- Update ApiOauthAuthorizeAction to 1.0a

- Fix enumerable bugs
- New page for displaying 1.0a verifier (still needs work)

4 files changed, 23 insertions, 25 deletions

diff --git a/lib/apioauth.php b/lib/apioauth.php
index 75b0b3c57..54cecf92a 100644
--- a/lib/apioauth.php
+++ b/lib/apioauth.php
@@ -34,9 +34,8 @@ require_once INSTALLDIR . '/lib/apiaction.php';
 require_once INSTALLDIR . '/lib/apioauthstore.php';
 
 /**
- * Base action for API OAuth enpoints.  Clean up the
- * the request, and possibly some other common things
- * here.
+ * Base action for API OAuth enpoints. Clean up the
+ * request. Some other common functions.
  *
  * @category API
  * @package  StatusNet
@@ -82,6 +81,7 @@ class ApiOauthAction extends ApiAction
      * any extra parameters or anything else it's not expecting.
      * I'm looking at you, p parameter.
      */
+
     static function cleanRequest()
     {
         // kill evil effects of magical slashing
@@ -106,25 +106,4 @@ class ApiOauthAction extends ApiAction
         $_SERVER['QUERY_STRING'] = implode('&', $queryArray);
     }
 
-    function getCallback($url, $params)
-    {
-        foreach ($params as $k => $v) {
-            $url = $this->appendQueryVar($url,
-                                         OAuthUtil::urlencode_rfc3986($k),
-                                         OAuthUtil::urlencode_rfc3986($v));
-        }
-
-        return $url;
-    }
-
-    function appendQueryVar($url, $k, $v) {
-        $url = preg_replace('/(.*)(\?|&)' . $k . '=[^&]+?(&)(.*)/i', '$1$2$4', $url . '&');
-        $url = substr($url, 0, -1);
-        if (strpos($url, '?') === false) {
-            return ($url . '?' . $k . '=' . $v);
-        } else {
-            return ($url . '&' . $k . '=' . $v);
-        }
-    }
-
 }
diff --git a/lib/apioauthstore.php b/lib/apioauthstore.php
index 620f0947f..4d141286b 100644
--- a/lib/apioauthstore.php
+++ b/lib/apioauthstore.php
@@ -202,6 +202,14 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
         $t->type = 0; // request
         $t->state = 0; // unauthorized
         $t->verified_callback = $callback;
+
+        if ($callback === 'oob') {
+            // six digit pin
+            $t->verifier = mt_rand(0, 999999);
+        } else {
+            $t->verifier = common_good_rand(8);
+        }
+
         $t->created = DB_DataObject_Cast::dateTime();
         if (!$t->insert()) {
             return null;
diff --git a/lib/oauthstore.php b/lib/oauthstore.php
index f3ee629fd..537667678 100644
--- a/lib/oauthstore.php
+++ b/lib/oauthstore.php
@@ -55,6 +55,17 @@ class StatusNetOAuthDataStore extends OAuthDataStore
         }
     }
 
+    function getTokenByKey($token_key)
+    {
+        $t = new Token();
+        $t->tok = $token_key;
+        if ($t->find(true)) {
+            return $t;
+        } else {
+            return null;
+        }
+    }
+
     // http://oauth.net/core/1.0/#nonce
     // "The Consumer SHALL then generate a Nonce value that is unique for
     // all requests with that timestamp."
diff --git a/lib/serverexception.php b/lib/serverexception.php
index 7dc9765ad..0dfbd04ff 100644
--- a/lib/serverexception.php
+++ b/lib/serverexception.php
@@ -22,7 +22,7 @@
  * @category  Exception
  * @package   StatusNet
  * @author    Evan Prodromou <evan@status.net>
- * @copyright 2008 StatusNet, Inc.
+ * @copyright 2008-2010 StatusNet, Inc.
  * @license   http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
  * @link      http://status.net/
  */