From a57d67c91548482c74e07034c7717fa4e1057d3b Mon Sep 17 00:00:00 2001
From: Brion Vibber <brion@pobox.com>
Date: Mon, 27 Sep 2010 12:24:10 -0700
Subject: [PATCH] Work in progress on fixing auth... looks like the iframe
 doesn't work though. Sigh.

---
 .../YammerImport/actions/yammeradminpanel.php | 38 +++++++++++--------
 .../YammerImport/lib/yammerauthinitform.php   |  1 +
 .../YammerImport/lib/yammerauthverifyform.php | 12 +++---
 plugins/YammerImport/lib/yammerrunner.php     | 21 ++++++++--
 .../YammerImport/scripts/yammer-import.php    |  2 +
 5 files changed, 49 insertions(+), 25 deletions(-)

diff --git a/plugins/YammerImport/actions/yammeradminpanel.php b/plugins/YammerImport/actions/yammeradminpanel.php
index 56e721d03c..71651cdf56 100644
--- a/plugins/YammerImport/actions/yammeradminpanel.php
+++ b/plugins/YammerImport/actions/yammeradminpanel.php
@@ -33,6 +33,8 @@ if (!defined('STATUSNET')) {
 
 class YammeradminpanelAction extends AdminPanelAction
 {
+    private $runner;
+
     /**
      * Returns the page title
      *
@@ -59,23 +61,29 @@ class YammeradminpanelAction extends AdminPanelAction
 
         $this->init_auth = $this->trimmed('init_auth');
         $this->verify_token = $this->trimmed('verify_token');
+        $this->runner = YammerRunner::init();
 
         return $ok;
     }
 
     function handle($args)
     {
-        if ($this->init_auth) {
-            $url = $runner->requestAuth();
-            $form = new YammerAuthVerifyForm($this, $url);
-            return $this->showAjaxForm($form);
-        } else if ($this->verify_token) {
-            $runner->saveAuthToken($this->verify_token);
-            $form = new YammerAuthProgressForm();
-            return $this->showAjaxForm($form);
+        if ($_SERVER['REQUEST_METHOD'] == 'POST') {
+            $this->checkSessionToken();
+            if ($this->init_auth) {
+                $url = $this->runner->requestAuth();
+                $form = new YammerAuthVerifyForm($this, $this->runner);
+                return $this->showAjaxForm($form);
+            } else if ($this->verify_token) {
+                $this->runner->saveAuthToken($this->verify_token);
+                $form = new YammerAuthProgressForm();
+                return $this->showAjaxForm($form);
+            } else {
+                throw new ClientException('Invalid POST');
+            }
+        } else {
+            return parent::handle($args);
         }
-
-        return parent::handle($args);
     }
 
     function showAjaxForm($form)
@@ -99,18 +107,16 @@ class YammeradminpanelAction extends AdminPanelAction
     {
         $this->elementStart('fieldset');
 
-        $runner = YammerRunner::init();
-
-        switch($runner->state())
+        switch($this->runner->state())
         {
             case 'init':
-                $form = new YammerAuthInitForm($this);
+                $form = new YammerAuthInitForm($this, $this->runner);
                 break;
             case 'requesting-auth':
-                $form = new YammerAuthVerifyForm($this, $runner);
+                $form = new YammerAuthVerifyForm($this, $this->runner);
                 break;
             default:
-                $form = new YammerProgressForm($this, $runner);
+                $form = new YammerProgressForm($this, $this->runner);
         }
         $form->show();
 
diff --git a/plugins/YammerImport/lib/yammerauthinitform.php b/plugins/YammerImport/lib/yammerauthinitform.php
index 559ec4e7cc..5a83a06c21 100644
--- a/plugins/YammerImport/lib/yammerauthinitform.php
+++ b/plugins/YammerImport/lib/yammerauthinitform.php
@@ -56,6 +56,7 @@ class YammerAuthInitForm extends Form
 
     function formData()
     {
+        $this->out->hidden('init_auth', '1');
     }
 
     /**
diff --git a/plugins/YammerImport/lib/yammerauthverifyform.php b/plugins/YammerImport/lib/yammerauthverifyform.php
index 488b5b8d1f..dc9d2ce1b2 100644
--- a/plugins/YammerImport/lib/yammerauthverifyform.php
+++ b/plugins/YammerImport/lib/yammerauthverifyform.php
@@ -2,12 +2,12 @@
 
 class YammerAuthVerifyForm extends Form
 {
-    private $verify_url;
+    private $runner;
 
-    function __construct($out, $auth_url)
+    function __construct($out, YammerRunner $runner)
     {
         parent::__construct($out);
-        $this->verify_url = $auth_url;
+        $this->runner = $runner;
     }
 
     /**
@@ -64,6 +64,9 @@ class YammerAuthVerifyForm extends Form
 
     function formData()
     {
+        $this->out->input('verify_token', _m('Verification code:'), '', _m("Click through and paste the code it gives you below..."));
+        $this->out->element('iframe', array('id' => 'yammer-oauth',
+                                            'src' => $this->runner->getAuthUrl()));
     }
 
     /**
@@ -74,9 +77,6 @@ class YammerAuthVerifyForm extends Form
 
     function formActions()
     {
-        $this->out->input('verify-code', _m('Verification code:'), '', _m("Click through and paste the code it gives you below..."));
         $this->out->submit('submit', _m('Verify code'), 'submit', null, _m('Verification code'));
-        $this->element('iframe', array('id' => 'yammer-oauth',
-                                       'src' => $this->auth_url));
     }
 }
diff --git a/plugins/YammerImport/lib/yammerrunner.php b/plugins/YammerImport/lib/yammerrunner.php
index e0aadff2c3..aee6b17e15 100644
--- a/plugins/YammerImport/lib/yammerrunner.php
+++ b/plugins/YammerImport/lib/yammerrunner.php
@@ -123,7 +123,7 @@ class YammerRunner
     public function requestAuth()
     {
         if ($this->state->state != 'init') {
-            throw ServerError("Cannot request Yammer auth; already there!");
+            throw new ServerException("Cannot request Yammer auth; already there!");
         }
 
         $data = $this->client->requestToken();
@@ -135,7 +135,22 @@ class YammerRunner
         $this->state->modified = common_sql_now();
         $this->state->update($old);
 
-        return $this->client->authorizeUrl($this->state->oauth_token);
+        return $this->getAuthUrl();
+    }
+
+    /**
+     * When already in requesting-auth state, grab the URL to send the user to
+     * to complete OAuth setup.
+     *
+     * @return string URL
+     */
+    function getAuthUrl()
+    {
+        if ($this->state() == 'requesting-auth') {
+            return $this->client->authorizeUrl($this->state->oauth_token);
+        } else {
+            throw new ServerException('Cannot get Yammer auth URL when not in requesting-auth state!');
+        }
     }
 
     /**
@@ -152,7 +167,7 @@ class YammerRunner
     public function saveAuthToken($verifier)
     {
         if ($this->state->state != 'requesting-auth') {
-            throw ServerError("Cannot save auth token in Yammer import state {$this->state->state}");
+            throw new ServerException("Cannot save auth token in Yammer import state {$this->state->state}");
         }
 
         $data = $this->client->accessToken($verifier);
diff --git a/plugins/YammerImport/scripts/yammer-import.php b/plugins/YammerImport/scripts/yammer-import.php
index 1491cfd308..b4aa921e50 100644
--- a/plugins/YammerImport/scripts/yammer-import.php
+++ b/plugins/YammerImport/scripts/yammer-import.php
@@ -16,6 +16,8 @@ $runner = YammerRunner::init();
 if (have_option('reset')) {
     echo "Resetting Yammer import state...\n";
     $runner->reset();
+    echo "done.\n";
+    exit(0);
 }
 
 switch ($runner->state())