2010-01-08 06:19:21 +09:00
< ? php
/**
* StatusNet , the distributed open - source microblogging tool
*
* Authorize an OAuth request token
*
* PHP version 5
*
* LICENCE : This program is free software : you can redistribute it and / or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation , either version 3 of the License , or
* ( at your option ) any later version .
*
* This program is distributed in the hope that it will be useful ,
* but WITHOUT ANY WARRANTY ; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
* GNU Affero General Public License for more details .
*
* You should have received a copy of the GNU Affero General Public License
* along with this program . If not , see < http :// www . gnu . org / licenses />.
*
* @ category API
* @ package StatusNet
* @ author Zach Copley < zach @ status . net >
* @ copyright 2010 StatusNet , Inc .
* @ license http :// www . fsf . org / licensing / licenses / agpl - 3.0 . html GNU Affero General Public License version 3.0
* @ link http :// status . net /
*/
if ( ! defined ( 'STATUSNET' )) {
exit ( 1 );
}
2010-01-13 14:06:35 +09:00
require_once INSTALLDIR . '/lib/apioauth.php' ;
2010-10-07 11:20:47 +09:00
require_once INSTALLDIR . '/lib/info.php' ;
2010-01-08 06:19:21 +09:00
/**
2010-10-22 05:00:03 +09:00
* Authorize an Oputh request token
2010-01-08 06:19:21 +09:00
*
* @ category API
* @ package StatusNet
* @ author Zach Copley < zach @ status . net >
* @ license http :// www . fsf . org / licensing / licenses / agpl - 3.0 . html GNU Affero General Public License version 3.0
* @ link http :// status . net /
*/
2010-10-22 06:45:42 +09:00
class ApiOauthAuthorizeAction extends Action
2010-01-08 06:19:21 +09:00
{
2010-10-07 11:20:47 +09:00
var $oauthTokenParam ;
var $reqToken ;
2010-01-11 14:35:46 +09:00
var $callback ;
var $app ;
var $nickname ;
var $password ;
var $store ;
/**
* Is this a read - only action ?
*
* @ return boolean false
*/
function isReadOnly ( $args )
{
return false ;
}
function prepare ( $args )
{
parent :: prepare ( $args );
2010-10-22 04:23:04 +09:00
$this -> nickname = $this -> trimmed ( 'nickname' );
$this -> password = $this -> arg ( 'password' );
$this -> oauthTokenParam = $this -> arg ( 'oauth_token' );
$this -> mode = $this -> arg ( 'mode' );
$this -> store = new ApiStatusNetOAuthDataStore ();
2010-10-07 11:20:47 +09:00
try {
$this -> app = $this -> store -> getAppByRequestToken ( $this -> oauthTokenParam );
} catch ( Exception $e ) {
$this -> clientError ( $e -> getMessage ());
}
2010-01-11 14:35:46 +09:00
return true ;
}
/**
* Handle input , produce output
*
* Switches on request method ; either shows the form or handles its input .
*
* @ param array $args $_REQUEST data
*
* @ return void
*/
function handle ( $args )
{
parent :: handle ( $args );
if ( $_SERVER [ 'REQUEST_METHOD' ] == 'POST' ) {
$this -> handlePost ();
} else {
2010-10-07 11:20:47 +09:00
// Make sure a oauth_token parameter was provided
if ( empty ( $this -> oauthTokenParam )) {
2010-10-21 02:34:27 +09:00
// TRANS: Client error given when no oauth_token was passed to the OAuth API.
2010-02-02 16:35:54 +09:00
$this -> clientError ( _ ( 'No oauth_token parameter provided.' ));
2010-10-07 11:20:47 +09:00
} else {
// Check to make sure the token exists
$this -> reqToken = $this -> store -> getTokenByKey ( $this -> oauthTokenParam );
if ( empty ( $this -> reqToken )) {
2010-10-21 02:34:27 +09:00
// TRANS: Client error given when an invalid request token was passed to the OAuth API.
2010-10-20 04:07:59 +09:00
$this -> clientError ( _ ( 'Invalid request token.' ));
2010-10-07 11:20:47 +09:00
} else {
// Check to make sure we haven't already authorized the token
if ( $this -> reqToken -> state != 0 ) {
2010-10-21 02:34:27 +09:00
// TRANS: Client error given when an invalid request token was passed to the OAuth API.
2010-10-22 05:00:03 +09:00
$this -> clientError ( _ ( 'Request token already authorized.' ));
2010-10-07 11:20:47 +09:00
}
}
2010-01-11 14:35:46 +09:00
}
2010-10-07 11:20:47 +09:00
// make sure there's an app associated with this token
2010-01-13 20:31:15 +09:00
if ( empty ( $this -> app )) {
2010-10-21 02:34:27 +09:00
// TRANS: Client error given when an invalid request token was passed to the OAuth API.
2010-10-07 11:20:47 +09:00
$this -> clientError ( _ ( 'Invalid request token.' ));
2010-01-11 14:35:46 +09:00
}
2010-01-13 14:06:35 +09:00
$name = $this -> app -> name ;
2010-01-11 14:35:46 +09:00
$this -> showForm ();
}
}
function handlePost ()
{
2010-01-11 16:03:30 +09:00
// check session token for CSRF protection.
2010-01-11 14:35:46 +09:00
$token = $this -> trimmed ( 'token' );
if ( ! $token || $token != common_session_token ()) {
2010-10-07 11:20:47 +09:00
$this -> showForm (
2010-10-28 08:19:04 +09:00
// TRANS: Form validation error in API OAuth authorisation because of an invalid session token.
2010-10-07 11:20:47 +09:00
_ ( 'There was a problem with your session token. Try again, please.' ));
2010-01-11 14:35:46 +09:00
return ;
}
// check creds
2010-01-13 14:06:35 +09:00
$user = null ;
2010-01-11 16:03:30 +09:00
2010-01-11 14:35:46 +09:00
if ( ! common_logged_in ()) {
2010-10-07 11:20:47 +09:00
// XXX Force credentials check?
2010-10-21 07:59:27 +09:00
// @fixme this should probably use a unified login form handler
$user = null ;
if ( Event :: handle ( 'StartOAuthLoginCheck' , array ( $this , & $user ))) {
$user = common_check_user ( $this -> nickname , $this -> password );
}
Event :: handle ( 'EndOAuthLoginCheck' , array ( $this , & $user ));
2010-10-07 11:20:47 +09:00
2010-01-11 14:35:46 +09:00
if ( empty ( $user )) {
2010-10-21 02:34:27 +09:00
// TRANS: Form validation error given when an invalid username and/or password was passed to the OAuth API.
2010-01-11 14:35:46 +09:00
$this -> showForm ( _ ( " Invalid nickname / password! " ));
return ;
}
2010-01-11 16:03:30 +09:00
} else {
2010-01-13 14:06:35 +09:00
$user = common_current_user ();
}
2010-01-11 14:35:46 +09:00
2010-10-22 09:11:59 +09:00
// fetch the token
$this -> reqToken = $this -> store -> getTokenByKey ( $this -> oauthTokenParam );
assert ( ! empty ( $this -> reqToken ));
2010-01-11 14:35:46 +09:00
2010-10-22 09:11:59 +09:00
if ( $this -> arg ( 'allow' )) {
2010-10-07 11:20:47 +09:00
// mark the req token as authorized
try {
$this -> store -> authorize_token ( $this -> oauthTokenParam );
} catch ( Exception $e ) {
$this -> serverError ( $e -> getMessage ());
}
2010-01-11 14:35:46 +09:00
2010-10-22 06:45:42 +09:00
common_log (
LOG_INFO ,
sprintf (
2010-10-22 09:11:59 +09:00
" API OAuth - User %d (%s) has authorized request token %s for OAuth application %d (%s). " ,
$user -> id ,
$user -> nickname ,
$this -> reqToken -> tok ,
2010-10-22 06:45:42 +09:00
$this -> app -> id ,
$this -> app -> name
)
);
2010-10-21 09:21:04 +09:00
// XXX: Make sure we have a oauth_token_association table. The table
// is now in the main schema, but because it is being added with
// a point release, it's unlikely to be there. This code can be
// removed as of 1.0.
$this -> ensureOauthTokenAssociationTable ();
2010-01-11 16:03:30 +09:00
2010-10-21 09:21:04 +09:00
$tokenAssoc = new Oauth_token_association ();
2010-01-11 16:03:30 +09:00
2010-10-21 09:21:04 +09:00
$tokenAssoc -> profile_id = $user -> id ;
$tokenAssoc -> application_id = $this -> app -> id ;
$tokenAssoc -> token = $this -> oauthTokenParam ;
$tokenAssoc -> created = common_sql_now ();
2010-01-11 16:03:30 +09:00
2010-10-21 09:21:04 +09:00
$result = $tokenAssoc -> insert ();
2010-01-11 16:03:30 +09:00
2010-01-13 14:06:35 +09:00
if ( ! $result ) {
2010-10-21 09:21:04 +09:00
common_log_db_error ( $tokenAssoc , 'INSERT' , __FILE__ );
2010-10-21 10:10:46 +09:00
// TRANS: Server error displayed when a database action fails.
2010-10-21 09:21:04 +09:00
$this -> serverError ( _ ( 'Database error inserting oauth_token_association.' ));
2010-01-13 14:06:35 +09:00
}
2010-01-11 16:03:30 +09:00
2010-10-22 06:45:42 +09:00
$callback = $this -> getCallback ();
2010-01-13 14:06:35 +09:00
2010-10-22 06:45:42 +09:00
if ( ! empty ( $callback ) && $this -> reqToken -> verified_callback != 'oob' ) {
$targetUrl = $this -> buildCallbackUrl (
2010-10-22 06:52:41 +09:00
$callback ,
2010-10-07 11:20:47 +09:00
array (
'oauth_token' => $this -> oauthTokenParam ,
'oauth_verifier' => $this -> reqToken -> verifier // 1.0a
)
);
2010-10-22 09:11:59 +09:00
common_log ( LOG_INFO , " Redirecting to callback: $targetUrl " );
2010-10-22 06:45:42 +09:00
2010-10-07 11:20:47 +09:00
// Redirect the user to the provided OAuth callback
common_redirect ( $targetUrl , 303 );
2010-10-22 06:45:42 +09:00
2010-10-20 04:07:59 +09:00
} elseif ( $this -> app -> type == 2 ) {
// Strangely, a web application seems to want to do the OOB
// workflow. Because no callback was specified anywhere.
2010-10-07 11:20:47 +09:00
common_log (
2010-10-20 04:07:59 +09:00
LOG_WARNING ,
sprintf (
" API OAuth - No callback provided for OAuth web client ID %s (%s) "
. " during authorization step. Falling back to OOB workflow. " ,
$this -> app -> id ,
$this -> app -> name
)
2010-10-07 11:20:47 +09:00
);
2010-01-11 14:35:46 +09:00
}
2010-10-07 11:20:47 +09:00
// Otherwise, inform the user that the rt was authorized
$this -> showAuthorized ();
} else if ( $this -> arg ( 'cancel' )) {
2010-10-22 09:11:59 +09:00
common_log (
LOG_INFO ,
sprintf (
" API OAuth - User %d (%s) refused to authorize request token %s for OAuth application %d (%s). " ,
$user -> id ,
$user -> nickname ,
$this -> reqToken -> tok ,
$this -> app -> id ,
$this -> app -> name
)
);
2010-10-07 11:20:47 +09:00
try {
$this -> store -> revoke_token ( $this -> oauthTokenParam , 0 );
} catch ( Exception $e ) {
$this -> ServerError ( $e -> getMessage ());
}
2010-10-22 06:45:42 +09:00
2010-10-22 09:11:59 +09:00
$callback = $this -> getCallback ();
// If there's a callback available, inform the consumer the user
// has refused authorization
if ( ! empty ( $callback ) && $this -> reqToken -> verified_callback != 'oob' ) {
$targetUrl = $this -> buildCallbackUrl (
$callback ,
array (
'oauth_problem' => 'user_refused' ,
)
);
common_log ( LOG_INFO , " Redirecting to callback: $targetUrl " );
// Redirect the user to the provided OAuth callback
common_redirect ( $targetUrl , 303 );
}
// otherwise inform the user that authorization for the rt was declined
$this -> showCanceled ();
2010-01-11 14:35:46 +09:00
} else {
2010-10-21 02:34:27 +09:00
// TRANS: Client error given on when invalid data was passed through a form in the OAuth API.
2010-01-11 14:35:46 +09:00
$this -> clientError ( _ ( 'Unexpected form submission.' ));
}
}
2010-10-21 09:21:04 +09:00
// XXX Remove this function when we hit 1.0
function ensureOauthTokenAssociationTable ()
{
$schema = Schema :: get ();
$reqTokenCols = array (
new ColumnDef ( 'profile_id' , 'integer' , null , true , 'PRI' ),
new ColumnDef ( 'application_id' , 'integer' , null , true , 'PRI' ),
new ColumnDef ( 'token' , 'varchar' , 255 , true , 'PRI' ),
new ColumnDef ( 'created' , 'datetime' , null , false ),
new ColumnDef (
'modified' ,
'timestamp' ,
null ,
false ,
null ,
'CURRENT_TIMESTAMP' ,
'on update CURRENT_TIMESTAMP'
)
);
$schema -> ensureTable ( 'oauth_token_association' , $reqTokenCols );
}
2010-10-22 06:45:42 +09:00
/**
2010-10-26 03:25:35 +09:00
* Show body - override to add a special CSS class for the authorize
* page ' s " desktop mode " ( minimal display )
*
* Calls template methods
2010-10-22 06:45:42 +09:00
*
* @ return nothing
*/
2010-10-26 03:25:35 +09:00
function showBody ()
2010-10-22 06:45:42 +09:00
{
2010-10-26 03:25:35 +09:00
$bodyClasses = array ();
2010-10-22 06:45:42 +09:00
if ( $this -> desktopMode ()) {
2010-10-26 03:25:35 +09:00
$bodyClasses [] = 'oauth-desktop-mode' ;
}
if ( common_current_user ()) {
$bodyClasses [] = 'user_in' ;
2010-10-22 06:45:42 +09:00
}
2010-10-26 03:25:35 +09:00
$attrs = array ( 'id' => strtolower ( $this -> trimmed ( 'action' )));
if ( ! empty ( $bodyClasses )) {
$attrs [ 'class' ] = implode ( ' ' , $bodyClasses );
}
$this -> elementStart ( 'body' , $attrs );
$this -> elementStart ( 'div' , array ( 'id' => 'wrap' ));
if ( Event :: handle ( 'StartShowHeader' , array ( $this ))) {
$this -> showHeader ();
Event :: handle ( 'EndShowHeader' , array ( $this ));
}
$this -> showCore ();
if ( Event :: handle ( 'StartShowFooter' , array ( $this ))) {
$this -> showFooter ();
Event :: handle ( 'EndShowFooter' , array ( $this ));
}
$this -> elementEnd ( 'div' );
$this -> showScripts ();
$this -> elementEnd ( 'body' );
2010-10-22 06:45:42 +09:00
}
2010-01-11 14:35:46 +09:00
function showForm ( $error = null )
{
$this -> error = $error ;
$this -> showPage ();
}
function showScripts ()
{
parent :: showScripts ();
2010-01-13 14:06:35 +09:00
if ( ! common_logged_in ()) {
$this -> autofocus ( 'nickname' );
}
2010-01-11 14:35:46 +09:00
}
/**
* Title of the page
*
* @ return string title of the page
*/
function title ()
{
2010-10-21 02:34:27 +09:00
// TRANS: Title for a page where a user can confirm/deny account access by an external application.
2010-01-11 14:35:46 +09:00
return _ ( 'An application would like to connect to your account' );
}
/**
* Shows the authorization form .
*
* @ return void
*/
function showContent ()
{
$this -> elementStart ( 'form' , array ( 'method' => 'post' ,
2010-01-14 05:10:09 +09:00
'id' => 'form_apioauthauthorize' ,
2010-01-13 14:06:35 +09:00
'class' => 'form_settings' ,
2010-10-22 10:38:54 +09:00
'action' => common_local_url ( 'ApiOauthAuthorize' )));
2010-01-14 05:10:09 +09:00
$this -> elementStart ( 'fieldset' );
$this -> element ( 'legend' , array ( 'id' => 'apioauthauthorize_allowdeny' ),
2010-10-21 02:34:27 +09:00
// TRANS: Fieldset legend.
2010-01-14 05:10:09 +09:00
_ ( 'Allow or deny access' ));
2010-01-11 14:35:46 +09:00
$this -> hidden ( 'token' , common_session_token ());
2010-10-22 11:08:38 +09:00
$this -> hidden ( 'mode' , $this -> mode );
2010-10-07 11:20:47 +09:00
$this -> hidden ( 'oauth_token' , $this -> oauthTokenParam );
2010-01-11 14:35:46 +09:00
$this -> hidden ( 'oauth_callback' , $this -> callback );
2010-01-14 05:10:09 +09:00
$this -> elementStart ( 'ul' , 'form_data' );
2010-01-11 14:35:46 +09:00
$this -> elementStart ( 'li' );
2010-01-14 05:10:09 +09:00
$this -> elementStart ( 'p' );
2010-10-26 02:38:40 +09:00
if ( ! empty ( $this -> app -> icon ) && $this -> app -> name != 'anonymous' ) {
2010-01-11 14:35:46 +09:00
$this -> element ( 'img' , array ( 'src' => $this -> app -> icon ));
}
$access = ( $this -> app -> access_type & Oauth_application :: $writeAccess ) ?
'access and update' : 'access' ;
2010-10-26 02:38:40 +09:00
if ( $this -> app -> name == 'anonymous' ) {
2010-10-28 08:42:09 +09:00
// Special message for the anonymous app and consumer.
// TRANS: User notification of external application requesting account access.
// TRANS: %3$s is the access type requested, %4$s is the StatusNet sitename.
2010-10-26 02:38:40 +09:00
$msg = _ ( 'An application would like the ability ' .
2010-02-02 16:59:28 +09:00
'to <strong>%3$s</strong> your %4$s account data. ' .
'You should only give access to your %4$s account ' .
'to third parties you trust.' );
2010-10-26 02:38:40 +09:00
} else {
2010-10-28 08:42:09 +09:00
// TRANS: User notification of external application requesting account access.
// TRANS: %1$s is the application name requesting access, %2$s is the organisation behind the application,
// TRANS: %3$s is the access type requested, %4$s is the StatusNet sitename.
2010-10-26 02:38:40 +09:00
$msg = _ ( 'The application <strong>%1$s</strong> by ' .
'<strong>%2$s</strong> would like the ability ' .
'to <strong>%3$s</strong> your %4$s account data. ' .
'You should only give access to your %4$s account ' .
'to third parties you trust.' );
}
2010-01-11 14:35:46 +09:00
$this -> raw ( sprintf ( $msg ,
$this -> app -> name ,
$this -> app -> organization ,
2010-02-02 16:59:28 +09:00
$access ,
common_config ( 'site' , 'name' )));
2010-01-14 05:10:09 +09:00
$this -> elementEnd ( 'p' );
2010-01-11 14:35:46 +09:00
$this -> elementEnd ( 'li' );
$this -> elementEnd ( 'ul' );
2010-10-21 08:14:32 +09:00
// quickie hack
$button = false ;
2010-01-11 14:35:46 +09:00
if ( ! common_logged_in ()) {
2010-10-21 08:14:32 +09:00
if ( Event :: handle ( 'StartOAuthLoginForm' , array ( $this , & $button ))) {
2010-10-21 07:59:27 +09:00
$this -> elementStart ( 'fieldset' );
// TRANS: Fieldset legend.
$this -> element ( 'legend' , null , _m ( 'LEGEND' , 'Account' ));
$this -> elementStart ( 'ul' , 'form_data' );
$this -> elementStart ( 'li' );
// TRANS: Field label on OAuth API authorisation form.
$this -> input ( 'nickname' , _ ( 'Nickname' ));
$this -> elementEnd ( 'li' );
$this -> elementStart ( 'li' );
// TRANS: Field label on OAuth API authorisation form.
$this -> password ( 'password' , _ ( 'Password' ));
$this -> elementEnd ( 'li' );
$this -> elementEnd ( 'ul' );
$this -> elementEnd ( 'fieldset' );
}
2010-10-21 08:14:32 +09:00
Event :: handle ( 'EndOAuthLoginForm' , array ( $this , & $button ));
2010-01-11 14:35:46 +09:00
}
2010-10-07 11:20:47 +09:00
$this -> element ( 'input' , array ( 'id' => 'cancel_submit' ,
2010-01-14 05:10:09 +09:00
'class' => 'submit submit form_action-primary' ,
2010-10-07 11:20:47 +09:00
'name' => 'cancel' ,
2010-01-11 14:35:46 +09:00
'type' => 'submit' ,
2010-10-21 02:34:27 +09:00
// TRANS: Button text that when clicked will cancel the process of allowing access to an account
// TRANS: by an external application.
'value' => _m ( 'BUTTON' , 'Cancel' )));
2010-01-11 14:35:46 +09:00
$this -> element ( 'input' , array ( 'id' => 'allow_submit' ,
2010-01-14 05:10:09 +09:00
'class' => 'submit submit form_action-secondary' ,
2010-01-11 14:35:46 +09:00
'name' => 'allow' ,
'type' => 'submit' ,
2010-10-21 02:34:27 +09:00
// TRANS: Button text that when clicked will allow access to an account by an external application.
2010-10-21 08:14:32 +09:00
'value' => $button ? $button : _m ( 'BUTTON' , 'Allow' )));
2010-01-11 14:35:46 +09:00
2010-01-14 05:10:09 +09:00
$this -> elementEnd ( 'fieldset' );
2010-01-11 14:35:46 +09:00
$this -> elementEnd ( 'form' );
}
/**
* Instructions for using the form
*
* For " remembered " logins , we make the user re - login when they
* try to change settings . Different instructions for this case .
*
* @ return void
*/
function getInstructions ()
{
2010-10-21 02:34:27 +09:00
// TRANS: Form instructions.
2010-10-07 11:20:47 +09:00
return _ ( 'Authorize access to your account information.' );
2010-01-11 14:35:46 +09:00
}
/**
* A local menu
*
* Shows different login / register actions .
*
* @ return void
*/
function showLocalNav ()
{
2010-02-02 16:59:28 +09:00
// NOP
}
2010-10-22 04:23:04 +09:00
/*
* Checks to see if a the " mode " parameter is present in the request
* and set to " desktop " . If it is , the page is meant to be displayed in
* a small frame of another application , and we should suppress the
* header , aside , and footer .
*/
function desktopMode ()
{
if ( isset ( $this -> mode ) && $this -> mode == 'desktop' ) {
return true ;
} else {
return false ;
}
}
/*
* Override - suppress output in " desktop " mode
*/
function showHeader ()
{
if ( $this -> desktopMode () == false ) {
parent :: showHeader ();
}
}
/*
* Override - suppress output in " desktop " mode
*/
function showAside ()
{
if ( $this -> desktopMode () == false ) {
2010-10-22 05:00:03 +09:00
parent :: showAside ();
2010-10-22 04:23:04 +09:00
}
}
/*
* Override - suppress output in " desktop " mode
*/
function showFooter ()
{
if ( $this -> desktopMode () == false ) {
2010-10-22 05:00:03 +09:00
parent :: showFooter ();
2010-10-22 04:23:04 +09:00
}
}
2010-02-02 16:59:28 +09:00
/**
* Show site notice .
*
* @ return nothing
*/
function showSiteNotice ()
{
// NOP
}
/**
* Show notice form .
*
* Show the form for posting a new notice
*
* @ return nothing
*/
function showNoticeForm ()
{
// NOP
2010-01-11 14:35:46 +09:00
}
2010-01-08 06:19:21 +09:00
2010-10-07 11:20:47 +09:00
/*
* Show a nice message confirming the authorization
* operation was canceled .
*
* @ return nothing
*/
function showCanceled ()
{
$info = new InfoAction (
2010-10-21 02:34:27 +09:00
// TRANS: Header for user notification after revoking OAuth access to an application.
2010-10-07 11:20:47 +09:00
_ ( 'Authorization canceled.' ),
sprintf (
2010-10-21 02:34:27 +09:00
// TRANS: User notification after revoking OAuth access to an application.
// TRANS: %s is an OAuth token.
2010-10-07 11:20:47 +09:00
_ ( 'The request token %s has been revoked.' ),
2010-10-22 09:48:26 +09:00
$this -> oauthTokenParam
2010-10-07 11:20:47 +09:00
)
);
$info -> showPage ();
}
/*
* Show a nice message that the authorization was successful .
* If the operation is out - of - band , show a pin .
*
* @ return nothing
*/
function showAuthorized ()
{
2010-10-27 05:19:23 +09:00
$title = null ;
$msg = null ;
2010-10-07 11:20:47 +09:00
2010-10-27 05:19:23 +09:00
if ( $this -> app -> name == 'anonymous' ) {
$title =
// TRANS: Title of the page notifying the user that an anonymous client application was successfully authorized to access the user's account with OAuth.
_ ( 'You have successfully authorized the application' );
$msg =
// TRANS: Message notifying the user that an anonymous client application was successfully authorized to access the user's account with OAuth.
_ ( 'Please return to the application and enter the following security code to complete the process.' );
} else {
$title = sprintf (
// TRANS: Title of the page notifying the user that the client application was successfully authorized to access the user's account with OAuth.
// TRANS: %s is the authorised application name.
_ ( 'You have successfully authorized %s' ),
$this -> app -> name
);
$msg = sprintf (
// TRANS: Message notifying the user that the client application was successfully authorized to access the user's account with OAuth.
// TRANS: %s is the authorised application name.
_ ( 'Please return to %s and enter the following security code to complete the process.' ),
$this -> app -> name
);
}
2010-10-07 11:20:47 +09:00
2010-10-08 05:51:47 +09:00
if ( $this -> reqToken -> verified_callback == 'oob' ) {
2010-10-26 03:25:35 +09:00
$pin = new ApiOauthPinAction (
$title ,
$msg ,
$this -> reqToken -> verifier ,
$this -> desktopMode ()
);
2010-10-07 11:20:47 +09:00
$pin -> showPage ();
} else {
2010-10-08 06:17:56 +09:00
// NOTE: This would only happen if an application registered as
// a web application but sent in 'oob' for the oauth_callback
// parameter. Usually web apps will send in a callback and
// not use the pin-based workflow.
2010-10-08 05:51:47 +09:00
2010-10-07 11:20:47 +09:00
$info = new InfoAction (
2010-10-08 05:51:47 +09:00
$title ,
$msg ,
$this -> oauthTokenParam ,
$this -> reqToken -> verifier
2010-10-07 11:20:47 +09:00
);
$info -> showPage ();
}
}
2010-10-22 06:45:42 +09:00
/*
* Figure out what the callback should be
*/
function getCallback ()
{
$callback = null ;
// Return the verified callback if we have one
2010-10-22 09:48:26 +09:00
if ( $this -> reqToken -> verified_callback != 'oob' ) {
2010-10-22 06:45:42 +09:00
$callback = $this -> reqToken -> verified_callback ;
// Otherwise return the callback that was provided when
// registering the app
if ( empty ( $callback )) {
common_debug (
" No verified callback found for request token, using application callback: "
. $this -> app -> callback_url ,
__FILE__
);
$callback = $this -> app -> callback_url ;
}
}
return $callback ;
}
2010-10-07 11:20:47 +09:00
/*
* Properly format the callback URL and parameters so it ' s
* suitable for a redirect in the OAuth dance
*
* @ param string $url the URL
* @ param array $params an array of parameters
*
* @ return string $url a URL to use for redirecting to
*/
2010-10-22 06:45:42 +09:00
function buildCallbackUrl ( $url , $params )
2010-10-07 11:20:47 +09:00
{
foreach ( $params as $k => $v ) {
$url = $this -> appendQueryVar (
$url ,
OAuthUtil :: urlencode_rfc3986 ( $k ),
OAuthUtil :: urlencode_rfc3986 ( $v )
);
}
return $url ;
}
/*
* Append a new query parameter after any existing query
* parameters .
*
* @ param string $url the URL
* @ prarm string $k the parameter name
* @ param string $v value of the paramter
*
* @ return string $url the new URL with added parameter
*/
function appendQueryVar ( $url , $k , $v ) {
$url = preg_replace ( '/(.*)(\?|&)' . $k . '=[^&]+?(&)(.*)/i' , '$1$2$4' , $url . '&' );
$url = substr ( $url , 0 , - 1 );
if ( strpos ( $url , '?' ) === false ) {
return ( $url . '?' . $k . '=' . $v );
} else {
return ( $url . '&' . $k . '=' . $v );
}
}
2010-01-08 06:19:21 +09:00
}