mirror of
https://codeberg.org/streams/streams.git
synced 2024-09-19 21:35:13 +00:00
oauth2 client settings page
This commit is contained in:
parent
f4c94ab121
commit
4a45c35c4e
7 changed files with 242 additions and 9 deletions
|
@ -23,11 +23,12 @@ class Oauth {
|
||||||
|
|
||||||
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
|
check_form_security_token_redirectOnErr('/settings/oauth', 'settings_oauth');
|
||||||
|
|
||||||
$name = ((x($_POST,'name')) ? $_POST['name'] : '');
|
$name = ((x($_POST,'name')) ? escape_tags($_POST['name']) : '');
|
||||||
$key = ((x($_POST,'key')) ? $_POST['key'] : '');
|
$key = ((x($_POST,'key')) ? escape_tags($_POST['key']) : '');
|
||||||
$secret = ((x($_POST,'secret')) ? $_POST['secret'] : '');
|
$secret = ((x($_POST,'secret')) ? escape_tags($_POST['secret']) : '');
|
||||||
$redirect = ((x($_POST,'redirect')) ? $_POST['redirect'] : '');
|
$redirect = ((x($_POST,'redirect')) ? escape_tags($_POST['redirect']) : '');
|
||||||
$icon = ((x($_POST,'icon')) ? $_POST['icon'] : '');
|
$icon = ((x($_POST,'icon')) ? escape_tags($_POST['icon']) : '');
|
||||||
|
$oauth2 = ((x($_POST,'oauth2')) ? intval($_POST['oauth2']) : 0);
|
||||||
$ok = true;
|
$ok = true;
|
||||||
if($name == '') {
|
if($name == '') {
|
||||||
$ok = false;
|
$ok = false;
|
||||||
|
|
160
Zotlabs/Module/Settings/Oauth2.php
Normal file
160
Zotlabs/Module/Settings/Oauth2.php
Normal file
|
@ -0,0 +1,160 @@
|
||||||
|
<?php
|
||||||
|
|
||||||
|
namespace Zotlabs\Module\Settings;
|
||||||
|
|
||||||
|
|
||||||
|
class Oauth2 {
|
||||||
|
|
||||||
|
|
||||||
|
function post() {
|
||||||
|
|
||||||
|
if(x($_POST,'remove')){
|
||||||
|
check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
|
||||||
|
|
||||||
|
$key = $_POST['remove'];
|
||||||
|
q("DELETE FROM tokens WHERE id='%s' AND uid=%d",
|
||||||
|
dbesc($key),
|
||||||
|
local_channel());
|
||||||
|
goaway(z_root()."/settings/oauth2/");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
if((argc() > 2) && (argv(2) === 'edit' || argv(2) === 'add') && x($_POST,'submit')) {
|
||||||
|
|
||||||
|
check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2');
|
||||||
|
|
||||||
|
$name = ((x($_POST,'name')) ? escape_tags(trim($_POST['name'])) : '');
|
||||||
|
$secret = ((x($_POST,'secret')) ? escape_tags(trim($_POST['secret'])) : '');
|
||||||
|
$redirect = ((x($_POST,'redirect')) ? escape_tags(trim($_POST['redirect'])) : '');
|
||||||
|
$grant = ((x($_POST,'grant')) ? escape_tags(trim($_POST['grant'])) : '');
|
||||||
|
$scope = ((x($_POST,'scope')) ? escape_tags(trim($_POST['scope'])) : '');
|
||||||
|
|
||||||
|
$ok = true;
|
||||||
|
if($name == '' || $secret == '') {
|
||||||
|
$ok = false;
|
||||||
|
notice( t('Name and Secret are required') . EOL);
|
||||||
|
}
|
||||||
|
|
||||||
|
if($ok) {
|
||||||
|
if ($_POST['submit']==t("Update")){
|
||||||
|
$r = q("UPDATE oauth_clients SET
|
||||||
|
client_id = '%s',
|
||||||
|
client_secret = '%s',
|
||||||
|
redirect_uri = '%s',
|
||||||
|
grant_types = '%s',
|
||||||
|
scope = '%s',
|
||||||
|
user_id = '%s'
|
||||||
|
WHERE client_id='%s'",
|
||||||
|
dbesc($name),
|
||||||
|
dbesc($secret),
|
||||||
|
dbesc($redirect),
|
||||||
|
dbesc($grant),
|
||||||
|
dbesc($scope),
|
||||||
|
dbesc(local_channel()),
|
||||||
|
dbesc($name));
|
||||||
|
} else {
|
||||||
|
$r = q("INSERT INTO oauth_clients (client_id, client_secret, redirect_uri, grant_types, scope, user_id)
|
||||||
|
VALUES ('%s','%s','%s','%s','%s','%s')",
|
||||||
|
dbesc($name),
|
||||||
|
dbesc($secret),
|
||||||
|
dbesc($redirect),
|
||||||
|
dbesc($grant),
|
||||||
|
dbesc($scope),
|
||||||
|
dbesc(local_channel())
|
||||||
|
);
|
||||||
|
$r = q("INSERT INTO xperm (xp_client, xp_channel, xp_perm) VALUES ('%s', %d, '%s') ",
|
||||||
|
dbesc($name),
|
||||||
|
intval(local_channel()),
|
||||||
|
dbesc('all')
|
||||||
|
);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
goaway(z_root()."/settings/oauth2/");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function get() {
|
||||||
|
|
||||||
|
if((argc() > 2) && (argv(2) === 'add')) {
|
||||||
|
$tpl = get_markup_template("settings_oauth2_edit.tpl");
|
||||||
|
$o .= replace_macros($tpl, array(
|
||||||
|
'$form_security_token' => get_form_security_token("settings_oauth2"),
|
||||||
|
'$title' => t('Add OAuth2 application'),
|
||||||
|
'$submit' => t('Submit'),
|
||||||
|
'$cancel' => t('Cancel'),
|
||||||
|
'$name' => array('name', t('Name'), '', t('Name of application')),
|
||||||
|
'$secret' => array('secret', t('Consumer Secret'), random_string(16), t('Automatically generated - change if desired. Max length 20')),
|
||||||
|
'$redirect' => array('redirect', t('Redirect'), '', t('Redirect URI - leave blank unless your application specifically requires this')),
|
||||||
|
'$grant' => array('grant', t('Grant Types'), '', t('leave blank unless your application sepcifically requires this')),
|
||||||
|
'$scope' => array('scope', t('Authorization scope'), '', t('leave blank unless your application sepcifically requires this')),
|
||||||
|
));
|
||||||
|
return $o;
|
||||||
|
}
|
||||||
|
|
||||||
|
if((argc() > 3) && (argv(2) === 'edit')) {
|
||||||
|
$r = q("SELECT * FROM oauth_clients WHERE client_id='%s' AND user_id= '%s'",
|
||||||
|
dbesc(argv(3)),
|
||||||
|
dbesc(local_channel())
|
||||||
|
);
|
||||||
|
|
||||||
|
if (! $r){
|
||||||
|
notice(t('OAuth2 Application not found.'));
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
$app = $r[0];
|
||||||
|
|
||||||
|
$tpl = get_markup_template("settings_oauth2_edit.tpl");
|
||||||
|
$o .= replace_macros($tpl, array(
|
||||||
|
'$form_security_token' => get_form_security_token("settings_oauth2"),
|
||||||
|
'$title' => t('Add application'),
|
||||||
|
'$submit' => t('Update'),
|
||||||
|
'$cancel' => t('Cancel'),
|
||||||
|
'$name' => array('name', t('Name'), $app['client_id'], t('Name of application')),
|
||||||
|
'$secret' => array('secret', t('Consumer Secret'), $app['client_secret'], t('Automatically generated - change if desired. Max length 20')),
|
||||||
|
'$redirect' => array('redirect', t('Redirect'), $app['redirect_uri'], t('Redirect URI - leave blank unless your application specifically requires this')),
|
||||||
|
'$grant' => array('grant', t('Grant Types'), $app['grant_types'], t('leave blank unless your application sepcifically requires this')),
|
||||||
|
'$scope' => array('scope', t('Authorization scope'), $app['scope'], t('leave blank unless your application sepcifically requires this')),
|
||||||
|
));
|
||||||
|
return $o;
|
||||||
|
}
|
||||||
|
|
||||||
|
if((argc() > 3) && (argv(2) === 'delete')) {
|
||||||
|
check_form_security_token_redirectOnErr('/settings/oauth2', 'settings_oauth2', 't');
|
||||||
|
|
||||||
|
$r = q("DELETE FROM oauth_clients WHERE client_id = '%s' AND user_id = '%s'",
|
||||||
|
dbesc(argv(3)),
|
||||||
|
dbesc(local_channel())
|
||||||
|
);
|
||||||
|
goaway(z_root()."/settings/oauth2/");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
$r = q("SELECT oauth_clients.*, oauth_access_tokens.access_token as oauth_token, (oauth_clients.user_id = '%s') AS my
|
||||||
|
FROM oauth_clients
|
||||||
|
LEFT JOIN oauth_access_tokens ON oauth_clients.client_id=oauth_access_tokens.client_id
|
||||||
|
WHERE oauth_clients.user_id IN ('%s',0)",
|
||||||
|
dbesc(local_channel()),
|
||||||
|
dbesc(local_channel())
|
||||||
|
);
|
||||||
|
|
||||||
|
$tpl = get_markup_template("settings_oauth2.tpl");
|
||||||
|
$o .= replace_macros($tpl, array(
|
||||||
|
'$form_security_token' => get_form_security_token("settings_oauth2"),
|
||||||
|
'$baseurl' => z_root(),
|
||||||
|
'$title' => t('Connected OAuth2 Apps'),
|
||||||
|
'$add' => t('Add application'),
|
||||||
|
'$edit' => t('Edit'),
|
||||||
|
'$delete' => t('Delete'),
|
||||||
|
'$consumerkey' => t('Client key starts with'),
|
||||||
|
'$noname' => t('No name'),
|
||||||
|
'$remove' => t('Remove authorization'),
|
||||||
|
'$apps' => $r,
|
||||||
|
));
|
||||||
|
return $o;
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
|
@ -81,12 +81,20 @@ class Settings_menu {
|
||||||
|
|
||||||
if(feature_enabled(local_channel(),'oauth_clients')) {
|
if(feature_enabled(local_channel(),'oauth_clients')) {
|
||||||
$tabs[] = array(
|
$tabs[] = array(
|
||||||
'label' => t('Connected apps'),
|
'label' => t('OAuth1 apps'),
|
||||||
'url' => z_root() . '/settings/oauth',
|
'url' => z_root() . '/settings/oauth',
|
||||||
'selected' => ((argv(1) === 'oauth') ? 'active' : ''),
|
'selected' => ((argv(1) === 'oauth') ? 'active' : ''),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if(feature_enabled(local_channel(),'oauth2_clients')) {
|
||||||
|
$tabs[] = array(
|
||||||
|
'label' => t('OAuth2 apps'),
|
||||||
|
'url' => z_root() . '/settings/oauth2',
|
||||||
|
'selected' => ((argv(1) === 'oauth2') ? 'active' : ''),
|
||||||
|
);
|
||||||
|
}
|
||||||
|
|
||||||
if(feature_enabled(local_channel(),'access_tokens')) {
|
if(feature_enabled(local_channel(),'access_tokens')) {
|
||||||
$tabs[] = array(
|
$tabs[] = array(
|
||||||
'label' => t('Guest Access Tokens'),
|
'label' => t('Guest Access Tokens'),
|
||||||
|
|
|
@ -246,13 +246,22 @@ function get_features($filtered = true) {
|
||||||
|
|
||||||
[
|
[
|
||||||
'oauth_clients',
|
'oauth_clients',
|
||||||
t('OAuth Clients'),
|
t('OAuth1 Clients'),
|
||||||
t('Manage authenticatication tokens for mobile and remote apps.'),
|
t('Manage OAuth1 authenticatication tokens for mobile and remote apps.'),
|
||||||
false,
|
false,
|
||||||
get_config('feature_lock','oauth_clients'),
|
get_config('feature_lock','oauth_clients'),
|
||||||
feature_level('oauth_clients',1),
|
feature_level('oauth_clients',1),
|
||||||
],
|
],
|
||||||
|
|
||||||
|
[
|
||||||
|
'oauth2_clients',
|
||||||
|
t('OAuth2 Clients'),
|
||||||
|
t('Manage OAuth2 authenticatication tokens for mobile and remote apps.'),
|
||||||
|
false,
|
||||||
|
get_config('feature_lock','oauth2_clients'),
|
||||||
|
feature_level('oauth2_clients',1),
|
||||||
|
],
|
||||||
|
|
||||||
[
|
[
|
||||||
'access_tokens',
|
'access_tokens',
|
||||||
t('Access Tokens'),
|
t('Access Tokens'),
|
||||||
|
|
35
view/tpl/settings_oauth2.tpl
Executable file
35
view/tpl/settings_oauth2.tpl
Executable file
|
@ -0,0 +1,35 @@
|
||||||
|
<div class="generic-content-wrapper">
|
||||||
|
<div class="section-title-wrapper">
|
||||||
|
<h2>{{$title}}</h2>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
<div class="section-content-tools-wrapper">
|
||||||
|
<form action="settings/oauth2" method="post" autocomplete="off">
|
||||||
|
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
|
||||||
|
|
||||||
|
<div id="profile-edit-links">
|
||||||
|
<ul>
|
||||||
|
<li>
|
||||||
|
<a id="profile-edit-view-link" href="{{$baseurl}}/settings/oauth2/add">{{$add}}</a>
|
||||||
|
</li>
|
||||||
|
</ul>
|
||||||
|
</div>
|
||||||
|
|
||||||
|
{{foreach $apps as $app}}
|
||||||
|
<div class='oauthapp'>
|
||||||
|
{{if $app.client_id}}<h4>{{$app.client_id}}</h4>{{else}}<h4>{{$noname}}</h4>{{/if}}
|
||||||
|
{{if $app.my}}
|
||||||
|
{{if $app.oauth_token}}
|
||||||
|
<div class="settings-submit-wrapper" ><button class="settings-submit" type="submit" name="remove" value="{{$app.oauth_token}}">{{$remove}}</button></div>
|
||||||
|
{{/if}}
|
||||||
|
{{/if}}
|
||||||
|
{{if $app.my}}
|
||||||
|
<a href="{{$baseurl}}/settings/oauth2/edit/{{$app.client_id}}" title="{{$edit}}"><i class="fa fa-pencil btn btn-outline-secondary"></i></a>
|
||||||
|
<a href="{{$baseurl}}/settings/oauth2/delete/{{$app.client_id}}?t={{$form_security_token}}" title="{{$delete}}"><i class="fa fa-trash-o btn btn-outline-secondary"></i></a>
|
||||||
|
{{/if}}
|
||||||
|
</div>
|
||||||
|
{{/foreach}}
|
||||||
|
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</div>
|
21
view/tpl/settings_oauth2_edit.tpl
Executable file
21
view/tpl/settings_oauth2_edit.tpl
Executable file
|
@ -0,0 +1,21 @@
|
||||||
|
<div class="generic-content-wrapper">
|
||||||
|
<div class="section-title-wrapper">
|
||||||
|
<h2>{{$title}}</h2>
|
||||||
|
</div>
|
||||||
|
<div class="section-content-tools-wrapper">
|
||||||
|
<form method="POST">
|
||||||
|
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
|
||||||
|
{{include file="field_input.tpl" field=$name}}
|
||||||
|
{{include file="field_input.tpl" field=$secret}}
|
||||||
|
{{include file="field_input.tpl" field=$redirect}}
|
||||||
|
{{include file="field_input.tpl" field=$grant}}
|
||||||
|
{{include file="field_input.tpl" field=$scope}}
|
||||||
|
|
||||||
|
<div class="settings-submit-wrapper" >
|
||||||
|
<input type="submit" name="submit" class="settings-submit" value="{{$submit}}" />
|
||||||
|
<input type="submit" name="cancel" class="settings-submit" value="{{$cancel}}" />
|
||||||
|
</div>
|
||||||
|
|
||||||
|
</form>
|
||||||
|
</div>
|
||||||
|
</div>
|
|
@ -5,7 +5,6 @@
|
||||||
<div class="section-content-tools-wrapper">
|
<div class="section-content-tools-wrapper">
|
||||||
<form method="POST">
|
<form method="POST">
|
||||||
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
|
<input type='hidden' name='form_security_token' value='{{$form_security_token}}'>
|
||||||
|
|
||||||
{{include file="field_input.tpl" field=$name}}
|
{{include file="field_input.tpl" field=$name}}
|
||||||
{{include file="field_input.tpl" field=$key}}
|
{{include file="field_input.tpl" field=$key}}
|
||||||
{{include file="field_input.tpl" field=$secret}}
|
{{include file="field_input.tpl" field=$secret}}
|
||||||
|
|
Loading…
Reference in a new issue