$server = new OAuthServer();
!isset($_SERVER['PATH_INFO']) && ($_SERVER['PATH_INFO'] = null);
// Now - what kind of OAuth interaction are we handling?
if ($_SERVER['PATH_INFO'] == '/request_token') {
$server->requestToken();
exit;
} else {
if ($_SERVER['PATH_INFO'] == '/access_token') {
$server->accessToken();
exit;
} else {
if ($_SERVER['PATH_INFO'] == '/authorize') {
# logon
require_once 'pieforms/pieform.php';
if (!$USER->is_logged_in()) {
$form = new Pieform(auth_get_login_form());
auth_draw_login_page(null, $form);
exit;
}
$rs = null;
try {
$rs = $server->authorizeVerify();
} catch (OAuthException2 $e) {
header('HTTP/1.1 400 Bad Request');
header('Content-Type: text/plain');
echo "Failed OAuth Request: " . $e->getMessage();
exit;
}
// XXX user must be logged in
// display what is accessing and ask the user to confirm
$form = array('renderer' => 'table', 'type' => 'div', 'id' => 'maintable', 'name' => 'authorise', 'jsform' => false, 'successcallback' => 'oauth_authorise_submit', 'elements' => array('application_uri' => array('title' => get_string('application_title', 'auth.webservice'), 'value' => '<a href="' . $rs['application_uri'] . '" target="_blank">' . $rs['application_title'] . '</a>', 'type' => 'html'), 'application_access' => array('value' => get_string('oauth_access', 'auth.webservice'), 'type' => 'html'), 'instructions' => array('value' => get_string('oauth_instructions', 'auth.webservice') . "<br/><br/>", 'type' => 'html'), 'submit' => array('type' => 'submitcancel', 'value' => array(get_string('authorise', 'auth.webservice'), get_string('cancel')), 'goto' => get_config('wwwroot'))));
/**
* Creates and displays the transient login page.
*
* This login page remembers all GET/POST data and passes it on. This way,
* users can have their sessions time out, and then can log in again without
* losing any of their data.
*
* As this function builds and validates a login form, it is possible that
* calling this may validate a user to be logged in.
*
* @param Pieform $form If specified, just build this form to get the HTML
* required. Otherwise, this function will build and
* validate the form itself.
* @access private
*/
function auth_draw_login_page($message = null, Pieform $form = null)
{
global $USER, $SESSION;
if ($form != null) {
$loginform = get_login_form_js($form->build());
} else {
require_once 'pieforms/pieform.php';
$loginform = get_login_form_js(pieform(auth_get_login_form()));
/*
* If $USER is set, the form was submitted even before being built.
* This happens when a user's session times out and they resend post
* data. The request should just continue if so.
*/
if ($USER->is_logged_in()) {
return;
}
}
$externallogin = get_config('externallogin');
if ($externallogin) {
$externallogin = preg_replace('/{shorturlencoded}/', urlencode(get_relative_script_path()), $externallogin);
$externallogin = preg_replace('/{wwwroot}/', get_config('wwwroot'), $externallogin);
redirect($externallogin);
}
if ($message) {
$SESSION->add_info_msg($message);
}
$smarty = smarty(array(), array(), array(), array('pagehelp' => false, 'sidebars' => false));
$smarty->assign('login_form', $loginform);
$smarty->assign('PAGEHEADING', get_string('loginto', 'mahara', get_config('sitename')));
$smarty->assign('LOGINPAGE', true);
$smarty->display('login.tpl');
exit;
}
/**
* Creates and displays the transient login page.
*
* This login page remembers all GET/POST data and passes it on. This way,
* users can have their sessions time out, and then can log in again without
* losing any of their data.
*
* As this function builds and validates a login form, it is possible that
* calling this may validate a user to be logged in.
*
* @param Pieform $form If specified, just build this form to get the HTML
* required. Otherwise, this function will build and
* validate the form itself.
* @access private
*/
function auth_draw_login_page($message = null, Pieform $form = null)
{
global $USER, $SESSION;
if ($form != null) {
$loginform = get_login_form_js($form->build());
} else {
require_once 'pieforms/pieform.php';
$loginform = get_login_form_js(pieform(auth_get_login_form()));
/*
* If $USER is set, the form was submitted even before being built.
* This happens when a user's session times out and they resend post
* data. The request should just continue if so.
*/
if ($USER->is_logged_in()) {
return;
}
}
if ($message) {
$SESSION->add_info_msg($message);
}
$smarty = smarty(array(), array(), array(), array('pagehelp' => false));
$smarty->assign('login_form', $loginform);
$smarty->assign('loginmessage', get_string('loginto', 'mahara', get_config('sitename')));
$smarty->display('login.tpl');
exit;
}
