/**
*
**/
public function authorize_action()
{
global $user, $auth;
$auth->login_if($user->id == 'nobody');
$user_id = OAuthUser::getMappedId($user->id);
// Fetch the oauth store and the oauth server.
$store = OAuthStore::instance();
$server = new OAuthServer();
try {
// Check if there is a valid request token in the current request
// Returns an array with the consumer key, consumer secret, token, token secret and token type.
$rs = $server->authorizeVerify();
if (isset($_POST['allow'])) {
// See if the user clicked the 'allow' submit button (or whatever you choose)
$authorized = array_key_exists('allow', $_POST);
// Set the request token to be authorized or not authorized
// When there was a oauth_callback then this will redirect to the consumer
$server->authorizeFinish($authorized, $user_id);
// No oauth_callback, show the user the result of the authorization
// ** your code here **
PageLayout::postMessage(Messagebox::success(_('Sie haben der Applikation Zugriff auf Ihre Daten gewährt.')));
$this->redirect('user#' . $rs['consumer_key']);
}
} catch (OAuthException $e) {
// No token to be verified in the request, show a page where the user can enter the token to be verified
// **your code here**
die('invalid');
}
PageLayout::disableHeader();
$this->set_layout($GLOBALS['template_factory']->open('layouts/base_without_infobox'));
$this->rs = $rs;
}
public function executeAuthorize(sfWebRequest $request)
{
$this->oauth_token = $request->getParameter('oauth_token', '');
$this->oauth_callback = $request->getParameter('oauth_callback', '');
if (!$this->getUser()->isAuthenticated()) {
$this->getUser()->setAttribute('url_back', 'sfOauthServer/authorize?oauth_callback=' . $this->oauth_callback . '&oauth_token=' . $this->oauth_token, 'vo/redir');
}
$this->redirectUnless($this->getUser()->isAuthenticated(), "@sf_guard_signin");
$authorized = $request->getParameter('authorized', '');
sfContext::getInstance()->getLogger()->debug("executeAuthorize: authorized: {$authorized}");
$store = $this->getStore();
$server = new OAuthServer();
if ($request->isMethod('post')) {
if (!$authorized) {
header('HTTP/1.1 401 Not authorized');
header('Content-Type: text/plain');
sfContext::getInstance()->getLogger()->warning("Not authorized by user.");
echo "Not authorized.";
die;
}
try {
sfContext::getInstance()->getLogger()->debug("executeAuthorize: calling authorizeVerify");
$server->authorizeVerify();
sfContext::getInstance()->getLogger()->debug("executeAuthorize: calling authorizeFinish");
$server->authorizeFinish(true, $this->getUser()->getGuardUser()->getId());
if ($this->oauth_callback) {
sfContext::getInstance()->getLogger()->info("Authorized invoking callback.");
header('Location: ' . $this->oauth_callback);
die;
}
sfContext::getInstance()->getLogger()->info("Authorized.");
} catch (OAuthException $e) {
sfContext::getInstance()->getLogger()->err("Failed OAuth Request: " . $e->getMessage());
header('HTTP/1.1 400 Bad Request');
header('Content-Type: text/plain');
echo "Failed OAuth Request: " . $e->getMessage();
die;
}
}
}
public function authorizeAction()
{
$auth = Zend_Auth::getInstance();
$store = OAuthStore::instance();
$registry = Zend_Registry::getInstance();
$router = Zend_Controller_Front::getInstance()->getRouter();
$request = $this->getRequest();
if (!$auth->hasIdentity()) {
Zend_Controller_Front::getInstance()->registerPlugin(new Ml_Plugins_LoginRedirect());
}
$this->_helper->loadOauthstore->preloadServer();
$server = new OAuthServer();
$form = Ml_Model_Api::authorizeForm();
// Check if there is a valid request token in the current request
// Returns an array with the
//consumer key, consumer secret, token, token secret and token type.
$rs = $server->authorizeVerify();
$consumer = $store->getConsumer($rs['consumer_key'], $auth->getIdentity());
$this->view->consumerInfo = $consumer;
if ($request->isPost() && $form->isValid($request->getPost())) {
$values = $form->getValues();
if (isset($values['allow'])) {
$authorized = true;
} else {
if (isset($values['deny'])) {
$authorized = false;
}
}
if (isset($authorized)) {
$server->authorizeFinish($authorized, $auth->getIdentity());
//If no oauth_callback, the user is redirected to
$this->_redirect($router->assemble(array(), "accountapps") . "?new_addition", array("exit"));
}
}
$this->view->authorizeForm = $form;
}
public function actionAuthorize()
{
//登陆用户
$user_id = Yii::app()->user->id;
$model = new LoginForm();
$errmsg = '';
// 取得 oauth store 和 oauth server 对象
$server = new OAuthServer();
try {
// 检查当前请求中是否包含一个合法的请求token
// 返回一个数组, 包含consumer key, consumer secret, token, token secret 和 token type.
$rs = $server->authorizeVerify($user_id);
// 没有登录时不允许跳转
if (!empty($user_id)) {
//当application_type 为 system 时,可以不须经过用户授权
if ($rs['application_type'] == 'system') {
$authorized = True;
$server->authorizeFinish($authorized, $user_id);
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// 判断用户是否点击了 "allow" 按钮(或者你可以自定义为其他标识)
$authorized = True;
// 设置token的认证状态(已经被认证或者尚未认证)
// 如果存在 oauth_callback 参数, 重定向到客户(消费方)地址
$verifier = $server->authorizeFinish($authorized, $user_id);
// 如果没有 oauth_callback 参数, 显示认证结果
// ** 你的代码 **
echo $verifier;
die;
} else {
#echo 'Error';
}
} else {
// if it is ajax validation request
if (isset($_POST['ajax']) && $_POST['ajax'] === 'login-form') {
echo EActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if (isset($_POST['LoginForm'])) {
$model->attributes = $_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if ($model->validate() && $model->login()) {
$this->refresh();
}
}
}
} catch (OAuthException $e) {
$errmsg = $e->getMessage();
throw new CHttpException(401, $errmsg);
// 请求中没有包含token, 显示一个使用户可以输入token以进行验证的页面
// ** 你的代码 **
} catch (OAuthException2 $e) {
$errmsg = $e->getMessage();
// 请求了一个错误的token
// ** 你的代码 **
throw new CHttpException(401, $errmsg);
}
$data = array('rs' => $rs, 'model' => $model, 'errmsg' => $errmsg);
$this->render('Authorize', $data);
}
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
require_once '../core/init.php';
$server = new OAuthServer();
switch ($_SERVER['PATH_INFO']) {
case '/request_token':
$server->requestToken();
exit;
case '/access_token':
$server->accessToken();
exit;
case '/authorize':
# logon
assert_logged_in();
try {
$server->authorizeVerify();
$server->authorizeFinish(true, 1);
} catch (OAuthException $e) {
header('HTTP/1.1 400 Bad Request');
header('Content-Type: text/plain');
echo "Failed OAuth Request: " . $e->getMessage();
}
exit;
default:
header('HTTP/1.1 500 Internal Server Error');
header('Content-Type: text/plain');
echo "Unknown request";
}
/**
* Authorize an OAuth request OR display the Authorize form.
*/
public function authorize()
{
// Do we have an OAuth signed request?
$userid = $this->user->userid;
$server = new OAuthServer();
// Request must be signed
try {
$consumerDetails = $server->authorizeVerify();
// Has the user submitted the form?
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// See if the user clicked the 'allow' submit button
if (isset($_POST['Allow'])) {
$authorized = true;
} else {
$authorized = false;
}
Debug::LogEntry('audit', 'Allow submitted. Application is ' . ($authorized ? 'authed' : 'denied'));
// Set the request token to be authorized or not authorized
// When there was a oauth_callback then this will redirect to the consumer
$server->authorizeFinish($authorized, $userid);
// No oauth_callback, show the user the result of the authorization
echo __('Request authorized. Please return to your application.');
} else {
// Not submitted the form, therefore we must show the login box.
$store = OAuthStore::instance();
$consumer = $store->getConsumer($consumerDetails['consumer_key'], $userid, true);
Theme::Set('application_title', $consumer['application_title']);
Theme::Set('application_descr', $consumer['application_descr']);
Theme::Set('application_uri', $consumer['application_uri']);
Theme::Render('header');
Theme::Render('application_verify');
Theme::Render('footer');
}
} catch (OAuthException $e) {
// Unsigned request is not allowed.
trigger_error($e->getMessage());
trigger_error(__('Unsigned requests are not allowed to the authorize page.'), E_USER_ERROR);
}
}
private function authorize()
{
$player = Neuron_GameServer::getPlayer();
if (!$player) {
$html = '<p>' . __('This page is only available for registered users.') . '</p>';
/*
$_SESSION['after_login_redirect'] = Neuron_URLBuilder::getURL
(
'oauth/authorize',
array
(
'oauth_token' => Neuron_Core_Tools::getInput ('_GET', 'oauth_token', 'varchar')
)
);
header ('Location: ' . Neuron_URLBuilder::getURL ('login'));
return;
*/
return $thml;
}
// The current user
$user_id = $player->getId();
// Fetch the oauth store and the oauth server.
$store = Neuron_Auth_OAuthStore::getStore();
$server = new OAuthServer();
try {
// Check if there is a valid request token in the current request
// Returns an array with the consumer key, consumer secret, token, token secret and token type.
$rs = $server->authorizeVerify();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// See if the user clicked the 'allow' submit button (or whatever you choose)
$authorized = true;
// Set the request token to be authorized or not authorized
// When there was a oauth_callback then this will redirect to the consumer
$server->authorizeFinish($authorized, $user_id);
// No oauth_callback, show the user the result of the authorization
// ** your code here **
unset($_GET['rewritepagemodule']);
$url = Neuron_URLBuilder::getInstance()->getRawURL('oauth/authorize', $_GET);
$html = '<form method="post" action="' . $url . '"><button>Accept</button></form>';
} else {
unset($_GET['rewritepagemodule']);
$url = Neuron_URLBuilder::getInstance()->getRawURL('oauth/authorize', $_GET);
$html = '<form method="post" action="' . $url . '"><button>Accept</button></form>';
}
} catch (OAuthException $e) {
// No token to be verified in the request, show a page where the user can enter the token to be verified
// **your code here**
$html = 'oops';
}
return $html;
}
public function actionAuthorize_BK()
{
//Login User
$user_id = Yii::app()->user->id;
// $model=new LoginForm;
// $errmsg = '';
// To obtain OAuth store and OAuth Server object
$server = new OAuthServer();
try {
// Check the current request contains a valid request token
// Returns an array containing consumer key, consumer secret, token, token secret And token type.
$rs = $server->authorizeVerify($user_id);
// Not allowed to jump are not logged in
if (!empty($user_id)) {
$authorized = True;
$server->authorizeFinish($authorized, $user_id);
// $data = array(
// 'errmsg'=>'Are you allow'
// );
// $this->render('Authorize',$data);
//When the application_type for system You can not be authorized by the user
// if($rs['application_type'] == 'system')
// {
// $authorized = True;
// $server->authorizeFinish($authorized, $user_id);
// }
//
// if ($_SERVER['REQUEST_METHOD'] == 'POST')
// {
//
// // Determine whether the user clicked on the "allow" Button (or you can custom other identification)
// $authorized = True;
//
// // Set up token Certification status (has been certified or not certified)
// // If there are oauth_callback Parameters redirected to the customer (consumer side) address
// $verifier = $server->authorizeFinish($authorized, $user_id);
//
// // If you do not oauth_callback Parameters, display certification results
// // ** Your code **
//// echo $verifier;die;
// echo '<pre>';
// print_r('xxx');
// echo '</pre>';
// exit;
// }
// else
// {
// echo 'Error';
// }
} else {
$pos = strpos(Yii::app()->request->requestUri, Yii::app()->baseUrl . '/');
if ($pos !== false) {
$currentURI = substr_replace(Yii::app()->request->requestUri, '', $pos, strlen(Yii::app()->baseUrl . '/'));
}
$this->redirect(Yii::app()->createAbsoluteUrl('member/site/chooselogin') . '?returnUrl=' . urlencode($currentURI));
}
} catch (OAuthException $e) {
$errmsg = $e->getMessage();
throw new CHttpException(401, $errmsg);
// The request does not contain token, Display allows the user to input token To validate the page
// ** Your code **
} catch (OAuthException2 $e) {
$errmsg = $e->getMessage();
// Requested an error token
// ** Your code **
throw new CHttpException(401, $errmsg);
}
// $data = array(
// 'rs'=>$rs,
// 'model'=>$model,
// 'errmsg'=>$errmsg
// );
// $this->render('Authorize',$data);
}
<?php
// Users "authorize" a request token here. This first involves logging in to a Coppermine account. An application "consuming" the API should direct users here once they have received a request token.
require 'cpgOAuth.php';
define('IN_COPPERMINE', true);
require_once 'include/init.inc.php';
$token = $superCage->get->getAlnum('oauth_token');
$authorized = $superCage->get->getAlnum('authorized');
if ($token == '') {
throw new OAuthException('No "oauth_token" provided via HTTP GET.');
}
$server = new OAuthServer();
$server->setParam('oauth_token', $token, true);
$rs = $server->authorizeVerify();
if ($authorized == 'yes') {
$server->authorizeFinish(true, USER_ID);
api_message('Token "' . $rs['token'] . '" authorized.');
} else {
if ($authorized == 'no') {
$server->authorizeFinish(false, USER_ID);
api_message('Token "' . $rs['token'] . '" deleted.');
} else {
$store = OAuthStore::instance();
$consumer = $store->getConsumerInfo($rs['consumer_id']);
if (!USER_ID) {
print 'Please <a href="../login.php?referer=oauth/authorize.php?oauth_token=' . $token . '">login</a> to your user account.<br />';
print 'Access this gallery anonymously with the application "' . $consumer[0]['application_title'] . '"?';
print '<br /><br />';
} else {
print 'Would you like to allow "' . $consumer[0]['application_title'] . '" to access your photos from this site?';
print '<br /><br />';