diff options
Diffstat (limited to 'app/controllers/api')
| -rw-r--r-- | app/controllers/api/authorizations.php | 58 | ||||
| -rw-r--r-- | app/controllers/api/oauth.php | 113 | ||||
| -rw-r--r-- | app/controllers/api/oauth2/applications.php | 4 | ||||
| -rw-r--r-- | app/controllers/api/oauth2/authorize.php | 4 | ||||
| -rw-r--r-- | app/controllers/api/oauth2/oauth2_controller.php | 2 | ||||
| -rw-r--r-- | app/controllers/api/oauth2/token.php | 4 |
6 files changed, 7 insertions, 178 deletions
diff --git a/app/controllers/api/authorizations.php b/app/controllers/api/authorizations.php deleted file mode 100644 index 543bc79..0000000 --- a/app/controllers/api/authorizations.php +++ /dev/null @@ -1,58 +0,0 @@ -<?php - -require_once 'lib/bootstrap-api.php'; - -/** -* @deprecated Since Stud.IP 5.0. Will be removed in Stud.IP 6.0. - **/ -class Api_AuthorizationsController extends AuthenticatedController -{ - /** - * - **/ - public function before_filter(&$action, &$args) - { - parent::before_filter($action, $args); - - $GLOBALS['perm']->check('autor'); - - Navigation::activateItem('/profile/settings/api'); - PageLayout::setTitle(_('Applikationen')); - - $this->types = [ - 'website' => _('Website'), - 'program' => _('Herkömmliches Desktopprogramm'), - 'app' => _('Mobile App') - ]; - } - - /** - * - **/ - public function index_action() - { - $this->consumers = RESTAPI\UserPermissions::get($GLOBALS['user']->id)->getConsumers(); - $this->types = [ - 'website' => _('Website'), - 'program' => _('Herkömmliches Desktopprogramm'), - 'app' => _('Mobile App') - ]; - - $widget = new SidebarWidget(); - $widget->setTitle(_('Informationen')); - $widget->addElement(new WidgetElement(_('Dies sind die Apps, die Zugriff auf Ihren Account haben.'))); - Sidebar::Get()->addWidget($widget); - } - - /** - * - **/ - public function revoke_action($id) - { - $consumer = new RESTAPI\Consumer\OAuth($id); - $consumer->revokeAccess($GLOBALS['user']->id); - - PageLayout::postMessage(MessageBox::success(_('Der Applikation wurde der Zugriff auf Ihre Daten untersagt.'))); - $this->redirect('api/authorizations'); - } -} diff --git a/app/controllers/api/oauth.php b/app/controllers/api/oauth.php deleted file mode 100644 index bc80c90..0000000 --- a/app/controllers/api/oauth.php +++ /dev/null @@ -1,113 +0,0 @@ -<?php - -require_once 'lib/bootstrap-api.php'; - -/** - * @deprecated Since Stud.IP 5.0. Will be removed in Stud.IP 6.0. - **/ -class Api_OauthController extends StudipController -{ - /** - * - **/ - public function before_filter(&$action, &$args) - { - parent::before_filter($action, $args); - - # initialize Stud.IP-Session - page_open(['sess' => 'Seminar_Session', - 'auth' => 'Seminar_Default_Auth', - 'perm' => 'Seminar_Perm', - 'user' => 'Seminar_User']); - - $this->set_layout(null); - } - - /** - * - **/ - public function index_action() - { - $this->render_text('TODO'); - } - - /** - * - **/ - public function request_token_action() - { - $server = new OAuthServer(); - $token = $server->requestToken(); - - $this->response->headers = []; - $this->render_nothing(); - } - - /** - * - **/ - public function authorize_action() - { - global $user, $auth; - - $auth_plugin = Config::get()->API_OAUTH_AUTH_PLUGIN; - if ($GLOBALS['user']->id === 'nobody' && $auth_plugin !== 'Standard' && !Request::option('sso')) { - $params = $_GET; - $params['sso'] = strtolower($auth_plugin); - $this->redirect($this->url_for('api/oauth/authorize?' . http_build_query($params))); - return; - } else { - $auth->login_if($user->id === 'nobody'); - } - - $user_id = RESTAPI\Consumer\OAuth::getOAuthId($GLOBALS['user']->id); - - try { - $consumer = RESTAPI\Consumer\Base::detectConsumer('oauth', 'request'); - if (!$consumer) { - $this->response->set_status(400, 'No consumer detected'); - $this->render_nothing(); - return; - } - - if (Request::submitted('allow')) { - $result = $consumer->grantAccess($GLOBALS['user']->id); - - $redirect_uri = Request::get('oauth_callback', $consumer->callback); - - if ($redirect_uri) { - $this->redirect($redirect_uri); - } else { - // No oauth_callback, show the user the result of the authorization - // ** your code here ** - PageLayout::postMessage(MessageBox::success(_('Sie haben der Applikation Zugriff auf Ihre Daten gewährt.'))); - $this->redirect('api/authorizations#' . $consumer->auth_key); - } - return; - } - } catch (OAuthException2 $e) { - // No token to be verified in the request, show a page where the user can enter the token to be verified - // **your code here** - die('invalid'); - } - - PageLayout::disableHeader(); - PageLayout::setTitle(sprintf(_('"%s" bittet um Zugriff'), $consumer->title)); - $this->set_layout($GLOBALS['template_factory']->open('layouts/base.php')); - $this->consumer = $consumer; - $this->token = Request::option('oauth_token'); - $this->oauth_callback = Request::get('oauth_callback'); - } - - /** - * - **/ - public function access_token_action() - { - $server = new OAuthServer(); - $server->accessToken(); - - $this->response->headers = []; - $this->render_nothing(); - } -} diff --git a/app/controllers/api/oauth2/applications.php b/app/controllers/api/oauth2/applications.php index d08ec1e..fd6a1bb 100644 --- a/app/controllers/api/oauth2/applications.php +++ b/app/controllers/api/oauth2/applications.php @@ -31,7 +31,7 @@ class Api_Oauth2_ApplicationsController extends AuthenticatedController $this->application = $this->formatApplication($accessToken); if (!$this->application) { - throw new Trails_Exception(500, 'Error finding client.'); + throw new Trails\Exception(500, 'Error finding client.'); } } @@ -42,7 +42,7 @@ class Api_Oauth2_ApplicationsController extends AuthenticatedController $user = User::findCurrent(); $accessToken = AccessToken::find(Request::option('application')); if (!$accessToken) { - throw new Trails_Exception(404); + throw new Trails\Exception(404); } if ($accessToken['user_id'] !== $user->id) { throw new AccessDeniedException(); diff --git a/app/controllers/api/oauth2/authorize.php b/app/controllers/api/oauth2/authorize.php index 5628d49..6387937 100644 --- a/app/controllers/api/oauth2/authorize.php +++ b/app/controllers/api/oauth2/authorize.php @@ -13,7 +13,7 @@ class Api_Oauth2_AuthorizeController extends OAuth2Controller parent::before_filter($action, $args); if ('index' !== $action) { - throw new Trails_Exception(404); + throw new Trails\Exception(404); } $action = $this->determineAction(); @@ -55,7 +55,7 @@ class Api_Oauth2_AuthorizeController extends OAuth2Controller if ('nobody' === $GLOBALS['user']->id && 'Standard' !== $authPlugin && !Request::option('sso')) { $queryParams = $psrRequest->getQueryParams(); $queryParams['sso'] = strtolower($authPlugin); - $this->redirect($this->authorizeURL($queryParams)); + $this->redirect($this->url_for('api/oauth2/authorize', $queryParams)); return; } else { diff --git a/app/controllers/api/oauth2/oauth2_controller.php b/app/controllers/api/oauth2/oauth2_controller.php index fd02ea9..6b3dacd 100644 --- a/app/controllers/api/oauth2/oauth2_controller.php +++ b/app/controllers/api/oauth2/oauth2_controller.php @@ -42,7 +42,7 @@ abstract class OAuth2Controller extends StudipController return $this->convertPsrResponse($psrResponse); } - return new Trails_Response($exception->getMessage(), [], 500); + return new Trails\Response($exception->getMessage(), [], 500); } protected function getAuthorizationServer(): AuthorizationServer diff --git a/app/controllers/api/oauth2/token.php b/app/controllers/api/oauth2/token.php index 0ae7ffb..755d6b7 100644 --- a/app/controllers/api/oauth2/token.php +++ b/app/controllers/api/oauth2/token.php @@ -8,11 +8,11 @@ class Api_Oauth2_TokenController extends OAuth2Controller parent::before_filter($action, $args); if ('index' !== $action) { - throw new Trails_Exception(404); + throw new Trails\Exception(404); } if (!Request::isPost()) { - throw new Trails_Exception(405); + throw new Trails\Exception(405); } $action = 'issue_token'; |