/** * {@inheritDoc} * * Returns a token with some faked out values. */ public function createToken($stringToken) { if (empty($stringToken) && !empty($_GET['authz'])) { throw new GadgetException('INVALID_GADGET_TOKEN'); } try { //TODO remove this once we have a better way to generate a fake token // in the example files if (Config::get('allow_plaintext_token') && count(explode(':', $stringToken)) == 6) { $tokens = explode(":", $stringToken); return new BasicSecurityToken(null, null, urldecode($tokens[$this->OWNER_INDEX]), urldecode($tokens[$this->VIEWER_INDEX]), urldecode($tokens[$this->APP_ID_INDEX]), urldecode($tokens[$this->CONTAINER_INDEX]), urldecode($tokens[$this->APP_URL_INDEX]), urldecode($tokens[$this->MODULE_ID_INDEX])); } else { return BasicSecurityToken::createFromToken($stringToken, Config::get('token_max_age')); } } catch (Exception $e) { throw new GadgetException('INVALID_GADGET_TOKEN'); } }
/** * Tests BasicSecurityToken::createFromValues(), toSerialForm() and createFromToken() */ public function testCreateFromValues() { $token = BasicSecurityToken::createFromValues('owner', 'viewer', 'app', 'domain', 'appUrl', '1', 'default'); $this->assertEquals('owner', $token->getOwnerId()); $this->assertEquals('viewer', $token->getViewerId()); $this->assertEquals('app', $token->getAppId()); $this->assertEquals('domain', $token->getDomain()); $this->assertEquals('appUrl', $token->getAppUrl()); $this->assertEquals('1', $token->getModuleId()); $stringToken = urldecode($token->toSerialForm()); $duplicatedToken = BasicSecurityToken::createFromToken($stringToken, Config::get('token_max_age')); $this->assertEquals('owner', $duplicatedToken->getOwnerId()); $this->assertEquals('viewer', $duplicatedToken->getViewerId()); $this->assertEquals('app', $duplicatedToken->getAppId()); $this->assertEquals('domain', $duplicatedToken->getDomain()); $this->assertEquals('appUrl', $duplicatedToken->getAppUrl()); $this->assertEquals('1', $duplicatedToken->getModuleId()); }
public function set($params) { if (empty($_GET['st']) || empty($_GET['name']) || !isset($_GET['value'])) { header("HTTP/1.0 400 Bad Request", true); echo "<html><body><h1>400 - Bad Request</h1></body></html>"; } else { try { $st = urldecode(base64_decode($_GET['st'])); $key = urldecode($_GET['name']); $value = urldecode($_GET['value']); $token = BasicSecurityToken::createFromToken($st, PartuzaConfig::get('st_max_age')); $app_id = $token->getAppId(); $viewer = $token->getViewerId(); $apps = $this->model('applications'); $apps->set_application_pref($viewer, $app_id, $key, $value); } catch (Exception $e) { header("HTTP/1.0 400 Bad Request", true); echo "<html><body><h1>400 - Bad Request</h1>" . $e->getMessage() . "</body></html>"; } } die; }
// $Id$ define('AT_INCLUDE_PATH', '../../../include/'); $_user_location = 'public'; include(AT_INCLUDE_PATH.'vitals.inc.php'); include(AT_SOCIAL_INCLUDE.'classes/Application.class.php'); if (empty($_GET['st']) || empty($_GET['name']) || ! isset($_GET['value'])) { header("HTTP/1.0 400 Bad Request", true); echo "<html><body><h1>400 - Bad Request</h1></body></html>"; } else { try { $st = urldecode(base64_decode($_GET['st'])); $key = urldecode($_GET['name']); $value = urldecode($_GET['value']); $token = BasicSecurityToken::createFromToken($st, 15*60); //TODO: Change 3600 to a constant $app_id = $token->getAppId(); // $viewer = $token->getViewerId(); debug($app_id,'appid'); debug($viewer, 'viewer'); debug($value, 'value'); debug($key,'key'); $app = new Application($app_id); $result = $app->setApplicationSettings($_SESSION['member_id'], $key, $value); if (!$result){ echo "<html><body><h1>500 - SQL Error: </h1>" . mysql_error() . "</body></html>"; } } catch (Exception $e) { header("HTTP/1.0 400 Bad Request", true);
/* as published by the Free Software Foundation. */ /****************************************************************/ // $Id$ define('AT_INCLUDE_PATH', '../../../include/'); $_user_location = 'public'; include AT_INCLUDE_PATH . 'vitals.inc.php'; include AT_SOCIAL_INCLUDE . 'classes/Application.class.php'; if (empty($_GET['st']) || empty($_GET['name']) || !isset($_GET['value'])) { header("HTTP/1.0 400 Bad Request", true); echo "<html><body><h1>400 - Bad Request</h1></body></html>"; } else { try { $st = urldecode(base64_decode($_GET['st'])); $key = urldecode($_GET['name']); $value = urldecode($_GET['value']); $token = BasicSecurityToken::createFromToken($st, 15 * 60); //TODO: Change 3600 to a constant $app_id = $token->getAppId(); // $viewer = $token->getViewerId(); /* debug($app_id,'appid'); debug($viewer, 'viewer'); debug($value, 'value'); debug($key,'key'); */ $app = new Application($app_id); $result = $app->setApplicationSettings($_SESSION['member_id'], $key, $value); if (!$result) { echo "<html><body><h1>500 - SQL Error: </h1>" . mysql_error() . "</body></html>"; } } catch (Exception $e) { header("HTTP/1.0 400 Bad Request", true);