summaryrefslogtreecommitdiff
path: root/lib/apiauth.php
diff options
context:
space:
mode:
authorEvan Prodromou <evan@status.net>2010-02-03 12:32:48 -0500
committerEvan Prodromou <evan@status.net>2010-02-03 12:32:48 -0500
commit900cb8dd91b954d4e720b0c8afb2884419f43cd7 (patch)
treec2308c56f097d735273e965374240dfc20ded284 /lib/apiauth.php
parentaa4848d62d9bcc8166f18f4a18e5a3d2a6a51537 (diff)
parentefa930ab000e1e022f0754d9f421e8859024142c (diff)
Merge branch 'testing' of git@gitorious.org:statusnet/mainline into testing
Diffstat (limited to 'lib/apiauth.php')
-rw-r--r--lib/apiauth.php19
1 files changed, 8 insertions, 11 deletions
diff --git a/lib/apiauth.php b/lib/apiauth.php
index 99500404f..25e2196cf 100644
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@@ -55,6 +55,7 @@ class ApiAuthAction extends ApiAction
{
var $auth_user_nickname = null;
var $auth_user_password = null;
+ var $oauth_source = null;
/**
* Take arguments for running, looks for an OAuth request,
@@ -73,20 +74,18 @@ class ApiAuthAction extends ApiAction
// NOTE: $this->auth_user has to get set in prepare(), not handle(),
// because subclasses do stuff with it in their prepares.
- if ($this->requiresAuth()) {
+ $oauthReq = $this->getOAuthRequest();
- $oauthReq = $this->getOAuthRequest();
-
- if (!$oauthReq) {
+ if (!$oauthReq) {
+ if ($this->requiresAuth()) {
$this->checkBasicAuthUser(true);
} else {
- $this->checkOAuthRequest($oauthReq);
+ // Check to see if a basic auth user is there even
+ // if one's not required
+ $this->checkBasicAuthUser(false);
}
} else {
-
- // Check to see if a basic auth user is there even
- // if one's not required
- $this->checkBasicAuthUser(false);
+ $this->checkOAuthRequest($oauthReq);
}
// Reject API calls with the wrong access level
@@ -108,7 +107,6 @@ class ApiAuthAction extends ApiAction
* This is to avoid doign any unnecessary DB lookups.
*
* @return mixed the OAuthRequest or false
- *
*/
function getOAuthRequest()
@@ -137,7 +135,6 @@ class ApiAuthAction extends ApiAction
* @param OAuthRequest $request the OAuth Request
*
* @return nothing
- *
*/
function checkOAuthRequest($request)