<?php
require_once '../lib/database.php';
require_once '../lib/memcache.php';
require_once '../lib/url_utils.php';
if ($_GET['response_type'] !== 'code') {
throw new Exception('Only code response type supported');
}
assert_redirect_allowed($_GET['client_id'], $_GET['redirect_uri']);
$app_name = get_app_name($_GET['client_id']);
$cancel_uri = addParamsToURL($_GET['redirect_uri'], array('error' => 'access_denied', 'state' => $_GET['state']));
if ($_GET['display'] == 'none') {
// This would normally issue a very limited access token that can
// only call "import" and nothing else
$_POST = $_GET;
include_once 'authorize_success.php';
die;
}
?>
Send all your data to <?php
print $app_name;
?>
?
<form action="authorize_success" method="POST">
<input type="submit" value="Yes">
<input type="hidden" name="client_id" value="<?php
print htmlentities($_GET['client_id']);
?>
">
<?php
require_once '../lib/database.php';
require_once '../lib/memcache.php';
require_once '../lib/url_utils.php';
$user_id = get_loggedin_user();
$m = get_memcache();
$code = mt_rand();
$key = 'oauth:code:' . $code;
$m->set($key, json_encode(array('user_id' => $user_id, 'client_id' => $_POST['client_id'], 'redirect_uri' => $_POST['redirect_uri'])), 15 * 60);
$redirect_uri = addParamsToURL($_POST['redirect_uri'], array('code' => $code, 'state' => $_POST['state']));
header('Location: ' . $redirect_uri);
