gnu-social/actions/remotesubscribe.php

208 lines
6.8 KiB
PHP
Raw Normal View History

<?php
2009-08-10 21:48:50 +09:00
/**
* Handler for remote subscription
*
* PHP version 5
*
* @category Action
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
* @author Robin Millette <millette@status.net>
2009-08-10 21:48:50 +09:00
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://status.net/
2009-08-10 21:48:50 +09:00
*
2009-08-26 07:14:12 +09:00
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2008, 2009, StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
2009-08-10 21:48:50 +09:00
**/
if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
2009-08-10 21:48:50 +09:00
require_once INSTALLDIR.'/lib/omb.php';
require_once INSTALLDIR.'/extlib/libomb/service_consumer.php';
require_once INSTALLDIR.'/extlib/libomb/profile.php';
2009-08-10 21:48:50 +09:00
/**
* Handler for remote subscription
*
* @category Action
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
* @author Robin Millette <millette@status.net>
2009-08-10 21:48:50 +09:00
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://status.net/
2009-08-10 21:48:50 +09:00
*/
class RemotesubscribeAction extends Action
{
2009-01-23 09:16:36 +09:00
var $nickname;
var $profile_url;
var $err;
2009-01-23 09:16:36 +09:00
function prepare($args)
{
2009-01-23 09:16:36 +09:00
parent::prepare($args);
if (common_logged_in()) {
$this->clientError(_('You can use the local subscription!'));
2009-01-23 09:16:36 +09:00
return false;
}
2009-08-10 21:48:50 +09:00
$this->nickname = $this->trimmed('nickname');
2009-01-23 09:16:36 +09:00
$this->profile_url = $this->trimmed('profile_url');
return true;
}
function handle($args)
{
parent::handle($args);
2009-01-23 09:16:36 +09:00
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
2009-08-10 21:48:50 +09:00
/* Use a session token for CSRF protection. */
$token = $this->trimmed('token');
if (!$token || $token != common_session_token()) {
2009-01-23 09:16:36 +09:00
$this->showForm(_('There was a problem with your session token. '.
'Try again, please.'));
return;
}
2009-01-23 09:16:36 +09:00
$this->remoteSubscription();
} else {
2009-01-23 09:16:36 +09:00
$this->showForm();
}
}
2009-01-23 09:16:36 +09:00
function showForm($err=null)
{
2009-01-23 09:16:36 +09:00
$this->err = $err;
$this->showPage();
}
2009-01-23 09:16:36 +09:00
function showPageNotice()
{
2009-01-23 09:16:36 +09:00
if ($this->err) {
$this->element('div', 'error', $this->err);
} else {
$inst = _('To subscribe, you can [login](%%action.login%%),' .
' or [register](%%action.register%%) a new ' .
' account. If you already have an account ' .
' on a [compatible microblogging site](%%doc.openmublog%%), ' .
' enter your profile URL below.');
2009-01-23 09:16:36 +09:00
$output = common_markup_to_html($inst);
$this->elementStart('div', 'instructions');
$this->raw($output);
2009-01-23 09:16:36 +09:00
$this->elementEnd('div');
}
}
2009-01-23 09:16:36 +09:00
function title()
{
return _('Remote subscribe');
}
function showContent()
{
2009-08-10 21:48:50 +09:00
/* The id 'remotesubscribe' conflicts with the
button on profile page. */
2009-01-23 14:23:28 +09:00
$this->elementStart('form', array('id' => 'form_remote_subscribe',
'method' => 'post',
'class' => 'form_settings',
'action' => common_local_url('remotesubscribe')));
$this->elementStart('fieldset');
2009-04-02 19:10:32 +09:00
$this->element('legend', _('Subscribe to a remote user'));
$this->hidden('token', common_session_token());
2009-01-23 14:23:28 +09:00
$this->elementStart('ul', 'form_data');
$this->elementStart('li');
2009-01-23 09:16:36 +09:00
$this->input('nickname', _('User nickname'), $this->nickname,
_('Nickname of the user you want to follow'));
2009-01-23 14:23:28 +09:00
$this->elementEnd('li');
$this->elementStart('li');
2009-01-23 09:16:36 +09:00
$this->input('profile_url', _('Profile URL'), $this->profile_url,
_('URL of your profile on another compatible microblogging service'));
2009-01-23 14:23:28 +09:00
$this->elementEnd('li');
$this->elementEnd('ul');
$this->submit('submit', _('Subscribe'));
2009-01-23 14:23:28 +09:00
$this->elementEnd('fieldset');
$this->elementEnd('form');
}
2009-01-23 09:16:36 +09:00
function remoteSubscription()
{
2009-08-10 21:48:50 +09:00
if (!$this->nickname) {
2009-01-23 09:16:36 +09:00
$this->showForm(_('No such user.'));
return;
}
2009-08-10 21:48:50 +09:00
$user = User::staticGet('nickname', $this->nickname);
2009-01-23 09:16:36 +09:00
$this->profile_url = $this->trimmed('profile_url');
2009-01-23 09:16:36 +09:00
if (!$this->profile_url) {
2009-11-09 07:10:44 +09:00
$this->showForm(_('No such user.'));
return;
}
if (!common_valid_http_url($this->profile_url)) {
2009-01-23 09:16:36 +09:00
$this->showForm(_('Invalid profile URL (bad format)'));
return;
}
2009-08-10 21:48:50 +09:00
try {
$service = new OMB_Service_Consumer($this->profile_url,
common_root_url(),
omb_oauth_datastore());
} catch (OMB_InvalidYadisException $e) {
$this->showForm(_('Not a valid profile URL (no YADIS document or ' .
'no or invalid XRDS defined).'));
return;
}
2009-08-10 21:48:50 +09:00
if ($service->getServiceURI(OAUTH_ENDPOINT_REQUEST) ==
common_local_url('requesttoken') ||
User::staticGet('uri', $service->getRemoteUserURI())) {
$this->showForm(_('Thats a local profile! Login to subscribe.'));
return;
}
2009-08-10 21:48:50 +09:00
try {
$service->requestToken();
} catch (OMB_RemoteServiceException $e) {
$this->showForm(_('Couldnt get a request token.'));
return;
}
2009-08-10 21:48:50 +09:00
/* Create an OMB_Profile from $user. */
$profile = $user->getProfile();
if (!$profile) {
common_log_db_error($user, 'SELECT', __FILE__);
$this->serverError(_('User without matching profile'));
return;
}
2009-08-10 21:48:50 +09:00
$target_url = $service->requestAuthorization(
profile_to_omb_profile($user->uri, $profile),
common_local_url('finishremotesubscribe'));
common_ensure_session();
2009-08-10 21:48:50 +09:00
$_SESSION['oauth_authorization_request'] = serialize($service);
2009-08-10 21:48:50 +09:00
/* Redirect to the remote service for authorization. */
common_redirect($target_url, 303);
}
}
2009-08-10 21:48:50 +09:00
?>