summaryrefslogtreecommitdiff
path: root/actions/apioauthaccesstoken.php
diff options
context:
space:
mode:
authorZach Copley <zach@status.net>2010-01-11 01:11:50 -0800
committerZach Copley <zach@status.net>2010-01-14 02:41:06 +0000
commitd8abad747823e4bc9fa4f43efbc0715b146b61eb (patch)
treeb01859f0ff2fa67da88a2bcca280efed14f67441 /actions/apioauthaccesstoken.php
parente7f4ab677480f0fa39db5199de5f77821ba4a60d (diff)
Exchanging authorized request tokens for access tokens working
Diffstat (limited to 'actions/apioauthaccesstoken.php')
-rw-r--r--actions/apioauthaccesstoken.php60
1 files changed, 58 insertions, 2 deletions
diff --git a/actions/apioauthaccesstoken.php b/actions/apioauthaccesstoken.php
index db82f656a..9b99724d0 100644
--- a/actions/apioauthaccesstoken.php
+++ b/actions/apioauthaccesstoken.php
@@ -31,7 +31,7 @@ if (!defined('STATUSNET')) {
exit(1);
}
-require_once INSTALLDIR . '/lib/api.php';
+require_once INSTALLDIR . '/lib/apioauthstore.php';
/**
* Exchange an authorized OAuth request token for an access token
@@ -43,7 +43,63 @@ require_once INSTALLDIR . '/lib/api.php';
* @link http://status.net/
*/
-class ApiOauthAccessTokenAction extends ApiAction
+class ApiOauthAccessTokenAction extends Action
{
+ /**
+ * Is read only?
+ *
+ * @return boolean false
+ */
+ function isReadOnly()
+ {
+ return false;
+ }
+
+ /**
+ * Class handler.
+ *
+ * @param array $args array of arguments
+ *
+ * @return void
+ */
+ function handle($args)
+ {
+ parent::handle($args);
+
+ $datastore = new ApiStatusNetOAuthDataStore();
+ $server = new OAuthServer($datastore);
+ $hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
+
+ $server->add_signature_method($hmac_method);
+
+ $atok = null;
+
+ try {
+ $req = OAuthRequest::from_request();
+ $atok = $server->fetch_access_token($req);
+
+ } catch (OAuthException $e) {
+ common_log(LOG_WARN, 'API OAuthException - ' . $e->getMessage());
+ common_debug(var_export($req, true));
+ $this->outputError($e->getMessage());
+ return;
+ }
+
+ if (empty($atok)) {
+ common_debug('couldn\'t get access token.');
+ $this->outputError("Badness.");
+ return;
+ }
+
+ print $atok;
+ }
+
+ function outputError($msg)
+ {
+ header('HTTP/1.1 401 Unauthorized');
+ header('Content-Type: text/html; charset=utf-8');
+ print $msg . "\n";
+ }
}
+