Browse Source

provide option for choosing the scope to request

update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
pull/82/head
Aaron Parecki 8 years ago
parent
commit
eab1a65f63
No known key found for this signature in database GPG Key ID: 276C2817346D6056
  1. 5
      composer.json
  2. 79
      composer.lock
  3. 32
      controllers/auth.php
  4. 12
      views/auth_start.php

5
composer.json

@ -3,10 +3,9 @@
"slim/slim": "2.2.*", "slim/slim": "2.2.*",
"saltybeagle/savant3": "dev-master", "saltybeagle/savant3": "dev-master",
"j4mie/idiorm": "1.4.*", "j4mie/idiorm": "1.4.*",
"mf2/mf2": "0.2.*",
"indieweb/mention-client": "0.*",
"mf2/mf2": "0.3.*",
"indieweb/date-formatter": "0.1.*", "indieweb/date-formatter": "0.1.*",
"indieauth/client": ">=0.1.11",
"indieauth/client": ">=0.2.0",
"mpratt/relativetime": ">=1.0", "mpratt/relativetime": ">=1.0",
"firebase/php-jwt": "2.*", "firebase/php-jwt": "2.*",
"abraham/twitteroauth": "*", "abraham/twitteroauth": "*",

79
composer.lock

@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically" "This file is @generated automatically"
], ],
"content-hash": "05f646a93f2c1204dddd80c4670dcf15",
"content-hash": "b7a5b281de45ad549d11a38464bdfb24",
"packages": [ "packages": [
{ {
"name": "abraham/twitteroauth", "name": "abraham/twitteroauth",
@ -278,22 +278,22 @@
}, },
{ {
"name": "indieauth/client", "name": "indieauth/client",
"version": "0.1.13",
"version": "0.2.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/indieweb/indieauth-client-php.git", "url": "https://github.com/indieweb/indieauth-client-php.git",
"reference": "d438bb03db15b4ccc6c63228be16de7870b6ab99"
"reference": "4b9bd766a92b8abbe420f5889bf7ebac7678151d"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/d438bb03db15b4ccc6c63228be16de7870b6ab99",
"reference": "d438bb03db15b4ccc6c63228be16de7870b6ab99",
"url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/4b9bd766a92b8abbe420f5889bf7ebac7678151d",
"reference": "4b9bd766a92b8abbe420f5889bf7ebac7678151d",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"barnabywalters/mf-cleaner": "0.*", "barnabywalters/mf-cleaner": "0.*",
"indieweb/link-rel-parser": "0.1.1",
"mf2/mf2": "0.2.*",
"indieweb/link-rel-parser": "0.1.*",
"mf2/mf2": "~0.3",
"php": ">5.3.0" "php": ">5.3.0"
}, },
"type": "library", "type": "library",
@ -313,7 +313,7 @@
} }
], ],
"description": "IndieAuth Client Library", "description": "IndieAuth Client Library",
"time": "2016-02-08T23:56:31+00:00"
"time": "2017-02-09T23:42:05+00:00"
}, },
{ {
"name": "indieweb/date-formatter", "name": "indieweb/date-formatter",
@ -360,16 +360,16 @@
}, },
{ {
"name": "indieweb/link-rel-parser", "name": "indieweb/link-rel-parser",
"version": "0.1.1",
"version": "0.1.3",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/indieweb/link-rel-parser-php.git", "url": "https://github.com/indieweb/link-rel-parser-php.git",
"reference": "9e0e635fd301a8b1da7bc181f651f029c531dbb6"
"reference": "295420e4f16d9a9d262a3c25a7a583794428f055"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/indieweb/link-rel-parser-php/zipball/9e0e635fd301a8b1da7bc181f651f029c531dbb6",
"reference": "9e0e635fd301a8b1da7bc181f651f029c531dbb6",
"url": "https://api.github.com/repos/indieweb/link-rel-parser-php/zipball/295420e4f16d9a9d262a3c25a7a583794428f055",
"reference": "295420e4f16d9a9d262a3c25a7a583794428f055",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
@ -402,46 +402,7 @@
"indieweb", "indieweb",
"microformats2" "microformats2"
], ],
"time": "2013-12-23T00:14:58+00:00"
},
{
"name": "indieweb/mention-client",
"version": "0.4.7",
"source": {
"type": "git",
"url": "https://github.com/indieweb/mention-client-php.git",
"reference": "15271f4988c7bf661896fad188fdf0bf91877a7f"
},
"dist": {
"type": "zip",
"url": "https://api.github.com/repos/indieweb/mention-client-php/zipball/15271f4988c7bf661896fad188fdf0bf91877a7f",
"reference": "15271f4988c7bf661896fad188fdf0bf91877a7f",
"shasum": ""
},
"require": {
"mf2/mf2": "0.2.*",
"php": ">=5.3"
},
"type": "library",
"autoload": {
"psr-0": {
"IndieWeb": "src/"
}
},
"notification-url": "https://packagist.org/downloads/",
"license": [
"Apache-2.0"
],
"authors": [
{
"name": "Aaron Parecki",
"email": "aaron@parecki.com",
"homepage": "http://aaronparecki.com/"
}
],
"description": "Client library for sending webmention and pingback notifications",
"homepage": "https://github.com/indieweb/mention-client-php",
"time": "2015-04-03T11:21:06+00:00"
"time": "2017-01-11T17:14:49+00:00"
}, },
{ {
"name": "j4mie/idiorm", "name": "j4mie/idiorm",
@ -503,20 +464,20 @@
}, },
{ {
"name": "mf2/mf2", "name": "mf2/mf2",
"version": "v0.2.12",
"version": "v0.3.0",
"source": { "source": {
"type": "git", "type": "git",
"url": "https://github.com/indieweb/php-mf2.git", "url": "https://github.com/indieweb/php-mf2.git",
"reference": "6701504876d6c9242eb310b35f41d40d9785ab4e"
"reference": "4fb2eb5365cbc0fd2e0c26ca748777d6c2539763"
}, },
"dist": { "dist": {
"type": "zip", "type": "zip",
"url": "https://api.github.com/repos/indieweb/php-mf2/zipball/6701504876d6c9242eb310b35f41d40d9785ab4e",
"reference": "6701504876d6c9242eb310b35f41d40d9785ab4e",
"url": "https://api.github.com/repos/indieweb/php-mf2/zipball/4fb2eb5365cbc0fd2e0c26ca748777d6c2539763",
"reference": "4fb2eb5365cbc0fd2e0c26ca748777d6c2539763",
"shasum": "" "shasum": ""
}, },
"require": { "require": {
"php": ">=5.3.0"
"php": ">=5.4.0"
}, },
"require-dev": { "require-dev": {
"phpunit/phpunit": "3.7.*" "phpunit/phpunit": "3.7.*"
@ -536,7 +497,7 @@
}, },
"notification-url": "https://packagist.org/downloads/", "notification-url": "https://packagist.org/downloads/",
"license": [ "license": [
"MIT"
"CC0"
], ],
"authors": [ "authors": [
{ {
@ -552,7 +513,7 @@
"parser", "parser",
"semantic" "semantic"
], ],
"time": "2015-07-12T14:10:01+00:00"
"time": "2016-03-14T12:13:34+00:00"
}, },
{ {
"name": "mpratt/relativetime", "name": "mpratt/relativetime",

32
controllers/auth.php

@ -33,13 +33,14 @@ $app->get('/auth/start', function() use($app) {
$tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me); $tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me);
$micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me); $micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me);
$defaultScope = 'create';
if($tokenEndpoint && $micropubEndpoint && $authorizationEndpoint) { if($tokenEndpoint && $micropubEndpoint && $authorizationEndpoint) {
// Generate a "state" parameter for the request // Generate a "state" parameter for the request
$state = IndieAuth\Client::generateStateParameter(); $state = IndieAuth\Client::generateStateParameter();
$_SESSION['auth_state'] = $state; $_SESSION['auth_state'] = $state;
$scope = 'post';
$authorizationURL = IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, buildRedirectURI(), Config::$base_url, $state, $scope);
$authorizationURL = IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, buildRedirectURI(), Config::$base_url, $state, $defaultScope);
} else { } else {
$authorizationURL = false; $authorizationURL = false;
} }
@ -62,6 +63,11 @@ $app->get('/auth/start', function() use($app) {
$user->token_endpoint = $tokenEndpoint; $user->token_endpoint = $tokenEndpoint;
$user->save(); $user->save();
// Request whatever scope was previously granted
$authorizationURL = parse_url($authorizationURL);
$authorizationURL['scope'] = $user->micropub_scope;
$authorizationURL = http_build_url($authorizationURL);
$app->redirect($authorizationURL, 302); $app->redirect($authorizationURL, 302);
} else { } else {
@ -77,6 +83,11 @@ $app->get('/auth/start', function() use($app) {
$user->save(); $user->save();
if(k($params, 'dontask') && $params['dontask']) { if(k($params, 'dontask') && $params['dontask']) {
// Request whatever scope was previously granted
$authorizationURL = parse_url($authorizationURL);
$authorizationURL['scope'] = $user->micropub_scope ?: $defaultScope;
$authorizationURL = http_build_url($authorizationURL);
$_SESSION['dontask'] = 1; $_SESSION['dontask'] = 1;
$app->redirect($authorizationURL, 302); $app->redirect($authorizationURL, 302);
} }
@ -95,6 +106,23 @@ $app->get('/auth/start', function() use($app) {
} }
}); });
$app->get('/auth/redirect', function() use($app) {
$req = $app->request();
$params = $req->params();
if(!isset($params['scope']))
$params['scope'] = '';
$authorizationURL = parse_url($params['authorization_url']);
parse_str($authorizationURL['query'], $query);
$query['scope'] = $params['scope'];
$authorizationURL['query'] = http_build_query($query);
$authorizationURL = http_build_url($authorizationURL);
$app->redirect($authorizationURL);
return;
});
$app->get('/auth/callback', function() use($app) { $app->get('/auth/callback', function() use($app) {
$req = $app->request(); $req = $app->request();
$params = $req->params(); $params = $req->params();

12
views/auth_start.php

@ -53,7 +53,17 @@
<p>Clicking the button below will take you to <strong>your</strong> authorization server which is where you will allow this app to be able to post to your site.</p> <p>Clicking the button below will take you to <strong>your</strong> authorization server which is where you will allow this app to be able to post to your site.</p>
<a href="<?= $this->authorizationURL ?>" class="btn btn-primary">Authorize</a>
<form action="/auth/redirect" method="get">
<p>Choose the scope to request:</p>
<ul style="list-style-type: none;">
<li><input type="radio" name="scope" value="create" checked="checked"> create</li>
<li><input type="radio" name="scope" value="post"> post (legacy)</li>
</ul>
<button class="btn btn-primary" type="submit" id="auth-submit">Authorize</button>
<input type="hidden" name="authorization_url" value="<?= $this->authorizationURL ?>">
</form>
<?php endif; ?> <?php endif; ?>
Loading…
Cancel
Save