GNUsocial/gnu-social
4
0
Fork 1
Code Issues Releases Wiki Activity

Remove second OAuth request validation.

Browse Source
This commit is contained in:
Adrian Lang 2009-03-07 13:04:36 +01:00
parent 24713499a9
commit df7565ddcc
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
actions/userauthorization.php
View File

@ -56,7 +56,6 @@ class UserauthorizationAction extends Action
if (!$req) { if (!$req) {
$this->clientError(_('No request found!')); $this->clientError(_('No request found!'));
} }
# XXX: only validate new requests, since nonce is one-time use
$this->validateRequest($req); $this->validateRequest($req);
$this->storeRequest($req); $this->storeRequest($req);
$this->showForm($req); $this->showForm($req);
@ -307,14 +306,11 @@ class UserauthorizationAction extends Action
} }
$user = common_current_user(); $user = common_current_user();
$datastore = omb_oauth_datastore();
$consumer = $this->getConsumer($datastore, $req);
$token = $this->getToken($datastore, $req, $consumer);
$sub = new Subscription(); $sub = new Subscription();
$sub->subscriber = $user->id; $sub->subscriber = $user->id;
$sub->subscribed = $remote->id; $sub->subscribed = $remote->id;
$sub->token = $token->key; # NOTE: request token, not valid for use! $sub->token = $req->get_parameter('oauth_token'); # NOTE: request token, not valid for use!
$sub->created = DB_DataObject_Cast::dateTime(); # current time $sub->created = DB_DataObject_Cast::dateTime(); # current time
if (!$sub->insert()) { if (!$sub->insert()) {
@ -388,7 +384,9 @@ class UserauthorizationAction extends Action
function validateRequest(&$req) function validateRequest(&$req)
{ {
/* Find token. */ /* Find token.
TODO: If no token is passed the user should get a prompt to enter it
according to OAuth Core 1.0 */
$t = new Token(); $t = new Token();
$t->tok = $req->get_parameter('oauth_token'); $t->tok = $req->get_parameter('oauth_token');
$t->type = 0; $t->type = 0;