//TODO: check if this can be faked by editing the cookie in firebug!
$token=OC_remoteStorage::createCategories($appUrl, $categories);
header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=bearer');
+ } else if($existingToken = OC_remoteStorage::getTokenFor($appUrl, $categories)) {
+ header('Location: '.$_GET['redirect_uri'].'#access_token='.$existingToken.'&token_type=bearer');
} else {
?>
<!DOCTYPE html>
</header>
<section id="main">
<div id="oauth">
- <h2><img src="../remoteStorage-big.png" alt="remoteStorage" /></h2>
- <p><strong><?php $appUrlParts = explode('/', $_GET['redirect_uri']); echo htmlentities($appUrlParts[2]); ?></strong>
- requests read & write access to your
- <?php
- $categories = explode(',', htmlentities($_GET['scope']));
- if(!count($categories)) {
- echo htmlentities($_GET['scope']);
- } else {
- echo '<em>'.$categories[0].'</em>';
- if(count($categories)==2) {
- echo ' and <em>'.$categories[1].'</em>';
- } else if(count($categories)>2) {
- for($i=1; $i<count($categories)-1; $i++) {
- echo ', <em>'.$categories[$i].'</em>';
- }
- echo ', and <em>'.$categories[$i].'</em>';
- }
- }
- ?>.
+
<h2><img src="../remoteStorage-big.png" alt="remoteStorage" /></h2>
+
<p><strong><?php $appUrlParts = explode('/', $_GET['redirect_uri']); echo htmlentities($appUrlParts[2]); ?></strong>
+ requests read & write access to your
+ <?php
+ $categories = explode(',', htmlentities($_GET['scope']));
+ if(!count($categories)) {
+ echo htmlentities($_GET['scope']);
+ } else {
+ echo '<em>'.$categories[0].'</em>';
+ if(count($categories)==2) {
+ echo ' and <em>'.$categories[1].'</em>';
+ } else if(count($categories)>2) {
+ for($i=1; $i<count($categories)-1; $i++) {
+ echo ', <em>'.$categories[$i].'</em>';
+ }
+ echo ', and <em>'.$categories[$i].'</em>';
+ }
+ }
+ ?>.
</p>
<form accept-charset="UTF-8" method="post">
<input id="allow-auth" name="allow" type="submit" value="Allow" />
return $ret;
}
+ public static function getTokenFor($appUrl, $categories) {
+ $user=OCP\USER::getUser();
+ $query=OCP\DB::prepare("SELECT token FROM *PREFIX*authtoken WHERE user=? AND appUrl=? AND category=? LIMIT 1");
+ $result=$query->execute(array($user, $appUrl, $categories));
+ $ret = array();
+ if($row=$result->fetchRow()) {
+ return $row['token'];
+ } else {
+ return false;
+ }
+ }
+
public static function getAllTokens() {
$user=OCP\USER::getUser();
$query=OCP\DB::prepare("SELECT token,appUrl,category FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
projects / nextcloud-server.git / commitdiff