Merge remote-tracking branch 'upstream/master' into social-master

[quix0rs-gnu-social.git] / actions / apioauthaccesstoken.php

diff --git a/actions/apioauthaccesstoken.php b/actions/apioauthaccesstoken.php
index 663a7a2bb6388165b7e227025a4f1c66f539a24a..20802466073f2cfc275327d4236d4fca5d0a2c00 100644 (file)
--- a/actions/apioauthaccesstoken.php
+++ b/actions/apioauthaccesstoken.php
@@ -28,11 +28,7 @@
  * @link      http://status.net/
  */
 
-if (!defined('STATUSNET')) {
-    exit(1);
-}
-
-require_once INSTALLDIR . '/lib/apioauth.php';
+if (!defined('GNUSOCIAL')) { exit(1); }
 
 /**
  * Action for getting OAuth token credentials (exchange an authorized
@@ -44,8 +40,7 @@ require_once INSTALLDIR . '/lib/apioauth.php';
  * @license  http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  * @link     http://status.net/
  */
-
-class ApiOauthAccessTokenAction extends ApiOauthAction
+class ApiOAuthAccessTokenAction extends ApiOAuthAction
 {
     protected $reqToken = null;
     protected $verifier = null;
@@ -57,31 +52,30 @@ class ApiOauthAccessTokenAction extends ApiOauthAction
      *
      * @return void
      */
-    function handle($args)
+    function handle(array $args=array())
     {
         parent::handle($args);
 
-        $datastore   = new ApiStatusNetOAuthDataStore();
+        $datastore   = new ApiGNUsocialOAuthDataStore();
         $server      = new OAuthServer($datastore);
         $hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
 
         $server->add_signature_method($hmac_method);
 
-        $atok = null;
+        $atok = $app = null;
 
         // XXX: Insist that oauth_token and oauth_verifier be populated?
         // Spec doesn't say they MUST be.
 
         try {
-
             $req  = OAuthRequest::from_request();
 
             $this->reqToken = $req->get_parameter('oauth_token');
             $this->verifier = $req->get_parameter('oauth_verifier');
 
+            $app  = $datastore->getAppByRequestToken($this->reqToken);
             $atok = $server->fetch_access_token($req);
-
-        } catch (OAuthException $e) {
+        } catch (Exception $e) {
             common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage());
             common_debug(var_export($req, true));
             $code = $e->getCode();
@@ -89,25 +83,28 @@ class ApiOauthAccessTokenAction extends ApiOauthAction
         }
 
         if (empty($atok)) {
-
             // Token exchange failed -- log it
 
-            list($proxy, $ip) = common_client_ip();
-
             $msg = sprintf(
-                'API OAuth - Failure exchanging request token for access token, '
-                    . 'request token = %s, verifier = %s, IP = %s, proxy = %s',
+                'API OAuth - Failure exchanging OAuth request token for access token, '
+                    . 'request token = %s, verifier = %s',
                 $this->reqToken,
-                $this->verifier,
-                $ip,
-                $proxy
+                $this->verifier
             );
 
             common_log(LOG_WARNING, $msg);
-
-            $this->clientError(_("Invalid request token or verifier.", 400, 'text'));
-
+            // TRANS: Client error given from the OAuth API when the request token or verifier is invalid.
+            $this->clientError(_('Invalid request token or verifier.'), 400, 'text');
         } else {
+            common_log(
+                LOG_INFO,
+                sprintf(
+                    "Issued access token '%s' for application %d (%s).",
+                    $atok->key,
+                    $app->id,
+                    $app->name
+                )
+            );
             $this->showAccessToken($atok);
         }
     }
@@ -117,7 +114,6 @@ class ApiOauthAccessTokenAction extends ApiOauthAction
      *
      * @param OAuthToken token the access token
      */
-
     function showAccessToken($token)
     {
         header('Content-Type: application/x-www-form-urlencoded');