$server = new OAuthServer(); !isset($_SERVER['PATH_INFO']) && ($_SERVER['PATH_INFO'] = null); // Now - what kind of OAuth interaction are we handling? if ($_SERVER['PATH_INFO'] == '/request_token') { $server->requestToken(); exit; } else { if ($_SERVER['PATH_INFO'] == '/access_token') { $server->accessToken(); exit; } else { if ($_SERVER['PATH_INFO'] == '/authorize') { # logon require_once 'pieforms/pieform.php'; if (!$USER->is_logged_in()) { $form = new Pieform(auth_get_login_form()); auth_draw_login_page(null, $form); exit; } $rs = null; try { $rs = $server->authorizeVerify(); } catch (OAuthException2 $e) { header('HTTP/1.1 400 Bad Request'); header('Content-Type: text/plain'); echo "Failed OAuth Request: " . $e->getMessage(); exit; } // XXX user must be logged in // display what is accessing and ask the user to confirm $form = array('renderer' => 'table', 'type' => 'div', 'id' => 'maintable', 'name' => 'authorise', 'jsform' => false, 'successcallback' => 'oauth_authorise_submit', 'elements' => array('application_uri' => array('title' => get_string('application_title', 'auth.webservice'), 'value' => '<a href="' . $rs['application_uri'] . '" target="_blank">' . $rs['application_title'] . '</a>', 'type' => 'html'), 'application_access' => array('value' => get_string('oauth_access', 'auth.webservice'), 'type' => 'html'), 'instructions' => array('value' => get_string('oauth_instructions', 'auth.webservice') . "<br/><br/>", 'type' => 'html'), 'submit' => array('type' => 'submitcancel', 'value' => array(get_string('authorise', 'auth.webservice'), get_string('cancel')), 'goto' => get_config('wwwroot'))));
/** * Creates and displays the transient login page. * * This login page remembers all GET/POST data and passes it on. This way, * users can have their sessions time out, and then can log in again without * losing any of their data. * * As this function builds and validates a login form, it is possible that * calling this may validate a user to be logged in. * * @param Pieform $form If specified, just build this form to get the HTML * required. Otherwise, this function will build and * validate the form itself. * @access private */ function auth_draw_login_page($message = null, Pieform $form = null) { global $USER, $SESSION; if ($form != null) { $loginform = get_login_form_js($form->build()); } else { require_once 'pieforms/pieform.php'; $loginform = get_login_form_js(pieform(auth_get_login_form())); /* * If $USER is set, the form was submitted even before being built. * This happens when a user's session times out and they resend post * data. The request should just continue if so. */ if ($USER->is_logged_in()) { return; } } $externallogin = get_config('externallogin'); if ($externallogin) { $externallogin = preg_replace('/{shorturlencoded}/', urlencode(get_relative_script_path()), $externallogin); $externallogin = preg_replace('/{wwwroot}/', get_config('wwwroot'), $externallogin); redirect($externallogin); } if ($message) { $SESSION->add_info_msg($message); } $smarty = smarty(array(), array(), array(), array('pagehelp' => false, 'sidebars' => false)); $smarty->assign('login_form', $loginform); $smarty->assign('PAGEHEADING', get_string('loginto', 'mahara', get_config('sitename'))); $smarty->assign('LOGINPAGE', true); $smarty->display('login.tpl'); exit; }
/** * Creates and displays the transient login page. * * This login page remembers all GET/POST data and passes it on. This way, * users can have their sessions time out, and then can log in again without * losing any of their data. * * As this function builds and validates a login form, it is possible that * calling this may validate a user to be logged in. * * @param Pieform $form If specified, just build this form to get the HTML * required. Otherwise, this function will build and * validate the form itself. * @access private */ function auth_draw_login_page($message = null, Pieform $form = null) { global $USER, $SESSION; if ($form != null) { $loginform = get_login_form_js($form->build()); } else { require_once 'pieforms/pieform.php'; $loginform = get_login_form_js(pieform(auth_get_login_form())); /* * If $USER is set, the form was submitted even before being built. * This happens when a user's session times out and they resend post * data. The request should just continue if so. */ if ($USER->is_logged_in()) { return; } } if ($message) { $SESSION->add_info_msg($message); } $smarty = smarty(array(), array(), array(), array('pagehelp' => false)); $smarty->assign('login_form', $loginform); $smarty->assign('loginmessage', get_string('loginto', 'mahara', get_config('sitename'))); $smarty->display('login.tpl'); exit; }