diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/apioauth.php | 27 | ||||
-rw-r--r-- | lib/apioauthstore.php | 8 | ||||
-rw-r--r-- | lib/oauthstore.php | 11 | ||||
-rw-r--r-- | lib/serverexception.php | 2 |
4 files changed, 23 insertions, 25 deletions
diff --git a/lib/apioauth.php b/lib/apioauth.php index 75b0b3c57..54cecf92a 100644 --- a/lib/apioauth.php +++ b/lib/apioauth.php @@ -34,9 +34,8 @@ require_once INSTALLDIR . '/lib/apiaction.php'; require_once INSTALLDIR . '/lib/apioauthstore.php'; /** - * Base action for API OAuth enpoints. Clean up the - * the request, and possibly some other common things - * here. + * Base action for API OAuth enpoints. Clean up the + * request. Some other common functions. * * @category API * @package StatusNet @@ -82,6 +81,7 @@ class ApiOauthAction extends ApiAction * any extra parameters or anything else it's not expecting. * I'm looking at you, p parameter. */ + static function cleanRequest() { // kill evil effects of magical slashing @@ -106,25 +106,4 @@ class ApiOauthAction extends ApiAction $_SERVER['QUERY_STRING'] = implode('&', $queryArray); } - function getCallback($url, $params) - { - foreach ($params as $k => $v) { - $url = $this->appendQueryVar($url, - OAuthUtil::urlencode_rfc3986($k), - OAuthUtil::urlencode_rfc3986($v)); - } - - return $url; - } - - function appendQueryVar($url, $k, $v) { - $url = preg_replace('/(.*)(\?|&)' . $k . '=[^&]+?(&)(.*)/i', '$1$2$4', $url . '&'); - $url = substr($url, 0, -1); - if (strpos($url, '?') === false) { - return ($url . '?' . $k . '=' . $v); - } else { - return ($url . '&' . $k . '=' . $v); - } - } - } diff --git a/lib/apioauthstore.php b/lib/apioauthstore.php index 620f0947f..4d141286b 100644 --- a/lib/apioauthstore.php +++ b/lib/apioauthstore.php @@ -202,6 +202,14 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore $t->type = 0; // request $t->state = 0; // unauthorized $t->verified_callback = $callback; + + if ($callback === 'oob') { + // six digit pin + $t->verifier = mt_rand(0, 999999); + } else { + $t->verifier = common_good_rand(8); + } + $t->created = DB_DataObject_Cast::dateTime(); if (!$t->insert()) { return null; diff --git a/lib/oauthstore.php b/lib/oauthstore.php index f3ee629fd..537667678 100644 --- a/lib/oauthstore.php +++ b/lib/oauthstore.php @@ -55,6 +55,17 @@ class StatusNetOAuthDataStore extends OAuthDataStore } } + function getTokenByKey($token_key) + { + $t = new Token(); + $t->tok = $token_key; + if ($t->find(true)) { + return $t; + } else { + return null; + } + } + // http://oauth.net/core/1.0/#nonce // "The Consumer SHALL then generate a Nonce value that is unique for // all requests with that timestamp." diff --git a/lib/serverexception.php b/lib/serverexception.php index 7dc9765ad..0dfbd04ff 100644 --- a/lib/serverexception.php +++ b/lib/serverexception.php @@ -22,7 +22,7 @@ * @category Exception * @package StatusNet * @author Evan Prodromou <evan@status.net> - * @copyright 2008 StatusNet, Inc. + * @copyright 2008-2010 StatusNet, Inc. * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 * @link http://status.net/ */ |