diff options
author | Frank Karlitschek <frank@owncloud.org> | 2012-08-26 17:30:07 +0200 |
---|---|---|
committer | Frank Karlitschek <frank@owncloud.org> | 2012-08-26 17:30:07 +0200 |
commit | 72e9a2ce57ee88503db83614cec5ccda71f0b58e (patch) | |
tree | 8bc301ca22d9ca08ea54426bcb61f62bd1c1cb75 /apps/remoteStorage/auth.php | |
parent | 32bad688bdb4fea55eba9d4255fc55f1c60a0aca (diff) | |
download | nextcloud-server-72e9a2ce57ee88503db83614cec5ccda71f0b58e.tar.gz nextcloud-server-72e9a2ce57ee88503db83614cec5ccda71f0b58e.zip |
moved to apps repository
Diffstat (limited to 'apps/remoteStorage/auth.php')
-rw-r--r-- | apps/remoteStorage/auth.php | 79 |
1 files changed, 0 insertions, 79 deletions
diff --git a/apps/remoteStorage/auth.php b/apps/remoteStorage/auth.php deleted file mode 100644 index 91ca43ea076..00000000000 --- a/apps/remoteStorage/auth.php +++ /dev/null @@ -1,79 +0,0 @@ -<?php - -/** -* ownCloud -* -* Original: -* @author Frank Karlitschek -* @copyright 2012 Frank Karlitschek frank@owncloud.org -* -* Adapted: -* @author Michiel de Jong, 2012 -* -* This library is free software; you can redistribute it and/or -* modify it under the terms of the GNU AFFERO GENERAL PUBLIC LICENSE -* License as published by the Free Software Foundation; either -* version 3 of the License, or any later version. -* -* This library is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU AFFERO GENERAL PUBLIC LICENSE for more details. -* -* You should have received a copy of the GNU Affero General Public -* License along with this library. If not, see <http://www.gnu.org/licenses/>. -* -*/ - -header("X-Frame-Options: Sameorigin"); - -OCP\App::checkAppEnabled('remoteStorage'); -require_once('Sabre/autoload.php'); -require_once('lib_remoteStorage.php'); -require_once('oauth_ro_auth.php'); - -ini_set('default_charset', 'UTF-8'); -#ini_set('error_reporting', ''); -@ob_clean(); - -foreach($_GET as $k => $v) { - if($k=='userid'){ - $userId=$v; - } else if($k=='redirect_uri'){ - $appUrlParts=explode('/', $v); - $appUrl = htmlentities($appUrlParts[2]);//TODO: check if this is equal to client_id - } else if($k=='scope'){ - $categories=htmlentities($v); - } -} -$currUser = OCP\USER::getUser(); -if($userId && $appUrl && $categories) { - if($currUser == $userId) { - if(isset($_POST['allow'])) { - //TODO: check if this can be faked by editing the cookie in firebug! - $token=OC_remoteStorage::createCategories($appUrl, $categories); - header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=bearer'); - } else if($existingToken = OC_remoteStorage::getTokenFor($appUrl, $categories)) { - header('Location: '.$_GET['redirect_uri'].'#access_token='.$existingToken.'&token_type=bearer'); - } else { - //params ok, logged in ok, but need to click Allow still: - $appUrlParts = explode('/', $_GET['redirect_uri']); - $host = $appUrlParts[2]; - $categories = explode(',', $_GET['scope']); - OCP\Util::addStyle('', 'auth'); - OCP\Template::printGuestPage('remoteStorage', 'auth', array( - 'host' => $host, - 'categories' => $categories, - )); - }//end 'need to click Allow still' - } else {//login not ok - if($currUser) { - die('You are logged in as '.$currUser.' instead of '.htmlentities($userId)); - } else { - // this will display the login page for us - OCP\Util::checkLoggedIn(); - } - } -} else {//params not ok - die('please use e.g. '.OCP\Util::linkTo('remoteStorage', 'auth.php').'?userid=admin&redirect_uri=http://host/path&scope=...'); -} |