oauthapi: authorize app

diff --git a/include/api.php b/include/api.php
index 252caeb8e2886e3e9b7e607678b82fc7129c2ba5..2de965681cc1bc3ec5a393c6664d9968b4a46430 100644 (file)
--- a/include/api.php
+++ b/include/api.php
@@ -1158,9 +1158,8 @@
                echo "oauth_token=".$r->key."&oauth_secret=".$r->secret;
                killme();                       
        }
-       function api_oauth_authorize(&$a, $type){
-       }
+
        api_register_func('api/oauth/request_token', 'api_oauth_request_token', false);
        api_register_func('api/oauth/access_token', 'api_oauth_access_token', false);
-       api_register_func('api/oauth/authorize', 'api_oauth_authorize', false);
+
 

diff --git a/include/oauth.php b/include/oauth.php
index 63d5fcd92aa7fca13319c2c220c4cd5ad907c8f5..5061724915bea86e3b1f781ce83c0bd232522895 100644 (file)
--- a/include/oauth.php
+++ b/include/oauth.php
@@ -101,6 +101,7 @@ class FKOAuth1 extends OAuthServer {
        function __construct() {
                parent::__construct(new FKOAuthDataStore());
                $this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
+               $this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
        }
 }
 

diff --git a/library/OAuth1.php b/library/OAuth1.php
index 67a94c4790b0648888ad630563c1284987faebef..604945265f6f569c9dc3b7fdf24858c59762bfe2 100644 (file)
--- a/library/OAuth1.php
+++ b/library/OAuth1.php
@@ -85,7 +85,8 @@ abstract class OAuthSignatureMethod {
    */
   public function check_signature($request, $consumer, $token, $signature) {
     $built = $this->build_signature($request, $consumer, $token);
-    return $built == $signature;
+    //echo "<pre>"; var_dump($signature, $built, ($built == $signature)); killme();
+    return ($built == $signature);
   }
 }
 
@@ -113,7 +114,9 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
     $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
     $key = implode('&', $key_parts);
 
-    return base64_encode(hash_hmac('sha1', $base_string, $key, true));
+
+    $r = base64_encode(hash_hmac('sha1', $base_string, $key, true));
+    return $r;
   }
 }
 
@@ -282,7 +285,12 @@ class OAuthRequest {
       }
 
     }
-
+    // fix for friendika redirect system
+    
+    $http_url =  substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q']));
+    unset( $parameters['q'] );
+    
+       //echo "<pre>".__function__."\n"; var_dump($http_method, $http_url, $parameters, $_SERVER['REQUEST_URI']); killme();
     return new OAuthRequest($http_method, $http_url, $parameters);
   }
 
@@ -642,6 +650,7 @@ class OAuthServer {
       $token,
       $signature
     );
+       
 
     if (!$valid_sig) {
       throw new OAuthException("Invalid signature");

diff --git a/mod/api.php b/mod/api.php
index fa5e43de981e5877ad74c41e0e351e60762414b2..bc5de03401bfba391848b9447acaafae872270b7 100644 (file)
--- a/mod/api.php
+++ b/mod/api.php
@@ -2,7 +2,101 @@
 
 require_once('include/api.php');
 
+function oauth_get_client(){
+       // get consumer/client from request token
+       try {
+               $request = OAuthRequest::from_request();
+       } catch(Exception $e) {
+               echo "<pre>"; var_dump($e); killme();
+       }
+       
+       $params = $request->get_parameters();
+       $token = $params['oauth_token'];
+       
+       $r = q("SELECT `clients`.* 
+                       FROM `clients`, `tokens` 
+                       WHERE `clients`.`client_id`=`tokens`.`client_id` 
+                       AND `tokens`.`id`='%s' AND `tokens`.`scope`='request'",
+                       dbesc($token));
+
+       if (!count($r))
+               return null;
+       
+       return $r[0];
+}
+
+function api_post(&$a) {
+
+       if(! local_user()) {
+               notice( t('Permission denied.') . EOL);
+               return;
+       }
+
+       if(count($a->user) && x($a->user,'uid') && $a->user['uid'] != local_user()) {
+               notice( t('Permission denied.') . EOL);
+               return;
+       }
+
+}
+
 function api_content(&$a) {
+       if ($a->cmd=='api/oauth/authorize'){
+               /* 
+                * api/oauth/authorize interact with the user. return a standard page
+                */
+               
+               
+               if (x($_POST,'oauth_yes')){
+               
+               
+                       $app = oauth_get_client();
+                       if (is_null($app)) return "Invalid request. Unknown token.";
+                       $consumer = new OAuthConsumer($app['key'], $app['secret']);
+                       
+                       // Rev A change
+                       $request = OAuthRequest::from_request();
+                       $callback = $request->get_parameter('oauth_callback');
+                       $datastore = new FKOAuthDataStore();
+                       $new_token = $datastore->new_request_token($consumer, $callback);
+                       
+                       $tpl = get_markup_template("oauth_authorize_done.tpl");
+                       $o = replace_macros($tpl, array(
+                               '$title' => t('Authorize application connection'),
+                               '$info' => t('Return to your app and insert this Securty Code:'),
+                               '$code' => $new_token->key,
+                       ));
+               
+                       return $o;
+               
+               
+               }
+       
+               
+               
+               if(! local_user()) {
+                       //TODO: we need login form to redirect to this page
+                       notice( t('Please login to continue.') . EOL );
+                       return login(false);
+               }
+               
+               $app = oauth_get_client();
+               if (is_null($app)) return "Invalid request. Unknown token.";
+               
+               
+               $tpl = get_markup_template('oauth_authorize.tpl');
+               $o = replace_macros($tpl, array(
+                       '$title' => t('Authorize application connection'),
+                       '$app' => $app,
+                       '$authorize' => t('Do you want to authorize this application to access your posts and contacts, and/or create new posts for you?'),
+                       '$yes'  => t('Yes'),
+                       '$no'   => t('No'),
+               ));
+               
+               //echo "<pre>"; var_dump($app); killme();
+               
+               return $o;
+       }
+       
        echo api_call($a);
        killme();
 }

diff --git a/mod/settings.php b/mod/settings.php
index 84f66d263d875f331254dea8b93938b3f17ef05c..da2b57cd57958e056946c7f373ee5b7bdc4e5a44 100644 (file)
--- a/mod/settings.php
+++ b/mod/settings.php
@@ -339,6 +339,11 @@ function settings_content(&$a) {
                        'url'   => $a->get_baseurl().'/settings/addon',
                        'sel'   => (($a->argc > 1) && ($a->argv[1] === 'addon')?'active':''),
                ),
+               array(
+                       'label' => t('Connections'),
+                       'url' => $a->get_baseurl() . '/settings/oauth',
+                       'sel' => (($a->argc > 1) && ($a->argv[1] === 'oauth')?'active':''),
+               ),
                array(
                        'label' => t('Export personal data'),
                        'url' => $a->get_baseurl() . '/uexport',
@@ -351,8 +356,17 @@ function settings_content(&$a) {
                '$tabs' => $tabs,
        ));
                
-       
-
+       if(($a->argc > 1) && ($a->argv[1] === 'oauth')) {
+               
+               $tpl = get_markup_template("settings_oauth.tpl");
+               $o .= replace_macros($tpl, array(
+                       '$title'        => t('Connected Apps'),
+                       '$tabs'         => $tabs,
+                       '$settings_addons' => $settings_addons
+               ));
+               return $o;
+               
+       }
        if(($a->argc > 1) && ($a->argv[1] === 'addon')) {
                $settings_addons = "";