summaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorZach Copley <zach@status.net>2010-10-19 21:01:53 -0700
committerZach Copley <zach@status.net>2010-10-19 21:01:53 -0700
commit5ca29ab0de22b5d8167af5adb320d6acdda807b7 (patch)
treec73aae0a1c9fe600dd38294d5e5e148c94252d1b /lib
parentd464ebfc12e34c8742a80622e8aace46f4a963ae (diff)
parente8b6d7c946da5fb2ce5397bccfd332de8ca1f9dd (diff)
Merge branch 'anon-consumer' into 0.9.x
Diffstat (limited to 'lib')
-rw-r--r--lib/apiauth.php4
-rw-r--r--lib/apioauthstore.php53
-rw-r--r--lib/applicationlist.php248
3 files changed, 235 insertions, 70 deletions
diff --git a/lib/apiauth.php b/lib/apiauth.php
index a1c698bba..0ebd7aa10 100644
--- a/lib/apiauth.php
+++ b/lib/apiauth.php
@@ -178,8 +178,10 @@ class ApiAuthAction extends ApiAction
}
// set the source attr
+ if ($app->name != 'anonymous') {
+ $this->source = $app->name;
+ }
- $this->source = $app->name;
$appUser = Oauth_application_user::staticGet('token', $access_token);
diff --git a/lib/apioauthstore.php b/lib/apioauthstore.php
index 6e0039bdd..e30eea129 100644
--- a/lib/apioauthstore.php
+++ b/lib/apioauthstore.php
@@ -23,16 +23,43 @@ require_once INSTALLDIR . '/lib/oauthstore.php';
class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
{
- function lookup_consumer($consumer_key)
+ function lookup_consumer($consumerKey)
{
- $con = Consumer::staticGet('consumer_key', $consumer_key);
+ $con = Consumer::staticGet('consumer_key', $consumerKey);
if (!$con) {
- return null;
+
+ // Create an anon consumer and anon application if one
+ // doesn't exist already
+ if ($consumerKey == 'anonymous') {
+ $con = new Consumer();
+ $con->consumer_key = $consumerKey;
+ $con->consumer_secret = $consumerKey;
+ $result = $con->insert();
+ if (!$result) {
+ $this->serverError(_("Could not create anonymous consumer."));
+ }
+ $app = new OAuth_application();
+ $app->consumer_key = $con->consumer_key;
+ $app->name = 'anonymous';
+
+ // XXX: allow the user to set the access type when
+ // authorizing? Currently we default to r+w for anonymous
+ // OAuth client applications
+ $app->access_type = 3; // read + write
+ $id = $app->insert();
+ if (!$id) {
+ $this->serverError(_("Could not create anonymous OAuth application."));
+ }
+ } else {
+ return null;
+ }
}
- return new OAuthConsumer($con->consumer_key,
- $con->consumer_secret);
+ return new OAuthConsumer(
+ $con->consumer_key,
+ $con->consumer_secret
+ );
}
function getAppByRequestToken($token_key)
@@ -94,7 +121,7 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
if ($rt->find(true) && $rt->state == 1 && $rt->verifier == $verifier) { // authorized
- common_debug('request token found.', __FILE__);
+ common_debug('request token found.');
// find the associated user of the app
@@ -140,6 +167,7 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
// update the token from req to access for the user
$orig = clone($appUser);
+
$appUser->token = $at->tok;
// It's at this point that we change the access type
@@ -150,11 +178,10 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
$appUser->access_type = $app->access_type;
- $result = $appUser->update($orig);
+ $result = $appUser->updateKeys($orig);
- if (empty($result)) {
- common_debug('couldn\'t update OAuth app user.');
- return null;
+ if (!$result) {
+ throw new Exception('Couldn\'t update OAuth app user.');
}
// Okay, good
@@ -179,9 +206,9 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore
* @return void
*/
public function revoke_token($token_key, $type = 0) {
- $rt = new Token();
- $rt->tok = $token_key;
- $rt->type = $type;
+ $rt = new Token();
+ $rt->tok = $token_key;
+ $rt->type = $type;
$rt->state = 0;
if (!$rt->find(true)) {
diff --git a/lib/applicationlist.php b/lib/applicationlist.php
index 8b6e3a8ad..6801fb6cf 100644
--- a/lib/applicationlist.php
+++ b/lib/applicationlist.php
@@ -22,7 +22,7 @@
* @category Application
* @package StatusNet
* @author Zach Copley <zach@status.net>
- * @copyright 2008-2009 StatusNet, Inc.
+ * @copyright 2008-2010 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://status.net/
*/
@@ -55,14 +55,13 @@ class ApplicationList extends Widget
/** Action object using us. */
var $action = null;
- function __construct($application, $owner=null, $action=null, $connections = false)
+ function __construct($application, $owner=null, $action=null)
{
parent::__construct($action);
$this->application = $application;
$this->owner = $owner;
$this->action = $action;
- $this->connections = $connections;
}
function show()
@@ -88,24 +87,34 @@ class ApplicationList extends Widget
{
$user = common_current_user();
- $this->out->elementStart('li', array('class' => 'application',
- 'id' => 'oauthclient-' . $this->application->id));
+ $this->out->elementStart(
+ 'li',
+ array(
+ 'class' => 'application',
+ 'id' => 'oauthclient-' . $this->application->id
+ )
+ );
$this->out->elementStart('span', 'vcard author');
- if (!$this->connections) {
- $this->out->elementStart('a',
- array('href' => common_local_url('showapplication',
- array('id' => $this->application->id)),
- 'class' => 'url'));
-
- } else {
- $this->out->elementStart('a', array('href' => $this->application->source_url,
- 'class' => 'url'));
- }
+
+ $this->out->elementStart(
+ 'a',
+ array(
+ 'href' => common_local_url(
+ 'showapplication',
+ array('id' => $this->application->id)),
+ 'class' => 'url'
+ )
+ );
if (!empty($this->application->icon)) {
- $this->out->element('img', array('src' => $this->application->icon,
- 'class' => 'photo avatar'));
+ $this->out->element(
+ 'img',
+ array(
+ 'src' => $this->application->icon,
+ 'class' => 'photo avatar'
+ )
+ );
}
$this->out->element('span', 'fn', $this->application->name);
@@ -114,51 +123,58 @@ class ApplicationList extends Widget
$this->out->raw(' by ');
- $this->out->element('a', array('href' => $this->application->homepage,
- 'class' => 'url'),
- $this->application->organization);
+ $this->out->element(
+ 'a',
+ array(
+ 'href' => $this->application->homepage,
+ 'class' => 'url'
+ ),
+ $this->application->organization
+ );
$this->out->element('p', 'note', $this->application->description);
$this->out->elementEnd('li');
- if ($this->connections) {
- $appUser = Oauth_application_user::getByKeys($this->owner, $this->application);
+ }
- if (empty($appUser)) {
- common_debug("empty appUser!");
- }
+ /* Override this in subclasses. */
+ function showOwnerControls()
+ {
+ return;
+ }
- $this->out->elementStart('li');
-
- // TRANS: Application access type
- $readWriteText = _('read-write');
- // TRANS: Application access type
- $readOnlyText = _('read-only');
-
- $access = ($this->application->access_type & Oauth_application::$writeAccess)
- ? $readWriteText : $readOnlyText;
- $modifiedDate = common_date_string($appUser->modified);
- // TRANS: Used in application list. %1$s is a modified date, %2$s is access type ("read-write" or "read-only")
- $txt = sprintf(_('Approved %1$s - "%2$s" access.'),$modifiedDate,$access);
-
- $this->out->raw($txt);
- $this->out->elementEnd('li');
-
- $this->out->elementStart('li', 'entity_revoke');
- $this->out->elementStart('form', array('id' => 'form_revoke_app',
- 'class' => 'form_revoke_app',
- 'method' => 'POST',
- 'action' =>
- common_local_url('oauthconnectionssettings')));
- $this->out->elementStart('fieldset');
- $this->out->hidden('id', $this->application->id);
- $this->out->hidden('token', common_session_token());
- // TRANS: Button label
- $this->out->submit('revoke', _m('BUTTON','Revoke'));
- $this->out->elementEnd('fieldset');
- $this->out->elementEnd('form');
- $this->out->elementEnd('li');
- }
+}
+
+
+/**
+ * Widget to show a list of connected OAuth clients
+ *
+ * @category Application
+ * @package StatusNet
+ * @author Zach Copley <zach@status.net>
+ * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
+ * @link http://status.net/
+ */
+class ConnectedAppsList extends Widget
+{
+ /** Current connected application query */
+ var $connection = null;
+
+ /** Owner of this list */
+ var $owner = null;
+
+ /** Action object using us. */
+ var $action = null;
+
+ function __construct($connection, $owner=null, $action=null)
+ {
+ parent::__construct($action);
+
+ common_debug("ConnectedAppsList constructor");
+
+ $this->connection = $connection;
+ $this->owner = $owner;
+ $this->action = $action;
}
/* Override this in subclasses. */
@@ -166,4 +182,124 @@ class ApplicationList extends Widget
{
return;
}
+
+ function show()
+ {
+ $this->out->elementStart('ul', 'applications');
+
+ $cnt = 0;
+
+ while ($this->connection->fetch()) {
+ $cnt++;
+ if($cnt > APPS_PER_PAGE) {
+ break;
+ }
+ $this->showConnection();
+ }
+
+ $this->out->elementEnd('ul');
+
+ return $cnt;
+ }
+
+ function showConnection()
+ {
+ $app = Oauth_application::staticGet('id', $this->connection->application_id);
+
+ $this->out->elementStart(
+ 'li',
+ array(
+ 'class' => 'application',
+ 'id' => 'oauthclient-' . $app->id
+ )
+ );
+
+ $this->out->elementStart('span', 'vcard author');
+
+ $this->out->elementStart(
+ 'a',
+ array(
+ 'href' => $app->source_url,
+ 'class' => 'url'
+ )
+ );
+
+ if (!empty($app->icon)) {
+ $this->out->element(
+ 'img',
+ array(
+ 'src' => $app->icon,
+ 'class' => 'photo avatar'
+ )
+ );
+ }
+ if ($app->name != 'anonymous') {
+ $this->out->element('span', 'fn', $app->name);
+ }
+ $this->out->elementEnd('a');
+
+ if ($app->name == 'anonymous') {
+ $this->out->element('span', 'fn', "Unknown application");
+ }
+
+ $this->out->elementEnd('span');
+
+ if ($app->name != 'anonymous') {
+
+ $this->out->raw(_(' by '));
+
+ $this->out->element(
+ 'a',
+ array(
+ 'href' => $app->homepage,
+ 'class' => 'url'
+ ),
+ $app->organization
+ );
+ }
+
+ // TRANS: Application access type
+ $readWriteText = _('read-write');
+ // TRANS: Application access type
+ $readOnlyText = _('read-only');
+
+ $access = ($this->connection->access_type & Oauth_application::$writeAccess)
+ ? $readWriteText : $readOnlyText;
+ $modifiedDate = common_date_string($this->connection->modified);
+ // TRANS: Used in application list. %1$s is a modified date, %2$s is access type ("read-write" or "read-only")
+ $txt = sprintf(_('Approved %1$s - "%2$s" access.'), $modifiedDate, $access);
+
+ $this->out->raw(" - $txt");
+ if (!empty($app->description)) {
+ $this->out->element(
+ 'p', array('class' => 'application_description'),
+ $app->description
+ );
+ }
+ $this->out->element(
+ 'p', array(
+ 'class' => 'access_token'),
+ _('Access token starting with: ') . substr($this->connection->token, 0, 7)
+ );
+
+ $this->out->elementStart(
+ 'form',
+ array(
+ 'id' => 'form_revoke_app',
+ 'class' => 'form_revoke_app',
+ 'method' => 'POST',
+ 'action' => common_local_url('oauthconnectionssettings')
+ )
+ );
+ $this->out->elementStart('fieldset');
+ $this->out->hidden('oauth_token', $this->connection->token);
+ $this->out->hidden('token', common_session_token());
+ // TRANS: Button label
+ $this->out->submit('revoke', _('Revoke'));
+ $this->out->elementEnd('fieldset');
+ $this->out->elementEnd('form');
+
+ $this->out->elementEnd('li');
+
+ }
}