* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN * THE SOFTWARE. */ require_once '../core/init.php'; $server = new OAuthServer(); switch ($_SERVER['PATH_INFO']) { case '/request_token': $server->requestToken(); exit; case '/access_token': $server->accessToken(); exit; case '/authorize': # logon assert_logged_in(); try { $server->authorizeVerify(); $server->authorizeFinish(true, 1); } catch (OAuthException $e) { header('HTTP/1.1 400 Bad Request'); header('Content-Type: text/plain'); echo "Failed OAuth Request: " . $e->getMessage(); } exit; default: header('HTTP/1.1 500 Internal Server Error'); header('Content-Type: text/plain'); echo "Unknown request"; }
function assert_can_edit($data, $msg = null, $code = null) { assert_logged_in(); if ($data instanceof Model) { $arr = $data->as_array(); } else { $arr = (array) $data; } $not_current_user = empty($arr['user_id']) || $arr['user_id'] !== current_user()->id; if ($not_current_user && !current_user_can('super')) { throw new AccessException($msg, $code); } }