/** * Class handler. * * @param array $args array of arguments * * @return void */ function handle($args) { parent::handle($args); $datastore = new ApiGNUsocialOAuthDataStore(); $server = new OAuthServer($datastore); $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); $server->add_signature_method($hmac_method); $atok = $app = null; // XXX: Insist that oauth_token and oauth_verifier be populated? // Spec doesn't say they MUST be. try { $req = OAuthRequest::from_request(); $this->reqToken = $req->get_parameter('oauth_token'); $this->verifier = $req->get_parameter('oauth_verifier'); $app = $datastore->getAppByRequestToken($this->reqToken); $atok = $server->fetch_access_token($req); } catch (Exception $e) { common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage()); common_debug(var_export($req, true)); $code = $e->getCode(); $this->clientError($e->getMessage(), empty($code) ? 401 : $code, 'text'); } if (empty($atok)) { // Token exchange failed -- log it $msg = sprintf('API OAuth - Failure exchanging OAuth request token for access token, ' . 'request token = %s, verifier = %s', $this->reqToken, $this->verifier); common_log(LOG_WARNING, $msg); // TRANS: Client error given from the OAuth API when the request token or verifier is invalid. $this->clientError(_('Invalid request token or verifier.'), 400, 'text'); } else { common_log(LOG_INFO, sprintf("Issued access token '%s' for application %d (%s).", $atok->key, $app->id, $app->name)); $this->showAccessToken($atok); } }
/** * Revoke an access token * * XXX: Confirm revoke before doing it * * @param int $appId the ID of the application * */ function revokeAccess($token) { $cur = common_current_user(); $appUser = Oauth_application_user::getByUserAndToken($cur, $token); if (empty($appUser)) { // TRANS: Client error when trying to revoke access for an application while not being a user of it. $this->clientError(_('You are not a user of that application.'), 401); } $app = Oauth_application::getKV('id', $appUser->application_id); $datastore = new ApiGNUsocialOAuthDataStore(); $datastore->revoke_token($appUser->token, 1); $result = $appUser->delete(); if (!$result) { common_log_db_error($orig, 'DELETE', __FILE__); // TRANS: Client error when revoking access has failed for some reason. // TRANS: %s is the application ID revoking access failed for. $this->clientError(sprintf(_('Unable to revoke access for application: %s.'), $app->id)); } $msg = 'API OAuth - user %s (id: %d) revoked access token %s for app id %d'; common_log(LOG_INFO, sprintf($msg, $cur->nickname, $cur->id, $appUser->token, $appUser->application_id)); $msg = sprintf(_('You have successfully revoked access for %1$s and the access token starting with %2$s.'), $app->name, substr($appUser->token, 0, 7)); $this->showForm($msg, true); }