From e56385a7bb25336a72c1d37ad43d51ba8e238231 Mon Sep 17 00:00:00 2001 From: Zach Copley Date: Wed, 20 Oct 2010 17:21:04 -0700 Subject: Use a new table (oauth_token_association) to associate authorized request tokins with OAuth client applications and profiles. --- actions/apioauthaccesstoken.php | 5 ++-- actions/apioauthauthorize.php | 54 ++++++++++++++++++++++++++++------------- 2 files changed, 40 insertions(+), 19 deletions(-) (limited to 'actions') diff --git a/actions/apioauthaccesstoken.php b/actions/apioauthaccesstoken.php index 21e0049ce..d4bd493ee 100644 --- a/actions/apioauthaccesstoken.php +++ b/actions/apioauthaccesstoken.php @@ -78,7 +78,8 @@ class ApiOauthAccessTokenAction extends ApiOauthAction $this->reqToken = $req->get_parameter('oauth_token'); $this->verifier = $req->get_parameter('oauth_verifier'); - $app = $datastore->getAppByRequestToken($this->reqToken); + + $app = $datastore->getAppByRequestToken($this->reqToken); $atok = $server->fetch_access_token($req); } catch (Exception $e) { @@ -106,7 +107,7 @@ class ApiOauthAccessTokenAction extends ApiOauthAction common_log( LOG_INFO, sprintf( - "Issued now access token '%s' for application %d (%s).", + "Issued access token '%s' for application %d (%s).", $atok->key, $app->id, $app->name diff --git a/actions/apioauthauthorize.php b/actions/apioauthauthorize.php index 01cbca18f..51b130296 100644 --- a/actions/apioauthauthorize.php +++ b/actions/apioauthauthorize.php @@ -177,28 +177,24 @@ class ApiOauthAuthorizeAction extends Action $this->serverError($e->getMessage()); } - // associated the authorized req token with the user and the app + // XXX: Make sure we have a oauth_token_association table. The table + // is now in the main schema, but because it is being added with + // a point release, it's unlikely to be there. This code can be + // removed as of 1.0. + $this->ensureOauthTokenAssociationTable(); - $appUser = new Oauth_application_user(); + $tokenAssoc = new Oauth_token_association(); - $appUser->profile_id = $user->id; - $appUser->application_id = $this->app->id; + $tokenAssoc->profile_id = $user->id; + $tokenAssoc->application_id = $this->app->id; + $tokenAssoc->token = $this->oauthTokenParam; + $tokenAssoc->created = common_sql_now(); - // Note: do not copy the access type from the application. - // The access type should always be 0 when the OAuth app - // user record has a request token associated with it. - // Access type gets assigned once an access token has been - // granted. The OAuth app user record then gets updated - // with the new access token and access type. - - $appUser->token = $this->oauthTokenParam; - $appUser->created = common_sql_now(); - - $result = $appUser->insert(); + $result = $tokenAssoc->insert(); if (!$result) { - common_log_db_error($appUser, 'INSERT', __FILE__); - $this->serverError(_('Database error inserting OAuth application user.')); + common_log_db_error($tokenAssoc, 'INSERT', __FILE__); + $this->serverError(_('Database error inserting oauth_token_association.')); } // If we have a callback redirect and provide the token @@ -265,6 +261,30 @@ class ApiOauthAuthorizeAction extends Action } } + // XXX Remove this function when we hit 1.0 + function ensureOauthTokenAssociationTable() + { + $schema = Schema::get(); + + $reqTokenCols = array( + new ColumnDef('profile_id', 'integer', null, true, 'PRI'), + new ColumnDef('application_id', 'integer', null, true, 'PRI'), + new ColumnDef('token', 'varchar', 255, true, 'PRI'), + new ColumnDef('created', 'datetime', null, false), + new ColumnDef( + 'modified', + 'timestamp', + null, + false, + null, + 'CURRENT_TIMESTAMP', + 'on update CURRENT_TIMESTAMP' + ) + ); + + $schema->ensureTable('oauth_token_association', $reqTokenCols); + } + function showForm($error=null) { $this->error = $error; -- cgit v1.2.3-54-g00ecf