'oauth_yes')){
-		
-		
-			$app = oauth_get_client();
+
+			$app = oauth_get_client($request);
 			if (is_null($app)) return "Invalid request. Unknown token.";
-			$consumer = new OAuthConsumer($app['key'], $app['secret']);
+			$consumer = new OAuthConsumer($app['client_id'], $app['pw'], $app['redirect_uri']);
 
 			$verifier = md5($app['secret'].local_user());
-			set_pconfig(local_user(), "oauth", "verifier", $verifier);
-			
+			set_config("oauth", $verifier, local_user());
+
+
+			if ($consumer->callback_url!=null) {
+				$params = $request->get_parameters();
+				$glue="?";
+				if (strstr($consumer->callback_url,$glue)) $glue="?";
+				goaway($consumer->callback_url.$glue."oauth_token=".OAuthUtil::urlencode_rfc3986($params['oauth_token'])."&oauth_verifier=".OAuthUtil::urlencode_rfc3986($verifier));
+				killme();
+			}
+
+
+
 			$tpl = get_markup_template("oauth_authorize_done.tpl");
 			$o = replace_macros($tpl, array(
 				'$title' => t('Authorize application connection'),
 				'$info' => t('Return to your app and insert this Securty Code:'),
 				'$code' => $verifier,
 			));
-		
+
 			return $o;
-		
-		
+
+
 		}
-	
-		
-		
+
+
 		if(! local_user()) {
 			//TODO: we need login form to redirect to this page
 			notice( t('Please login to continue.') . EOL );
-			return login(false);
+			return login(false,$request->get_parameters());
 		}
-		
-		$app = oauth_get_client();
+		//FKOAuth1::loginUser(4);
+
+		$app = oauth_get_client($request);
 		if (is_null($app)) return "Invalid request. Unknown token.";
-		
-		
+
+
+
+
 		$tpl = get_markup_template('oauth_authorize.tpl');
 		$o = replace_macros($tpl, array(
 			'$title' => t('Authorize application connection'),
@@ -88,15 +105,12 @@ function api_content(&$a) {
 			'$yes'	=> t('Yes'),
 			'$no'	=> t('No'),
 		));
-		
+
 		//echo "<pre>"; var_dump($app); killme();
-		
+
 		return $o;
 	}
-	
+
 	echo api_call($a);
 	killme();
 }
-
-
-