diff options
-rw-r--r-- | actions/accesstoken.php | 2 | ||||
-rw-r--r-- | actions/login.php | 13 | ||||
-rw-r--r-- | actions/requesttoken.php | 2 | ||||
-rw-r--r-- | actions/userauthorization.php | 13 | ||||
-rw-r--r-- | doc/README | 4 | ||||
-rw-r--r-- | lib/oauthstore.php | 2 | ||||
-rw-r--r-- | lib/omb.php | 9 | ||||
-rw-r--r-- | lib/util.php | 10 |
8 files changed, 45 insertions, 10 deletions
diff --git a/actions/accesstoken.php b/actions/accesstoken.php index 6bb0e1561..4f683ba24 100644 --- a/actions/accesstoken.php +++ b/actions/accesstoken.php @@ -24,7 +24,7 @@ class AccesstokenAction extends Action { parent::handle($args); try { $req = OAuthRequest::from_request(); - $server = common_oauth_server(); + $server = omb_oauth_server(); $token = $server->fetch_access_token($req); print $token; } catch (OAuthException $e) { diff --git a/actions/login.php b/actions/login.php index 9f9c473b5..d25d59cf7 100644 --- a/actions/login.php +++ b/actions/login.php @@ -44,9 +44,16 @@ class LoginAction extends Action { return; } # success! - common_redirect(common_local_url('all', - array('nickname' => - $nickname))); + $url = common_get_returnto(); + if ($url) { + # We don't have to return to it again + common_set_returnto(NULL); + } else { + $url = common_local_url('all', + array('nickname' => + $nickname)); + } + common_redirect($url); } else { $this->show_form(_t('Incorrect username or password.')); } diff --git a/actions/requesttoken.php b/actions/requesttoken.php index 92b4c4234..0e233ff17 100644 --- a/actions/requesttoken.php +++ b/actions/requesttoken.php @@ -26,7 +26,7 @@ class RequesttokenAction extends Action { parent::handle($args); try { $req = OAuthRequest::from_request(); - $server = common_oauth_server(); + $server = omb_oauth_server(); $token = $server->fetch_request_token($req); print $token; } catch (OAuthException $e) { diff --git a/actions/userauthorization.php b/actions/userauthorization.php index cc7ec85a5..ee156bd79 100644 --- a/actions/userauthorization.php +++ b/actions/userauthorization.php @@ -29,7 +29,10 @@ class UserauthorizationAction extends Action { try { $req = $this->get_request(); $server = common_oauth_server(); - list($consumer, $token) = $server->verify_request($req); + $server->get_version($req); + $consumer = $server->get_consumer($req); + $token = $server->get_token($req, $consumer, "request"); + $server->check_signature($req, $consumer, $token); } catch (OAuthException $e) { $this->clear_request(); common_server_error($e->getMessage()); @@ -39,7 +42,8 @@ class UserauthorizationAction extends Action { if (common_logged_in()) { $this->show_form($req); } else { - common_return_to(common_local_url('userauthorization')); + # Go log in, and then come back + common_set_returnto(common_local_url('userauthorization')); common_redirect(common_local_url('login')); } } @@ -56,7 +60,9 @@ class UserauthorizationAction extends Action { if (!$req) { # XXX: may have an uncaught exception $req = OAuthRequest::from_request(); - $this->store_request($req); + if ($req) { + $this->store_request($req); + } } return $req; } @@ -69,6 +75,7 @@ class UserauthorizationAction extends Action { function send_authorization() { $req = $this->get_request(); + if (!$req) { common_user_error(_t('No authorization request!')); return; diff --git a/doc/README b/doc/README index 28ff06959..ad7332969 100644 --- a/doc/README +++ b/doc/README @@ -9,5 +9,7 @@ This package requires PHP 5.x and the following PHP Pear libraries: use the openidenabled.com libraries for OpenID auth sometime in the future. Note that this is no longer distributed separately; it's only in the openidenabled.com OpenID PHP tarball. - + http://openidenabled.com/php-openid/ +- OAuth.php from http://oauth.googlecode.com/svn/code/php/ +- markdown.php from http://michelf.com/projects/php-markdown/ diff --git a/lib/oauthstore.php b/lib/oauthstore.php index a622647b7..4d2ce9a58 100644 --- a/lib/oauthstore.php +++ b/lib/oauthstore.php @@ -23,7 +23,7 @@ require_once(INSTALLDIR.'/lib/omb.php'); class LaconicaOAuthDataStore extends OAuthDataStore { - # We just keep a record of who's contacted us + # We keep a record of who's contacted us function lookup_consumer($consumer_key) { $con = new Consumer('key', $consumer_key); diff --git a/lib/omb.php b/lib/omb.php index b68d08abf..df4ffb4b2 100644 --- a/lib/omb.php +++ b/lib/omb.php @@ -20,6 +20,7 @@ if (!defined('LACONICA')) { exit(1); } require_once('OAuth.php'); +require_once(INSTALLDIR.'lib/oauthstore.php'); define('OAUTH_NAMESPACE', 'http://oauth.net/core/1.0/'); define('OMB_NAMESPACE', 'http://openmicroblogging.org/protocol/0.1'); @@ -44,6 +45,14 @@ function omb_oauth_consumer() { return $con; } +function omb_oauth_server() { + static $server = null; + if ($server) { + $server = new OAuthServer(new LaconicaOAuthStore()); + } + return $server; +} + function omb_hmac_sha1() { static $hmac_method = NULL; if (!$hmac_method) { diff --git a/lib/util.php b/lib/util.php index 30bd4d3ae..2d4fc2766 100644 --- a/lib/util.php +++ b/lib/util.php @@ -525,6 +525,16 @@ function common_mtrand($bytes) { return $enc; } +function common_set_returnto($url) { + common_ensure_session(); + $_SESSION['returnto'] = $url; +} + +function common_get_returnto() { + common_ensure_session(); + return $_SESSION['returnto']; +} + function common_timestamp() { return date('YmdHis'); } |