function showApplication()
 {
     $user = common_current_user();
     $this->out->elementStart('li', array('class' => 'application', 'id' => 'oauthclient-' . $this->application->id));
     $this->out->elementStart('span', 'vcard author');
     if (!$this->connections) {
         $this->out->elementStart('a', array('href' => common_local_url('showapplication', array('id' => $this->application->id)), 'class' => 'url'));
     } else {
         $this->out->elementStart('a', array('href' => $this->application->source_url, 'class' => 'url'));
     }
     if (!empty($this->application->icon)) {
         $this->out->element('img', array('src' => $this->application->icon, 'class' => 'photo avatar'));
     }
     $this->out->element('span', 'fn', $this->application->name);
     $this->out->elementEnd('a');
     $this->out->elementEnd('span');
     $this->out->raw(' by ');
     $this->out->element('a', array('href' => $this->application->homepage, 'class' => 'url'), $this->application->organization);
     $this->out->element('p', 'note', $this->application->description);
     $this->out->elementEnd('li');
     if ($this->connections) {
         $appUser = Oauth_application_user::getByKeys($this->owner, $this->application);
         if (empty($appUser)) {
             common_debug("empty appUser!");
         }
         $this->out->elementStart('li');
         $access = $this->application->access_type & Oauth_application::$writeAccess ? 'read-write' : 'read-only';
         $txt = 'Approved ' . common_date_string($appUser->modified) . " - {$access} access.";
         $this->out->raw($txt);
         $this->out->elementEnd('li');
         $this->out->elementStart('li', 'entity_revoke');
         $this->out->elementStart('form', array('id' => 'form_revoke_app', 'class' => 'form_revoke_app', 'method' => 'POST', 'action' => common_local_url('oauthconnectionssettings')));
         $this->out->elementStart('fieldset');
         $this->out->hidden('id', $this->application->id);
         $this->out->hidden('token', common_session_token());
         $this->out->submit('revoke', _('Revoke'));
         $this->out->elementEnd('fieldset');
         $this->out->elementEnd('form');
         $this->out->elementEnd('li');
     }
 }
Ejemplo n.º 2
0
 function showApplication()
 {
     $user = common_current_user();
     $this->out->elementStart('li', array('class' => 'application', 'id' => 'oauthclient-' . $this->application->id));
     $this->out->elementStart('span', 'vcard author');
     if (!$this->connections) {
         $this->out->elementStart('a', array('href' => common_local_url('showapplication', array('id' => $this->application->id)), 'class' => 'url'));
     } else {
         $this->out->elementStart('a', array('href' => $this->application->source_url, 'class' => 'url'));
     }
     if (!empty($this->application->icon)) {
         $this->out->element('img', array('src' => $this->application->icon, 'class' => 'photo avatar'));
     }
     $this->out->element('span', 'fn', $this->application->name);
     $this->out->elementEnd('a');
     $this->out->elementEnd('span');
     $this->out->raw(' by ');
     $this->out->element('a', array('href' => $this->application->homepage, 'class' => 'url'), $this->application->organization);
     $this->out->element('p', 'note', $this->application->description);
     $this->out->elementEnd('li');
     if ($this->connections) {
         $appUser = Oauth_application_user::getByKeys($this->owner, $this->application);
         if (empty($appUser)) {
             common_debug("empty appUser!");
         }
         $this->out->elementStart('li');
         // TRANS: Application access type
         $readWriteText = _('read-write');
         // TRANS: Application access type
         $readOnlyText = _('read-only');
         $access = $this->application->access_type & Oauth_application::$writeAccess ? $readWriteText : $readOnlyText;
         $modifiedDate = common_date_string($appUser->modified);
         // TRANS: Used in application list. %1$s is a modified date, %2$s is access type (read-write or read-only)
         $txt = sprintf(_('Approved %1$s - "%2$s" access.'), $modifiedDate, $access);
         $this->out->raw($txt);
         $this->out->elementEnd('li');
         $this->out->elementStart('li', 'entity_revoke');
         $this->out->elementStart('form', array('id' => 'form_revoke_app', 'class' => 'form_revoke_app', 'method' => 'POST', 'action' => common_local_url('oauthconnectionssettings')));
         $this->out->elementStart('fieldset');
         $this->out->hidden('id', $this->application->id);
         $this->out->hidden('token', common_session_token());
         // TRANS: Button label
         $this->out->submit('revoke', _m('BUTTON', 'Revoke'));
         $this->out->elementEnd('fieldset');
         $this->out->elementEnd('form');
         $this->out->elementEnd('li');
     }
 }
 function handlePost()
 {
     // check session token for CSRF protection.
     $token = $this->trimmed('token');
     if (!$token || $token != common_session_token()) {
         $this->showForm(_('There was a problem with your session token. ' . 'Try again, please.'));
         return;
     }
     // check creds
     $user = null;
     if (!common_logged_in()) {
         $user = common_check_user($this->nickname, $this->password);
         if (empty($user)) {
             $this->showForm(_("Invalid nickname / password!"));
             return;
         }
     } else {
         $user = common_current_user();
     }
     if ($this->arg('allow')) {
         // mark the req token as authorized
         $this->store->authorize_token($this->oauth_token);
         // Check to see if there was a previous token associated
         // with this user/app and kill it. If the user is doing this she
         // probably doesn't want any old tokens anyway.
         $appUser = Oauth_application_user::getByKeys($user, $this->app);
         if (!empty($appUser)) {
             $result = $appUser->delete();
             if (!$result) {
                 common_log_db_error($appUser, 'DELETE', __FILE__);
                 throw new ServerException(_('Database error deleting OAuth application user.'));
                 return;
             }
         }
         // associated the authorized req token with the user and the app
         $appUser = new Oauth_application_user();
         $appUser->profile_id = $user->id;
         $appUser->application_id = $this->app->id;
         // Note: do not copy the access type from the application.
         // The access type should always be 0 when the OAuth app
         // user record has a request token associated with it.
         // Access type gets assigned once an access token has been
         // granted.  The OAuth app user record then gets updated
         // with the new access token and access type.
         $appUser->token = $this->oauth_token;
         $appUser->created = common_sql_now();
         $result = $appUser->insert();
         if (!$result) {
             common_log_db_error($appUser, 'INSERT', __FILE__);
             throw new ServerException(_('Database error inserting OAuth application user.'));
             return;
         }
         // if we have a callback redirect and provide the token
         // A callback specified in the app setup overrides whatever
         // is passed in with the request.
         if (!empty($this->app->callback_url)) {
             $this->callback = $this->app->callback_url;
         }
         if (!empty($this->callback)) {
             $target_url = $this->getCallback($this->callback, array('oauth_token' => $this->oauth_token));
             common_redirect($target_url, 303);
         } else {
             common_debug("callback was empty!");
         }
         // otherwise inform the user that the rt was authorized
         $this->elementStart('p');
         // XXX: Do OAuth 1.0a verifier code
         $this->raw(sprintf(_("The request token %s has been authorized. " . 'Please exchange it for an access token.'), $this->oauth_token));
         $this->elementEnd('p');
     } else {
         if ($this->arg('deny')) {
             $datastore = new ApiStatusNetOAuthDataStore();
             $datastore->revoke_token($this->oauth_token, 0);
             $this->elementStart('p');
             $this->raw(sprintf(_("The request token %s has been denied and revoked."), $this->oauth_token));
             $this->elementEnd('p');
         } else {
             $this->clientError(_('Unexpected form submission.'));
             return;
         }
     }
 }
 /**
  * Revoke access to an authorized OAuth application
  *
  * @param int $appId the ID of the application
  *
  */
 function revokeAccess($appId)
 {
     $cur = common_current_user();
     $app = Oauth_application::staticGet('id', $appId);
     if (empty($app)) {
         $this->clientError(_('No such application.'), 404);
         return false;
     }
     // XXX: Transaction here?
     $appUser = Oauth_application_user::getByKeys($cur, $app);
     if (empty($appUser)) {
         $this->clientError(_('You are not a user of that application.'), 401);
         return false;
     }
     $datastore = new ApiStatusNetOAuthDataStore();
     $datastore->revoke_token($appUser->token, 1);
     $result = $appUser->delete();
     if (!$result) {
         common_log_db_error($orig, 'DELETE', __FILE__);
         $this->clientError(sprintf(_('Unable to revoke access for app: %s.'), $app->id));
         return false;
     }
     $msg = 'User %s (id: %d) revoked access to app %s (id: %d)';
     common_log(LOG_INFO, sprintf($msg, $cur->nickname, $cur->id, $app->name, $app->id));
 }