/
helper.php
292 lines (271 loc) · 12.2 KB
/
helper.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
<?php
/**
* oauth plugin helper functions
*
* @license GPL 2 (http://www.gnu.org/licenses/gpl.html)
* @author Robin Gareus <robin@gareus.org>
*/
// must be run within Dokuwiki
if(!defined('DOKU_INC')) die();
class helper_plugin_oauth extends DokuWiki_Plugin {
/**
* Constructor
*/
function helper_plugin_oauth() {
;
}
# ..work in progress..
#
# - general feedback page, error, info
# - Consumer Admin
# - discover endpoints
# - edit?! consumer settings, callback-URL
# - user-white/blacklist consumer: users=array();
# - Token Admin
# - list access|request token
# - per user (done)
# - per consumer
#
# - prepare for time-window, validity of token and/or consumer.
# or revoke token after N requests
# - prepare for user/group-admin (for consumers)
/**
* return some info
*/
function getInfo(){
return array(
'author' => 'Robin Gareus',
'email' => 'robin@gareus.org',
'date' => '2008-10-12',
'name' => 'oauth',
'desc' => 'Authorize User requests by oAuth',
'url' => 'http://mir.dnsalias.com/wiki/dokuoauth',
);
}
/**
* announce public functions the dokuwiki way.
*/
function getMethods(){
$result = array();
$result[] = array(
'name' => 'oauthConfirm',
'desc' => 'ask user to authorize token',
'params' => array('opt' => 'array'),
'return' => array('success' => 'boolen'),
);
$result[] = array(
'name' => 'oauthConsumerInfo',
'desc' => 'show consumer info',
'params' => array('opt' => 'array'),
'return' => array('success' => 'boolen'),
);
$result[] = array(
'name' => 'oauthAddConsumer',
'desc' => 'add consumer form',
'params' => array('opt' => 'array'),
'return' => array('success' => 'boolen'),
);
$result[] = array(
'name' => 'oauthTokenList',
'desc' => 'show token list',
'params' => array('tokens' => 'array'),
'return' => array('success' => 'boolen'),
);
$result[] = array(
'name' => 'oauthInfo',
'desc' => 'show general info',
'params' => array('opt' => 'array'),
'return' => array('success' => 'boolen'),
);
return $result;
}
/**
*
*/
public function oauthConfirm($opt) {
global $lang;
global $conf;
print '<h1>OAuth - Authorize Token</h1>'.NL;
print '<div class="leftalign">'.NL;
print '<p>A Consumer wants to make one or more requests on your behalf which requires your consent.<p>'.NL;
print '</div>'.NL;
print '<div class="centeralign">'.NL;
$form = new Doku_Form('dw__oauth');
$form->startFieldset('Authorize Request Token');
# $form->addHidden('id', $ID);
$form->addElement('<p>Your Username: '.$_SERVER['REMOTE_USER'].'</p>');
$form->addHidden('dwoauthnonce', $opt['secpass']);
$form->addElement('<div class="leftalign"><ul>');
$form->addElement('<li>Consumer-Key: '.$opt['consumer_key'].'</li>');
$form->addElement('<li><a href="?do[oauth]=cinfo&dwoauthnonce='.rawurlencode($opt['secpass']).'" alt="consumer info">Consumer Info</a></li>');
$form->addElement('<li>Token-Key: '.$opt['token_key'].'</li>');
$form->addElement('<li>Callback URL: '.$opt['callback_url'].'</li>');
$form->addElement('</ul></div>');
$form->addElement(form_makeCheckboxField('userconfirmed', '1', 'allow request', 'allow_this', 'simple'));
$form->addElement(form_makeCheckboxField('trustconsumer', '1', 'always trust this consumer from now on', 'remember__me', 'simple'));
$form->addElement(form_makeButton('submit', 'oauth', 'resume', array('title' => 'authorize')));
# $form->addElement(form_makeButton('submit', '', 'cancel'));
$form->addElement(form_makeButton('submit', 'oauth', 'cancel'));
$form->endFieldset();
// TODO: change-user/re-login button.. (go to logout, keep special $ID='OAUTHPLUGIN:'.$opt['secpass']
html_form('confirm', $form);
print '</div>'.NL;
print '<div class="leftalign">'.NL;
print '<p><b>small print</b></p>'.NL;
print '<p>At this stage of prototying the dokuwiki OAuth plugin is not able to assure the Consumer’s true identity.</p>'.NL;
print '<p>The request token you are about to authorize is valid only once: to get an access-token, the latter can be used to perform (multiple) requests using your account until it expires or you revoke it.<br/>'.NL;
print 'A consumer may also forget the access-token and come back here every once in a while. Once consumer-verification is implemented and you have validated the consumer-information you may opt in to trust this consumer when you are logged in to dokuwiki to bypass this step by checking the "trust consumer" checkbox.</p>'.NL;
print '</div>'.NL;
}
/**
*
*/
public function oauthInfo($opt=array()) {
global $lang;
print '<h1>OAuth - Info</h1>'.NL;
print '<div class="level1"><p>'.NL;
print '<a href="http://oauth.net" class="urlextern" alt="http://oauth.net">oauth.net</a>';
print ' - secure API authorization from desktop and web applications.'.NL;
print '<br/>';
print '<a href="http://mir.dnsalias.com/wiki/dokuoauth" class="urlextern" >dokuoauth</a>';
print ' - dokuwiki oauth plugin website.'.NL;
print '</p></div>'.NL;
print '<h2>Actions</h2>'.NL;
print '<div class="level2"><ul>'.NL;
print '<li><a href="'.DOKU_BASE.'?do[oauth]=clist">Keys for this site (list Consumer-Keys)</a></li>'.NL;
print '<li><a href="'.DOKU_BASE.'?do[oauth]=addconsumer">Request/create Consumer-Key and Secret</a></li>'.NL;
print '<li><a href="'.DOKU_BASE.'?do[oauth]=tlist">Applications using your account (list request/access tokens)</a></li>'.NL;
print '</ul></div>'.NL;
print '<h2>Endpoint URLs for this site.</h2>'.NL;
print '<div class="level2">'.NL;
print '<dt>Request Token URL:</dt>'.NL;
# TODO make oauth-base-url configurable !
print '<dd style="margin-left:2em;"><tt>'.getBaseURL(true).'?do[oauth]=requesttoken</tt></dd>'.NL;
print '<dt>User Authorization URL:</dt>'.NL;
print '<dd style="margin-left:2em;"><tt>'.getBaseURL(true).'?do[oauth]=authorize</tt></dd>'.NL;
print '<dt>Access Token URL:</dt>'.NL;
print '<dd style="margin-left:2em;"><tt>'.getBaseURL(true).'?do[oauth]=accesstoken</tt></dd>'.NL;
print '</dl></div>'.NL;
}
/**
*
*/
public function oauthConsumerInfo($opt) {
global $lang;
if (empty($opt['secpass'])) {
$this->oauthToolbar();
}
print '<h1>OAuth - Consumer Info</h1>'.NL;
print '<div class="centeralign">'.NL;
$form = new Doku_Form('dw__oauth');
$form->startFieldset('Consumer Info');
if (!empty($opt['secpass']))
$form->addHidden('dwoauthnonce', $opt['secpass']);
$form->addElement('<div class="leftalign"><ul>');
$form->addElement('<li>Consumer-Key: '.$opt['consumer_key'].'</li>');
$form->addElement('<li>Consumer-secret: '.$opt['consumer_secret'].'</li>');
$form->addElement('<li>Callback URL: '.$opt['callback_url'].'</li>');
if (is_array($opt['acllimit']))
foreach ($opt['acllimit'] as $k => $v) {
if (is_array($v)) $v=print_r($v,true); // XXX - quick hack
$form->addElement('<li>ACL -'.$k.': '.$v.'</li>');
}
$form->addElement('</ul></div>');
if (!empty($opt['secpass'])) {
$form->addElement(form_makeButton('submit', 'oauth', 'resume', array('title' => 'authorize')));
$form->addElement(form_makeButton('submit', 'oauth', 'cancel'));
} else {
$form->addHidden('consumer_key', $opt['consumer_key']);
$form->addElement(form_makeButton('submit', 'oauth', 'clist')); // XXX
$form->addElement(form_makeButton('submit', 'oauth', 'delconsumer')); // XXX (only if permitted),
# TODO: add check-box to remove consumer-trust ?!
}
$form->endFieldset();
// TODO: change-user/re-login button.. (go to logout, keep special $ID='OAUTHPLUGIN:'.$opt['secpass']
html_form('info', $form);
print '</div>'.NL;
}
/**
*
*/
public function oauthTokenList($tokens) {
global $lang;
$this->oauthToolbar();
print '<h1>OAuth Admin </h1>'.NL;
print '<div class="leftalign"><table cellspacing="4">'.NL;
# TODO: filter on username or token. form
print '<tr>'.NL;
print '<th>User</th>'.NL; # XXX is '-' for all consumer-tokens !
print '<th>Token-Type</th><th>Key</th><th>Secret</th>'.NL;
if (is_array($tokens[0]['acllimit']))
foreach ($tokens[0]['acllimit'] as $k => $v)
print '<th>ACL-'.$k.'</th>';
print '<th>.</th>';
print '</tr>'.NL;
foreach ($tokens as $t) {
print '<tr>'.NL;
print '<td>'.$t['user'].'</td>'.NL; # XXX
print '<td>'.$t['type'].'</td>'.NL;
print '<td>'.$t['key'].'</td>'.NL;
print '<td>'.$t['secret'].'</td>'.NL;
if (is_array($tokens[0]['acllimit']))
foreach ($t['acllimit'] as $k => $v) {
if (is_array($v)) $v=print_r($v,true); // XXX - quick hack
print '<td>'.$v.'</td>';
}
print '<td>';
foreach ($t['action'] as $action => $title) {
// TODO: make this a <form> and POST requests !!
print '<a href="'.BASE_URL.'?do[oauth]='.$action.rawurlencode($t['key']).'">'.$title.'</a> '.NL;
}
print '</td>'.NL;
print '</tr>'.NL;
}
print '</table></div>'.NL;
}
/**
*
*/
public function oauthAddConsumer($opt) {
global $lang;
global $conf;
$this->oauthToolbar();
print '<h1>OAuth - Add Consumer</h1>'.NL;
print '<div class="leftalign">'.NL;
print '</div>'.NL;
print '<div class="centeralign">'.NL;
$form = new Doku_Form('dw__oauth');
$form->startFieldset('Create Consumer');
# $form->addHidden('id', $ID);
# $form->addElement('<p>Your Username: '.$_SERVER['REMOTE_USER'].'</p>');
# $form->addHidden('dwoauthnonce', $opt['secpass']);
$form->addHidden('feedback', 1);
$form->addElement(form_makeTextField('consumer_key', $opt['consumer_key'], 'Consumer Key', 'focus__this', 'block'));
$form->addElement(form_makeTextField('consumer_secret', $opt['consumer_secret'], 'Consumer Secret', '', 'block'));
$form->addElement(form_makeTextField('callback_url', $opt['callback_url'], 'callback Url', '', 'block'));
$form->addElement(form_makeButton('submit', 'oauth', 'addconsumer'));
$form->addElement(form_makeButton('submit', 'oauth', 'cancel'));
$form->endFieldset();
// TODO: change-user/re-login button.. (go to logout, keep special $ID='OAUTHPLUGIN:'.$opt['secpass']
html_form('confirm', $form);
print '</div>'.NL;
}
/**
*
*/
public function oauthToolbar() {
print '<div class="toolbar">'.NL;
print '<b>OAuth Plugin</b>: ';
print '<a href="'.DOKU_BASE.'?do=oauth" class="wikilink1">Info</a>'.NL;
print ' | ';
print '<a href="'.DOKU_BASE.'?do[oauth]=clist" class="wikilink1">Keys for this site</a>'.NL;
print ' | ';
print '<a href="'.DOKU_BASE.'?do[oauth]=addconsumer" class="wikilink1">Request/create Consumer-Key and Secret</a>'.NL;
print ' | ';
print '<a href="'.DOKU_BASE.'?do[oauth]=tlist" class="wikilink1">Applications using your account (list request/access tokens)</a>'.NL;
print '<hr/>'.NL;
print '<br/>'.NL;
print '</div>'.NL;
}
}
//Setup VIM: ex: et sw=4 ts=4 enc=utf-8 :