src/plugins/oauthconsumer/etc/oauthconsumer.ini -text
src/plugins/oauthconsumer/include/fusionforge_oauth_datastore.php -text
src/plugins/oauthconsumer/include/oauthconsumerPlugin.class.php -text
+src/plugins/oauthconsumer/include/provider_api.php -text
src/plugins/oauthconsumer/packaging/control/222plugin-oauthconsumer -text
src/plugins/oauthconsumer/packaging/control/222plugin-oauthconsumer.shortdesc -text
src/plugins/oauthconsumer/packaging/dirs/plugin-oauthconsumer -text
src/plugins/oauthconsumer/packaging/install/plugin-oauthconsumer -text
src/plugins/oauthconsumer/packaging/links/plugin-oauthconsumer -text
+src/plugins/oauthconsumer/www/checks.php -text
+src/plugins/oauthconsumer/www/index.php -text
+src/plugins/oauthconsumer/www/provider_add.php -text
+src/plugins/oauthconsumer/www/provider_delete.php -text
+src/plugins/oauthconsumer/www/provider_edit.php -text
+src/plugins/oauthconsumer/www/provider_update.php -text
+src/plugins/oauthconsumer/www/providers.php -text
src/plugins/oauthprovider/3rd-party/README -text
src/plugins/oauthprovider/3rd-party/oauth-php/CHANGELOG.txt -text
src/plugins/oauthprovider/3rd-party/oauth-php/LICENSE.txt -text
--- /dev/null
+<?php
+
+class OAuthProvider {
+
+ protected $id;
+ protected $name;
+ protected $description;
+ protected $consumer_key;
+ protected $consumer_secret;
+ protected $request_token_url;
+ protected $authorize_url;
+ protected $access_token_url;
+
+ function __construct($name, $description, $consumer_key, $consumer_secret, $request_token_url, $authorize_url, $access_token_url, $id = 0) {
+ $this->id = $id;
+ $this->name = $name;
+ $this->description = $description;
+ $this->consumer_key = $consumer_key;
+ $this->consumer_secret = $consumer_secret;
+ $this->request_token_url = $request_token_url;
+ $this->authorize_url = $authorize_url;
+ $this->access_token_url = $access_token_url;
+ }
+
+ public function get_id() {
+ return $this->id;
+ }
+
+ protected function set_id($id) {
+ $this->id = $id;
+ }
+
+ public function get_name() {
+ return $this->name;
+ }
+
+ public function get_description() {
+ return $this->description;
+ }
+
+ public function get_consumer_key() {
+ return $this->consumer_key;
+ }
+
+ public function get_consumer_secret() {
+ return $this->consumer_secret;
+ }
+
+ public function get_request_token_url() {
+ return $this->request_token_url;
+ }
+
+ public function get_authorize_url() {
+ return $this->authorize_url;
+ }
+
+ public function get_access_token_url() {
+ return $this->access_token_url;
+ }
+
+ public function set_name($name) {
+ $this->name = $name;
+ }
+
+ public function set_description($description) {
+ $this->description = $description;
+ }
+
+ public function set_consumer_key($consumer_key) {
+ $this->consumer_key = $consumer_key;
+ }
+
+ public function set_consumer_secret($consumer_secret) {
+ $this->consumer_secret = $consumer_secret;
+ }
+
+ public function set_request_token_url($request_token_url) {
+ $this->request_token_url = $request_token_url;
+ }
+
+ public function set_authorize_url($authorize_url) {
+ $this->authorize_url = $authorize_url;
+ }
+
+ public function set_access_token_url($access_token_url) {
+ $this->access_token_url = $access_token_url;
+ }
+
+ static function convert_row_to_object($row) {
+ if($row!=null) {
+ $provider = new OAuthProvider($row['name'], $row['description'], $row['consumer_key'], $row['consumer_secret'], $row['request_token_url'], $row['authorize_url'], $row['access_token_url'], $row['id']);
+ return $provider;
+ }else {
+ return null;
+ }
+ }
+
+ static function get_provider($id) {
+ $conn = FFOAuthDataStore::singleton();
+ $row = $conn->find_provider_from_id($id);
+ $provider = self::convert_row_to_object($row);
+ return $provider;
+ }
+
+ static function get_all_oauthproviders() {
+ $conn = FFOAuthDataStore::singleton();
+ $rows = $conn->find_all_providers();
+ $providers = array();
+ foreach ($rows as $row) {
+ $provider = OAuthProvider::convert_row_to_object($row);
+ $providers[] = $provider;
+ }
+ return $providers;
+ }
+
+ static function check_provider_values($new=TRUE, $name, $description, $consumer_key, $consumer_secret, $request_token_url, $authorize_url, $access_token_url) {
+ if ((!trim($name))) {
+ return "The field 'Name' is empty! ";
+ }
+ elseif ((!trim($description))) {
+ return "The field 'Description' is empty! ";
+ }
+ elseif ((!trim($consumer_key))) {
+ return "The field 'Consumer Key' is empty! ";
+ }
+ elseif ((!trim($consumer_secret))) {
+ return "The field 'Consumer Secret' is empty! ";
+ }
+ elseif(strlen($name)<5) {
+ return "The field 'Name' cannot be less than 5 characters!";
+ }
+ elseif(strlen($name)>15) {
+ return "The field 'Name' cannot be more than 15 characters!";
+ }
+ elseif(is_numeric(substr($name, 0, 1))) {
+ return "The field 'Name' cannot begin with a numeral!";
+ }
+ elseif((substr($name, 0, 1))=="_") {
+ return "The field 'Name' cannot begin with an underscore!";
+ }
+ elseif(preg_match('/^[A-z][A-z_0-9]{4,}/', $name)==0) {
+ return "The field 'Name' can only contain alphabets (a-z,A-Z), numbers (0-9) and underscores (_). Please choose a Name accordingly!";
+ }
+ elseif($new && self::provider_exists($name)) {
+ return "The name '".$name."' has already been taken. Please choose another!";
+ }
+ elseif((trim($request_token_url))&&(!preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $request_token_url))) {
+ return "The Request Token URL is not valid.";
+ }
+ elseif((trim($authorize_url))&&(!preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $authorize_url))) {
+ return "The Authorization URL is not valid.";
+ }
+ elseif((trim($access_token_url))&&(!preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $access_token_url))) {
+ return "The Access Token URL is not valid.";
+ }
+ else {
+ return null;
+ }
+ }
+
+ static function provider_exists($name) {
+ $conn = FFOAuthDataStore::singleton();
+ $row = $conn->find_provider_from_name($name);
+ if($row==null) {
+ return false;
+ }
+ else {
+ return true;
+ }
+ }
+
+ function write_to_db() {
+ if ( strlen(trim( $this->name ))==0 || strlen(trim( $this->description ))==0 || strlen(trim( $this->consumer_key ))==0 || strlen(trim( $this->consumer_secret ))==0 ) {
+ exit_error( "Error trying to add the oauth provider. Please try again.", 'oauthconsumer' );
+ }
+ $conn = FFOAuthDataStore::singleton();
+ $id = $conn->save_provider($this);
+ if(!$id) {
+ exit_error("Error trying to add new oauth provider to DB", 'oauthconsumer');
+ }else {
+ $this->set_id($id);
+ }
+ }
+
+ function delete() {
+ $conn = FFOAuthDataStore::singleton();
+ $id = $this->get_id();
+ if($id!=0) {
+ if(!($conn->delete_provider($id))) {
+ exit_error("Error trying to delete provider from DB", 'oauthconsumer');
+ }
+ }else {
+ exit_error("Trying to delete non-existent provider from DB", 'oauthconsumer');
+ }
+ }
+
+}
\ No newline at end of file
--- /dev/null
+<?php
+
+/*
+ * This file contains the functionality of the different checks
+ * needed to be done before displaying any page of the
+ * oauthconsumer plugin
+ */
+
+require_once $gfwww.'include/pre.php';
+
+$pluginname = 'oauthconsumer';
+
+// the header that displays for the user portion of the plugin
+function oauthconsumer_User_Header($params) {
+ global $DOCUMENT_ROOT,$HTML, $user_id, $pluginname;
+ $params['toptab']=$pluginname;
+ $params['user']=$user_id;
+ site_user_header($params);
+}
+
+/*
+ * checks whether the user is logged in and has activated the plugin
+ */
+function oauthconsumer_CheckUser() {
+
+ if (!session_loggedin()) { //check if user logged in
+ exit_not_logged_in();
+ }
+
+ global $pluginname;
+
+ $user = session_get_user(); // get the session user
+
+ if (!$user || !is_object($user) || $user->isError() || !$user->isActive()) {
+ exit_error("Invalid User, Cannot Process your request for this user.", $pluginname);
+ }
+
+ $id = $user->getID();
+
+ if (!$id) {
+ exit_error("Cannot Process your request: Invalid User", $pluginname);
+ }
+
+ $realuser = user_get_object($id);
+ if (!($realuser) || !($realuser->usesPlugin($pluginname))) { //check if user has activated the plugin
+ exit_error("First activate the User's $pluginname plugin through Account Maintenance Page", $pluginname);
+ }
+
+ //displays the page header
+ oauthconsumer_User_Header(array('title'=>'Personal page for OAuth','pagename'=>"$pluginname",'sectionvals'=>array($realuser->getUnixName())));
+
+}
+
+/*
+ * checks whether the user is a forge admin
+ */
+function oauthconsumer_CheckForgeAdmin() {
+
+ if(! forge_check_global_perm ('forge_admin')) {
+ return false;
+ }
+
+ oauthconsumer_User_Header(array('title'=>'Admin page for OAuthConsumer','pagename'=>"$pluginname"));
+ return true;
+}
+
+/*
+ * checks whether the user is a forge admin and exits
+ */
+function oauthconsumer_CheckForgeAdminExit() {
+
+ if(! forge_check_global_perm ('forge_admin')) {
+ exit_error("Access Denied, You are not a forge Admin", 'oauthconsumer');
+ }
+
+ oauthconsumer_User_Header(array('title'=>'Admin page for OAuthConsumer','pagename'=>"$pluginname"));
+
+}
+
+?>
\ No newline at end of file
--- /dev/null
+<?php
+
+require_once('../../env.inc.php');
+require_once 'checks.php';
+
+oauthconsumer_CheckUser();
+
+echo util_make_link('/plugins/'.$pluginname.'/providers.php', _('OAuth Providers')). ' <br />';
+echo util_make_link('/plugins/'.$pluginname.'/access_tokens.php', _('Access tokens')).'<br /> ';
+
+
+site_user_footer(array());
\ No newline at end of file
--- /dev/null
+<?php
+require_once('../../env.inc.php');
+require_once 'checks.php';
+global $feedback;
+
+if(!form_key_is_valid(getStringFromRequest('plugin_oauthconsumer_provider_create_token'))) {
+ exit_form_double_submit('admin');
+}
+
+session_require_global_perm('forge_admin');
+
+$f_provider_name = getStringFromPost( 'provider_name' );
+$f_provider_desc = getStringFromPost( 'provider_desc' );
+$f_consumer_key = getStringFromPost( 'consumer_key' );
+$f_consumer_secret = getStringFromPost( 'consumer_secret' );
+$f_request_token_url = getStringFromPost( 'request_token_url' );
+$f_authorize_url = getStringFromPost( 'authorize_url' );
+$f_access_token_url = getStringFromPost( 'access_token_url' );
+
+if (($msg=OAuthProvider::check_provider_values(TRUE, $f_provider_name, $f_provider_desc, $f_consumer_key, $f_consumer_secret, $f_request_token_url, $f_authorize_url, $f_access_token_url))!=null) {
+ $feedback .= $msg;
+ form_release_key(getStringFromRequest('plugin_oauthconsumer_provider_create_token'));
+ include 'providers.php';
+}
+else {
+ $f_provider_desc = (htmlspecialchars($f_provider_desc));
+ $f_request_token_url = (htmlspecialchars($f_request_token_url));
+ $f_authorize_url = (htmlspecialchars($f_authorize_url));
+ $f_access_token_url = (htmlspecialchars($f_access_token_url));
+ $new_provider = new OAuthProvider($f_provider_name, $f_provider_desc, $f_consumer_key, $f_consumer_secret, $f_request_token_url, $f_authorize_url, $f_access_token_url);
+ $new_provider->write_to_db();
+
+ form_release_key(getStringFromRequest('plugin_oauthconsumer_provider_create_token'));
+
+ session_redirect( '/plugins/'.$pluginname.'/providers.php');
+}
--- /dev/null
+<?php
+
+require_once('../../env.inc.php');
+require_once 'checks.php';
+
+form_key_is_valid(getStringFromRequest('plugin_oauthprovider_consumer_delete_token'));
+
+oauthconsumer_CheckForgeAdminExit();
+
+$provider_id = getStringFromGet( 'provider_id' );
+$provider = OAuthProvider::get_provider($provider_id);
+$provider->delete();
+
+form_release_key(getStringFromRequest('plugin_oauthconsumer_provider_delete_token'));
+session_redirect( '/plugins/'.$pluginname.'/providers.php');
\ No newline at end of file
--- /dev/null
+<?php
+
+require_once('../../env.inc.php');
+require_once 'checks.php';
+
+oauthconsumer_CheckForgeAdminExit();
+
+$provider_id = isset($f_provider_id)?$f_provider_id:getIntFromGet( 'provider_id' );
+$provider = OAuthProvider::get_provider($provider_id);
+
+$f_provider_name = getStringFromPost( 'provider_name' );
+$f_provider_desc = getStringFromPost( 'provider_desc' );
+$f_consumer_key = getStringFromPost( 'consumer_key' );
+$f_consumer_secret = getStringFromPost( 'consumer_secret' );
+$f_request_token_url = getStringFromPost( 'request_token_url' );
+$f_authorize_url = getStringFromPost( 'authorize_url' );
+$f_access_token_url = getStringFromPost( 'access_token_url' );
+
+$i = 0;
+?>
+
+<br/>
+<form action="provider_update.php" method="post">
+<?php echo '<input type="hidden" name="plugin_oauthconsumer_provider_update_token" value="'.form_generate_key().'"/>' ?>
+<input type="hidden" name="provider_id" value="<?php echo $provider->get_id() ?>"/>
+<table class="width75" align="center" cellspacing="1">
+
+<tr>
+<td class="form-title" colspan="2"><?php echo _('<b>Edit OAuth Provider</b>') ?></td>
+<td class="right"><?php print util_make_link("/plugins/".$pluginname.'/providers.php', _('Cancel') ); ?></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo _('Name') ?></td>
+<td><input name="provider_name" maxlength="128" size="60" value="<?php echo isset($f_provider_name)?$f_provider_name:$provider->get_name() ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo _('Description') ?></td>
+<td><input name="provider_desc" maxlength="250" size="60" value="<?php echo isset($f_provider_desc)?$f_provider_desc:$provider->get_description() ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo _('Consumer Key') ?></td>
+<td><input name="consumer_key" maxlength="250" size="60" value="<?php echo isset($f_consumer_key)?$f_consumer_key:$provider->get_consumer_key() ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo _('Consumer Secret') ?></td>
+<td><input name="consumer_secret" maxlength="250" size="60" value="<?php echo isset($f_consumer_secret)?$f_consumer_secret:$provider->get_consumer_secret() ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo _('Request Token URL') ?></td>
+<td><input name="request_token_url" maxlength="250" size="60" value="<?php echo isset($f_request_token_url)?$f_request_token_url:$provider->get_request_token_url() ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo _('Authorization URL') ?></td>
+<td><input name="authorize_url" maxlength="250" size="60" value="<?php echo isset($f_authorize_url)?$f_authorize_url:$provider->get_authorize_url() ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo _('Access Token URL') ?></td>
+<td><input name="access_token_url" maxlength="250" size="60" value="<?php echo isset($f_access_token_url)?$f_access_token_url:$provider->get_access_token_url() ?>"/></td>
+</tr>
+
+<tr>
+<td class="center" colspan="1"><input type="submit" name="update" value="<?php echo _('Update Provider') ?>"/></td>
+</tr>
+</table>
+</form>
+
+<?php
+site_users_footer(array());
\ No newline at end of file
--- /dev/null
+<?php
+
+require_once('../../env.inc.php');
+require_once 'checks.php';
+
+form_key_is_valid(getStringFromRequest( 'plugin_oauthconsumer_provider_update_token' ));
+
+session_require_global_perm('forge_admin');
+
+$f_provider_id = getStringFromPost( 'provider_id' );
+$f_provider_name = getStringFromPost( 'provider_name' );
+$f_provider_desc = getStringFromPost( 'provider_desc' );
+$f_consumer_key = getStringFromPost( 'consumer_key' );
+$f_consumer_secret = getStringFromPost( 'consumer_secret' );
+$f_request_token_url = getStringFromPost( 'request_token_url' );
+$f_authorize_url = getStringFromPost( 'authorize_url' );
+$f_access_token_url = getStringFromPost( 'access_token_url' );
+
+if (($msg=OAuthProvider::check_provider_values(FALSE, $f_provider_name, $f_provider_desc, $f_consumer_key, $f_consumer_secret, $f_request_token_url, $f_authorize_url, $f_access_token_url))!=null) {
+ $feedback .= $msg;
+ form_release_key(getStringFromRequest('plugin_oauthconsumer_provider_update_token'));
+ include 'provider_edit.php';
+}
+else {
+
+ $provider = OAuthProvider::get_provider($f_provider_id);
+
+ $provider->set_name($f_provider_name);
+ $provider->set_description($f_provider_desc);
+ $provider->set_consumer_key($f_consumer_key);
+ $provider->set_consumer_secret($f_consumer_secret);
+ $provider->set_request_token_url($f_request_token_url);
+ $provider->set_authorize_url($f_authorize_url);
+ $provider->set_access_token_url($f_access_token_url);
+
+ $provider->write_to_db();
+
+ form_release_key(getStringFromRequest( 'plugin_oauthconsumer_provider_update_token' ));
+
+ session_redirect( '/plugins/'.$pluginname.'/providers.php' );
+}
\ No newline at end of file
--- /dev/null
+<?php
+
+require_once('../../env.inc.php');
+require_once 'checks.php';
+
+oauthconsumer_CheckUser();
+
+$providers = OAuthProvider::get_all_oauthproviders();
+$admin_access = false;
+if(forge_check_global_perm ('forge_admin')) $admin_access = true;
+
+if(count($providers)>0) {
+ echo $HTML->boxTop(_('OAuth Providers'));
+ echo $HTML->listTableTop(array(_('Name'), _('Description'), _('Consumer Key'), _('Consumer Secret'), _('Request Token Url'), _('Authorization Url'), _('Access Token Url'), '', ''));
+ $i = 0;
+ foreach( $providers as $provider ) { ?>
+ <tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+ <td class="center"><?php echo ( $provider->get_name() ) ?></td>
+ <td class="center"><?php echo ( $provider->get_description() ) ?></td>
+ <td class="center"><?php echo ( $provider->get_consumer_key() ) ?></td>
+ <?php if($admin_access) { ?>
+ <td class="center"><?php echo ( $provider->get_consumer_secret() ) ?></td>
+ <?php }else { ?>
+ <td class="center">*****************</td>
+ <?php } ?>
+ <td class="center"><?php echo ( $provider->get_request_token_url() ) ?></td>
+ <td class="center"><?php echo ( $provider->get_authorize_url() ) ?></td>
+ <td class="center"><?php echo ( $provider->get_access_token_url() ) ?></td>
+ <?php
+ if ($admin_access) { ?>
+ <td class="center">
+ <?php print util_make_link('/plugins/'.$pluginname.'/provider_edit.php?provider_id=' . $provider->get_id() , _('Edit'));?>
+ </td><?php
+ }
+
+ if ($admin_access) { ?>
+ <td class="center">
+ <?php print util_make_link('/plugins/'.$pluginname.'/provider_delete.php?provider_id=' . $provider->get_id() . '&plugin_oauthconsumer_provider_delete_token='.form_generate_key(), _('Delete')); ?>
+ </td><?php
+ }?>
+ </tr>
+ <?php
+ }
+ echo $HTML->listTableBottom();
+ echo $HTML->boxBottom();
+
+}
+else {
+ echo '<p>'. _('There are currently no OAuth Providers registered in the database').'</p>';
+}
+
+if ($admin_access) {
+
+ $f_provider_name = getStringFromPost( 'provider_name' );
+ $f_provider_desc = getStringFromPost( 'provider_desc' );
+ $f_consumer_key = getStringFromPost( 'consumer_key' );
+ $f_consumer_secret = getStringFromPost( 'consumer_secret' );
+ $f_request_token_url = getStringFromPost( 'request_token_url' );
+ $f_authorize_url = getStringFromPost( 'authorize_url' );
+ $f_access_token_url = getStringFromPost( 'access_token_url' );
+
+ ?>
+ <br/>
+ <form action="provider_add.php" method="post">
+ <?php echo '<input type="hidden" name="plugin_oauthconsumer_provider_create_token" value="'.form_generate_key().'"/>' ?>
+ <table class="width50" align="center" cellspacing="1">
+
+ <tr>
+ <td class="form-title" colspan="2"><?php echo _('<b>Add a new OAuth provider</b>') ?></td>
+ </tr>
+
+ <tr>
+ <td class="category"><?php echo _('Name') ?></td>
+ <td><input name="provider_name" maxlength="128" size="40" value="<?php echo $f_provider_name ?>"/></td>
+ </tr>
+
+ <tr>
+ <td class="category"><?php echo _('Description') ?></td>
+ <td><input name="provider_desc" maxlength="250" size="40" value="<?php echo $f_provider_desc ?>"/></td>
+ </tr>
+
+ <tr>
+ <td class="category"><?php echo _('Consumer Key') ?></td>
+ <td><input name="consumer_key" maxlength="250" size="40" value="<?php echo $f_consumer_key ?>"/></td>
+ </tr>
+
+ <tr>
+ <td class="category"><?php echo _('Consumer Secret') ?></td>
+ <td><input name="consumer_secret" maxlength="250" size="40" value="<?php echo $f_consumer_secret ?>"/></td>
+ </tr>
+
+ <tr>
+ <td class="category"><?php echo _('Request Token URL') ?></td>
+ <td><input name="request_token_url" maxlength="250" size="40" value="<?php echo $f_request_token_url ?>"/></td>
+ </tr>
+
+ <tr>
+ <td class="category"><?php echo _('Authorization URL') ?></td>
+ <td><input name="authorize_url" maxlength="250" size="40" value="<?php echo $f_authorize_url ?>"/></td>
+ </tr>
+
+ <tr>
+ <td class="category"><?php echo _('Access Token URL') ?></td>
+ <td><input name="access_token_url" maxlength="250" size="40" value="<?php echo $f_access_token_url ?>"/></td>
+ </tr>
+
+ <tr>
+ <td class="center" colspan="2"><input type="submit" value="<?php echo _('Add provider') ?>"/></td>
+ </tr>
+
+ </table>
+ </form>
+ <?php
+}
+
+site_user_footer(array());
\ No newline at end of file
projects / fusionforge / fusionforge.git / commitdiff