diff options
| author | Zach Copley <zach@status.net> | 2010-10-20 17:28:28 -0700 |
|---|---|---|
| committer | Zach Copley <zach@status.net> | 2010-10-20 17:28:28 -0700 |
| commit | bfdb8385ecc745002b8c45510caf2fdf7c2d2c9f (patch) | |
| tree | 392196b097fafb10430bb7db763fd744a0639bf3 /actions/apioauthauthorize.php | |
| parent | e56385a7bb25336a72c1d37ad43d51ba8e238231 (diff) | |
| parent | 31f52ec37c5a2be76c197a9c492d3a236af045cd (diff) | |
Merge branch '0.9.x' of gitorious.org:statusnet/mainline into 0.9.x
Conflicts:
actions/apioauthauthorize.php
lib/apioauthstore.php
Diffstat (limited to 'actions/apioauthauthorize.php')
| -rw-r--r-- | actions/apioauthauthorize.php | 80 |
1 files changed, 50 insertions, 30 deletions
diff --git a/actions/apioauthauthorize.php b/actions/apioauthauthorize.php index 51b130296..ca32c8540 100644 --- a/actions/apioauthauthorize.php +++ b/actions/apioauthauthorize.php @@ -43,7 +43,6 @@ require_once INSTALLDIR . '/lib/info.php'; * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ - class ApiOauthAuthorizeAction extends Action { var $oauthTokenParam; @@ -106,6 +105,7 @@ class ApiOauthAuthorizeAction extends Action // Make sure a oauth_token parameter was provided if (empty($this->oauthTokenParam)) { + // TRANS: Client error given when no oauth_token was passed to the OAuth API. $this->clientError(_('No oauth_token parameter provided.')); } else { @@ -113,11 +113,13 @@ class ApiOauthAuthorizeAction extends Action $this->reqToken = $this->store->getTokenByKey($this->oauthTokenParam); if (empty($this->reqToken)) { + // TRANS: Client error given when an invalid request token was passed to the OAuth API. $this->clientError(_('Invalid request token.')); } else { // Check to make sure we haven't already authorized the token if ($this->reqToken->state != 0) { + // TRANS: Client error given when an invalid request token was passed to the OAuth API. $this->clientError(_("Invalid request token.")); } } @@ -125,6 +127,7 @@ class ApiOauthAuthorizeAction extends Action // make sure there's an app associated with this token if (empty($this->app)) { + // TRANS: Client error given when an invalid request token was passed to the OAuth API. $this->clientError(_('Invalid request token.')); } @@ -154,10 +157,15 @@ class ApiOauthAuthorizeAction extends Action // XXX Force credentials check? - // XXX OpenID + // @fixme this should probably use a unified login form handler + $user = null; + if (Event::handle('StartOAuthLoginCheck', array($this, &$user))) { + $user = common_check_user($this->nickname, $this->password); + } + Event::handle('EndOAuthLoginCheck', array($this, &$user)); - $user = common_check_user($this->nickname, $this->password); if (empty($user)) { + // TRANS: Form validation error given when an invalid username and/or password was passed to the OAuth API. $this->showForm(_("Invalid nickname / password!")); return; } @@ -207,7 +215,6 @@ class ApiOauthAuthorizeAction extends Action } if (!empty($this->callback)) { - $targetUrl = $this->getCallback( $this->callback, array( @@ -218,9 +225,7 @@ class ApiOauthAuthorizeAction extends Action // Redirect the user to the provided OAuth callback common_redirect($targetUrl, 303); - } elseif ($this->app->type == 2) { - // Strangely, a web application seems to want to do the OOB // workflow. Because no callback was specified anywhere. common_log( @@ -257,6 +262,7 @@ class ApiOauthAuthorizeAction extends Action } } else { + // TRANS: Client error given on when invalid data was passed through a form in the OAuth API. $this->clientError(_('Unexpected form submission.')); } } @@ -307,6 +313,7 @@ class ApiOauthAuthorizeAction extends Action function title() { + // TRANS: Title for a page where a user can confirm/deny account access by an external application. return _('An application would like to connect to your account'); } @@ -324,6 +331,7 @@ class ApiOauthAuthorizeAction extends Action 'action' => common_local_url('ApiOauthAuthorize'))); $this->elementStart('fieldset'); $this->element('legend', array('id' => 'apioauthauthorize_allowdeny'), + // TRANS: Fieldset legend. _('Allow or deny access')); $this->hidden('token', common_session_token()); @@ -340,6 +348,9 @@ class ApiOauthAuthorizeAction extends Action $access = ($this->app->access_type & Oauth_application::$writeAccess) ? 'access and update' : 'access'; + // TRANS: User notification of external application requesting account access. + // TRANS: %1$s is the application name requesting access, %2$s is the organisation behind the application, + // TRANS: %3$s is the access type requested, %4$s is the StatusNet sitename. $msg = _('The application <strong>%1$s</strong> by ' . '<strong>%2$s</strong> would like the ability ' . 'to <strong>%3$s</strong> your %4$s account data. ' . @@ -355,34 +366,43 @@ class ApiOauthAuthorizeAction extends Action $this->elementEnd('li'); $this->elementEnd('ul'); + // quickie hack + $button = false; if (!common_logged_in()) { - - $this->elementStart('fieldset'); - $this->element('legend', null, _('Account')); - $this->elementStart('ul', 'form_data'); - $this->elementStart('li'); - $this->input('nickname', _('Nickname')); - $this->elementEnd('li'); - $this->elementStart('li'); - $this->password('password', _('Password')); - $this->elementEnd('li'); - $this->elementEnd('ul'); - - $this->elementEnd('fieldset'); - + if (Event::handle('StartOAuthLoginForm', array($this, &$button))) { + $this->elementStart('fieldset'); + // TRANS: Fieldset legend. + $this->element('legend', null, _m('LEGEND','Account')); + $this->elementStart('ul', 'form_data'); + $this->elementStart('li'); + // TRANS: Field label on OAuth API authorisation form. + $this->input('nickname', _('Nickname')); + $this->elementEnd('li'); + $this->elementStart('li'); + // TRANS: Field label on OAuth API authorisation form. + $this->password('password', _('Password')); + $this->elementEnd('li'); + $this->elementEnd('ul'); + + $this->elementEnd('fieldset'); + } + Event::handle('EndOAuthLoginForm', array($this, &$button)); } $this->element('input', array('id' => 'cancel_submit', 'class' => 'submit submit form_action-primary', 'name' => 'cancel', 'type' => 'submit', - 'value' => _('Cancel'))); + // TRANS: Button text that when clicked will cancel the process of allowing access to an account + // TRANS: by an external application. + 'value' => _m('BUTTON','Cancel'))); $this->element('input', array('id' => 'allow_submit', 'class' => 'submit submit form_action-secondary', 'name' => 'allow', 'type' => 'submit', - 'value' => _('Allow'))); + // TRANS: Button text that when clicked will allow access to an account by an external application. + 'value' => $button ? $button : _m('BUTTON','Allow'))); $this->elementEnd('fieldset'); $this->elementEnd('form'); @@ -396,9 +416,9 @@ class ApiOauthAuthorizeAction extends Action * * @return void */ - function getInstructions() { + // TRANS: Form instructions. return _('Authorize access to your account information.'); } @@ -409,7 +429,6 @@ class ApiOauthAuthorizeAction extends Action * * @return void */ - function showLocalNav() { // NOP @@ -420,7 +439,6 @@ class ApiOauthAuthorizeAction extends Action * * @return nothing */ - function showSiteNotice() { // NOP @@ -433,7 +451,6 @@ class ApiOauthAuthorizeAction extends Action * * @return nothing */ - function showNoticeForm() { // NOP @@ -445,12 +462,14 @@ class ApiOauthAuthorizeAction extends Action * * @return nothing */ - function showCanceled() { $info = new InfoAction( + // TRANS: Header for user notification after revoking OAuth access to an application. _('Authorization canceled.'), sprintf( + // TRANS: User notification after revoking OAuth access to an application. + // TRANS: %s is an OAuth token. _('The request token %s has been revoked.'), $this->oauthTokenParm ) @@ -465,15 +484,18 @@ class ApiOauthAuthorizeAction extends Action * * @return nothing */ - function showAuthorized() { $title = sprintf( + // TRANS: Header of user notification after authorising an application access to a profile. + // TRANS: %s is the authorised application name. _("You have successfully authorized %s."), $this->app->name ); $msg = sprintf( + // TRANS: Uer notification after authorising an application access to a profile. + // TRANS: %s is the authorised application name. _('Please return to %s and enter the following security code to complete the process.'), $this->app->name ); @@ -508,7 +530,6 @@ class ApiOauthAuthorizeAction extends Action * * @return string $url a URL to use for redirecting to */ - function getCallback($url, $params) { foreach ($params as $k => $v) { @@ -532,7 +553,6 @@ class ApiOauthAuthorizeAction extends Action * * @return string $url the new URL with added parameter */ - function appendQueryVar($url, $k, $v) { $url = preg_replace('/(.*)(\?|&)' . $k . '=[^&]+?(&)(.*)/i', '$1$2$4', $url . '&'); $url = substr($url, 0, -1); |