summaryrefslogtreecommitdiff
path: root/actions/userauthorization.php
diff options
context:
space:
mode:
Diffstat (limited to 'actions/userauthorization.php')
-rw-r--r--actions/userauthorization.php63
1 files changed, 42 insertions, 21 deletions
diff --git a/actions/userauthorization.php b/actions/userauthorization.php
index 58ec36fc8..ecaa33167 100644
--- a/actions/userauthorization.php
+++ b/actions/userauthorization.php
@@ -24,7 +24,8 @@ define('TIMESTAMP_THRESHOLD', 300);
class UserauthorizationAction extends Action {
- function handle($args) {
+ function handle($args)
+ {
parent::handle($args);
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
@@ -69,7 +70,8 @@ class UserauthorizationAction extends Action {
}
}
- function show_form($req) {
+ function show_form($req)
+ {
$nickname = $req->get_parameter('omb_listenee_nickname');
$profile = $req->get_parameter('omb_listenee_profile');
@@ -129,7 +131,8 @@ class UserauthorizationAction extends Action {
common_show_footer();
}
- function send_authorization() {
+ function send_authorization()
+ {
$req = $this->get_stored_request();
if (!$req) {
@@ -197,7 +200,8 @@ class UserauthorizationAction extends Action {
}
}
- function authorize_token(&$req) {
+ function authorize_token(&$req)
+ {
$consumer_key = $req->get_parameter('oauth_consumer_key');
$token_field = $req->get_parameter('oauth_token');
common_debug('consumer key = "'.$consumer_key.'"', __FILE__);
@@ -222,7 +226,8 @@ class UserauthorizationAction extends Action {
# XXX: refactor with similar code in finishremotesubscribe.php
- function save_remote_profile(&$req) {
+ function save_remote_profile(&$req)
+ {
# FIXME: we should really do this when the consumer comes
# back for an access token. If they never do, we've got stuff in a
# weird state.
@@ -312,13 +317,15 @@ class UserauthorizationAction extends Action {
return TRUE;
}
- function add_avatar($profile, $url) {
+ function add_avatar($profile, $url)
+ {
$temp_filename = tempnam(sys_get_temp_dir(), 'listenee_avatar');
copy($url, $temp_filename);
return $profile->setOriginal($temp_filename);
}
- function show_accept_message($tok) {
+ function show_accept_message($tok)
+ {
common_show_header(_('Subscription authorized'));
common_element('p', null,
_('The subscription has been authorized, but no '.
@@ -328,7 +335,8 @@ class UserauthorizationAction extends Action {
common_show_footer();
}
- function show_reject_message($tok) {
+ function show_reject_message($tok)
+ {
common_show_header(_('Subscription rejected'));
common_element('p', null,
_('The subscription has been rejected, but no '.
@@ -337,23 +345,27 @@ class UserauthorizationAction extends Action {
common_show_footer();
}
- function store_request($req) {
+ function store_request($req)
+ {
common_ensure_session();
$_SESSION['userauthorizationrequest'] = $req;
}
- function clear_request() {
+ function clear_request()
+ {
common_ensure_session();
unset($_SESSION['userauthorizationrequest']);
}
- function get_stored_request() {
+ function get_stored_request()
+ {
common_ensure_session();
$req = $_SESSION['userauthorizationrequest'];
return $req;
}
- function get_new_request() {
+ function get_new_request()
+ {
common_remove_magic_from_request();
$req = OAuthRequest::from_request();
return $req;
@@ -361,7 +373,8 @@ class UserauthorizationAction extends Action {
# Throws an OAuthException if anything goes wrong
- function validate_request(&$req) {
+ function validate_request(&$req)
+ {
# OAuth stuff -- have to copy from OAuth.php since they're
# all private methods, and there's no user-authentication method
common_debug('checking version', __FILE__);
@@ -384,7 +397,8 @@ class UserauthorizationAction extends Action {
return true;
}
- function validate_omb(&$req) {
+ function validate_omb(&$req)
+ {
foreach (array('omb_version', 'omb_listener', 'omb_listenee',
'omb_listenee_profile', 'omb_listenee_nickname',
'omb_listenee_license') as $param)
@@ -498,7 +512,8 @@ class UserauthorizationAction extends Action {
# Snagged from OAuthServer
- function check_version(&$req) {
+ function check_version(&$req)
+ {
$version = $req->get_parameter("oauth_version");
if (!$version) {
$version = 1.0;
@@ -511,7 +526,8 @@ class UserauthorizationAction extends Action {
# Snagged from OAuthServer
- function get_consumer($datastore, $req) {
+ function get_consumer($datastore, $req)
+ {
$consumer_key = @$req->get_parameter("oauth_consumer_key");
if (!$consumer_key) {
throw new OAuthException("Invalid consumer key");
@@ -526,7 +542,8 @@ class UserauthorizationAction extends Action {
# Mostly cadged from OAuthServer
- function get_token($datastore, &$req, $consumer) {/*{{{*/
+ function get_token($datastore, &$req, $consumer)
+ {/*{{{*/
$token_field = @$req->get_parameter('oauth_token');
$token = $datastore->lookup_token($consumer, 'request', $token_field);
if (!$token) {
@@ -535,7 +552,8 @@ class UserauthorizationAction extends Action {
return $token;
}
- function check_timestamp(&$req) {
+ function check_timestamp(&$req)
+ {
$timestamp = @$req->get_parameter('oauth_timestamp');
$now = time();
if ($now - $timestamp > TIMESTAMP_THRESHOLD) {
@@ -544,7 +562,8 @@ class UserauthorizationAction extends Action {
}
# NOTE: don't call twice on the same request; will fail!
- function check_nonce(&$datastore, &$req, $consumer, $token) {
+ function check_nonce(&$datastore, &$req, $consumer, $token)
+ {
$timestamp = @$req->get_parameter('oauth_timestamp');
$nonce = @$req->get_parameter('oauth_nonce');
$found = $datastore->lookup_nonce($consumer, $token, $nonce, $timestamp);
@@ -554,7 +573,8 @@ class UserauthorizationAction extends Action {
return true;
}
- function check_signature(&$req, $consumer, $token) {
+ function check_signature(&$req, $consumer, $token)
+ {
$signature_method = $this->get_signature_method($req);
$signature = $req->get_parameter('oauth_signature');
$valid_sig = $signature_method->check_signature($req,
@@ -566,7 +586,8 @@ class UserauthorizationAction extends Action {
}
}
- function get_signature_method(&$req) {
+ function get_signature_method(&$req)
+ {
$signature_method = @$req->get_parameter("oauth_signature_method");
if (!$signature_method) {
$signature_method = "PLAINTEXT";