diff options
Diffstat (limited to 'actions/apioauthaccesstoken.php')
-rw-r--r-- | actions/apioauthaccesstoken.php | 28 |
1 files changed, 16 insertions, 12 deletions
diff --git a/actions/apioauthaccesstoken.php b/actions/apioauthaccesstoken.php index 663a7a2bb..f66e4af1e 100644 --- a/actions/apioauthaccesstoken.php +++ b/actions/apioauthaccesstoken.php @@ -44,7 +44,6 @@ require_once INSTALLDIR . '/lib/apioauth.php'; * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ - class ApiOauthAccessTokenAction extends ApiOauthAction { protected $reqToken = null; @@ -67,21 +66,21 @@ class ApiOauthAccessTokenAction extends ApiOauthAction $server->add_signature_method($hmac_method); - $atok = null; + $atok = $app = null; // XXX: Insist that oauth_token and oauth_verifier be populated? // Spec doesn't say they MUST be. try { - $req = OAuthRequest::from_request(); $this->reqToken = $req->get_parameter('oauth_token'); $this->verifier = $req->get_parameter('oauth_verifier'); + $app = $datastore->getAppByRequestToken($this->reqToken); $atok = $server->fetch_access_token($req); - } catch (OAuthException $e) { + } catch (Exception $e) { common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage()); common_debug(var_export($req, true)); $code = $e->getCode(); @@ -92,22 +91,27 @@ class ApiOauthAccessTokenAction extends ApiOauthAction // Token exchange failed -- log it - list($proxy, $ip) = common_client_ip(); - $msg = sprintf( - 'API OAuth - Failure exchanging request token for access token, ' - . 'request token = %s, verifier = %s, IP = %s, proxy = %s', + 'API OAuth - Failure exchanging OAuth request token for access token, ' + . 'request token = %s, verifier = %s', $this->reqToken, - $this->verifier, - $ip, - $proxy + $this->verifier ); common_log(LOG_WARNING, $msg); - + // TRANS: Client error given from the OAuth API when the request token or verifier is invalid. $this->clientError(_("Invalid request token or verifier.", 400, 'text')); } else { + common_log( + LOG_INFO, + sprintf( + "Issued access token '%s' for application %d (%s).", + $atok->key, + $app->id, + $app->name + ) + ); $this->showAccessToken($atok); } } |