gnu-social/actions/finishremotesubscribe.php

152 lines
5.2 KiB
PHP
Raw Normal View History

<?php
2009-08-10 21:48:50 +09:00
/**
* Handler for remote subscription finish callback
*
* PHP version 5
*
* @category Action
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
* @author Robin Millette <millette@status.net>
2009-08-10 21:48:50 +09:00
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://status.net/
2009-08-10 21:48:50 +09:00
*
2009-08-26 07:14:12 +09:00
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2008, 2009, StatusNet, Inc.
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
2009-08-10 21:48:50 +09:00
**/
if (!defined('STATUSNET') && !defined('LACONICA')) { exit(1); }
2009-08-10 21:48:50 +09:00
require_once INSTALLDIR.'/extlib/libomb/service_consumer.php';
require_once INSTALLDIR.'/lib/omb.php';
2009-08-10 21:48:50 +09:00
/**
* Handler for remote subscription finish callback
*
* When a remote user subscribes a local user, a redirect to this action is
* issued after the remote user authorized his service to subscribe.
*
* @category Action
* @package Laconica
2009-09-16 11:28:59 +09:00
* @author Evan Prodromou <evan@status.net>
2009-08-10 21:48:50 +09:00
* @author Robin Millette <millette@controlyourself.ca>
* @license http://www.fsf.org/licensing/licenses/agpl.html AGPLv3
* @link http://laconi.ca/
*/
class FinishremotesubscribeAction extends Action
{
2009-08-10 21:48:50 +09:00
/**
* Class handler.
*
* @param array $args query arguments
*
* @return nothing
*
**/
function handle($args)
{
parent::handle($args);
2009-08-10 21:48:50 +09:00
/* Restore session data. RemotesubscribeAction should have stored
this entry. */
$service = unserialize($_SESSION['oauth_authorization_request']);
2009-08-10 21:48:50 +09:00
if (!$service) {
$this->clientError(_('Not expecting this response!'));
return;
}
2009-08-10 21:48:50 +09:00
common_debug('stored request: '. print_r($service, true), __FILE__);
2009-08-10 21:48:50 +09:00
/* Create user objects for both users. Do it early for request
validation. */
$user = User::staticGet('uri', $service->getListeneeURI());
if (!$user) {
$this->clientError(_('User being listened to does not exist.'));
return;
}
2009-08-10 21:48:50 +09:00
$other = User::staticGet('uri', $service->getListenerURI());
if ($other) {
$this->clientError(_('You can use the local subscription!'));
return;
}
$remote = Remote_profile::staticGet('uri', $service->getListenerURI());
if ($remote) {
// Note remote profile may not have been saved yet.
// @fixme not convinced this is correct at all!
$profile = Profile::staticGet($remote->id);
if ($user->hasBlocked($profile)) {
$this->clientError(_('That user has blocked you from subscribing.'));
return;
}
}
2009-08-10 21:48:50 +09:00
/* Perform the handling itself via libomb. */
try {
$service->finishAuthorization();
2009-08-10 21:48:50 +09:00
} catch (OAuthException $e) {
if ($e->getMessage() == 'The authorized token does not equal the ' .
'submitted token.') {
$this->clientError(_('You are not authorized.'));
return;
2009-08-10 21:48:50 +09:00
} else {
$this->clientError(_('Could not convert request token to ' .
2009-08-10 21:48:50 +09:00
'access token.'));
return;
}
2009-08-10 21:48:50 +09:00
} catch (OMB_RemoteServiceException $e) {
$this->clientError(_('Remote service uses unknown version of ' .
'OMB protocol.'));
2009-08-10 21:48:50 +09:00
return;
} catch (Exception $e) {
common_debug('Got exception ' . print_r($e, true), __FILE__);
$this->clientError($e->getMessage());
return;
}
2009-08-10 21:48:50 +09:00
/* The service URLs are not accessible from datastore, so setting them
after insertion of the profile. */
$remote = Remote_profile::staticGet('uri', $service->getListenerURI());
2009-08-10 21:48:50 +09:00
$orig_remote = clone($remote);
2009-08-10 21:48:50 +09:00
$remote->postnoticeurl =
$service->getServiceURI(OMB_ENDPOINT_POSTNOTICE);
$remote->updateprofileurl =
$service->getServiceURI(OMB_ENDPOINT_UPDATEPROFILE);
2009-08-10 21:48:50 +09:00
if (!$remote->update($orig_remote)) {
$this->serverError(_('Error updating remote profile.'));
2009-08-10 21:48:50 +09:00
return;
}
2009-08-10 21:48:50 +09:00
/* Clear the session data. */
unset($_SESSION['oauth_authorization_request']);
2009-08-10 21:48:50 +09:00
/* If we show subscriptions in reverse chronological order, the new one
should show up close to the top of the page. */
common_redirect(common_local_url('subscribers', array('nickname' =>
$user->nickname)),
303);
}
}