[Fusionforge-commits] r13039 - trunk/src/plugins/oauthprovider/include

Olivier Berger olberger at fusionforge.org
Thu Apr 7 13:41:08 CEST 2011


Author: olberger
Date: 2011-04-07 13:41:08 +0200 (Thu, 07 Apr 2011)
New Revision: 13039

Modified:
   trunk/src/plugins/oauthprovider/include/oauthprovider_plugin.php
Log:
Only generate error header and display message if OAuth is required

Modified: trunk/src/plugins/oauthprovider/include/oauthprovider_plugin.php
===================================================================
--- trunk/src/plugins/oauthprovider/include/oauthprovider_plugin.php	2011-04-07 09:50:42 UTC (rev 13038)
+++ trunk/src/plugins/oauthprovider/include/oauthprovider_plugin.php	2011-04-07 11:41:08 UTC (rev 13039)
@@ -195,7 +195,10 @@
 	function checkAuthSession(&$params) {
 		$this->saved_user = NULL;
 		$user = NULL;
-
+		$code = NULL;
+		$req = NULL;
+		$errormsg = NULL;
+		
 		try {
 			$oauthprovider_server = new OAuthServer(FFDbOAuthDataStore::singleton());
 			
@@ -227,22 +230,7 @@
 			
 		} catch (OAuthException $e) {
 			$code = $e->getCode();
-			if ($code) {
-				switch($code) {
-					case 401:
-						header('HTTP/1.1 401 Unauthorized', 401);
-						break;
-					case 400:
-						header('HTTP/1.1 400 Bad Request', 400);
-						break;
-					default:
-						break;
-				}
-			}
-			
-			echo "OAuth problem - code $code: \n";
-			print($e->getMessage() . "\n<hr />\n");
-			print_r($req);
+			$errormsg = $e->getMessage();
 		}
 		
 		if ($user) {
@@ -255,6 +243,22 @@
 			}
 		} else {
 			if ($this->isRequired()) {
+				if ($code) {
+					switch($code) {
+						case 401:
+							header('HTTP/1.1 401 Unauthorized', 401);
+							break;
+						case 400:
+							header('HTTP/1.1 400 Bad Request', 400);
+							break;
+						default:
+							break;
+					}
+				}
+				
+				echo "OAuth problem - code $code: \n";
+				print($errormsg . "\n<hr />\n");
+				print_r($req);
 				$params['results'][$this->name] = FORGE_AUTH_AUTHORITATIVE_REJECT;
 			} else {
 				$params['results'][$this->name] = FORGE_AUTH_NOT_AUTHORITATIVE;




More information about the Fusionforge-commits mailing list