return $application;
}
+ public static function existsTokenForUser(array $application, int $uid)
+ {
+ return DBA::exists('application-token', ['application-id' => $application['id'], 'uid' => $uid]);
+ }
+
public static function getTokenForUser(array $application, int $uid)
+ {
+ return DBA::selectFirst('application-token', [], ['application-id' => $application['id'], 'uid' => $uid]);
+ }
+
+ public static function createTokenForUser(array $application, int $uid)
{
$code = bin2hex(random_bytes(32));
$access_token = bin2hex(random_bytes(32));
return DBA::selectFirst('application-token', [], ['application-id' => $application['id'], 'uid' => $uid]);
}
+
/**
* Get user info array.
*
--- /dev/null
+<?php
+/**
+ * @copyright Copyright (C) 2010-2021, the Friendica project
+ *
+ * @license GNU AGPL version 3 or any later version
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as
+ * published by the Free Software Foundation, either version 3 of the
+ * License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ *
+ */
+
+namespace Friendica\Module\OAuth;
+
+use Friendica\Core\Logger;
+use Friendica\Core\Renderer;
+use Friendica\DI;
+use Friendica\Module\BaseApi;
+
+/**
+ * Dummy class for all currently unimplemented endpoints
+ */
+class Acknowledge extends BaseApi
+{
+ public static function post(array $parameters = [])
+ {
+ DI::session()->set('oauth_acknowledge', true);
+ DI::app()->redirect(DI::session()->get('return_path'));
+ }
+
+ public static function content(array $parameters = [])
+ {
+ DI::session()->set('return_path', $_REQUEST['return_path'] ?? '');
+
+ $tpl = Renderer::getMarkupTemplate('oauth_authorize.tpl');
+ $o = Renderer::replaceMacros($tpl, [
+ '$title' => DI::l10n()->t('Authorize application connection'),
+ '$app' => ['name' => $_REQUEST['application'] ?? ''],
+ '$authorize' => DI::l10n()->t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
+ '$yes' => DI::l10n()->t('Yes'),
+ '$no' => DI::l10n()->t('No'),
+ ]);
+
+ return $o;
+ }
+}
DI::mstdnError()->RecordNotFound();
}
+ $request = $_REQUEST;
+ unset($request['pagename']);
+ $redirect = urlencode('oauth/authorize?' . http_build_query($request));
+
$uid = local_user();
if (empty($uid)) {
Logger::info('Redirect to login');
- $request = $_REQUEST;
- unset($request['pagename']);
- DI::app()->redirect('login?return_path=' . urlencode('/oauth/authorize?' . http_build_query($request)));
+ DI::app()->redirect('login?return_path=' . $redirect);
} else {
Logger::info('Already logged in user', ['uid' => $uid]);
}
- $token = self::getTokenForUser($application, $uid);
+ if (!self::existsTokenForUser($application, $uid) && !DI::session()->get('oauth_acknowledge')) {
+ Logger::info('Redirect to acknowledge');
+ DI::app()->redirect('oauth/acknowledge?return_path=' . $redirect);
+ }
+
+ $token = self::createTokenForUser($application, $uid);
if (!$token) {
DI::mstdnError()->RecordNotFound();
}
'/mark/all' => [Module\Notifications\Notification::class, [R::GET]],
'/{id:\d+}' => [Module\Notifications\Notification::class, [R::GET, R::POST]],
],
- '/oauth/authorize' => [Module\OAuth\Authorize::class, [R::GET]],
- '/oauth/revoke' => [Module\OAuth\Revoke::class, [R::POST]],
- '/oauth/token' => [Module\OAuth\Token::class, [R::POST]],
+
+ '/oauth' => [
+ '/acknowledge' => [Module\OAuth\Acknowledge::class, [R::GET, R::POST]],
+ '/authorize' => [Module\OAuth\Authorize::class, [R::GET]],
+ '/revoke' => [Module\OAuth\Revoke::class, [R::POST]],
+ '/token' => [Module\OAuth\Token::class, [R::POST]],
+ ],
+
'/objects/{guid}[/{activity}]' => [Module\Objects::class, [R::GET]],
'/oembed' => [
projects / friendica.git / commitdiff