function post() { // Get parameters $code = $this->getInput('code'); $me = $this->getInput('me'); $redirect_uri = $this->getInput('redirect_uri'); $state = $this->getInput('state'); $client_id = $this->getInput('client_id'); $verified = Auth::verifyCode($code, $client_id, $redirect_uri, $state); if ($verified['valid'] === true) { // Get user & existing tokens $user = $verified['user']; $indieauth_tokens = $user->indieauth_tokens; if (empty($indieauth_tokens)) { $indieauth_tokens = array(); } // Generate access token and save it to the user $token = md5(rand(0, 99999) . time() . $user->getUUID() . $client_id . $state . rand(0, 999999)); $indieauth_tokens[$token] = array('me' => $me, 'redirect_uri' => $redirect_uri, 'scope' => 'post', 'client_id' => $client_id, 'issued_at' => time(), 'nonce' => mt_rand(1000000, pow(2, 30))); $user->indieauth_tokens = $indieauth_tokens; $user->save(); if (\Idno\Core\Idno::site()->session()->isLoggedOn() && $user->getUUID() == \Idno\Core\Idno::site()->session()->currentUser()->getUUID()) { \Idno\Core\Idno::site()->session()->refreshSessionUser($user); } // Output to the browser $this->setResponse(200); header('Content-Type: application/x-www-form-urlencoded'); echo http_build_query(array('access_token' => $token, 'scope' => 'post', 'me' => $me)); exit; } else { $this->setResponse(400); echo $verified['reason']; } }
function postContent() { $code = $this->getInput('code'); $client_id = $this->getInput('client_id'); $redirect_uri = $this->getInput('redirect_uri'); $state = $this->getInput('state'); $verified = Auth::verifyCode($code, $client_id, $redirect_uri, $state); if ($verified['valid']) { $this->setResponse(200); header('Content-Type: application/x-www-form-urlencoded'); echo http_build_query(array('scope' => $verified['scope'], 'me' => $verified['me'])); exit; } }