function post()
{
// Get parameters
$code = $this->getInput('code');
$me = $this->getInput('me');
$redirect_uri = $this->getInput('redirect_uri');
$state = $this->getInput('state');
$client_id = $this->getInput('client_id');
$verified = Auth::verifyCode($code, $client_id, $redirect_uri, $state);
if ($verified['valid'] === true) {
// Get user & existing tokens
$user = $verified['user'];
$indieauth_tokens = $user->indieauth_tokens;
if (empty($indieauth_tokens)) {
$indieauth_tokens = array();
}
// Generate access token and save it to the user
$token = md5(rand(0, 99999) . time() . $user->getUUID() . $client_id . $state . rand(0, 999999));
$indieauth_tokens[$token] = array('me' => $me, 'redirect_uri' => $redirect_uri, 'scope' => 'post', 'client_id' => $client_id, 'issued_at' => time(), 'nonce' => mt_rand(1000000, pow(2, 30)));
$user->indieauth_tokens = $indieauth_tokens;
$user->save();
if (\Idno\Core\Idno::site()->session()->isLoggedOn() && $user->getUUID() == \Idno\Core\Idno::site()->session()->currentUser()->getUUID()) {
\Idno\Core\Idno::site()->session()->refreshSessionUser($user);
}
// Output to the browser
$this->setResponse(200);
header('Content-Type: application/x-www-form-urlencoded');
echo http_build_query(array('access_token' => $token, 'scope' => 'post', 'me' => $me));
exit;
} else {
$this->setResponse(400);
echo $verified['reason'];
}
}
function postContent()
{
$code = $this->getInput('code');
$client_id = $this->getInput('client_id');
$redirect_uri = $this->getInput('redirect_uri');
$state = $this->getInput('state');
$verified = Auth::verifyCode($code, $client_id, $redirect_uri, $state);
if ($verified['valid']) {
$this->setResponse(200);
header('Content-Type: application/x-www-form-urlencoded');
echo http_build_query(array('scope' => $verified['scope'], 'me' => $verified['me']));
exit;
}
}
