jon
/
Quill
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
Browse Source

provide option for choosing the scope to request 

update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
pull/82/head
Aaron Parecki 8 years ago
parent
1894da9452
commit
eab1a65f63
No known key found for this signature in database GPG Key ID: 276C2817346D6056
4 changed files with 64 additions and 66 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 5
      composer.json
  2. 79
      composer.lock
  3. 32
      controllers/auth.php
  4. 14
      views/auth_start.php

5
composer.json
View File

@ -3,10 +3,9 @@
"slim/slim": "2.2.*",
"saltybeagle/savant3": "dev-master",
"j4mie/idiorm": "1.4.*",
"mf2/mf2": "0.2.*",
"indieweb/mention-client": "0.*",
"mf2/mf2": "0.3.*",
"indieweb/date-formatter": "0.1.*",
"indieauth/client": ">=0.1.11",
"indieauth/client": ">=0.2.0",
"mpratt/relativetime": ">=1.0",
"firebase/php-jwt": "2.*",
"abraham/twitteroauth": "*",

79
composer.lock
View File

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
"content-hash": "05f646a93f2c1204dddd80c4670dcf15",
"content-hash": "b7a5b281de45ad549d11a38464bdfb24",
"packages": [
{
"name": "abraham/twitteroauth",
@ -278,22 +278,22 @@
},
{
"name": "indieauth/client",
"version": "0.1.13",
"version": "0.2.0",
"source": {
"type": "git",
"url": "https://github.com/indieweb/indieauth-client-php.git",
"reference": "d438bb03db15b4ccc6c63228be16de7870b6ab99"
"reference": "4b9bd766a92b8abbe420f5889bf7ebac7678151d"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/d438bb03db15b4ccc6c63228be16de7870b6ab99",
"reference": "d438bb03db15b4ccc6c63228be16de7870b6ab99",
"url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/4b9bd766a92b8abbe420f5889bf7ebac7678151d",
"reference": "4b9bd766a92b8abbe420f5889bf7ebac7678151d",
"shasum": ""
},
"require": {
"barnabywalters/mf-cleaner": "0.*",
"indieweb/link-rel-parser": "0.1.1",
"mf2/mf2": "0.2.*",
"indieweb/link-rel-parser": "0.1.*",
"mf2/mf2": "~0.3",
"php": ">5.3.0"
},
"type": "library",
@ -313,7 +313,7 @@
}
],
"description": "IndieAuth Client Library",
"time": "2016-02-08T23:56:31+00:00"
"time": "2017-02-09T23:42:05+00:00"
},
{
"name": "indieweb/date-formatter",
@ -360,16 +360,16 @@
},
{
"name": "indieweb/link-rel-parser",
"version": "0.1.1",
"version": "0.1.3",
"source": {
"type": "git",
"url": "https://github.com/indieweb/link-rel-parser-php.git",
"reference": "9e0e635fd301a8b1da7bc181f651f029c531dbb6"
"reference": "295420e4f16d9a9d262a3c25a7a583794428f055"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/indieweb/link-rel-parser-php/zipball/9e0e635fd301a8b1da7bc181f651f029c531dbb6",
"reference": "9e0e635fd301a8b1da7bc181f651f029c531dbb6",
"url": "https://api.github.com/repos/indieweb/link-rel-parser-php/zipball/295420e4f16d9a9d262a3c25a7a583794428f055",
"reference": "295420e4f16d9a9d262a3c25a7a583794428f055",
"shasum": ""
},
"require": {
@ -402,46 +402,7 @@
"indieweb",
"microformats2"
],
"time": "2013-12-23T00:14:58+00:00"
},
{
"name": "indieweb/mention-client",
"version": "0.4.7",
"source": {
"type": "git",
"url": "https://github.com/indieweb/mention-client-php.git",
"reference": "15271f4988c7bf661896fad188fdf0bf91877a7f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/indieweb/mention-client-php/zipball/15271f4988c7bf661896fad188fdf0bf91877a7f",
"reference": "15271f4988c7bf661896fad188fdf0bf91877a7f",
"shasum": ""
},
"require": {
"mf2/mf2": "0.2.*",
"php": ">=5.3"
},
"type": "library",
"autoload": {
"psr-0": {
"IndieWeb": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"Apache-2.0"
],
"authors": [
{
"name": "Aaron Parecki",
"email": "aaron@parecki.com",
"homepage": "http://aaronparecki.com/"
}
],
"description": "Client library for sending webmention and pingback notifications",
"homepage": "https://github.com/indieweb/mention-client-php",
"time": "2015-04-03T11:21:06+00:00"
"time": "2017-01-11T17:14:49+00:00"
},
{
"name": "j4mie/idiorm",
@ -503,20 +464,20 @@
},
{
"name": "mf2/mf2",
"version": "v0.2.12",
"version": "v0.3.0",
"source": {
"type": "git",
"url": "https://github.com/indieweb/php-mf2.git",
"reference": "6701504876d6c9242eb310b35f41d40d9785ab4e"
"reference": "4fb2eb5365cbc0fd2e0c26ca748777d6c2539763"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/indieweb/php-mf2/zipball/6701504876d6c9242eb310b35f41d40d9785ab4e",
"reference": "6701504876d6c9242eb310b35f41d40d9785ab4e",
"url": "https://api.github.com/repos/indieweb/php-mf2/zipball/4fb2eb5365cbc0fd2e0c26ca748777d6c2539763",
"reference": "4fb2eb5365cbc0fd2e0c26ca748777d6c2539763",
"shasum": ""
},
"require": {
"php": ">=5.3.0"
"php": ">=5.4.0"
},
"require-dev": {
"phpunit/phpunit": "3.7.*"
@ -536,7 +497,7 @@
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"MIT"
"CC0"
],
"authors": [
{
@ -552,7 +513,7 @@
"parser",
"semantic"
],
"time": "2015-07-12T14:10:01+00:00"
"time": "2016-03-14T12:13:34+00:00"
},
{
"name": "mpratt/relativetime",

32
controllers/auth.php
View File

@ -33,13 +33,14 @@ $app->get('/auth/start', function() use($app) {
$tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me);
$micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me);
$defaultScope = 'create';
if($tokenEndpoint && $micropubEndpoint && $authorizationEndpoint) {
// Generate a "state" parameter for the request
$state = IndieAuth\Client::generateStateParameter();
$_SESSION['auth_state'] = $state;
$scope = 'post';
$authorizationURL = IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, buildRedirectURI(), Config::$base_url, $state, $scope);
$authorizationURL = IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, buildRedirectURI(), Config::$base_url, $state, $defaultScope);
} else {
$authorizationURL = false;
}
@ -62,6 +63,11 @@ $app->get('/auth/start', function() use($app) {
$user->token_endpoint = $tokenEndpoint;
$user->save();
// Request whatever scope was previously granted
$authorizationURL = parse_url($authorizationURL);
$authorizationURL['scope'] = $user->micropub_scope;
$authorizationURL = http_build_url($authorizationURL);
$app->redirect($authorizationURL, 302);
} else {
@ -77,6 +83,11 @@ $app->get('/auth/start', function() use($app) {
$user->save();
if(k($params, 'dontask') && $params['dontask']) {
// Request whatever scope was previously granted
$authorizationURL = parse_url($authorizationURL);
$authorizationURL['scope'] = $user->micropub_scope ?: $defaultScope;
$authorizationURL = http_build_url($authorizationURL);
$_SESSION['dontask'] = 1;
$app->redirect($authorizationURL, 302);
}
@ -95,6 +106,23 @@ $app->get('/auth/start', function() use($app) {
}
});
$app->get('/auth/redirect', function() use($app) {
$req = $app->request();
$params = $req->params();
if(!isset($params['scope']))
$params['scope'] = '';
$authorizationURL = parse_url($params['authorization_url']);
parse_str($authorizationURL['query'], $query);
$query['scope'] = $params['scope'];
$authorizationURL['query'] = http_build_query($query);
$authorizationURL = http_build_url($authorizationURL);
$app->redirect($authorizationURL);
return;
});
$app->get('/auth/callback', function() use($app) {
$req = $app->request();
$params = $req->params();

14
views/auth_start.php
View File

@ -53,8 +53,18 @@
<p>Clicking the button below will take you to <strong>your</strong> authorization server which is where you will allow this app to be able to post to your site.</p>
<a href="<?= $this->authorizationURL ?>" class="btn btn-primary">Authorize</a>
<form action="/auth/redirect" method="get">
<p>Choose the scope to request:</p>
<ul style="list-style-type: none;">
<li><input type="radio" name="scope" value="create" checked="checked"> create</li>
<li><input type="radio" name="scope" value="post"> post (legacy)</li>
</ul>
<button class="btn btn-primary" type="submit" id="auth-submit">Authorize</button>
<input type="hidden" name="authorization_url" value="<?= $this->authorizationURL ?>">
</form>
<?php endif; ?>
</div>
</div>
Write Preview
Loading…
Cancel
Save