Exemple #1
0
 public function api_accesstoken()
 {
     //pull in our interface class.
     $provider = $this->get('provider');
     $token = OAuthToken::findByKey($provider->oauth->token);
     $token->changeToAccessToken();
     $data['oauth_token'] = $token->get('token');
     $data['oauth_token_secret'] = $token->get('token_secret');
     return $data;
 }
 /**
  * This function checks the token of the client
  * Fails if token not found, or verifier not correct
  * Once again you __HAVE TO__ set the $provider->token_secret to the right value or the signature will fail
  * It's called by OAuthCheckRequest() unless the client is getting a request token
  * @param $provider
  * @return int
  */
 public function checkToken($provider)
 {
     $this->token = OAuthToken::findByKey($provider->token);
     if (!$this->token->isHydrated()) {
         return OAUTH_TOKEN_REJECTED;
     } elseif ($this->token->get('type') == 1 && !$this->token->get('verified')) {
         return OAUTH_VERIFIER_INVALID;
     } else {
         if ($this->token->get('type') == 2) {
             /* if this is an access token we register the user to the provider for use in our api */
             $this->user = $this->token->getUser();
             User::$me = $this->user;
         }
         $provider->token_secret = $this->token->get('token_secret');
         return OAUTH_OK;
     }
 }
Exemple #3
0
 public function revoke_app()
 {
     $this->assertLoggedIn();
     try {
         $token = OAuthToken::findByKey($this->args('token'));
         if (!$token->isHydrated()) {
             throw new Exception("This app does not exist.");
         }
         if (!User::$me->isAdmin() && $token->get('user_id') != User::$me->id) {
             throw new Exception("You are not authorized to delete this app.");
         }
         $app = $token->getConsumer();
         $this->setTitle('Revoke App Permissions - ' . $app->getName());
         $this->set('token', $token);
         $this->set('app', $app);
         if ($this->args('submit')) {
             Activity::log("removed the app named " . $app->getLink() . ".");
             $token->delete();
             $this->forwardToUrl("/apps");
         }
     } catch (Exception $e) {
         $this->setTitle('Error');
         $this->set('megaerror', $e->getMessage());
     }
 }
Exemple #4
0
 public function authorize_app()
 {
     $this->assertLoggedIn();
     $this->set('area', 'app');
     try {
         $token = OAuthToken::findByKey($this->args('oauth_token'));
         if (!$token->isHydrated()) {
             throw new Exception("That token does not exist.");
         }
         if (!$token->isRequest()) {
             throw new Exception("This app has already been authorized.");
         }
         $app = $token->getConsumer();
         if (!$app->isHydrated()) {
             throw new Exception("That application does not exist.");
         }
         if (!$app->isActive()) {
             throw new Exception("That application is not active.");
         }
         $this->setTitle("Authorize App - " . $app->getName());
         //okay, associate it with our user.
         if (!$token->get('user_id')) {
             $token->set('user_id', User::$me->id);
             $token->save();
         } else {
             if ($token->get('user_id') != User::$me->id) {
                 throw new Exception("Another user has already claimed this token.");
             }
         }
         //do we have a verifier yet?
         if (!$token->get('verifier')) {
             $token->set('verifier', sha1(mt_rand()));
             $token->save();
         }
         $form = $this->_createAuthorizationForm($token, $app);
         //did they submit it?
         if ($form->checkSubmitAndValidate($this->args())) {
             if ($form->data('verifier') != $token->get('verifier')) {
                 throw new Exception("Invalid verifier.");
             }
             $token->set('name', $form->data('name'));
             $token->set('verified', 1);
             $token->save();
             Activity::log("installed the app named " . $app->getLink() . ".");
             $this->forwardToUrl("/");
         }
         $this->set('approve_form', $form);
         $this->set('token', $token);
         $this->set('app', $app);
     } catch (Exception $e) {
         $this->setTitle('Authorize App - Error');
         $this->set('megaerror', $e->getMessage());
     }
 }