コード例 #1
0
ファイル: oauth.php プロジェクト: noackorama/source-talk-2012
 /**
  *
  **/
 public function authorize_action()
 {
     global $user, $auth;
     $auth->login_if($user->id == 'nobody');
     $user_id = OAuthUser::getMappedId($user->id);
     // Fetch the oauth store and the oauth server.
     $store = OAuthStore::instance();
     $server = new OAuthServer();
     try {
         // Check if there is a valid request token in the current request
         // Returns an array with the consumer key, consumer secret, token, token secret and token type.
         $rs = $server->authorizeVerify();
         if (isset($_POST['allow'])) {
             // See if the user clicked the 'allow' submit button (or whatever you choose)
             $authorized = array_key_exists('allow', $_POST);
             // Set the request token to be authorized or not authorized
             // When there was a oauth_callback then this will redirect to the consumer
             $server->authorizeFinish($authorized, $user_id);
             // No oauth_callback, show the user the result of the authorization
             // ** your code here **
             PageLayout::postMessage(Messagebox::success(_('Sie haben der Applikation Zugriff auf Ihre Daten gewährt.')));
             $this->redirect('user#' . $rs['consumer_key']);
         }
     } catch (OAuthException $e) {
         // No token to be verified in the request, show a page where the user can enter the token to be verified
         // **your code here**
         die('invalid');
     }
     PageLayout::disableHeader();
     $this->set_layout($GLOBALS['template_factory']->open('layouts/base_without_infobox'));
     $this->rs = $rs;
 }
コード例 #2
0
 public function executeAuthorize(sfWebRequest $request)
 {
     $this->oauth_token = $request->getParameter('oauth_token', '');
     $this->oauth_callback = $request->getParameter('oauth_callback', '');
     if (!$this->getUser()->isAuthenticated()) {
         $this->getUser()->setAttribute('url_back', 'sfOauthServer/authorize?oauth_callback=' . $this->oauth_callback . '&oauth_token=' . $this->oauth_token, 'vo/redir');
     }
     $this->redirectUnless($this->getUser()->isAuthenticated(), "@sf_guard_signin");
     $authorized = $request->getParameter('authorized', '');
     sfContext::getInstance()->getLogger()->debug("executeAuthorize: authorized: {$authorized}");
     $store = $this->getStore();
     $server = new OAuthServer();
     if ($request->isMethod('post')) {
         if (!$authorized) {
             header('HTTP/1.1 401 Not authorized');
             header('Content-Type: text/plain');
             sfContext::getInstance()->getLogger()->warning("Not authorized by user.");
             echo "Not authorized.";
             die;
         }
         try {
             sfContext::getInstance()->getLogger()->debug("executeAuthorize: calling authorizeVerify");
             $server->authorizeVerify();
             sfContext::getInstance()->getLogger()->debug("executeAuthorize: calling authorizeFinish");
             $server->authorizeFinish(true, $this->getUser()->getGuardUser()->getId());
             if ($this->oauth_callback) {
                 sfContext::getInstance()->getLogger()->info("Authorized invoking callback.");
                 header('Location: ' . $this->oauth_callback);
                 die;
             }
             sfContext::getInstance()->getLogger()->info("Authorized.");
         } catch (OAuthException $e) {
             sfContext::getInstance()->getLogger()->err("Failed OAuth Request: " . $e->getMessage());
             header('HTTP/1.1 400 Bad Request');
             header('Content-Type: text/plain');
             echo "Failed OAuth Request: " . $e->getMessage();
             die;
         }
     }
 }
コード例 #3
0
ファイル: ApiController.php プロジェクト: henvic/MediaLab
 public function authorizeAction()
 {
     $auth = Zend_Auth::getInstance();
     $store = OAuthStore::instance();
     $registry = Zend_Registry::getInstance();
     $router = Zend_Controller_Front::getInstance()->getRouter();
     $request = $this->getRequest();
     if (!$auth->hasIdentity()) {
         Zend_Controller_Front::getInstance()->registerPlugin(new Ml_Plugins_LoginRedirect());
     }
     $this->_helper->loadOauthstore->preloadServer();
     $server = new OAuthServer();
     $form = Ml_Model_Api::authorizeForm();
     // Check if there is a valid request token in the current request
     // Returns an array with the
     //consumer key, consumer secret, token, token secret and token type.
     $rs = $server->authorizeVerify();
     $consumer = $store->getConsumer($rs['consumer_key'], $auth->getIdentity());
     $this->view->consumerInfo = $consumer;
     if ($request->isPost() && $form->isValid($request->getPost())) {
         $values = $form->getValues();
         if (isset($values['allow'])) {
             $authorized = true;
         } else {
             if (isset($values['deny'])) {
                 $authorized = false;
             }
         }
         if (isset($authorized)) {
             $server->authorizeFinish($authorized, $auth->getIdentity());
             //If no oauth_callback, the user is redirected to
             $this->_redirect($router->assemble(array(), "accountapps") . "?new_addition", array("exit"));
         }
     }
     $this->view->authorizeForm = $form;
 }
コード例 #4
0
ファイル: OauthController.php プロジェクト: vangogogo/justsns
 public function actionAuthorize()
 {
     //登陆用户
     $user_id = Yii::app()->user->id;
     $model = new LoginForm();
     $errmsg = '';
     // 取得 oauth store 和 oauth server 对象
     $server = new OAuthServer();
     try {
         // 检查当前请求中是否包含一个合法的请求token
         // 返回一个数组, 包含consumer key, consumer secret, token, token secret 和 token type.
         $rs = $server->authorizeVerify($user_id);
         // 没有登录时不允许跳转
         if (!empty($user_id)) {
             //当application_type 为 system 时,可以不须经过用户授权
             if ($rs['application_type'] == 'system') {
                 $authorized = True;
                 $server->authorizeFinish($authorized, $user_id);
             }
             if ($_SERVER['REQUEST_METHOD'] == 'POST') {
                 // 判断用户是否点击了 "allow" 按钮(或者你可以自定义为其他标识)
                 $authorized = True;
                 // 设置token的认证状态(已经被认证或者尚未认证)
                 // 如果存在 oauth_callback 参数, 重定向到客户(消费方)地址
                 $verifier = $server->authorizeFinish($authorized, $user_id);
                 // 如果没有 oauth_callback 参数, 显示认证结果
                 // ** 你的代码 **
                 echo $verifier;
                 die;
             } else {
                 #echo 'Error';
             }
         } else {
             // if it is ajax validation request
             if (isset($_POST['ajax']) && $_POST['ajax'] === 'login-form') {
                 echo EActiveForm::validate($model);
                 Yii::app()->end();
             }
             // collect user input data
             if (isset($_POST['LoginForm'])) {
                 $model->attributes = $_POST['LoginForm'];
                 // validate user input and redirect to the previous page if valid
                 if ($model->validate() && $model->login()) {
                     $this->refresh();
                 }
             }
         }
     } catch (OAuthException $e) {
         $errmsg = $e->getMessage();
         throw new CHttpException(401, $errmsg);
         // 请求中没有包含token, 显示一个使用户可以输入token以进行验证的页面
         // ** 你的代码 **
     } catch (OAuthException2 $e) {
         $errmsg = $e->getMessage();
         // 请求了一个错误的token
         // ** 你的代码 **
         throw new CHttpException(401, $errmsg);
     }
     $data = array('rs' => $rs, 'model' => $model, 'errmsg' => $errmsg);
     $this->render('Authorize', $data);
 }
コード例 #5
0
 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
 * THE SOFTWARE.
 */
require_once '../core/init.php';
$server = new OAuthServer();
switch ($_SERVER['PATH_INFO']) {
    case '/request_token':
        $server->requestToken();
        exit;
    case '/access_token':
        $server->accessToken();
        exit;
    case '/authorize':
        # logon
        assert_logged_in();
        try {
            $server->authorizeVerify();
            $server->authorizeFinish(true, 1);
        } catch (OAuthException $e) {
            header('HTTP/1.1 400 Bad Request');
            header('Content-Type: text/plain');
            echo "Failed OAuth Request: " . $e->getMessage();
        }
        exit;
    default:
        header('HTTP/1.1 500 Internal Server Error');
        header('Content-Type: text/plain');
        echo "Unknown request";
}
コード例 #6
0
ファイル: oauth.class.php プロジェクト: abbeet/server39
 /**
  * Authorize an OAuth request OR display the Authorize form.
  */
 public function authorize()
 {
     // Do we have an OAuth signed request?
     $userid = $this->user->userid;
     $server = new OAuthServer();
     // Request must be signed
     try {
         $consumerDetails = $server->authorizeVerify();
         // Has the user submitted the form?
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             // See if the user clicked the 'allow' submit button
             if (isset($_POST['Allow'])) {
                 $authorized = true;
             } else {
                 $authorized = false;
             }
             Debug::LogEntry('audit', 'Allow submitted. Application is ' . ($authorized ? 'authed' : 'denied'));
             // Set the request token to be authorized or not authorized
             // When there was a oauth_callback then this will redirect to the consumer
             $server->authorizeFinish($authorized, $userid);
             // No oauth_callback, show the user the result of the authorization
             echo __('Request authorized. Please return to your application.');
         } else {
             // Not submitted the form, therefore we must show the login box.
             $store = OAuthStore::instance();
             $consumer = $store->getConsumer($consumerDetails['consumer_key'], $userid, true);
             Theme::Set('application_title', $consumer['application_title']);
             Theme::Set('application_descr', $consumer['application_descr']);
             Theme::Set('application_uri', $consumer['application_uri']);
             Theme::Render('header');
             Theme::Render('application_verify');
             Theme::Render('footer');
         }
     } catch (OAuthException $e) {
         // Unsigned request is not allowed.
         trigger_error($e->getMessage());
         trigger_error(__('Unsigned requests are not allowed to the authorize page.'), E_USER_ERROR);
     }
 }
コード例 #7
0
 private function authorize()
 {
     $player = Neuron_GameServer::getPlayer();
     if (!$player) {
         $html = '<p>' . __('This page is only available for registered users.') . '</p>';
         /*
         
         $_SESSION['after_login_redirect'] = Neuron_URLBuilder::getURL 
         (
         	'oauth/authorize', 
         	array 
         	(
         		'oauth_token' => Neuron_Core_Tools::getInput ('_GET', 'oauth_token', 'varchar')
         	)
         );
         
         header ('Location: ' . Neuron_URLBuilder::getURL ('login'));
         
         return;
         */
         return $thml;
     }
     // The current user
     $user_id = $player->getId();
     // Fetch the oauth store and the oauth server.
     $store = Neuron_Auth_OAuthStore::getStore();
     $server = new OAuthServer();
     try {
         // Check if there is a valid request token in the current request
         // Returns an array with the consumer key, consumer secret, token, token secret and token type.
         $rs = $server->authorizeVerify();
         if ($_SERVER['REQUEST_METHOD'] == 'POST') {
             // See if the user clicked the 'allow' submit button (or whatever you choose)
             $authorized = true;
             // Set the request token to be authorized or not authorized
             // When there was a oauth_callback then this will redirect to the consumer
             $server->authorizeFinish($authorized, $user_id);
             // No oauth_callback, show the user the result of the authorization
             // ** your code here **
             unset($_GET['rewritepagemodule']);
             $url = Neuron_URLBuilder::getInstance()->getRawURL('oauth/authorize', $_GET);
             $html = '<form method="post" action="' . $url . '"><button>Accept</button></form>';
         } else {
             unset($_GET['rewritepagemodule']);
             $url = Neuron_URLBuilder::getInstance()->getRawURL('oauth/authorize', $_GET);
             $html = '<form method="post" action="' . $url . '"><button>Accept</button></form>';
         }
     } catch (OAuthException $e) {
         // No token to be verified in the request, show a page where the user can enter the token to be verified
         // **your code here**
         $html = 'oops';
     }
     return $html;
 }
コード例 #8
0
ファイル: OauthController.php プロジェクト: jasonhai/onehome
 public function actionAuthorize_BK()
 {
     //Login User
     $user_id = Yii::app()->user->id;
     //        $model=new LoginForm;
     //		$errmsg = '';
     // To obtain OAuth store and OAuth Server object
     $server = new OAuthServer();
     try {
         // Check the current request contains a valid request token
         // Returns an array containing consumer key, consumer secret, token, token secret And token type.
         $rs = $server->authorizeVerify($user_id);
         // Not allowed to jump are not logged in
         if (!empty($user_id)) {
             $authorized = True;
             $server->authorizeFinish($authorized, $user_id);
             //                $data = array(
             //                    'errmsg'=>'Are you allow'
             //                );
             //                $this->render('Authorize',$data);
             //When the application_type for system You can not be authorized by the user
             //                if($rs['application_type'] == 'system')
             //                {
             //                    $authorized = True;
             //                    $server->authorizeFinish($authorized, $user_id);
             //                }
             //
             //                if ($_SERVER['REQUEST_METHOD'] == 'POST')
             //                {
             //
             //                    // Determine whether the user clicked on the "allow" Button (or you can custom other identification)
             //                    $authorized = True;
             //
             //                    // Set up token Certification status (has been certified or not certified)
             //                    // If there are oauth_callback Parameters redirected to the customer (consumer side) address
             //                    $verifier = $server->authorizeFinish($authorized, $user_id);
             //
             //                    // If you do not oauth_callback Parameters, display certification results
             //                    // ** Your code **
             ////                    echo $verifier;die;
             //                    echo '<pre>';
             //                    print_r('xxx');
             //                    echo '</pre>';
             //                    exit;
             //                }
             //                else
             //                {
             //                    echo 'Error';
             //                }
         } else {
             $pos = strpos(Yii::app()->request->requestUri, Yii::app()->baseUrl . '/');
             if ($pos !== false) {
                 $currentURI = substr_replace(Yii::app()->request->requestUri, '', $pos, strlen(Yii::app()->baseUrl . '/'));
             }
             $this->redirect(Yii::app()->createAbsoluteUrl('member/site/chooselogin') . '?returnUrl=' . urlencode($currentURI));
         }
     } catch (OAuthException $e) {
         $errmsg = $e->getMessage();
         throw new CHttpException(401, $errmsg);
         // The request does not contain token, Display allows the user to input token To validate the page
         // ** Your code **
     } catch (OAuthException2 $e) {
         $errmsg = $e->getMessage();
         // Requested an error token
         // ** Your code **
         throw new CHttpException(401, $errmsg);
     }
     //        $data = array(
     //            'rs'=>$rs,
     //            'model'=>$model,
     //            'errmsg'=>$errmsg
     //        );
     //        $this->render('Authorize',$data);
 }
コード例 #9
0
ファイル: authorize.php プロジェクト: phill104/branches
<?php

// Users "authorize" a request token here.  This first involves logging in to a Coppermine account.  An application "consuming" the API should direct users here once they have received a request token.
require 'cpgOAuth.php';
define('IN_COPPERMINE', true);
require_once 'include/init.inc.php';
$token = $superCage->get->getAlnum('oauth_token');
$authorized = $superCage->get->getAlnum('authorized');
if ($token == '') {
    throw new OAuthException('No "oauth_token" provided via HTTP GET.');
}
$server = new OAuthServer();
$server->setParam('oauth_token', $token, true);
$rs = $server->authorizeVerify();
if ($authorized == 'yes') {
    $server->authorizeFinish(true, USER_ID);
    api_message('Token "' . $rs['token'] . '" authorized.');
} else {
    if ($authorized == 'no') {
        $server->authorizeFinish(false, USER_ID);
        api_message('Token "' . $rs['token'] . '" deleted.');
    } else {
        $store = OAuthStore::instance();
        $consumer = $store->getConsumerInfo($rs['consumer_id']);
        if (!USER_ID) {
            print 'Please <a href="../login.php?referer=oauth/authorize.php?oauth_token=' . $token . '">login</a> to your user account.<br />';
            print 'Access this gallery anonymously with the application "' . $consumer[0]['application_title'] . '"?';
            print '<br /><br />';
        } else {
            print 'Would you like to allow "' . $consumer[0]['application_title'] . '" to access your photos from this site?';
            print '<br /><br />';