summaryrefslogtreecommitdiff
path: root/actions
diff options
context:
space:
mode:
authorZach Copley <zach@status.net>2010-01-11 01:11:50 -0800
committerZach Copley <zach@status.net>2010-01-24 16:36:02 -0800
commita0b84387737b016168eb3b9a1c6dee1980724f66 (patch)
treef34e3da1176942c19833a342b80f614cf2dd61ae /actions
parentc473a39a7da07fbe5b80fec4c08111a554691c3a (diff)
Exchanging authorized request tokens for access tokens working
Diffstat (limited to 'actions')
-rw-r--r--actions/apioauthaccesstoken.php60
1 files changed, 58 insertions, 2 deletions
diff --git a/actions/apioauthaccesstoken.php b/actions/apioauthaccesstoken.php
index db82f656a..9b99724d0 100644
--- a/actions/apioauthaccesstoken.php
+++ b/actions/apioauthaccesstoken.php
@@ -31,7 +31,7 @@ if (!defined('STATUSNET')) {
exit(1);
}
-require_once INSTALLDIR . '/lib/api.php';
+require_once INSTALLDIR . '/lib/apioauthstore.php';
/**
* Exchange an authorized OAuth request token for an access token
@@ -43,7 +43,63 @@ require_once INSTALLDIR . '/lib/api.php';
* @link http://status.net/
*/
-class ApiOauthAccessTokenAction extends ApiAction
+class ApiOauthAccessTokenAction extends Action
{
+ /**
+ * Is read only?
+ *
+ * @return boolean false
+ */
+ function isReadOnly()
+ {
+ return false;
+ }
+
+ /**
+ * Class handler.
+ *
+ * @param array $args array of arguments
+ *
+ * @return void
+ */
+ function handle($args)
+ {
+ parent::handle($args);
+
+ $datastore = new ApiStatusNetOAuthDataStore();
+ $server = new OAuthServer($datastore);
+ $hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
+
+ $server->add_signature_method($hmac_method);
+
+ $atok = null;
+
+ try {
+ $req = OAuthRequest::from_request();
+ $atok = $server->fetch_access_token($req);
+
+ } catch (OAuthException $e) {
+ common_log(LOG_WARN, 'API OAuthException - ' . $e->getMessage());
+ common_debug(var_export($req, true));
+ $this->outputError($e->getMessage());
+ return;
+ }
+
+ if (empty($atok)) {
+ common_debug('couldn\'t get access token.');
+ $this->outputError("Badness.");
+ return;
+ }
+
+ print $atok;
+ }
+
+ function outputError($msg)
+ {
+ header('HTTP/1.1 401 Unauthorized');
+ header('Content-Type: text/html; charset=utf-8');
+ print $msg . "\n";
+ }
}
+