2018-04-06 04:01:36 +00:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
namespace Zotlabs\Module\Settings;
|
|
|
|
|
|
2019-10-10 05:51:48 +00:00
|
|
|
use Zotlabs\Lib\Apps;
|
|
|
|
|
|
2018-04-06 04:01:36 +00:00
|
|
|
|
|
|
|
|
class Oauth2 {
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
function post() {
|
|
|
|
|
|
|
|
|
|
if(x($_POST,'remove')){
|
|
|
|
|
check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
|
2018-08-10 17:51:45 +00:00
|
|
|
$name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
|
2019-07-31 00:56:35 +00:00
|
|
|
logger("REMOVE! ".$name." uid: ".local_channel());
|
2018-04-06 04:01:36 +00:00
|
|
|
$key = $_POST['remove'];
|
2018-08-10 17:51:45 +00:00
|
|
|
q("DELETE FROM oauth_authorization_codes WHERE client_id='%s' AND user_id=%d",
|
|
|
|
|
dbesc($name),
|
|
|
|
|
intval(local_channel())
|
|
|
|
|
);
|
|
|
|
|
q("DELETE FROM oauth_access_tokens WHERE client_id='%s' AND user_id=%d",
|
|
|
|
|
dbesc($name),
|
|
|
|
|
intval(local_channel())
|
|
|
|
|
);
|
|
|
|
|
q("DELETE FROM oauth_refresh_tokens WHERE client_id='%s' AND user_id=%d",
|
|
|
|
|
dbesc($name),
|
2018-05-20 20:42:47 +00:00
|
|
|
intval(local_channel())
|
|
|
|
|
);
|
2018-04-06 04:01:36 +00:00
|
|
|
goaway(z_root()."/settings/oauth2/");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) {
|
|
|
|
|
|
|
|
|
|
check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
|
|
|
|
|
|
|
|
|
|
$name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
|
2019-08-05 00:30:07 +00:00
|
|
|
$clid = ((x($_POST,'clid')) ? escape_tags(trim($_POST['clid'])) : '');
|
2018-04-06 04:01:36 +00:00
|
|
|
$secret = ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : '');
|
|
|
|
|
$redirect = ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : '');
|
|
|
|
|
$grant = ((x($_POST,'grant')) ? escape_tags(trim($_POST['grant'])) : '');
|
|
|
|
|
$scope = ((x($_POST,'scope')) ? escape_tags(trim($_POST['scope'])) : '');
|
2019-10-10 00:34:18 +00:00
|
|
|
logger('redirect: ' . $redirect);
|
2018-04-06 04:01:36 +00:00
|
|
|
$ok = true;
|
2019-08-05 00:30:07 +00:00
|
|
|
if($clid == '' || $secret == '') {
|
2018-04-06 04:01:36 +00:00
|
|
|
$ok = false;
|
2019-08-05 00:30:07 +00:00
|
|
|
notice( t('ID and Secret are required') . EOL);
|
2018-04-06 04:01:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if($ok) {
|
|
|
|
|
if ($_POST['submit']==t("Update")){
|
|
|
|
|
$r = q("UPDATE oauth_clients SET
|
2019-08-05 00:30:07 +00:00
|
|
|
client_name = '%s',
|
2018-04-06 04:01:36 +00:00
|
|
|
client_id = '%s',
|
|
|
|
|
client_secret = '%s',
|
|
|
|
|
redirect_uri = '%s',
|
|
|
|
|
grant_types = '%s',
|
|
|
|
|
scope = '%s',
|
2018-05-20 12:15:46 +00:00
|
|
|
user_id = %d
|
2018-08-10 16:44:57 +00:00
|
|
|
WHERE client_id='%s' and user_id = %s",
|
2018-04-06 04:01:36 +00:00
|
|
|
dbesc($name),
|
2019-08-05 00:30:07 +00:00
|
|
|
dbesc($clid),
|
2018-04-06 04:01:36 +00:00
|
|
|
dbesc($secret),
|
|
|
|
|
dbesc($redirect),
|
|
|
|
|
dbesc($grant),
|
|
|
|
|
dbesc($scope),
|
2018-05-20 12:15:46 +00:00
|
|
|
intval(local_channel()),
|
2019-08-05 00:30:07 +00:00
|
|
|
dbesc($clid),
|
|
|
|
|
intval(local_channel()));
|
2018-04-06 04:01:36 +00:00
|
|
|
} else {
|
2019-08-05 00:30:07 +00:00
|
|
|
$r = q("INSERT INTO oauth_clients (client_name, client_id, client_secret, redirect_uri, grant_types, scope, user_id)
|
|
|
|
|
VALUES ('%s','%s','%s','%s','%s','%s',%d)",
|
2018-04-06 04:01:36 +00:00
|
|
|
dbesc($name),
|
2019-08-05 00:30:07 +00:00
|
|
|
dbesc($clid),
|
2018-04-06 04:01:36 +00:00
|
|
|
dbesc($secret),
|
|
|
|
|
dbesc($redirect),
|
|
|
|
|
dbesc($grant),
|
|
|
|
|
dbesc($scope),
|
2018-05-20 12:15:46 +00:00
|
|
|
intval(local_channel())
|
2018-04-06 04:01:36 +00:00
|
|
|
);
|
|
|
|
|
$r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
|
|
|
|
|
dbesc($name),
|
|
|
|
|
intval(local_channel()),
|
|
|
|
|
dbesc('all')
|
|
|
|
|
);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
goaway(z_root()."/settings/oauth2/");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
function get() {
|
2019-10-10 05:51:48 +00:00
|
|
|
|
|
|
|
|
if(! Apps::system_app_installed(local_channel(),'Clients')) {
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-06 04:01:36 +00:00
|
|
|
if((argc() > 2) && (argv(2) === 'add')) {
|
|
|
|
|
$tpl = get_markup_template("settings_oauth2_edit.tpl");
|
|
|
|
|
$o .= replace_macros($tpl, array(
|
|
|
|
|
'$form_security_token' => get_form_security_token("settings_oauth2"),
|
|
|
|
|
'$title' => t('Add OAuth2 application'),
|
|
|
|
|
'$submit' => t('Submit'),
|
|
|
|
|
'$cancel' => t('Cancel'),
|
|
|
|
|
'$name' => array('name', t('Name'), '', t('Name of application')),
|
2019-08-05 00:30:07 +00:00
|
|
|
'$clid' => array('clid', t('Consumer ID'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
|
2018-04-06 04:01:36 +00:00
|
|
|
'$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
|
|
|
|
|
'$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
|
2018-07-16 23:46:20 +00:00
|
|
|
'$grant' => array('grant', t('Grant Types'), '', t('leave blank unless your application specifically requires this')),
|
|
|
|
|
'$scope' => array('scope', t('Authorization scope'), '', t('leave blank unless your application specifically requires this')),
|
2018-04-06 04:01:36 +00:00
|
|
|
));
|
|
|
|
|
return $o;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if((argc() > 3) && (argv(2) === 'edit')) {
|
2018-05-20 12:15:46 +00:00
|
|
|
$r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= %d",
|
2018-04-06 04:01:36 +00:00
|
|
|
dbesc(argv(3)),
|
2018-05-20 12:15:46 +00:00
|
|
|
intval(local_channel())
|
2018-04-06 04:01:36 +00:00
|
|
|
);
|
|
|
|
|
|
|
|
|
|
if (! $r){
|
|
|
|
|
notice(t('OAuth2 Application not found.'));
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
$app = $r[0];
|
|
|
|
|
|
|
|
|
|
$tpl = get_markup_template("settings_oauth2_edit.tpl");
|
|
|
|
|
$o .= replace_macros($tpl, array(
|
|
|
|
|
'$form_security_token' => get_form_security_token("settings_oauth2"),
|
|
|
|
|
'$title' => t('Add application'),
|
|
|
|
|
'$submit' => t('Update'),
|
|
|
|
|
'$cancel' => t('Cancel'),
|
2019-08-05 00:30:07 +00:00
|
|
|
'$name' => array('name', t('Name'), $app['client_name'], t('Name of application')),
|
|
|
|
|
'$clid' => array('clid', t('Consumer ID'), $app['client_id'], t('Automatically generated - change if desired. Max length 20')),
|
2018-04-06 04:01:36 +00:00
|
|
|
'$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')),
|
|
|
|
|
'$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')),
|
2018-07-16 06:32:09 +00:00
|
|
|
'$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application specifically requires this')),
|
|
|
|
|
'$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application specifically requires this')),
|
2018-04-06 04:01:36 +00:00
|
|
|
));
|
|
|
|
|
return $o;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if((argc() > 3) && (argv(2) === 'delete')) {
|
|
|
|
|
check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't');
|
|
|
|
|
|
2018-05-20 12:15:46 +00:00
|
|
|
$r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = %d",
|
2018-04-06 04:01:36 +00:00
|
|
|
dbesc(argv(3)),
|
2018-05-20 12:15:46 +00:00
|
|
|
intval(local_channel())
|
2018-04-06 04:01:36 +00:00
|
|
|
);
|
2018-08-10 17:51:45 +00:00
|
|
|
$r = q("DELETE FROM oauth_access_tokens WHERE client_id = '%s' AND user_id = %d",
|
|
|
|
|
dbesc(argv(3)),
|
|
|
|
|
intval(local_channel())
|
|
|
|
|
);
|
|
|
|
|
$r = q("DELETE FROM oauth_authorization_codes WHERE client_id = '%s' AND user_id = %d",
|
|
|
|
|
dbesc(argv(3)),
|
|
|
|
|
intval(local_channel())
|
|
|
|
|
);
|
|
|
|
|
$r = q("DELETE FROM oauth_refresh_tokens WHERE client_id = '%s' AND user_id = %d",
|
|
|
|
|
dbesc(argv(3)),
|
|
|
|
|
intval(local_channel())
|
|
|
|
|
);
|
2018-04-06 04:01:36 +00:00
|
|
|
goaway(z_root()."/settings/oauth2/");
|
|
|
|
|
return;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
2019-10-10 04:47:05 +00:00
|
|
|
$r = q("SELECT * FROM oauth_clients WHERE user_id = %d ",
|
2018-05-20 12:15:46 +00:00
|
|
|
intval(local_channel())
|
2018-04-06 04:01:36 +00:00
|
|
|
);
|
2019-10-10 04:47:05 +00:00
|
|
|
|
|
|
|
|
$c = q("select client_id, access_token from oauth_access_tokens where user_id = %d",
|
|
|
|
|
intval(local_channel())
|
|
|
|
|
);
|
|
|
|
|
if ($r && $c) {
|
|
|
|
|
foreach($c as $cv) {
|
|
|
|
|
for($x = 0; $x < count($r); $x ++) {
|
|
|
|
|
if($r[$x]['client_id'] === $cv['client_id']) {
|
|
|
|
|
if(! array_key_exists($r[$x]['tokens'])) {
|
|
|
|
|
$r[$x]['tokens'] = [];
|
|
|
|
|
}
|
|
|
|
|
$r[$x]['tokens'][] = $cv['access_token'];
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2018-04-06 04:01:36 +00:00
|
|
|
$tpl = get_markup_template("settings_oauth2.tpl");
|
|
|
|
|
$o .= replace_macros($tpl, array(
|
|
|
|
|
'$form_security_token' => get_form_security_token("settings_oauth2"),
|
|
|
|
|
'$baseurl' => z_root(),
|
|
|
|
|
'$title' => t('Connected OAuth2 Apps'),
|
|
|
|
|
'$add' => t('Add application'),
|
|
|
|
|
'$edit' => t('Edit'),
|
|
|
|
|
'$delete' => t('Delete'),
|
|
|
|
|
'$consumerkey' => t('Client key starts with'),
|
|
|
|
|
'$noname' => t('No name'),
|
|
|
|
|
'$remove' => t('Remove authorization'),
|
|
|
|
|
'$apps' => $r,
|
|
|
|
|
));
|
|
|
|
|
return $o;
|
|
|
|
|
|
|
|
|
|
}
|
|
|
|
|
|
2018-05-20 12:07:30 +00:00
|
|
|
}
|
