[Fusionforge-commits] r12674 - in trunk/src/plugins: . oauthprovider oauthprovider/bin oauthprovider/common oauthprovider/cronjobs oauthprovider/db oauthprovider/debian oauthprovider/debian/dsf-in oauthprovider/debian/po oauthprovider/debian/source oauthprovider/etc oauthprovider/etc/httpd.d oauthprovider/etc/plugins oauthprovider/etc/plugins/oauthprovider oauthprovider/include oauthprovider/packaging oauthprovider/packaging/control oauthprovider/packaging/dirs oauthprovider/packaging/docs oauthprovider/packaging/install oauthprovider/packaging/links oauthprovider/translations oauthprovider/utils oauthprovider/www oauthprovider/www/admin
Madhumita Dhar
mdhar at fusionforge.org
Fri Mar 11 10:32:47 CET 2011
Author: mdhar
Date: 2011-03-11 10:32:45 +0100 (Fri, 11 Mar 2011)
New Revision: 12674
Added:
trunk/src/plugins/oauthprovider/
trunk/src/plugins/oauthprovider/bin/
trunk/src/plugins/oauthprovider/bin/db-delete.pl
trunk/src/plugins/oauthprovider/bin/db-upgrade.pl
trunk/src/plugins/oauthprovider/bin/sayhello
trunk/src/plugins/oauthprovider/common/
trunk/src/plugins/oauthprovider/common/oauthprovider-init.php
trunk/src/plugins/oauthprovider/cronjobs/
trunk/src/plugins/oauthprovider/cronjobs/manage_oauthprovider.php
trunk/src/plugins/oauthprovider/db/
trunk/src/plugins/oauthprovider/db/oauthprovider-init.sql
trunk/src/plugins/oauthprovider/debian/
trunk/src/plugins/oauthprovider/debian/README.Debian
trunk/src/plugins/oauthprovider/debian/README.source
trunk/src/plugins/oauthprovider/debian/changelog
trunk/src/plugins/oauthprovider/debian/compat
trunk/src/plugins/oauthprovider/debian/control
trunk/src/plugins/oauthprovider/debian/copyright
trunk/src/plugins/oauthprovider/debian/docs
trunk/src/plugins/oauthprovider/debian/dsf-in/
trunk/src/plugins/oauthprovider/debian/dsf-in/plugin-oauthprovider.postinst
trunk/src/plugins/oauthprovider/debian/dsf-in/plugin-oauthprovider.prerm
trunk/src/plugins/oauthprovider/debian/po/
trunk/src/plugins/oauthprovider/debian/po/templates.pot
trunk/src/plugins/oauthprovider/debian/rules
trunk/src/plugins/oauthprovider/debian/source/
trunk/src/plugins/oauthprovider/debian/source/format
trunk/src/plugins/oauthprovider/etc/
trunk/src/plugins/oauthprovider/etc/httpd.d/
trunk/src/plugins/oauthprovider/etc/httpd.d/62plugin-oauthprovider
trunk/src/plugins/oauthprovider/etc/plugins/
trunk/src/plugins/oauthprovider/etc/plugins/oauthprovider/
trunk/src/plugins/oauthprovider/etc/plugins/oauthprovider/config.php
trunk/src/plugins/oauthprovider/include/
trunk/src/plugins/oauthprovider/include/access_token_api.php
trunk/src/plugins/oauthprovider/include/consumer_api.php
trunk/src/plugins/oauthprovider/include/fusionforge_oauth_datastore.php
trunk/src/plugins/oauthprovider/include/oauthprovider_plugin.php
trunk/src/plugins/oauthprovider/include/request_token_api.php
trunk/src/plugins/oauthprovider/include/token_api.php
trunk/src/plugins/oauthprovider/packaging/
trunk/src/plugins/oauthprovider/packaging/control/
trunk/src/plugins/oauthprovider/packaging/control/000source
trunk/src/plugins/oauthprovider/packaging/control/222plugin-oauthprovider
trunk/src/plugins/oauthprovider/packaging/control/222plugin-oauthprovider.shortdesc
trunk/src/plugins/oauthprovider/packaging/dirs/
trunk/src/plugins/oauthprovider/packaging/dirs/plugin-oauthprovider
trunk/src/plugins/oauthprovider/packaging/docs/
trunk/src/plugins/oauthprovider/packaging/docs/plugin-oauthprovider
trunk/src/plugins/oauthprovider/packaging/install/
trunk/src/plugins/oauthprovider/packaging/install/plugin-oauthprovider
trunk/src/plugins/oauthprovider/packaging/links/
trunk/src/plugins/oauthprovider/packaging/links/plugin-oauthprovider
trunk/src/plugins/oauthprovider/translations/
trunk/src/plugins/oauthprovider/translations/en.po
trunk/src/plugins/oauthprovider/translations/gforge.pot
trunk/src/plugins/oauthprovider/utils/
trunk/src/plugins/oauthprovider/utils/manage-translations.sh
trunk/src/plugins/oauthprovider/www/
trunk/src/plugins/oauthprovider/www/access_token.php
trunk/src/plugins/oauthprovider/www/access_tokens.php
trunk/src/plugins/oauthprovider/www/admin/
trunk/src/plugins/oauthprovider/www/admin/index.php
trunk/src/plugins/oauthprovider/www/authorize.php
trunk/src/plugins/oauthprovider/www/checks.php
trunk/src/plugins/oauthprovider/www/consumer.php
trunk/src/plugins/oauthprovider/www/consumer_create.php
trunk/src/plugins/oauthprovider/www/consumer_delete.php
trunk/src/plugins/oauthprovider/www/consumer_manage.php
trunk/src/plugins/oauthprovider/www/consumer_update.php
trunk/src/plugins/oauthprovider/www/consumer_update_page.php
trunk/src/plugins/oauthprovider/www/echo.php
trunk/src/plugins/oauthprovider/www/index.php
trunk/src/plugins/oauthprovider/www/request_token.php
trunk/src/plugins/oauthprovider/www/request_tokens.php
trunk/src/plugins/oauthprovider/www/token_authorize.php
trunk/src/plugins/oauthprovider/www/token_delete.php
trunk/src/plugins/oauthprovider/www/token_deny.php
Log:
Adding the plugin 'oauthprovider'
Added: trunk/src/plugins/oauthprovider/bin/db-delete.pl
===================================================================
--- trunk/src/plugins/oauthprovider/bin/db-delete.pl (rev 0)
+++ trunk/src/plugins/oauthprovider/bin/db-delete.pl 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,187 @@
+#!/usr/bin/perl -w
+#
+# Debian-specific script to delete plugin-specific tables
+# Roland Mas <lolando at debian.org>
+
+use strict ;
+use diagnostics ;
+
+use DBI ;
+use MIME::Base64 ;
+use HTML::Entities ;
+
+use vars qw/$dbh @reqlist $query/ ;
+use vars qw/$sys_default_domain $sys_cvs_host $sys_download_host
+ $sys_shell_host $sys_users_host $sys_docs_host $sys_lists_host
+ $sys_dns1_host $sys_dns2_host $FTPINCOMING_DIR $FTPFILES_DIR
+ $sys_urlroot $sf_cache_dir $sys_name $sys_themeroot
+ $sys_news_group $sys_dbhost $sys_dbname $sys_dbuser $sys_dbpasswd
+ $sys_ldap_base_dn $sys_ldap_host $admin_login $admin_password
+ $server_admin $domain_name $newsadmin_groupid $statsadmin_groupid
+ $skill_list/ ;
+use vars qw/$pluginname/ ;
+
+sub is_lesser ( $$ ) ;
+sub is_greater ( $$ ) ;
+sub debug ( $ ) ;
+sub parse_sql_file ( $ ) ;
+
+require ("/usr/share/gforge/lib/include.pl") ; # Include a few predefined functions
+require ("/usr/share/gforge/lib/sqlparser.pm") ; # Our magic SQL parser
+
+debug "You'll see some debugging info during this installation." ;
+debug "Do not worry unless told otherwise." ;
+
+&db_connect ;
+
+# debug "Connected to the database OK." ;
+
+$pluginname = "oauthprovider" ;
+
+$dbh->{AutoCommit} = 0;
+$dbh->{RaiseError} = 1;
+eval {
+ my ($sth, @array, $version, $action, $path, $target, $rname) ;
+
+ my $pattern = "plugin_" . $pluginname . '_%' ;
+
+ $query = "SELECT relname FROM pg_class WHERE relname LIKE '$pattern' AND relkind='v'" ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ while (@array = $sth->fetchrow_array ()) {
+ $rname = $array [0] ;
+ &drop_view_if_exists ($rname) ;
+ }
+ $sth->finish () ;
+
+ $query = "SELECT relname FROM pg_class WHERE relname LIKE '$pattern' AND relkind='r'" ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ while (@array = $sth->fetchrow_array ()) {
+ $rname = $array [0] ;
+ &drop_table_if_exists ($rname) ;
+ }
+ $sth->finish () ;
+
+ $query = "SELECT relname FROM pg_class WHERE relname LIKE '$pattern' AND relkind='i'" ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ while (@array = $sth->fetchrow_array ()) {
+ $rname = $array [0] ;
+ &drop_index_if_exists ($rname) ;
+ }
+ $sth->finish () ;
+
+ $query = "SELECT relname FROM pg_class WHERE relname LIKE '$pattern' AND relkind='s'" ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ while (@array = $sth->fetchrow_array ()) {
+ $rname = $array [0] ;
+ &drop_sequence_if_exists ($rname) ;
+ }
+ $sth->finish () ;
+
+ $dbh->commit ();
+
+
+ debug "It seems your database deletion went well and smoothly. That's cool." ;
+ debug "Please enjoy using Debian FusionForge." ;
+
+ # There should be a commit at the end of every block above.
+ # If there is not, then it might be symptomatic of a problem.
+ # For safety, we roll back.
+ $dbh->rollback ();
+};
+
+if ($@) {
+ warn "Transaction aborted because $@" ;
+ debug "Transaction aborted because $@" ;
+ debug "Last SQL query was:\n$query\n(end of query)" ;
+ $dbh->rollback ;
+ debug "Please report this bug on the Debian bug-tracking system." ;
+ debug "Please include the previous messages as well to help debugging." ;
+ debug "You should not worry too much about this," ;
+ debug "your DB is still in a consistent state and should be usable." ;
+ exit 1 ;
+}
+
+$dbh->rollback ;
+$dbh->disconnect ;
+
+sub debug ( $ ) {
+ my $v = shift ;
+ chomp $v ;
+ print STDERR "$v\n" ;
+}
+
+sub drop_table_if_exists ( $ ) {
+ my $tname = shift or die "Not enough arguments" ;
+ $query = "SELECT count(*) FROM pg_class WHERE relname='$tname' AND relkind='r'" ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ if ($array [0] != 0) {
+ # debug "Dropping table $tname" ;
+ $query = "DROP TABLE $tname" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+}
+
+sub drop_sequence_if_exists ( $ ) {
+ my $sname = shift or die "Not enough arguments" ;
+ $query = "SELECT count(*) FROM pg_class WHERE relname='$sname' AND relkind='S'" ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ if ($array [0] != 0) {
+ # debug "Dropping sequence $sname" ;
+ $query = "DROP SEQUENCE $sname" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+}
+
+sub drop_index_if_exists ( $ ) {
+ my $iname = shift or die "Not enough arguments" ;
+ $query = "SELECT count(*) FROM pg_class WHERE relname='$iname' AND relkind='i'" ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ if ($array [0] != 0) {
+ # debug "Dropping index $iname" ;
+ $query = "DROP INDEX $iname" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+}
+
+sub drop_view_if_exists ( $ ) {
+ my $iname = shift or die "Not enough arguments" ;
+ $query = "SELECT count(*) FROM pg_class WHERE relname='$iname' AND relkind='v'" ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ if ($array [0] != 0) {
+ # debug "Dropping view $iname" ;
+ $query = "DROP VIEW $iname" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+}
Property changes on: trunk/src/plugins/oauthprovider/bin/db-delete.pl
___________________________________________________________________
Added: svn:executable
+ *
Added: trunk/src/plugins/oauthprovider/bin/db-upgrade.pl
===================================================================
--- trunk/src/plugins/oauthprovider/bin/db-upgrade.pl (rev 0)
+++ trunk/src/plugins/oauthprovider/bin/db-upgrade.pl 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,301 @@
+#!/usr/bin/perl -w
+#
+# Debian-specific script to upgrade the database between releases
+# Roland Mas <lolando at debian.org>
+
+use strict ;
+use diagnostics ;
+
+use DBI ;
+use MIME::Base64 ;
+use HTML::Entities ;
+
+use vars qw/$dbh @reqlist $query/ ;
+use vars qw/$sys_default_domain $sys_cvs_host $sys_download_host
+ $sys_shell_host $sys_users_host $sys_docs_host $sys_lists_host
+ $sys_dns1_host $sys_dns2_host $FTPINCOMING_DIR $FTPFILES_DIR
+ $sys_urlroot $sf_cache_dir $sys_name $sys_themeroot
+ $sys_news_group $sys_dbhost $sys_dbname $sys_dbuser $sys_dbpasswd
+ $sys_ldap_base_dn $sys_ldap_host $admin_login $admin_password
+ $server_admin $domain_name $newsadmin_groupid $statsadmin_groupid
+ $skill_list/ ;
+use vars qw/$pluginname/ ;
+
+sub is_lesser ( $$ ) ;
+sub is_greater ( $$ ) ;
+sub debug ( $ ) ;
+sub parse_sql_file ( $ ) ;
+
+require ("/usr/share/gforge/lib/include.pl") ; # Include a few predefined functions
+require ("/usr/share/gforge/lib/sqlparser.pm") ; # Our magic SQL parser
+
+debug "You'll see some debugging info during this installation." ;
+debug "Do not worry unless told otherwise." ;
+
+&db_connect ;
+
+# debug "Connected to the database OK." ;
+
+$pluginname = "oauthprovider" ;
+
+$dbh->{AutoCommit} = 0;
+$dbh->{RaiseError} = 1;
+eval {
+ my ($sth, @array, $version, $path, $target) ;
+
+ &create_metadata_table ("0") ;
+
+ $version = &get_db_version ;
+ $target = "0.1" ;
+ if (is_lesser $version, $target) {
+ my @filelist = ( "/usr/share/gforge/plugins/$pluginname/db/$pluginname-init.sql" ) ;
+
+ foreach my $file (@filelist) {
+ debug "Processing $file" ;
+ @reqlist = @{ &parse_sql_file ($file) } ;
+
+ foreach my $s (@reqlist) {
+ $query = $s ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+ }
+ @reqlist = () ;
+
+ &update_db_version ($target) ;
+ debug "Committing." ;
+ $dbh->commit () ;
+ }
+
+# $version = &get_db_version ;
+# $target = "0.2" ;
+# if (is_lesser $version, $target) {
+# debug "Adding local data." ;
+#
+# do "/etc/gforge/local.pl" or die "Cannot read /etc/gforge/local.pl" ;
+#
+# my $ip_address = qx/host $domain_name | awk '{print \}'/ ;
+#
+# @reqlist = (
+# "INSERT INTO plugin_".$pluginname."_sample_data (domain, ip_address) VALUES ('$domain_name', '$ip_address')",
+# ) ;
+#
+# foreach my $s (@reqlist) {
+# $query = $s ;
+# # debug $query ;
+# $sth = $dbh->prepare ($query) ;
+# $sth->execute () ;
+# $sth->finish () ;
+# }
+# @reqlist = () ;
+#
+# &update_db_version ($target) ;
+# debug "Committing." ;
+# $dbh->commit () ;
+# }
+
+ debug "It seems your database install/upgrade went well and smoothly. That's cool." ;
+ debug "Please enjoy using Debian FusionForge." ;
+
+ # There should be a commit at the end of every block above.
+ # If there is not, then it might be symptomatic of a problem.
+ # For safety, we roll back.
+ $dbh->rollback ();
+};
+
+if ($@) {
+ warn "Transaction aborted because $@" ;
+ debug "Transaction aborted because $@" ;
+ debug "Last SQL query was:\n$query\n(end of query)" ;
+ $dbh->rollback ;
+ debug "Please report this bug on the Debian bug-tracking system." ;
+ debug "Please include the previous messages as well to help debugging." ;
+ debug "You should not worry too much about this," ;
+ debug "your DB is still in a consistent state and should be usable." ;
+ exit 1 ;
+}
+
+$dbh->rollback ;
+$dbh->disconnect ;
+
+sub is_lesser ( $$ ) {
+ my $v1 = shift || 0 ;
+ my $v2 = shift || 0 ;
+
+ my $rc = system "dpkg --compare-versions $v1 lt $v2" ;
+
+ return (! $rc) ;
+}
+
+sub is_greater ( $$ ) {
+ my $v1 = shift || 0 ;
+ my $v2 = shift || 0 ;
+
+ my $rc = system "dpkg --compare-versions $v1 gt $v2" ;
+
+ return (! $rc) ;
+}
+
+sub debug ( $ ) {
+ my $v = shift ;
+ chomp $v ;
+ print STDERR "$v\n" ;
+}
+
+sub create_metadata_table ( $ ) {
+ my $v = shift || "0" ;
+ my $tablename = "plugin_" .$pluginname . "_meta_data" ;
+ # Do we have the metadata table?
+
+ $query = "SELECT count(*) FROM pg_class WHERE relname = '$tablename' and relkind = 'r'";
+ # debug $query ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ # Let's create this table if we have it not
+
+ if ($array [0] == 0) {
+ debug "Creating $tablename table." ;
+ $query = "CREATE TABLE $tablename (key varchar primary key, value text not null)" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+
+ $query = "SELECT count(*) FROM $tablename WHERE key = 'db-version'";
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ # Empty table? We'll have to fill it up a bit
+
+ if ($array [0] == 0) {
+ debug "Inserting first data into $tablename table." ;
+ $query = "INSERT INTO $tablename (key, value) VALUES ('db-version', '$v')" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+}
+
+sub update_db_version ( $ ) {
+ my $v = shift or die "Not enough arguments" ;
+ my $tablename = "plugin_" .$pluginname . "_meta_data" ;
+
+ debug "Updating $tablename table." ;
+ $query = "UPDATE $tablename SET value = '$v' WHERE key = 'db-version'" ;
+ # debug $query ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+}
+
+sub get_db_version () {
+ my $tablename = "plugin_" .$pluginname . "_meta_data" ;
+
+ $query = "SELECT value FROM $tablename WHERE key = 'db-version'" ;
+ # debug $query ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ my $version = $array [0] ;
+
+ return $version ;
+}
+
+sub drop_table_if_exists ( $ ) {
+ my $tname = shift or die "Not enough arguments" ;
+ $query = "SELECT count(*) FROM pg_class WHERE relname='$tname' AND relkind='r'" ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ if ($array [0] != 0) {
+ # debug "Dropping table $tname" ;
+ $query = "DROP TABLE $tname" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+}
+
+sub drop_sequence_if_exists ( $ ) {
+ my $sname = shift or die "Not enough arguments" ;
+ $query = "SELECT count(*) FROM pg_class WHERE relname='$sname' AND relkind='S'" ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ if ($array [0] != 0) {
+ # debug "Dropping sequence $sname" ;
+ $query = "DROP SEQUENCE $sname" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+}
+
+sub drop_index_if_exists ( $ ) {
+ my $iname = shift or die "Not enough arguments" ;
+ $query = "SELECT count(*) FROM pg_class WHERE relname='$iname' AND relkind='i'" ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ if ($array [0] != 0) {
+ # debug "Dropping index $iname" ;
+ $query = "DROP INDEX $iname" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+}
+
+sub drop_view_if_exists ( $ ) {
+ my $iname = shift or die "Not enough arguments" ;
+ $query = "SELECT count(*) FROM pg_class WHERE relname='$iname' AND relkind='v'" ;
+ my $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ my @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+
+ if ($array [0] != 0) {
+ # debug "Dropping view $iname" ;
+ $query = "DROP VIEW $iname" ;
+ # debug $query ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ $sth->finish () ;
+ }
+}
+
+sub bump_sequence_to ( $$ ) {
+ my ($sth, @array, $seqname, $targetvalue) ;
+
+ $seqname = shift ;
+ $targetvalue = shift ;
+
+ do {
+ $query = "select nextval ('$seqname')" ;
+ $sth = $dbh->prepare ($query) ;
+ $sth->execute () ;
+ @array = $sth->fetchrow_array () ;
+ $sth->finish () ;
+ } until $array[0] >= $targetvalue ;
+}
Property changes on: trunk/src/plugins/oauthprovider/bin/db-upgrade.pl
___________________________________________________________________
Added: svn:executable
+ *
Added: trunk/src/plugins/oauthprovider/bin/sayhello
===================================================================
--- trunk/src/plugins/oauthprovider/bin/sayhello (rev 0)
+++ trunk/src/plugins/oauthprovider/bin/sayhello 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,9 @@
+#! /usr/bin/perl -w
+
+my $world ;
+
+do "/etc/gforge/plugins/oauthprovider/world.conf"
+ or die "Cannot read /etc/gforge/plugins/oauthprovider/world.conf" ;
+
+print STDOUT "Hello $world on STDOUT!\n" ;
+print STDERR "Hello $world on STDERR!\n" ;
Property changes on: trunk/src/plugins/oauthprovider/bin/sayhello
___________________________________________________________________
Added: svn:executable
+ *
Added: trunk/src/plugins/oauthprovider/common/oauthprovider-init.php
===================================================================
--- trunk/src/plugins/oauthprovider/common/oauthprovider-init.php (rev 0)
+++ trunk/src/plugins/oauthprovider/common/oauthprovider-init.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,38 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+global $gfplugins;
+require_once $gfplugins.'oauthprovider/include/oauthprovider_plugin.php' ;
+
+require_once $gfplugins.'oauthprovider/include/consumer_api.php';
+require_once $gfplugins.'oauthprovider/include/request_token_api.php';
+require_once $gfplugins.'oauthprovider/include/access_token_api.php';
+require_once $gfplugins.'oauthprovider/include/fusionforge_oauth_datastore.php';
+
+
+$oauthproviderPluginObject = new oauthproviderPlugin ;
+
+register_plugin ($oauthproviderPluginObject) ;
+
+?>
Added: trunk/src/plugins/oauthprovider/cronjobs/manage_oauthprovider.php
===================================================================
--- trunk/src/plugins/oauthprovider/cronjobs/manage_oauthprovider.php (rev 0)
+++ trunk/src/plugins/oauthprovider/cronjobs/manage_oauthprovider.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,70 @@
+#! /usr/bin/php -f
+<?php
+/**
+ * FusionForge source control management
+ *
+ * Copyright 2009, Roland Mas
+ *
+ * This file is part of FusionForge.
+ *
+ * FusionForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published
+ * by the Free Software Foundation; either version 2 of the License,
+ * or (at your option) any later version.
+ *
+ * FusionForge is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with FusionForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307
+ * USA
+ */
+require 'env.inc.php';
+require_once $gfwww.'include/squal_pre.php';
+require_once $gfcommon.'include/cron_utils.php';
+
+// MailingList backend class
+/* This is only sample
+require_once $gfplugins.'oauthprovider/include/BackendHelloworld.class.php' ;
+
+
+$res = db_query_params ('SELECT id,type, parameters FROM system_event WHERE status=$1 ORDER BY id DESC',
+ array ('1'));
+if (!$res) {
+ printf('Unable to get list of events: '.db_error());
+ return false;
+}
+
+while ($data = db_fetch_array ($res)) {
+ if($data['type'] == 'HELLOWORLD_CREATE') {
+ $result = BackendHelloworld::instance()->createList($data['parameters']);
+ } elseif ($data['type'] == 'HELLOWORLD_DELETE') {
+ $result = BackendHelloworld::instance()->deleteList($data['parameters']);
+ }
+ $result ? $log="DONE":$test="ERROR";
+ $events[$data['id']]=$log;
+ echo "\n Event ".$data['id']." : ".$data['type']." ".$log." for list id=".$data['parameters'];
+}
+if(isset($events)) {
+ foreach($events as $event_id => $log) {
+ $sql = "UPDATE system_event SET end_date=$1, log=$2, status='3' WHERE id=$3;";
+ $result = db_query_params($sql,array(time(),$log,$event_id));
+ if (!$result) {
+ printf('Unable to update the list of events: '.db_error());
+ return false;
+ }
+ }
+
+}
+*/
+
+
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
+?>
Added: trunk/src/plugins/oauthprovider/db/oauthprovider-init.sql
===================================================================
--- trunk/src/plugins/oauthprovider/db/oauthprovider-init.sql (rev 0)
+++ trunk/src/plugins/oauthprovider/db/oauthprovider-init.sql 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,50 @@
+CREATE SEQUENCE plugin_oauthprovider_consumer_id_seq start 1 increment 1 minvalue 1 cache 1;
+CREATE TABLE plugin_oauthprovider_consumer (id INTEGER PRIMARY KEY DEFAULT NEXTVAL('plugin_oauthprovider_consumer_id_seq'),
+ name VARCHAR(128) NOT NULL,
+ consumer_key VARCHAR(250) NOT NULL,
+ consumer_secret VARCHAR(250) NOT NULL,
+ consumer_url VARCHAR(250) NOT NULL,
+ consumer_desc VARCHAR(500) NOT NULL,
+ consumer_email VARCHAR(250) NOT NULL
+);
+CREATE UNIQUE INDEX idx_oauthprovider_consumer_name on plugin_oauthprovider_consumer(name);
+CREATE UNIQUE INDEX idx_oauthprovider_consumer_consumer_key on plugin_oauthprovider_consumer(consumer_key);
+
+CREATE SEQUENCE plugin_oauthprovider_request_token_id_seq start 1 increment 1 minvalue 1 cache 1;
+CREATE TABLE plugin_oauthprovider_request_token (id INTEGER PRIMARY KEY DEFAULT NEXTVAL('plugin_oauthprovider_request_token_id_seq'),
+ consumer_id INTEGER REFERENCES plugin_oauthprovider_consumer(id),
+ token_key VARCHAR(250) NOT NULL,
+ token_secret VARCHAR(250) NOT NULL,
+ authorized INTEGER NOT NULL DEFAULT 0,
+ user_id INTEGER NULL,
+ role_id INTEGER NOT NULL DEFAULT 0,
+ time_stamp INTEGER NOT NULL,
+ CHECK (user_id IS NULL OR user_id>=0),
+ CHECK (consumer_id>=0),
+ CHECK (time_stamp>=0)
+);
+CREATE UNIQUE INDEX idx_oauthprovider_request_token_key on plugin_oauthprovider_request_token(token_key);
+
+CREATE SEQUENCE plugin_oauthprovider_access_token_id_seq start 1 increment 1 minvalue 1 cache 1;
+CREATE TABLE plugin_oauthprovider_access_token (id INTEGER PRIMARY KEY DEFAULT NEXTVAL('plugin_oauthprovider_access_token_id_seq'),
+ consumer_id INTEGER REFERENCES plugin_oauthprovider_consumer(id),
+ token_key VARCHAR(250) NOT NULL,
+ token_secret VARCHAR(250) NOT NULL,
+ user_id INTEGER NULL,
+ role_id INTEGER NOT NULL REFERENCES pfo_role(role_id),
+ time_stamp INTEGER NOT NULL,
+ CHECK (user_id IS NULL OR user_id>=0),
+ CHECK (consumer_id>=0),
+ CHECK (time_stamp>=0)
+);
+CREATE UNIQUE INDEX idx_oauthprovider_access_token_key on plugin_oauthprovider_access_token(token_key);
+
+CREATE SEQUENCE plugin_oauthprovider_consumer_nonce_id_seq start 1 increment 1 minvalue 1 cache 1;
+CREATE TABLE plugin_oauthprovider_consumer_nonce (id INTEGER PRIMARY KEY DEFAULT NEXTVAL('plugin_oauthprovider_consumer_nonce_id_seq'),
+ consumer_id INTEGER NOT NULL REFERENCES plugin_oauthprovider_consumer(id),
+ token_key VARCHAR(250) NOT NULL,
+ nonce VARCHAR(250) NOT NULL,
+ time_stamp INTEGER NOT NULL,
+ CHECK (consumer_id>=0),
+ CHECK (time_stamp>=0)
+);
Added: trunk/src/plugins/oauthprovider/debian/README.Debian
===================================================================
--- trunk/src/plugins/oauthprovider/debian/README.Debian (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/README.Debian 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,6 @@
+fusionforge-plugin-oauthprovider for Debian
+---------------------
+
+See README.Debian in fusionforge-common package
+
+ -- Christian Bayle <bayle at debian.org> Mon, 08 Mar 2010 16:37:51 +0100
Added: trunk/src/plugins/oauthprovider/debian/README.source
===================================================================
--- trunk/src/plugins/oauthprovider/debian/README.source (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/README.source 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,9 @@
+oauthprovider for Debian
+---------------------
+
+<this file describes information about the source package, see Debian policy
+manual section 4.14. You WILL either need to modify or delete this file>
+
+
+
+
Added: trunk/src/plugins/oauthprovider/debian/changelog
===================================================================
--- trunk/src/plugins/oauthprovider/debian/changelog (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/changelog 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,5 @@
+fusionforge-plugin-oauthprovider (1.0-1) unstable; urgency=low
+
+ * Initial release (Closes: #nnnn) <nnnn is the bug number of your ITP>
+
+ -- Christian Bayle <bayle at debian.org> Mon, 08 Mar 2010 16:37:51 +0100
Added: trunk/src/plugins/oauthprovider/debian/compat
===================================================================
--- trunk/src/plugins/oauthprovider/debian/compat (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/compat 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1 @@
+7
Added: trunk/src/plugins/oauthprovider/debian/control
===================================================================
--- trunk/src/plugins/oauthprovider/debian/control (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/control 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,20 @@
+Source: fusionforge-plugin-oauthprovider
+Section: devel
+Priority: optional
+Maintainer: Christian Bayle <bayle at debian.org>
+Uploaders: Roland Mas <lolando at debian.org>
+Build-Depends-Indep: devscripts
+Build-Depends: debhelper (>= 7), perl, gettext
+Standards-Version: 3.8.4
+Homepage: http://fusionforge.org/
+Vcs-Bzr: http://scm.fusionforge.org/bzr/fusionforge/svn-trunk-ro/
+
+Package: fusionforge-plugin-oauthprovider
+Architecture: all
+Depends: gforge-common, gforge-db-postgresql | gforge-db, gforge-web-apache2 | gforge-web, gforge-shell-postgresql | gforge-shell, php5-cli, ${misc:Depends}
+Description: collaborative development tool - oauthprovider plugin
+ .
+ This plugin contains the oauthprovider subsystem of FusionForge. It allows each
+ FusionForge project to have its own oauthprovider, and gives some
+ control over it to the project's administrator.
+
Added: trunk/src/plugins/oauthprovider/debian/copyright
===================================================================
--- trunk/src/plugins/oauthprovider/debian/copyright (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/copyright 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,63 @@
+The "sourceforge" package was first debianised on Wed, 22 Nov 2000
+22:06:35 +0100 by Roland Mas <lolando at debian.org>. Work has been
+constant since then, and the package evolved a great deal. It began
+to work, for a start, and then it evolved into GForge, what with the
+more recent versions of the Sourceforge software having been made
+proprietary. And then in early 2009 it evolved into FusionForge, what
+with the more recent versions of GForge having been rewritten as
+proprietary software without a name change.
+
+FusionForge is Copyright © 2009-2010 by several people, including:
+Alain Peyrat <aljeux at free.fr>
+Alexandre Neymann <alexandre.neymann at dgfip.finances.gouv.fr>
+Christian Bayle <bayle at debian.org>
+Roland Mas <lolando at debian.org>
+Gonéri Le Bouder <goneri.lebouder at atosorigin.com>
+Julien Heyman <julien.heyman at atosorigin.com>
+Olivier Meunier <olivier.meunier at centraliens.net>
+
+GForge itself is Copyright © 2000-2008 by a fair number of people,
+including:
+Tim Perdue <tim at gforge.org>
+Roland Mas <99.roland.mas at aist.enst.fr>
+Christian Bayle <gforge at free.fr>
+Tom Copeland <tom at infoether.com>
+Guillaume Smet <guillaume-gforge at smet.org>
+Francisco Gimeno <kikov at kikov.org>
+Sung Kim <hunkims at gmail.com>
+Alain Peyrat <aljeux at free.fr>
+
+Past Members of the development team include:
+Reinhard Spisser
+Ryan T. Sammartino
+Edward Ritter
+Michael Jennings
+
+Since FusionForge, and GForge before it, was initially a fork of
+Sourceforge, here's the copyright info for the Sourceforge software:
+,----
+| The original sources were downloaded from http://www.sourceforge.net/
+|
+| Authors: The Sourceforge crew at VA Linux. They are many, they
+| change as time goes by, and they are listed on the Sourceforge
+| website. Let them be thanked for their work.
+|
+| Copyright:
+|
+| This software is Copyright © 1999-2000 by VA Linux.
+|
+| You are free to distribute this software under the terms of the GNU
+| General Public License.
+`----
+
+The packaging and installing scripts (in the debian/ and deb-specific/
+directories amongst others) are Copyright © 2000-2010 by Christian
+Bayle <bayle at aist.enst.fr> and Roland Mas <lolando at debian.org>. You
+are free to use and redistribute them under the terms of the GNU
+General Public License, version 2 or (at your option) any later
+version published by the Free Software Foundation.
+
+See Also Copyright file in fusionforge package
+
+On Debian systems, the complete text of the GNU General Public License
+can be found in the /usr/share/common-licenses directory.
Added: trunk/src/plugins/oauthprovider/debian/docs
===================================================================
Added: trunk/src/plugins/oauthprovider/debian/dsf-in/plugin-oauthprovider.postinst
===================================================================
--- trunk/src/plugins/oauthprovider/debian/dsf-in/plugin-oauthprovider.postinst (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/dsf-in/plugin-oauthprovider.postinst 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,52 @@
+#! /bin/sh
+# postinst script for @OLDPACKAGE at -plugin-oauthprovider
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+#
+# quoting from the policy:
+# Any necessary prompting should almost always be confined to the
+# post-installation script, and should be protected with a conditional
+# so that unnecessary prompting doesn't happen if a package's
+# installation fails and the `postinst' is called with `abort-upgrade',
+# `abort-remove' or `abort-deconfigure'.
+
+case "$1" in
+ configure)
+ @OLDPACKAGE at -config
+
+ # Prepare database
+ su -s /bin/sh @OLDPACKAGE@ -c '/usr/share/@OLDPACKAGE@/bin/register-plugin oauthprovider "oauthprovider"'
+ su -s /bin/sh @OLDPACKAGE@ -c '/usr/share/@OLDPACKAGE@/plugins/oauthprovider/bin/db-upgrade.pl'
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
+
+
Added: trunk/src/plugins/oauthprovider/debian/dsf-in/plugin-oauthprovider.prerm
===================================================================
--- trunk/src/plugins/oauthprovider/debian/dsf-in/plugin-oauthprovider.prerm (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/dsf-in/plugin-oauthprovider.prerm 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,45 @@
+#! /bin/sh
+# prerm script for @OLDPACKAGE at -plugin-oauthprovider
+#
+# see: dh_installdeb(1)
+set -e
+
+#DEBHELPER#
+
+# summary of how this script can be called:
+# * <prerm> `remove'
+# * <old-prerm> `upgrade' <new-version>
+# * <new-prerm> `failed-upgrade' <old-version>
+# * <conflictor's-prerm> `remove' `in-favour' <package> <new-version>
+# * <deconfigured's-prerm> `deconfigure' `in-favour'
+# <package-being-installed> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+ remove|deconfigure)
+ if [ -f /var/run/postgresql/.s.PGSQL.5432 ]
+ then
+ /usr/share/@OLDPACKAGE@/bin/unregister-plugin oauthprovider
+ else
+ echo "WARNING: database not available to unregister oauthprovider plugin"
+ fi
+ ;;
+ upgrade|failed-upgrade)
+ ;;
+ *)
+ echo "prerm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+
+
+exit 0
+
+
Added: trunk/src/plugins/oauthprovider/debian/po/templates.pot
===================================================================
Added: trunk/src/plugins/oauthprovider/debian/rules
===================================================================
--- trunk/src/plugins/oauthprovider/debian/rules (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/rules 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,85 @@
+#!/usr/bin/make -f
+# -*- makefile -*-
+# Sample debian/rules that uses debhelper.
+# This file was originally written by Joey Hess and Craig Small.
+# As a special exception, when this file is copied by dh-make into a
+# dh-make output file, you may use that output file without restriction.
+# This special exception was added by Craig Small in version 0.37 of dh-make.
+
+# Uncomment this to turn on verbose mode.
+#export DH_VERBOSE=1
+SRCPACKAGE=$(shell head -1 $(CURDIR)/debian/changelog | sed 's/\(.[^ ]*\) .*/\1/')
+MAJOR=$(shell head -1 $(CURDIR)/debian/changelog | sed 's/.*(\(.*\)-[^-]*).*/\1/')
+ORIGFILE=$(SRCPACKAGE)_$(MAJOR).orig.tar.gz
+OLDPACKAGE=gforge
+PACKAGE=fusionforge
+FORGENAME=FusionForge
+
+SED_REPLACE=sed -e 's/@PACKAGE@/$(PACKAGE)/g' -e 's/@SRCPACKAGE@/$(SRCPACKAGE)/g' -e 's/@FORGENAME@/$(FORGENAME)/g' -e 's/@OLDPACKAGE@/$(OLDPACKAGE)/g'
+
+CRONDFILES=$(patsubst packaging/cron.d/%,debian/$(PACKAGE)-%.cron.d,$(wildcard packaging/cron.d/[a-z]*))
+DIRSFILES=$(patsubst packaging/dirs/%,debian/$(PACKAGE)-%.dirs,$(wildcard packaging/dirs/[a-z]*))
+LINKSFILES=$(patsubst packaging/links/%,debian/$(PACKAGE)-%.links,$(wildcard packaging/links/[a-z]*))
+INSTALLFILES=$(patsubst packaging/install/%,debian/$(PACKAGE)-%.install,$(wildcard packaging/install/[a-z]*))
+DOCSFILES=$(patsubst packaging/docs/%,debian/$(PACKAGE)-%.docs,$(wildcard packaging/docs/[a-z]*))
+POFILES=$(patsubst debian/dsf-po/%,debian/po/%,$(wildcard debian/dsf-po/*) debian/po/POTFILES.in)
+DSFINFILES=$(patsubst debian/dsf-in/%,debian/$(PACKAGE)-%,$(wildcard debian/dsf-in/[a-z]*))
+
+.PHONY: conffiles
+conffiles: $(CRONDFILES) $(DIRSFILES) $(LINKSFILES) $(INSTALLFILES) $(DOCSFILES) $(DSFINFILES) debian/control
+
+debian/$(PACKAGE)-%.cron.d:
+ (cat $(CURDIR)/packaging/cron.d/00phpcron ; sed -e 's/\$$FFUSER/$(PACKAGE)/g' $(CURDIR)/packaging/cron.d/$*) > $@
+
+debian/$(PACKAGE)-%.dirs:
+ cp $(CURDIR)/packaging/dirs/$* $@
+
+debian/$(PACKAGE)-%.links:
+ cp $(CURDIR)/packaging/links/$* $@
+
+debian/$(PACKAGE)-%.install:
+ cp $(CURDIR)/packaging/install/$* $@
+
+debian/$(PACKAGE)-%.docs:
+ cp $(CURDIR)/packaging/docs/$* $@
+
+debian/control: $(wildcard packaging/control/*)
+ ls $(CURDIR)/packaging/control/[0-9][0-9][0-9]* | grep -v shortdesc | grep -v scmcpold | while read file ; do cat $${file}; if [ -f $${file}.shortdesc ] ; then cat $(CURDIR)/packaging/control/AAAdesc; echo ' .'; cat $${file}.shortdesc; fi; echo ''; done | $(SED_REPLACE) > $@
+
+debian/po/templates.pot: $(wildcard debian/dsf-in/*.templates.dsfh-in) $(wildcard debian/dsf-helper/*.templates)
+ @debconf-updatepo --podir=debian/dsf-po
+
+debian/po/%:
+ cat $(patsubst debian/po/%,debian/dsf-po/%,$@) | $(SED_REPLACE) > $@
+
+# postinst and prerm files
+debian/$(PACKAGE)-%:
+ cat $(patsubst debian/$(PACKAGE)-%,debian/dsf-in/%,$@) | $(SED_REPLACE) > $@
+
+build: debian/po/templates.pot conffiles
+ dh $@
+ # Build gettext *.mo files
+ utils/manage-translations.sh build
+
+clean:
+ dh $@
+ rm -f $(CURDIR)/debian/*.cron.d
+ rm -f $(CURDIR)/debian/*.dirs
+ rm -f $(CURDIR)/debian/*.links
+ rm -f $(CURDIR)/debian/*.install
+ rm -f $(CURDIR)/debian/*.docs
+ rm -f $(CURDIR)/debian/*.postinst
+ rm -f $(CURDIR)/debian/*.prerm
+ rm -rf locales
+ rm -f $(POFILES)
+
+makeorig:
+ find $(PKGDIR) -type f -or -type l | grep -v '/CVS/' | \
+ grep -v '/.svn/' | grep -v '/.testbox/' | \
+ grep -v rpm-specific | grep -v docs/phpdoc/docs | \
+ grep -v ^./debian/ | grep -v \\.jar$$ | \
+ grep -v \\.pdf$$ | grep -v plugins/fckeditor/www/_samples | \
+ cpio -o -H ustar | gzip > ../$(ORIGFILE)
+
+%:
+ dh $@
Added: trunk/src/plugins/oauthprovider/debian/source/format
===================================================================
--- trunk/src/plugins/oauthprovider/debian/source/format (rev 0)
+++ trunk/src/plugins/oauthprovider/debian/source/format 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1 @@
+1.0
Added: trunk/src/plugins/oauthprovider/etc/httpd.d/62plugin-oauthprovider
===================================================================
--- trunk/src/plugins/oauthprovider/etc/httpd.d/62plugin-oauthprovider (rev 0)
+++ trunk/src/plugins/oauthprovider/etc/httpd.d/62plugin-oauthprovider 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,12 @@
+# 62plugin-oauthprovider begin
+# AddHandler cgi-script .cgi
+
+# ScriptAlias /cgi-bin/oauthprovider/ /var/lib/oauthprovider/cgi-bin/
+# ScriptAlias /oauthprovider/ /var/lib/oauthprovider/cgi-bin/
+
+# Alias /images/oauthprovider /usr/share/images/oauthprovider
+# <Location /images/oauthprovider>
+# order allow,deny
+# allow from all
+# </Location>
+# 62plugin-oauthprovider end
Added: trunk/src/plugins/oauthprovider/etc/plugins/oauthprovider/config.php
===================================================================
--- trunk/src/plugins/oauthprovider/etc/plugins/oauthprovider/config.php (rev 0)
+++ trunk/src/plugins/oauthprovider/etc/plugins/oauthprovider/config.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,69 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+// here you can put all your configuration variables
+
+$world = 'Earth';
+$plugin_oauthprovider_title = 'OAuth Provider Authorization';
+$plugin_oauthprovider_description = 'OAuth Provider support for FusionForge.';
+$plugin_oauthprovider_menu_advanced_summary = 'OAuth Provider';
+$plugin_oauthprovider_menu_account_summary = 'OAuth Access Tokens';
+$plugin_oauthprovider_title = 'OAuth Provider';
+$plugin_oauthprovider_back = 'Back';
+$plugin_oauthprovider_consumers = 'Consumers';
+$plugin_oauthprovider_consumer = 'Consumer';
+$plugin_oauthprovider_request_tokens = 'Request Tokens';
+$plugin_oauthprovider_access_tokens = 'Access Tokens';
+$plugin_oauthprovider_name = 'Name';
+$plugin_oauthprovider_url = 'URL';
+$plugin_oauthprovider_desc = 'Description';
+$plugin_oauthprovider_email = 'Email';
+$plugin_oauthprovider_key = 'Key';
+$plugin_oauthprovider_secret = 'Secret';
+$plugin_oauthprovider_consumer_name = 'Consumer name';
+$plugin_oauthprovider_authorized = 'Authorized';
+$plugin_oauthprovider_user = 'User';
+$plugin_oauthprovider_time_stamp = 'Authorized on';
+$plugin_oauthprovider_browse = 'Browse';
+$plugin_oauthprovider_delete = 'Delete';
+$plugin_oauthprovider_manage = 'Manage';
+$plugin_oauthprovider_authorize = 'Authorize';
+$plugin_oauthprovider_deny = 'Deny';
+$plugin_oauthprovider_ensure_consumer_delete = 'Do you really want to delete the "%s" consumer?';
+$plugin_oauthprovider_ensure_token_delete = 'Do you really want to delete the "%s" token?';
+$plugin_oauthprovider_delete_consumer = 'Delete Consumer';
+$plugin_oauthprovider_manage_consumer = 'Manage Consumer';
+$plugin_oauthprovider_update_consumer = 'Update Consumer';
+$plugin_oauthprovider_renew_keys_update_consumer = 'Regenerate keys & Update Consumer';
+$plugin_oauthprovider_create_consumer = 'Create Consumer';
+$plugin_oauthprovider_delete_token = 'Delete Token';
+$plugin_oauthprovider_pending_authorizations = 'Pending authorization requests via OAuth';
+$plugin_oauthprovider_authorize_token = 'Authorize Consumer';
+$plugin_oauthprovider_authorization_denied = 'Authorization Denied';
+$plugin_oauthprovider_pending_authorization = 'Consumer <b>"%s"</b> wants to be authorized to access Fusionforge on your behalf (asked %s)';
+$plugin_oauthprovider_ensure_authorize = 'Do you really want to grant access to Fusionforge on your behalf to consumer "%s" ?';
+$plugin_oauthprovider_denied_consumer_authorization = 'You have denied Consumer "%s" access to Fusionforge on your behalf. The pending OAuth token request has been deleted.';
+$plugin_oauthprovider_back_consumer = 'Cancel';
+
+?>
Added: trunk/src/plugins/oauthprovider/include/access_token_api.php
===================================================================
--- trunk/src/plugins/oauthprovider/include/access_token_api.php (rev 0)
+++ trunk/src/plugins/oauthprovider/include/access_token_api.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,123 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('token_api.php');
+
+/**
+ * OAuth Access Token concrete class
+ *
+ * Extends the OauthAuthzToken which already contains all needed attributes.
+ *
+ * @author Olivier Berger
+ *
+ */
+class OauthAuthzAccessToken extends OauthAuthzToken {
+
+ const TOKEN_TYPE = 'access';
+ protected $role_id;
+
+ /**
+ * @param int $p_consumer_id
+ * @param string $p_key
+ * @param string $p_secret
+ * @param int $p_user_id
+ * @param int $p_time_stamp
+ */
+ function __construct( $p_consumer_id, $p_key, $p_secret, $p_user_id=null, $p_role_id, $p_time_stamp=null) {
+ parent::__construct($p_consumer_id, $p_key, $p_secret, $p_user_id, $p_time_stamp);
+
+ $this->role_id = $p_role_id;
+ }
+
+ /**
+ * Converts a row returned by select * into an object
+ *
+ * @param array $t_row
+ * @return OauthAuthzRequestToken
+ */
+ static function row_to_new_token ($t_row) {
+ $t_token = new OauthAuthzAccessToken( $t_row['consumer_id'], $t_row['token_key'], $t_row['token_secret'], $t_row['user_id'], $t_row['role_id'], $t_row['time_stamp'] );
+ $t_token->id = $t_row['id'];
+ return $t_token;
+ }
+
+ /**
+ * Loads tokens related to a particular consumer (and a particular user, if specified)
+ *
+ * @param int $consumer_id
+ * @param int $user_id (may be null)
+ * @return array of OauthAuthzAccessToken
+ */
+ static function load_by_consumer($consumer_id, $user_id=null) {
+
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+
+ // this is a hack to retrieve the table name from the base class
+ $CHILD_CLASS = get_called_class();
+ $t_token_type = $CHILD_CLASS::TOKEN_TYPE;
+
+ $t_rows = $DBSTORE->find_tokens_by_consumer($t_token_type, $consumer_id, $user_id);
+
+ $t_tokens = array();
+
+ foreach ($t_rows as $t_row) {
+ $t_token = $CHILD_CLASS::row_to_new_token($t_row);
+
+ $t_tokens[] = $t_token;
+ }
+
+ return $t_tokens;
+
+ }
+
+ public function getRoleId() {
+ return $this->role_id;
+ }
+
+
+ /**
+ * Check that mandatory values are OK
+ */
+ function check_mandatory() {
+ parent::check_mandatory();
+
+ // all access tokens should be on behalf of a user
+ if ( strlen(trim( $this->user_id ))==0 ) {
+ throw new OAuthException('Mandatory "user_id" Access Token attribute not set.');
+ }
+ }
+
+ /**
+ * Insert or update the token into the DB
+ */
+ function save() {
+
+ $this->check_mandatory();
+
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+ $this->id = $DBSTORE->save_access_token($this);
+ }
+
+};
+
Added: trunk/src/plugins/oauthprovider/include/consumer_api.php
===================================================================
--- trunk/src/plugins/oauthprovider/include/consumer_api.php (rev 0)
+++ trunk/src/plugins/oauthprovider/include/consumer_api.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,257 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('OAuth.php');
+
+/**
+ * OAuth Consumer class stored in DB
+ *
+ * @author Olivier Berger
+ */
+class OauthAuthzConsumer extends OAuthConsumer {
+ protected $id; // ID in the DB
+ protected $name; // admin provided user-friendly name for the consumer
+
+ protected $url;
+ protected $desc;
+ protected $email;
+
+ function __construct( $p_name, $p_key, $p_secret, $p_url, $p_desc, $p_email) {
+ parent::__construct($p_key, $p_secret);
+ $this->id = 0;
+ $this->name = $p_name;
+ $this->url = $p_url;
+ $this->desc = $p_desc;
+ $this->email = $p_email;
+ }
+
+ public function setId($p_id) {
+ $this->id = $p_id;
+ }
+
+ public function setName($p_name) {
+ $this->name = $p_name;
+ }
+
+ public function setURL($p_url) {
+ $this->url = $p_url;
+ }
+
+ public function setDesc($p_desc) {
+ $this->desc = $p_desc;
+ }
+
+ public function setEmail($p_email) {
+ $this->email = $p_email;
+ }
+
+ public function getId() {
+ return $this->id;
+ }
+
+ public function getName() {
+ return $this->name;
+ }
+
+ public function getUrl() {
+ return $this->url;
+ }
+
+ public function getDesc() {
+ return $this->desc;
+ }
+
+ public function getEmail() {
+ return $this->email;
+ }
+
+ static function check_consumer_values($p_consumer_name, $p_consumer_url, $p_consumer_desc, $p_consumer_email) {
+ if ((!trim($p_consumer_name))) {
+ //$missing_params[] = _('"Consumer Name"');
+ return "The field 'Consumer Name' is empty! ";
+ //exit_missing_param('', $missing_params,'oauthprovider');
+ }
+ elseif ((!trim($p_consumer_url))) {
+ return "The field 'Consumer URL' is empty! ";
+ }
+ elseif ((!trim($p_consumer_desc))) {
+ return "The field 'Consumer Description' is empty! ";
+ }
+ elseif ((!trim($p_consumer_email))) {
+ return "The field 'Consumer Email' is empty! ";
+ }
+ elseif(strlen($p_consumer_name)<5) {
+ return "The Consumer Name cannot be less than 5 characters!";
+ }
+ elseif(strlen($p_consumer_name)>15) {
+ return "The Consumer Name cannot be more than 15 characters!";
+ }
+ elseif(is_numeric(substr($p_consumer_name, 0, 1))) {
+ return "The Consumer Name cannot begin with a numeral!";
+ }
+ elseif((substr($p_consumer_name, 0, 1))=="_") {
+ return "The Consumer Name cannot begin with an underscore!";
+ }
+ elseif(preg_match('/^[A-z][A-z_0-9]{4,}/', $p_consumer_name)==0) {
+ return "The Consumer Name can only contain alphabets (a-z,A-Z), numbers (0-9) and underscores (_). Please choose a Consumer Name accordingly!";
+ }
+ elseif(OauthAuthzConsumer::consumer_exists($p_consumer_name)) {
+ return "The name '".$p_consumer_name."' has already been taken. Please choose another!";
+
+ }
+ elseif(!preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $p_consumer_url)) {
+ return "The Consumer URL is not valid.";
+ }
+ else {
+ return null;
+ }
+ }
+
+ /**
+ * Converts a row returned by select * into an object
+ *
+ * @param array $t_row
+ * @return OauthAuthzRequestToken
+ */
+ static function row_to_new_consumer ($t_row) {
+ if($t_row!=null) {
+ $t_consumer = new OauthAuthzConsumer( $t_row['name'], $t_row['consumer_key'], $t_row['consumer_secret'], $t_row['consumer_url'], $t_row['consumer_desc'], $t_row['consumer_email'] );
+ $t_consumer->setId($t_row['id']);
+ return $t_consumer;
+ }else {
+ return null;
+ }
+
+ }
+
+ /**
+ * returns a newly generated consumer key and secret
+ *
+ * @return array
+ */
+ static function new_consumer_keys_generate () {
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+ return $DBSTORE->new_consumer_keys();
+ }
+
+ /**
+ * Loads an OauthAuthzConsumer from its ID in the DB
+ *
+ * @param int $p_id ID in the DB
+ * @return OauthAuthzConsumer
+ */
+ static function load( $p_id ) {
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+ $t_row = $DBSTORE->find_consumer_from_id($p_id);
+ $t_consumer = OauthAuthzConsumer::row_to_new_consumer($t_row);
+ $t_consumer->setId($t_row['id']);
+ return $t_consumer;
+ }
+
+ /**
+ * Loads all OauthAuthzConsumer from the DB
+ *
+ * @return array of OauthAuthzConsumer
+ */
+ static function load_all() {
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+ $t_rows = $DBSTORE->find_all_consumers();
+
+ $t_consumers = array();
+
+ foreach ($t_rows as $t_row) {
+ $t_consumer = OauthAuthzConsumer::row_to_new_consumer($t_row);
+
+ $t_consumers[] = $t_consumer;
+ }
+
+ return $t_consumers;
+ }
+
+ /**
+ * Loads an OauthAuthzConsumer from the DB provided its key
+ *
+ * @param string $p_consumer_key
+ * @return OauthAuthzConsumer
+ */
+ static function load_by_key( $p_consumer_key ) {
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+ $t_row = $DBSTORE->find_consumer_from_key($p_consumer_key);
+ if($t_row==null) {
+ return null;
+ }
+ else {
+ $t_consumer = OauthAuthzConsumer::row_to_new_consumer($t_row);
+ return $t_consumer;
+ }
+ }
+
+ /**
+ * Loads an OauthAuthzConsumer from the DB provided its name
+ *
+ * @param string $p_consumer_name
+ * @return bool
+ */
+ static function consumer_exists( $p_consumer_name ) {
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+ $t_row = $DBSTORE->find_consumer_from_name($p_consumer_name);
+ if($t_row==null) {
+ return false;
+ }
+ else {
+ return true;
+ }
+
+ }
+
+ /**
+ * Saves an OauthAuthzConsumer to the DB
+ */
+ function save() {
+ if ( strlen(trim( $this->name ))==0 || strlen(trim( $this->key ))==0 || strlen(trim( $this->secret ))==0 ) {
+ exit_error( "Error trying to save consumer. Please try again.", 'oauthprovider' );
+ }
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+ $id=$DBSTORE->save_consumer($this);
+ if(!$id) {
+ exit_error("Error trying to create new consumer in DB", 'oauthprovider');
+ }else {
+ $this->setId($id);
+ }
+
+
+ }
+
+ /**
+ * Deletes an OauthAuthzConsumer from the DB
+ */
+ function delete() {
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+ if(!($DBSTORE->delete_consumer($this->id))) {
+ exit_error("Error trying to delete consumer from DB", 'oauthprovider');
+ }
+ }
+
+
+ };
Added: trunk/src/plugins/oauthprovider/include/fusionforge_oauth_datastore.php
===================================================================
--- trunk/src/plugins/oauthprovider/include/fusionforge_oauth_datastore.php (rev 0)
+++ trunk/src/plugins/oauthprovider/include/fusionforge_oauth_datastore.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,631 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+
+// Inspired from examples described in "Creating a OAuth Service
+// Provider in PHP" by Morten Fangel
+// (http://sevengoslings.net/~fangel/oauthprovider-sp-guide.html)
+
+require_once('OAuth.php');
+
+/**
+ * OAuthDataStore singleton class to manage tokens, consumers and nonce in FusionForge DB
+ *
+ * Everything specific to the DB model is handled in this class : no other SQL request should exist outside it
+ * It should be reimplemented for other apps, the rest of the classes being untouched
+ *
+ * It will assume that OauthAuthzConsumer, OauthAuthzToken and its sub-classes are used
+ *
+ * @author Olivier Berger
+ *
+ */
+
+class FFDbOAuthDataStore extends OAuthDataStore {
+
+ // Hold an instance of the class
+ private static $instance;
+
+ /**
+ * Singleton pattern's method to retrieve the instance
+ */
+ public static function singleton()
+ {
+ if (!isset(self::$instance)) {
+ $c = __CLASS__;
+ self::$instance = new $c;
+ }
+
+ return self::$instance;
+ }
+
+ /**
+ * Prevent users to clone the instance
+ */
+ public function __clone()
+ {
+ exit_error('Clone is not allowed.', 'oauthprovider');
+ }
+
+ /**
+ * Converts request or access token types to table names for FusionForge
+ *
+ * @param string $token_type
+ * @return string
+ */
+ protected function token_table_name($token_type) {
+ $t_token_table = null;
+ if( ($token_type == 'request') || ($token_type == 'access') ) {
+ $t_token_table = "plugin_oauthprovider_".$token_type."_token";
+ }
+ return $t_token_table;
+ }
+
+ /**
+ * Retrieve values of columns for a consumer in the DB provided its id
+ *
+ * @param int $p_id ID in the DB
+ * @return array of column values
+ */
+ function find_consumer_from_id( $p_id ) {
+ $t_consumer_table = "plugin_oauthprovider_consumer";
+
+ $t_result = db_query_params ("SELECT * FROM $t_consumer_table WHERE id=$1",
+ array ( (int) $p_id )) ;
+ if (!$t_result || ( db_numrows( $t_result ) < 1 )) {
+ exit_error( "Consumer not found!", 'oauthprovider' );
+ }
+
+ $t_row = db_fetch_array( $t_result );
+
+ return $t_row;
+ }
+
+ /**
+ * Retrieve a table of columns values for all consumers
+ *
+ * @return array of arrays of column values
+ */
+ function find_all_consumers() {
+ $t_consumer_table = "plugin_oauthprovider_consumer";
+
+ $t_result = db_query("SELECT * FROM $t_consumer_table ORDER BY name ASC");
+
+ $t_rows = array();
+
+ while ( $t_row = db_fetch_array( $t_result ) ) {
+ $t_rows[] = $t_row;
+ }
+
+ return $t_rows;
+ }
+
+ /**
+ * Retrieve values of columns for a consumer in the DB provided its key
+ *
+ * @param string $p_consumer_key consumer's key
+ * @return array of column values
+ */
+ function find_consumer_from_key( $p_consumer_key ) {
+ $t_consumer_table = "plugin_oauthprovider_consumer";
+
+ $t_query = "SELECT * FROM $t_consumer_table WHERE consumer_key = $1";
+ $t_result = db_query_params( $t_query, array( $p_consumer_key ) );
+
+ if ( db_numrows( $t_result ) < 1 ) {
+ exit_error( "Consumer not found!", 'oauthprovider' );
+ return null;
+ }
+ $t_row = db_fetch_array( $t_result );
+
+ return $t_row;
+ }
+
+ /**
+ * Retrieve values of columns for a consumer in the DB provided its key
+ *
+ * @param string $p_consumer_key consumer's key
+ * @return array of column values
+ */
+ public function lookup_consumer( $p_consumer_key ) {
+ $t_consumer_table = "plugin_oauthprovider_consumer";
+
+ $t_query = "SELECT * FROM $t_consumer_table WHERE consumer_key = $1";
+ $t_result = db_query_params( $t_query, array( $p_consumer_key ) );
+
+ if ( db_numrows( $t_result ) < 1 ) {
+ trigger_error("Consumer not found!");
+ //return null;
+ }
+ $t_row = db_fetch_array( $t_result );
+ $t_consumer = OauthAuthzConsumer::row_to_new_consumer($t_row);
+ return $t_consumer;
+ }
+
+ /**
+ * Retrieve values of columns for a consumer in the DB provided its name
+ *
+ * @param string $p_consumer_name
+ * @return array of column values
+ */
+ function find_consumer_from_name( $p_consumer_name ) {
+ $t_consumer_table = "plugin_oauthprovider_consumer";
+
+ $t_query = "SELECT * FROM $t_consumer_table WHERE name = $1";
+ $t_result = db_query_params( $t_query, array( $p_consumer_name ) );
+
+ if ( db_numrows( $t_result ) < 1 ) {
+ return null;
+ }
+
+ $t_row = db_fetch_array( $t_result );
+
+ return $t_row;
+ }
+
+ /**
+ * Saves an OauthAuthzConsumer to the DB
+ *
+ * @param OauthAuthzConsumer $consumer
+ * @return int the consumer ID in the DB
+ */
+ public function save_consumer($consumer) {
+ $t_consumer_table = "plugin_oauthprovider_consumer";
+
+ $consumer_id = $consumer->getId();
+ if ( 0 == $consumer_id ) { # create
+
+ db_begin();
+ $result = db_query_params ("INSERT INTO $t_consumer_table".' ( name, consumer_key, consumer_secret, consumer_url, consumer_desc, consumer_email ) VALUES ($1,$2,$3,$4,$5,$6)',
+ array ($consumer->getName(), $consumer->key, $consumer->secret, $consumer->getUrl(), $consumer->getDesc(), $consumer->getEmail())) ;
+ if (!$result) {
+ //$this->setError('Error Adding Consumer: '.db_error());
+ db_rollback();
+ return false;
+ }
+ $consumer_id = db_insertid($result, $t_consumer_table, 'id' );
+
+ db_commit();
+
+ } else { # update
+ $t_query = "UPDATE $t_consumer_table SET name=$1, consumer_key=$2, consumer_secret=$3, consumer_url=$4, consumer_desc=$5, consumer_email=$6 WHERE id=$7";
+ db_query_params( $t_query, array( $consumer->getName(), $consumer->key, $consumer->secret, $consumer->getUrl(), $consumer->getDesc(), $consumer->getEmail(), $consumer->getId() ) );
+ }
+ return $consumer_id;
+ }
+
+ /**
+ * Creates a new consumer key-secret
+ */
+ function new_consumer_keys()
+ {
+ $key = md5($this->key_secret_generator(20));
+ $secret = md5($this->key_secret_generator(20));
+ return array($key, $secret);
+ }
+
+ /**
+ * Deletes a consumer from the DB
+ *
+ * @param int $consumer_id
+ */
+ public function delete_consumer( $consumer_id ) {
+
+ $t_consumer_table = "plugin_oauthprovider_consumer";
+
+ $t_query = "DELETE FROM $t_consumer_table WHERE id=$1";
+ $t_result = db_query_params( $t_query, array( (int) $consumer_id ) );
+
+ if (!$t_result) {
+ db_rollback();
+ return false;
+ }
+
+ db_commit();
+ return true;
+ }
+
+ /**
+ * Retrieve values of columns for a token in the DB provided its key
+ *
+ * @param string $token_type
+ * @param string $token_string
+ * @return array of column values
+ */
+ public function find_token_from_key($token_type, $token_string) {
+ $t_token_table = $this->token_table_name($token_type);
+
+ $t_query = "SELECT * FROM $t_token_table WHERE token_key = $1";
+ $t_result = db_query_params( $t_query, array( $token_string ) );
+
+ if ( db_numrows( $t_result ) < 1 ) {
+ return null;
+ }
+
+ $t_row = db_fetch_array( $t_result );
+
+ return $t_row;
+ }
+
+ /**
+ * Retrieve values of columns for a token in the DB provided its id
+ *
+ * @param string $token_type
+ * @param int $token_id
+ * @return array of column values
+ */
+ public function find_token_from_id($token_type, $token_id) {
+ $t_token_table = $this->token_table_name($token_type);
+
+ $t_query = "SELECT * FROM $t_token_table WHERE id = $1";
+ $t_result = db_query_params( $t_query, array( (int) $token_id ) );
+
+ if ( db_numrows( $t_result ) < 1 ) {
+ return null;
+ }
+
+ $t_row = db_fetch_array( $t_result );
+
+ return $t_row;
+ }
+
+ /**
+ * Retrieve a table of columns values for all tokens (of a user)
+ *
+ * @param string $token_type
+ * @param optional int $user_id
+ * @return array of arrays of column values
+ */
+ public function find_all_tokens($token_type, $user_id=null) {
+ $t_token_table = $this->token_table_name($token_type);
+
+ if(isset($user_id)) {
+ $t_query = "SELECT * FROM $t_token_table WHERE user_id = $1";
+ $t_result = db_query_params( $t_query, array( (int) $user_id ) );
+ }
+ else {
+ $t_query = "SELECT * FROM $t_token_table";
+ $t_result = db_query( $t_query );
+ }
+
+ $t_rows = array();
+
+ while ( $t_row = db_fetch_array( $t_result ) ) {
+ $t_rows[] = $t_row;
+ }
+
+ return $t_rows;
+ }
+
+ /**
+ * Retrieve a table of columns values for all tokens issued for a consumer (and a user)
+ *
+ * @param string $token_type
+ * @param int $consumer_id
+ * @param optional int $user_id
+ * @return array of arrays of column values
+ */
+ public function find_tokens_by_consumer($token_type, $consumer_id, $user_id=null) {
+ $t_token_table = $this->token_table_name($token_type);
+
+ if(isset($user_id)) {
+ $t_query = "SELECT * FROM $t_token_table WHERE consumer_id = $1 AND user_id = $2";
+ $t_result = db_query_params( $t_query, array( (int) $consumer_id, (int) $user_id ) );
+ }
+ else {
+ $t_query = "SELECT * FROM $t_token_table WHERE consumer_id = $1";
+ $t_result = db_query_params( $t_query, array( (int) $consumer_id ) );
+ }
+
+ $t_rows = array();
+
+ while ( $t_row = db_fetch_array( $t_result ) ) {
+ $t_rows[] = $t_row;
+ }
+
+ return $t_rows;
+ }
+
+ /**
+ * Retrieve an OAuthToken from its key
+ *
+ * Concrete class implementation required for OAuthDataStore
+ *
+ * @param string $token_type
+ * @param string $token_string
+ * @return OauthAuthzToken
+ */
+ /* public */ function lookup_token($consumer, $token_type, $token_string) {
+
+ $token=null;
+
+ $t_row=$this->find_token_from_key($token_type, $token_string);
+
+ if(!isset($t_row)) {
+ return null;
+ }
+
+ // will refuse request tokens too old (older than 24 hours)
+ if( $token_type == 'request' ) {
+ $now = time();
+ $time_stamp = $t_row['time_stamp'];
+
+ if ( $time_stamp < ($now - (int)(24 * 3600) ) ) {
+ throw new OAuthException("Invalid (too old) $token_type token: $token_string");
+ }
+ }
+
+ if( $t_row['consumer_id'] == $consumer->getId() ) {
+ $token = new OAuthToken($t_row['token_key'], $t_row['token_secret'] );
+ }
+
+ return $token;
+
+ }
+
+ /**
+ * Check a nonce already existed in the DB
+ *
+ * It will auto-purge nonce older than 10 minutes (cleanup made every 100 nonce creation) to avoid the table to fillup
+ *
+ * Concrete class implementation required for OAuthDataStore
+ *
+ * @param OAuthConsumer $consumer
+ * @param OAuthToken $token
+ * @params string $nonce
+ * @params int $time_stamp
+ * @return bool
+ */
+ /* public */ function lookup_nonce($consumer, $token, $nonce, $time_stamp) {
+ $t_nonce_table = "plugin_oauthprovider_consumer_nonce";
+
+ $token_key = ($token) ? $token->key : 'two-legged';
+
+ $t_query = "SELECT * FROM $t_nonce_table WHERE consumer_id = $1 AND token_key = $2 AND nonce = $3 AND time_stamp = $4";
+ $t_result = db_query_params( $t_query, array( $consumer->getId(), $token_key, $nonce, (int) $time_stamp) );
+
+ // if( ! $consumer->check_nonce ) return false;
+
+ if ( db_numrows( $t_result ) < 1 ) {
+
+ $t_query = "INSERT INTO $t_nonce_table ( consumer_id, token_key, nonce, time_stamp ) VALUES ( $1, $2, $3, $4 )";
+ $t_insert_result = db_query_params( $t_query, array( $consumer->getId(), $token_key, $nonce, (int) $time_stamp) );
+
+ $nonce_id = db_insertid($t_insert_result, $t_nonce_table, 'id' );
+
+ // every 100 nonce, try and remove obsolete nonces
+ if (($nonce_id % 100) == 0) {
+ // will remove nonces older than 10 minutes (2* OAuthServer's time_stamp_threshold)
+ $now = time();
+ $t_query = "DELETE FROM $t_nonce_table WHERE time_stamp < $1";
+ db_query_params( $t_query, array( (int) ($now - 600) ) );
+ }
+
+ return false;
+ }
+ else {
+ return true;
+ }
+
+ }
+
+ // make sure this fails... as it seems not implemented / used in parent class
+ function fetch_request_token($consumer) {
+ exit_error('fetch_request_token() not yet implemented.', 'oauthprovider');
+ }
+
+ // make sure this fails... as it seems not implemented / used in parent class
+ function fetch_access_token($token, $consumer) {
+ exit_error('fetch_access_token() not yet implemented.', 'oauthprovider');
+ }
+
+ /**
+ * Generates random key-secret values
+ *
+ */
+ protected function key_secret_generator($len) {
+ $pr_bits = '';
+
+ //use openssl_random_pseudo_bytes??
+
+ //cannot use util_randbytes as it exits if unsuccessful
+ $fp = @fopen('/dev/urandom','rb');
+ if ($fp !== FALSE) {
+ $pr_bits .= @fread($fp,$len);
+ @fclose($fp);
+ }
+
+ // in case the above doesnt work or is not enough
+ $pr_bits .= uniqid(mt_rand(), true);
+ //$hash = sha1($pr_bits); // sha1 gives us a 40-byte hash, md5 32
+
+ return $pr_bits;
+ }
+
+
+ /**
+ * Generates an new token in the DB
+ *
+ * It will auto-purge request tokens older than 24 hours that haven't been converted to access tokens in time (cleanup made every 100 request token creation)
+ *
+ * @param OAuthConsumer $consumer
+ * @param string $token_type
+ * @return OAuthToken
+ */
+ protected function new_token($consumer, $token_type, $role_id=0) {
+ $t_token_table = $this->token_table_name($token_type);
+
+ // TODO : use some PRNG maybe
+ $random = $this->key_secret_generator(32);
+ $hash = sha1($random);
+ $key = substr($hash, 0, 20);
+ $secret = substr($hash, 20, 40);
+
+ $time_stamp = time();
+
+ $token = new OAuthToken($key, $secret);
+
+ $t_query = "INSERT INTO $t_token_table ( consumer_id, token_key, token_secret, role_id, time_stamp ) VALUES ( $1, $2, $3, $4, $5 )";
+ $t_result = db_query_params( $t_query, array( $consumer->getId(), $token->key, $token->secret, $role_id, $time_stamp) );
+
+ $token_id = db_insertid($t_result, $t_token_table, 'id');
+
+ if( $token_type == 'request' ) {
+ // every 100 request token, try and remove obsolete ones
+ if (($token_id % 100) == 0) {
+ // will remove request tokens older than 24 hours
+ $now = time();
+ $t_query = "DELETE FROM $t_token_table WHERE time_stamp < $1";
+ db_query_params( $t_query, array( (int) ($now - (24 * 3600) ) ) );
+ }
+ }
+ return $token;
+ }
+
+ /**
+ * Generates a new request token in the DB
+ *
+ * Concrete class implboundementation
+ * called by the OAuthServer
+ *
+ * @param OAuthConsumer $consumer
+ * @return OAuthToken
+ */
+ public function new_request_token($consumer) {
+ $token = $this->new_token($consumer, 'request');
+
+ // TODO : return an OauthAuthzRequestToken
+ return $token;
+ }
+
+ /**
+ * Generates a new access token in the DB
+ *
+ * Concrete class implementation
+ * called by the OAuthServer
+ *
+ * @param OAuthToken $request_token
+ * @param OAuthConsumer $consumer
+ * @return OAuthToken
+ */
+ public function new_access_token($request_token, $consumer) {
+
+ // $t_row=$this->find_token_from_key('access', $request_token->key);
+ $t_row=$this->find_token_from_key('request', $request_token->key);
+
+ $token_id = $t_row['id'];
+ $consumer_id = $t_row['consumer_id'];
+ $authorized = $t_row['authorized'];
+ $user_id = $t_row['user_id'];
+ $role_id = $t_row['role_id'];
+
+ // delete in any case to avoid replaying and such
+ $this->delete_token('request', $token_id);
+
+ if( $consumer->getId() === $consumer_id ) {
+ if( $authorized && isset($user_id) ) {
+
+ $access_token = $this->new_token($consumer, 'access', $role_id);
+
+ $t_token_table = "plugin_oauthprovider_access_token";
+
+ $t_query = "UPDATE $t_token_table SET user_id=$1 WHERE token_key = $2";
+ db_query_params( $t_query, array( $user_id, $access_token->key ) );
+
+ // TODO : return an OauthAuthzAccessToken
+ return $access_token;
+ } else {
+ // Token wasn't authorized
+ throw new OAuthException('You can\'t swap a unauthorized request token for a access token. Your Access Token was still deleted though. Nice try..');
+ }
+ } else {
+ // Token was fubar
+ throw new OAuthException('This Request Token doesn\'t belong to your Consumer Key. Your Access Token was still deleted though. Nice Try.');
+ }
+ }
+
+ /**
+ * Saves an OauthAuthzAccessToken to the DB
+ *
+ * @param OauthAuthzAccessToken $token
+ * @return int the token ID in the DB
+ */
+ public function save_access_token($token) {
+
+ $t_token_table = $this->token_table_name('access');
+
+ $token_id = $token->getId();
+ if ( 0 == $token_id ) { # create
+ $t_query = "INSERT INTO $t_token_table ( consumer_id, token_key, token_secret, user_id, role_id, time_stamp ) VALUES ($1, $2, $3 $4, $5, $6)";
+ $t_result = db_query_params( $t_query, array( $token->getConsumerId(), $token->key, $token->secret, $token->getUserId(), $token->getRoleId(), $token->gettime_stamp() ) );
+
+ $token_id = db_insertid($t_result, $t_token_table, 'id');
+ return $token_id;
+ }
+ else { # update, feature to be added later, with lifetime feature support
+ //$t_query = "UPDATE $t_token_table SET consumer_id=$1, token_key=$2, token_secret=$3, user_id=$4, time_stamp=$4 WHERE id=$5";
+ //db_query_params( $t_query, array( $token->getConsumerId(), $token->key, $token->secret, $token->getUserId(), $token->gettime_stamp(), $token->getId() ) );
+ exit_error("The access token already exists and cannot be modified.", 'oauthprovider');
+ }
+
+ }
+
+ /**
+ * Saves an OauthAuthzRequestToken to the DB
+ *
+ * @param OauthAuthzRequestToken $token
+ * @return int the token ID in the DB
+ */
+ public function save_request_token($token) {
+
+ $t_token_table = $this->token_table_name('request');
+
+ $token_id = $token->getId();
+ if ( 0 == $token_id ) { # create
+ $t_query = "INSERT INTO $t_token_table ( consumer_id, token_key, token_secret, authorized, user_id, role_id, time_stamp ) VALUES ($1, $2, $3, $4, $5, $6, $7)";
+ $t_result = db_query_params( $t_query, array( $token->getConsumerId(), $token->key, $token->secret, $token->getAuthorized(), $token->getUserId(), $token->getRole(), $token->gettime_stamp() ) );
+
+ $token_id = db_insertid($t_result, $t_token_table, 'id');
+ } else { # update
+ $t_query = "UPDATE $t_token_table SET consumer_id=$1, token_key=$2, token_secret=$3, authorized=$4, user_id=$5, role_id=$6, time_stamp=$7 WHERE id=$8";
+ db_query_params( $t_query, array( $token->getConsumerId(), $token->key, $token->secret, $token->getAuthorized(), $token->getUserId(), $token->getRole(), $token->gettime_stamp(), $token->getId() ) );
+ }
+ return $token_id;
+ }
+
+
+ /**
+ * Deletes a token from the DB
+ *
+ * @param string $token_type
+ * @param int $token_id
+ */
+ function delete_token( $token_type, $token_id) {
+ $t_token_table = $this->token_table_name($token_type);
+
+ $t_query = "DELETE FROM $t_token_table WHERE id=$1";
+ $t_result = db_query_params( $t_query, array( (int) $token_id ) );
+ }
+
+
+}
Added: trunk/src/plugins/oauthprovider/include/oauthprovider_plugin.php
===================================================================
--- trunk/src/plugins/oauthprovider/include/oauthprovider_plugin.php (rev 0)
+++ trunk/src/plugins/oauthprovider/include/oauthprovider_plugin.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,168 @@
+<?php
+
+/**
+ * oauthproviderPlugin Class
+ *
+ *
+ * This file is part of FusionForge.
+ *
+ * FusionForge is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * FusionForge is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with FusionForge; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+class oauthproviderPlugin extends Plugin {
+ public function __construct($id=0) {
+ $this->Plugin($id) ;
+ $this->name = 'oauthprovider';
+ $this->text = 'OAuthProvider'; // To show in the tabs, use...
+ $this->_addHook("user_personal_links");//to make a link to the user's personal part of the plugin
+ $this->_addHook("usermenu");
+ $this->_addHook("groupmenu"); // To put into the project tabs
+ $this->_addHook("groupisactivecheckbox"); // The "use ..." checkbox in editgroupinfo
+ $this->_addHook("groupisactivecheckboxpost"); //
+ $this->_addHook("userisactivecheckbox"); // The "use ..." checkbox in user account
+ $this->_addHook("userisactivecheckboxpost"); //
+ $this->_addHook("project_admin_plugins"); // to show up in the admin page fro group
+ $this->_addHook("manage_menu");
+ $this->_addHook("account_menu");
+ }
+
+ function CallHook ($hookname, $params) {
+ global $use_oauthproviderplugin,$G_SESSION,$HTML;
+ if ($hookname == "usermenu") {
+ $text = $this->text; // this is what shows in the tab
+ if ($G_SESSION->usesPlugin("oauthprovider")) {
+ $param = '?type=user&id=' . $G_SESSION->getId(); // we indicate the part we're calling is the user one
+ echo ' | ' . $HTML->PrintSubMenu (array ($text),
+ array ('/plugins/oauthprovider/index.php' . $param ));
+ }
+ } elseif ($hookname == "groupmenu") {
+ $group_id=$params['group'];
+ $project = &group_get_object($group_id);
+ if (!$project || !is_object($project)) {
+ return;
+ }
+ if ($project->isError()) {
+ return;
+ }
+ if (!$project->isProject()) {
+ return;
+ }
+ if ( $project->usesPlugin ( $this->name ) ) {
+ $params['TITLES'][]=$this->text;
+ $params['DIRS'][]=util_make_url ('/plugins/oauthprovider/index.php?type=group&id=' . $group_id) ; // we indicate the part we're calling is the project one
+ } else {
+ $params['TITLES'][]=$this->text." is [Off]";
+ $params['DIRS'][]='';
+ }
+ (($params['toptab'] == $this->name) ? $params['selected']=(count($params['TITLES'])-1) : '' );
+ } elseif ($hookname == "groupisactivecheckbox") {
+ //Check if the group is active
+ // this code creates the checkbox in the project edit public info page to activate/deactivate the plugin
+ $group_id=$params['group'];
+ $group = &group_get_object($group_id);
+ echo "<tr>";
+ echo "<td>";
+ echo ' <input type="checkbox" name="use_oauthproviderplugin" value="1" ';
+ // checked or unchecked?
+ if ( $group->usesPlugin ( $this->name ) ) {
+ echo "checked";
+ }
+ echo " /><br/>";
+ echo "</td>";
+ echo "<td>";
+ echo "<strong>Use ".$this->text." Plugin</strong>";
+ echo "</td>";
+ echo "</tr>";
+ } elseif ($hookname == "groupisactivecheckboxpost") {
+ // this code actually activates/deactivates the plugin after the form was submitted in the project edit public info page
+ $group_id=$params['group'];
+ $group = &group_get_object($group_id);
+ $use_oauthproviderplugin = getStringFromRequest('use_oauthproviderplugin');
+ if ( $use_oauthproviderplugin == 1 ) {
+ $group->setPluginUse ( $this->name );
+ } else {
+ $group->setPluginUse ( $this->name, false );
+ }
+ }elseif ($hookname == "userisactivecheckbox") {
+ //Check if the group is active
+ // this code creates the checkbox in the project edit public info page to activate/deactivate the plugin
+ $userid = $params['user_id'];
+ $user = user_get_object($userid);
+ echo "<tr>";
+ echo "<td>";
+ echo ' <input type="checkbox" name="use_oauthproviderplugin" value="1" ';
+ // checked or unchecked?
+ if ( $user->usesPlugin ( $this->name ) ) {
+ echo "checked";
+ }
+ echo " /><br/>";
+ echo "</td>";
+ echo "<td>";
+ echo "<strong>Use ".$this->text." Plugin</strong>";
+ echo "</td>";
+ echo "</tr>";
+ } elseif ($hookname == "userisactivecheckboxpost") {
+ // this code actually activates/deactivates the plugin after the form was submitted in the project edit public info page
+ $userid = $params['user_id'];
+ $user = user_get_object($userid);
+ $use_oauthproviderplugin = getStringFromPost('use_oauthproviderplugin');
+ if ( $use_oauthproviderplugin == 1 ) {
+ $user->setPluginUse ( $this->name );
+ } else {
+ $user->setPluginUse ( $this->name, false );
+ }
+ } elseif ($hookname == "user_personal_links") {
+ // this displays the link in the user's profile page to it's personal oauthprovider (if you want other sto access it, youll have to change the permissions in the index.php
+ $userid = $params['user_id'];
+ $user = user_get_object($userid);
+ $text = $params['text'];
+ //check if the user has the plugin activated
+ if ($user->usesPlugin($this->name)) {
+ echo ' <p>' ;
+ echo util_make_link ("/plugins/oauthprovider/index.php?id=$userid&type=user",
+ _('View Personal oauthprovider')
+ );
+ echo '</p>';
+ }
+ } elseif ($hookname == "project_admin_plugins") {
+ // this displays the link in the project admin options page to it's oauthprovider administration
+ $group_id = $params['group_id'];
+ $group = &group_get_object($group_id);
+ if ( $group->usesPlugin ( $this->name ) ) {
+ echo '<p>'.util_make_link ("/plugins/oauthprovider/admin/index.php?id=".$group->getID().'&type=admin&pluginname='.$this->name,
+ _('oauthprovider Admin')).'</p>' ;
+ }
+ }
+ elseif ($hookname == "manage_menu") {
+ $this->manage_menu();
+ }
+ elseif ($hookname == "account_menu") {
+ $this->account_menu();
+ }
+ elseif ($hookname == "blahblahblah") {
+ // ...
+ }
+ }
+
+ function manage_menu( ) {
+ return array( '<a href="' . $gfplugins.'oauthprovider/www/manage.php' . '">' . $plugin_oauthprovider_menu_advanced_summary. '</a>', );
+ }
+
+ function account_menu( ) {
+ return array( '<a href="' . $gfplugins.'oauthprovider/www/access_tokens.php' . '">' . $plugin_oauthprovider_menu_account_summary. '</a>', );
+ }
+}
+
+?>
Added: trunk/src/plugins/oauthprovider/include/request_token_api.php
===================================================================
--- trunk/src/plugins/oauthprovider/include/request_token_api.php (rev 0)
+++ trunk/src/plugins/oauthprovider/include/request_token_api.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,103 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('token_api.php');
+
+/**
+ * Request Token concrete class
+ *
+ * Extends the OauthAuthzToken to add the boolean if the request token is authorized and pending
+ * consumption by the consumer.
+ *
+ * @author Olivier Berger
+ *
+ */
+class OauthAuthzRequestToken extends OauthAuthzToken {
+
+ protected $authorized; // if a user has authorized the token
+ protected $role_id; //access level granted
+
+ const TOKEN_TYPE = 'request';
+
+ /**
+ * @param int $p_consumer_id
+ * @param string $p_key
+ * @param string $p_secret
+ * @param bool $p_authorized
+ * @param int $p_user_id
+ * @param int $p_time_stamp
+ */
+ function __construct( $p_consumer_id, $p_key, $p_secret, $p_authorized=false, $p_user_id=null, $p_role_id=null, $p_time_stamp=null) {
+ parent::__construct( $p_consumer_id, $p_key, $p_secret, $p_user_id, $p_time_stamp);
+
+ $this->authorized = $p_authorized;
+ $this->role_id = $p_role_id;
+ }
+
+ public function getAuthorized() {
+ return $this->authorized;
+ }
+
+ public function getRole() {
+ return $this->role_id;
+ }
+
+ /**
+ * Converts a row returned by select * into an object
+ * @param array $t_row
+ * @return OauthAuthzRequestToken
+ */
+ static function row_to_new_token ($t_row) {
+ $t_token = new OauthAuthzRequestToken( $t_row['consumer_id'], $t_row['token_key'], $t_row['token_secret'], $t_row['authorized'], $t_row['role_id'], $t_row['user_id'], $t_row['time_stamp'] );
+
+ $t_token->id = $t_row['id'];
+
+ return $t_token;
+ }
+
+ /**
+ * Saves the token properly to the DB (insert or update with proper columns)
+ */
+ function save() {
+
+ $this->check_mandatory();
+
+ if ( $this->authorized && strlen(trim( $this->user_id ))==0 ) {
+ exit_error( "Error trying to save request token!", 'oauthprovider' );
+ }
+
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+ $this->id = $DBSTORE->save_request_token($this);
+ }
+
+ public function authorize($user_id, $role_id) {
+ $this->authorized = 1;
+ $this->user_id = $user_id;
+ $this->role_id = $role_id;
+ $this->save();
+ }
+
+
+};
+
Added: trunk/src/plugins/oauthprovider/include/token_api.php
===================================================================
--- trunk/src/plugins/oauthprovider/include/token_api.php (rev 0)
+++ trunk/src/plugins/oauthprovider/include/token_api.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,180 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('OAuth.php');
+
+/**
+ * Tokens stored in DB
+ *
+ * This is only the base class that will be subclassed by Request Tokens or Access Tokens
+ * All tokens have an ID in the DB, and are issued for a consumer, at a certain time (stamp)
+ * When a token has been authorized by a user, the user id is recorded
+ *
+ * @author Olivier Berger
+ *
+ */
+class OauthAuthzToken extends OAuthToken {
+
+ protected $id; // in the table
+
+ protected $consumer_id; // consumer for which the token was issued
+ protected $user_id; // user for which the token is (or will be) authorized
+ protected $time_stamp; // time of creation of the token
+
+ const TOKEN_TYPE = 'null';
+
+ /**
+ * @param int $p_consumer_id
+ * @param string $p_key
+ * @param string $p_secret
+ * @param int $p_user_id
+ * @param int $p_time_stamp
+ */
+ function __construct( $p_consumer_id, $p_key, $p_secret, $p_user_id=null, $p_time_stamp=null) {
+ // parent only stores key and secret
+ parent::__construct($p_key, $p_secret);
+
+ // will be set once inserted in the DB
+ $this->id = 0;
+
+ $this->consumer_id = $p_consumer_id;
+ $this->user_id = $p_user_id;
+ $this->time_stamp = $p_time_stamp;
+ }
+
+ public function getId() {
+ return $this->id;
+ }
+
+ public function getConsumerId() {
+ return $this->consumer_id;
+ }
+
+ public function getUserId() {
+ return $this->user_id;
+ }
+
+ public function gettime_stamp() {
+ return $this->time_stamp;
+ }
+
+ /* TO BE SUBCLASSED
+ static function row_to_new_token ($t_row) {
+ $t_token = new OauthAuthzToken( $t_row['consumer_id'], $t_row['token_key'], $t_row['token_secret'] );
+ $t_token->id = $t_row['id'];
+ return $t_token;
+ }
+ */
+
+ /**
+ * Loads a particular token from the DB knowing its ID
+ *
+ * @param int $p_id
+ */
+ static function load( $p_id ) {
+
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+
+ // this is a hack to retrieve the table name from the base class
+ $CHILD_CLASS = get_called_class();
+ $token_type = $CHILD_CLASS::TOKEN_TYPE;
+
+ $t_row = $DBSTORE->find_token_from_id($token_type, $p_id);
+
+ if(!$t_row) {
+ exit_error( "Error trying to load token!", 'oauthprovider' );
+ }
+ // again a hackfor the dispatching of the values
+ return $CHILD_CLASS::row_to_new_token($t_row);
+ }
+
+ /**
+ * @param int $user_id
+ * @return Ambigous <multitype:, unknown>
+ */
+ static function load_all($user_id=null) {
+
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+
+ $CHILD_CLASS = get_called_class();
+ $token_type = $CHILD_CLASS::TOKEN_TYPE;
+
+ $t_rows = $DBSTORE->find_all_tokens($token_type, $user_id);
+
+ $t_tokens = array();
+
+ foreach ($t_rows as $t_row) {
+ $t_token = $CHILD_CLASS::row_to_new_token($t_row);
+
+ $t_tokens[] = $t_token;
+ }
+
+ return $t_tokens;
+ }
+
+ /**
+ * Loads a token by its token key
+ *
+ * @param string $p_token_key
+ * @return OauthAuthzToken subclass
+ */
+ static function load_by_key( $p_token_key ) {
+
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+
+ $CHILD_CLASS = get_called_class();
+ $token_type = $CHILD_CLASS::TOKEN_TYPE;
+
+ $t_row = $DBSTORE->find_token_from_key($token_type, $p_token_key);
+
+ if(!$t_row) {
+ exit_error( "Error trying to load ".$token_type." token!", 'oauthprovider' );
+ }
+ // again a hackfor the dispatching of the values
+ return $CHILD_CLASS::row_to_new_token($t_row);
+ }
+
+ /**
+ * Check that mandatory values are OK
+ */
+ function check_mandatory() {
+ if ( strlen(trim( $this->consumer_id ))==0 || strlen(trim( $this->key ))==0 || strlen(trim( $this->secret ))==0 ) {
+ throw new OAuthException('Mandatory "consumer_id", "key" or "secret" Token attribute(s) not set.');
+ }
+ }
+
+ /**
+ * @param int $p_id
+ */
+ function delete() {
+
+ $DBSTORE = FFDbOAuthDataStore::singleton();
+
+ $CHILD_CLASS = get_called_class();
+ $token_type = $CHILD_CLASS::TOKEN_TYPE;
+
+ $DBSTORE->delete_token( $token_type, $this->id);
+ }
+
+};
Added: trunk/src/plugins/oauthprovider/packaging/control/000source
===================================================================
--- trunk/src/plugins/oauthprovider/packaging/control/000source (rev 0)
+++ trunk/src/plugins/oauthprovider/packaging/control/000source 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,10 @@
+Source: @SRCPACKAGE@
+Section: devel
+Priority: optional
+Maintainer: Christian Bayle <bayle at debian.org>
+Uploaders: Roland Mas <lolando at debian.org>
+Build-Depends-Indep: devscripts
+Build-Depends: debhelper (>= 7), perl, gettext
+Standards-Version: 3.8.4
+Homepage: http://fusionforge.org/
+Vcs-Bzr: http://scm.fusionforge.org/bzr/fusionforge/svn-trunk-ro/
Added: trunk/src/plugins/oauthprovider/packaging/control/222plugin-oauthprovider
===================================================================
--- trunk/src/plugins/oauthprovider/packaging/control/222plugin-oauthprovider (rev 0)
+++ trunk/src/plugins/oauthprovider/packaging/control/222plugin-oauthprovider 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,4 @@
+Package: @SRCPACKAGE@
+Architecture: all
+Depends: @OLDPACKAGE at -common, @OLDPACKAGE at -db-postgresql | @OLDPACKAGE at -db, @OLDPACKAGE at -web-apache2 | @OLDPACKAGE at -web, @OLDPACKAGE at -shell-postgresql | @OLDPACKAGE at -shell, php5-cli, ${misc:Depends}
+Description: collaborative development tool - oauthprovider plugin
Added: trunk/src/plugins/oauthprovider/packaging/control/222plugin-oauthprovider.shortdesc
===================================================================
--- trunk/src/plugins/oauthprovider/packaging/control/222plugin-oauthprovider.shortdesc (rev 0)
+++ trunk/src/plugins/oauthprovider/packaging/control/222plugin-oauthprovider.shortdesc 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,3 @@
+ This plugin contains the oauthprovider subsystem of FusionForge. It allows each
+ FusionForge project to have its own oauthprovider, and gives some
+ control over it to the project's administrator.
Added: trunk/src/plugins/oauthprovider/packaging/dirs/plugin-oauthprovider
===================================================================
--- trunk/src/plugins/oauthprovider/packaging/dirs/plugin-oauthprovider (rev 0)
+++ trunk/src/plugins/oauthprovider/packaging/dirs/plugin-oauthprovider 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,5 @@
+etc/gforge/httpd.d
+etc/gforge/plugins/oauthprovider
+usr/share/gforge/plugins/oauthprovider/cgi-bin
+usr/share/gforge/plugins/oauthprovider/common
+usr/share/gforge/plugins/oauthprovider/www
Added: trunk/src/plugins/oauthprovider/packaging/docs/plugin-oauthprovider
===================================================================
--- trunk/src/plugins/oauthprovider/packaging/docs/plugin-oauthprovider (rev 0)
+++ trunk/src/plugins/oauthprovider/packaging/docs/plugin-oauthprovider 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1 @@
+debian/README.Debian
Added: trunk/src/plugins/oauthprovider/packaging/install/plugin-oauthprovider
===================================================================
--- trunk/src/plugins/oauthprovider/packaging/install/plugin-oauthprovider (rev 0)
+++ trunk/src/plugins/oauthprovider/packaging/install/plugin-oauthprovider 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,8 @@
+common/* usr/share/gforge/plugins/oauthprovider/common/
+include/* usr/share/gforge/plugins/oauthprovider/include/
+db/* usr/share/gforge/plugins/oauthprovider/db/
+bin/* usr/share/gforge/plugins/oauthprovider/bin/
+www/* usr/share/gforge/plugins/oauthprovider/www/
+cronjobs/* usr/share/gforge/cronjobs
+etc/plugins/oauthprovider/* etc/gforge/plugins/oauthprovider/
+etc/httpd.d/* usr/share/gforge/etc/httpd.d/
Added: trunk/src/plugins/oauthprovider/packaging/links/plugin-oauthprovider
===================================================================
--- trunk/src/plugins/oauthprovider/packaging/links/plugin-oauthprovider (rev 0)
+++ trunk/src/plugins/oauthprovider/packaging/links/plugin-oauthprovider 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1 @@
+/usr/share/gforge/plugins/oauthprovider/www /usr/share/gforge/www/plugins/oauthprovider
Added: trunk/src/plugins/oauthprovider/translations/en.po
===================================================================
Added: trunk/src/plugins/oauthprovider/translations/gforge.pot
===================================================================
Added: trunk/src/plugins/oauthprovider/utils/manage-translations.sh
===================================================================
--- trunk/src/plugins/oauthprovider/utils/manage-translations.sh (rev 0)
+++ trunk/src/plugins/oauthprovider/utils/manage-translations.sh 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,56 @@
+#! /bin/sh -e
+
+if [ -e gforge/translations/gforge.pot ] ; then # We're in the parent dir
+ cd gforge
+elif [ -e translations/gforge.pot ] ; then # probably in gforge/ (or a renamed gforge/)
+ cd . # do nothing, but shell syntax requires an instruction in a then-block
+elif [ -e ../gforge/translations/gforge.pot ] ; then # in tools/ or tests/ or something
+ cd ../gforge
+elif [ -e ../translations/gforge.pot ] ; then # In a subdir of gforge/
+ cd ..
+else
+ echo "Couldn't find translations directory..."
+ exit 1
+fi
+
+locales=$(ls translations/*.po \
+ | xargs -n1 -iFILE basename FILE .po \
+ | egrep '^[a-z][a-z](_[A-Z][A-Z]$)?' \
+ | sort)
+
+print_stats () {
+ for l in $(echo $locales | xargs -n 1 | sort) ; do
+ printf "* %5s: " $l
+ msgfmt --statistics -o /dev/null translations/$l.po
+ done
+}
+
+case $1 in
+ stats)
+ print_stats
+ ;;
+ refresh)
+ rm translations/gforge.pot
+
+ find -type f -\( -name \*.php -or -name users -or -name projects -\) \
+ | grep -v -e {arch} -e svn-base \
+ | grep -v ^./plugins/wiki \
+ | LANG=C sort \
+ | xargs xgettext -d gforge -o translations/gforge.pot -L PHP --from-code=iso-8859-1
+
+ for l in $locales ; do
+ echo "Processing $l..."
+ msgmerge -U translations/$l.po translations/gforge.pot
+ done
+ ;;
+ build)
+ for l in $locales ; do
+ mkdir -p locales/$l/LC_MESSAGES
+ msgfmt -o locales/$l/LC_MESSAGES/gforge.mo translations/$l.po
+ done
+ ;;
+ *)
+ echo "Unknown operation"
+ exit 1
+ ;;
+esac
Property changes on: trunk/src/plugins/oauthprovider/utils/manage-translations.sh
___________________________________________________________________
Added: svn:executable
+ *
Added: trunk/src/plugins/oauthprovider/www/access_token.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/access_token.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/access_token.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,55 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+
+// This is not exactly using FusionForge, as is not meant for humans, and just an endpoint of the OAuth protocol.
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+//require_once 'checks.php';
+if (!session_loggedin()) {
+ exit_not_logged_in();
+ }
+
+try {
+ $oauthprovider_server = new OAuthServer(FFDbOAuthDataStore::singleton());
+
+ $hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
+ $oauthprovider_server->add_signature_method($hmac_method);
+
+ // Retrieves an access token in exchange from the request token provided
+ $req = OAuthRequest::from_request();
+ //print_r($req->get_parameters());
+ $token = $oauthprovider_server->fetch_access_token($req);
+
+ // the default print method is exactly what must be returned
+ print $token;
+
+} catch (OAuthException $e) {
+ print($e->getMessage() . "\n<hr />\n");
+ print_r($req);
+ die();
+}
+
+?>
Added: trunk/src/plugins/oauthprovider/www/access_tokens.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/access_tokens.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/access_tokens.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,66 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+// Screen which displays a list of access tokens the user has already granted to consumers
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+
+require_once 'checks.php';
+
+$user_id = user_getid();
+
+$t_tokens = OauthAuthzAccessToken::load_all($user_id);
+
+$headers = array(
+ $plugin_oauthprovider_consumer_name,
+ $plugin_oauthprovider_key,
+ $plugin_oauthprovider_secret,
+ $plugin_oauthprovider_time_stamp,
+ 'DELETE'
+ );
+echo $HTML->boxTop($plugin_oauthprovider_access_tokens);
+echo $HTML->boxBottom();
+echo $HTML->listTableTop($headers);
+
+$i = 0;
+foreach( $t_tokens as $t_token ) {
+ $consumer = OauthAuthzConsumer::load($t_token->getConsumerId());
+ echo '<tr '.$HTML->boxGetAltRowStyle($i).'>';
+ echo '<td>'.util_make_link('/plugins/'.$pluginname.'/consumer_manage.php?type='.$type.'&id='.$id. '&consumer_id=' . $t_token->getConsumerId(),$consumer->getName()).'</td>';
+ echo '<td>'.$t_token->key.'</td>';
+ echo '<td>'.$t_token->secret.'</td>';
+ echo '<td>'.date(DATE_RFC822, $t_token->gettime_stamp()) .'</td>';
+ echo '<td>'.util_make_link('/plugins/'.$pluginname.'/token_delete.php?type='.$type.'&id='.$id.'&token_id=' . $t_token->getId() . '&token_type=access' . '&plugin_oauthprovider_token_delete_token='.form_generate_key(), $plugin_oauthprovider_delete). '</td>';
+ echo '</tr>';
+ $i++;
+}
+
+echo $HTML->listTableBottom();
+
+site_project_footer(array());
+
+
+
+
Added: trunk/src/plugins/oauthprovider/www/admin/index.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/admin/index.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/admin/index.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,70 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+
+global $gfwww;
+require_once('../../../env.inc.php');
+require_once '../checks.php';
+
+
+?>
+
+<h3>OAuth endpoints</h3>
+
+<p>This OAuthProvider plugin provides the following OAuth endpoints for OAuth consumers to use, in "3-legs" mode.</p>
+
+<?php
+ $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http' : 'https';
+ $http_url = $scheme . '://' . $_SERVER['HTTP_HOST'];
+?>
+
+<ul>
+ <li><b>Request Token URL:</b> <tt><?php echo $http_url . '/plugins/'.$pluginname.'/request_token.php' ?></tt> (GET)</li>
+ <li><b>User Authorization URL:</b> <tt><?php echo $http_url . '/plugins/'.$pluginname.'/authorize.php' ?></tt></li>
+ <li><b>Access Token URL:</b> <tt><?php echo $http_url . '/plugins/'.$pluginname.'/access_token.php' ?></tt></li>
+</ul>
+
+ <p>For instance, with Zend_Oauth, in PHP, the consumer should use such code to request a token :<pre><tt>
+ $consumer = new Zend_OAuth_Consumer($config);
+ $consumer->setRequestMethod(Zend_Oauth::GET);
+ $consumer->setRequestTokenUrl($BASE_FF_URL.'/plugins/oauthprovider/request_token.php');
+ $customServiceParameters= array(
+ 'type' => 'group',
+ 'id' => n
+ );
+ $token = $consumer->getRequestToken($customServiceParameters);</tt></pre></p>
+
+<h3>Signature method</h3>
+
+ <p>The <b>HMAC_SHA1</b> signature method is the only one supported at the moment.</p>
+
+
+<?php
+# Create a basic href link to the manage.php plugin page
+echo '<a href="', '/plugins/'.$pluginname.'/consumer.php?type='.$type.'&id='.$id , '">', 'Consumers', '</a><br> ';
+echo '<a href="', '/plugins/'.$pluginname.'/request_tokens.php?type='.$type.'&id='.$id , '">', 'Request tokens', '</a><br> ';
+echo '<a href="', '/plugins/'.$pluginname.'/access_tokens.php?type='.$type.'&id='.$id , '">', 'Access tokens', '</a><br> ';
+
+site_project_footer(array());
+
\ No newline at end of file
Added: trunk/src/plugins/oauthprovider/www/authorize.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/authorize.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/authorize.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,160 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+// This displays the request token authorization dialog to the user
+
+//should be changed as session_require_login returns with error if not logged in
+//to be tested
+//session_require_login ();
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+require $gfconfig.'/plugins/oauthprovider/config.php';
+require_once 'checks.php';
+
+//non-admin users shud be able to do authorisations
+//session_require_global_perm('project_admin');
+
+
+?>
+
+<h2><?php echo $plugin_oauthprovider_pending_authorizations ?></h2>
+
+<?php
+
+try {
+
+ $req = OAuthRequest::from_request();
+ // print_r($req);
+
+ $p_token = $req->get_parameter('oauth_token');
+ // echo "token : $p_token";
+
+ $t_request_token = OauthAuthzRequestToken::load_by_key($p_token);
+
+ if($type=="group") $groupname = $name;
+ else $groupname = null;
+ $group = group_get_object_by_name($groupname);
+ $user_id = user_getid();
+ //echo "user: ".$user_id;
+ //echo "group: ".$groupid;
+ $user = user_get_object($user_id);
+ $roles = array () ;
+ foreach (RBACEngine::getInstance()->getAvailableRolesForUser ($user) as $role) {
+ if ($role->getHomeProject() && $role->getHomeProject()->getID() == $group->getID()) {
+ $roles[] = $role ;
+ }
+ }
+
+ if($t_request_token) {
+ $consumer = OauthAuthzConsumer::load($t_request_token->getConsumerId());
+ // don't allow to authorize tokens older than 24 hours
+ $time_stamp = $t_request_token->gettime_stamp();
+ $now = time();
+ if ($time_stamp < ($now - (int)(24 * 3600))) {
+ $time_stamp = null;
+ $date = "more than 24 hours ago";
+ }
+ else {
+ $date = "on ".date(DATE_RFC822, $time_stamp);
+ }
+
+ $callback_url = $req->get_parameter('oauth_callback');
+
+ // check if there are already access_tokens already authorized for that same consumer
+ $t_access_tokens = OauthAuthzAccessToken::load_by_consumer($consumer->getId(), $user_id);
+ $already_authorized = count($t_access_tokens);
+
+ if ($already_authorized > 0) {
+ echo "<p><b>ATTENTION: You have already $already_authorized authorized access for this consumer on your behalf. You are advised to delete previous access tokens first.</b></p>";
+
+ }
+
+ // Now we can display the pending request token and point to the authorization confirmation dialog
+ echo sprintf( $plugin_oauthprovider_pending_authorization, $consumer->getName(), $date ) . ' ';
+ echo "<table><tr><td>";
+ if( isset($time_stamp) ) {
+ // the time_stamp is recent enough so we can allow authorization
+ //echo "<br />";
+ echo '<form action="token_authorize.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname.'" method="post">';
+ echo '<input type="hidden" name="plugin_oauthprovider_token_authorize_token" value="'.form_generate_key().'"/>';
+ echo '<input type="hidden" name="token_id" value="'.$t_request_token->getId().'"/>';
+ echo '<input type="hidden" name="callback_url" value="'.urlencode($callback_url).'"/>';
+
+ echo "<table><tr><td>Role:</td><td><select name=\"rolelist\">";
+ foreach($roles as $role) {
+ echo '<option value="'.$role->getID().'">'.$role->getName().'</option>';
+ }
+ echo "</select></td>";
+
+ echo '<td><input type="submit" value="'. $plugin_oauthprovider_authorize .'"/></td></tr></table>';
+ echo '</form>';
+
+ }
+ else {
+ // just display an inactive authorization link
+ print "<a href=\"\">". $plugin_oauthprovider_authorize ."</a>" ;
+ }
+ echo '</td><td>';
+ // Denying it is always an option
+ echo '<form action="token_deny.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname.'" method="post">';
+ echo '<input type="hidden" name="plugin_oauthprovider_token_deny_token" value="'.form_generate_key().'"/>';
+ echo '<input type="hidden" name="token_id" value="'.$t_request_token->getId().'"/>';
+ echo "<table><tr><td><b>OR</b></td>";
+ echo '<td><input type="submit" value="'. $plugin_oauthprovider_deny .'"/></td></tr></table>';
+ echo '</form>';
+ echo '</td></tr></table>'
+ ?>
+
+
+<?php // TODO needs translation ?>
+<p><b>Security-related notices :</b></p>
+<ul>
+ <li>Fusionforge cannot assert in a fully trusted way if this request was
+ actually made by the right OAuth Consumer. You should be able to tell,
+ since you have been redirected here from that Consumer application.</li>
+ <li>Currently, this feature implements only a one-time access to a dummy page</li>
+</ul>
+
+ <?php
+ }
+ else {
+
+ ?>
+<p>Could not find token <?php echo "$p_token" ?>!</p>
+
+ <?php
+
+ }
+
+
+} catch (OAuthException $e) {
+
+ error_parameters($e->getMessage(), "OauthAuthz");
+ exit_error( "Oauth authorisation error!", 'oauthprovider' );
+
+}
+site_project_footer(array());
+
+?>
Added: trunk/src/plugins/oauthprovider/www/checks.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/checks.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/checks.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,128 @@
+<?php
+
+/*
+ * oauthprovider plugin
+ *
+ * Daniel Perez <danielperez.arg at gmail.com>
+ *
+ * This is an example to watch things in action. You can obviously modify things and logic as you see fit
+ */
+
+require_once $gfwww.'include/pre.php';
+require $gfconfig.'/plugins/oauthprovider/config.php';
+
+
+
+// the header that displays for the project portion of the plugin
+function oauthprovider_Project_Header($params) {
+ global $DOCUMENT_ROOT,$HTML,$id, $group_id;
+ $group_id = $id;
+ $params['toptab']='oauthprovider';
+ $params['group']=$id;
+ /*
+ Show horizontal links
+ */
+ site_project_header($params);
+}
+
+// the header that displays for the user portion of the plugin
+function oauthprovider_User_Header($params) {
+ global $DOCUMENT_ROOT,$HTML,$user_id;
+ $params['toptab']='oauthprovider';
+ $params['user']=$user_id;
+ /*
+ Show horizontal links
+ */
+ site_user_header($params);
+}
+
+ if (!session_loggedin()) {
+ exit_not_logged_in();
+ }
+
+ $user = session_get_user(); // get the session user
+
+ if (!$user || !is_object($user) || $user->isError() || !$user->isActive()) {
+ exit_error("Invalid User, Cannot Process your request for this user.", 'oauthprovider');
+ }
+
+ $type = getStringFromRequest('type');
+ $id = getStringFromRequest('id');
+ $name = getStringFromRequest('name');
+ $pluginname = 'oauthprovider';
+
+ if (!$type) {
+ exit_error("Cannot Process your request: No TYPE specified ",'oauthprovider'); // you can create items in Base.tab and customize this messages
+ } elseif ((!$name)&&(!$id)) {
+ exit_error("Cannot Process your request: No NAME or ID specified",'oauthprovider');
+ } else {
+ if ($type == 'group') {
+ if($name) {
+ $group = group_get_object_by_name($name);
+ $id = $group->getID();
+ }
+ else $group = group_get_object($id);
+ //print_r($group);
+ if ( !$group) {
+ exit_error("Invalid Project", 'oauthprovider');
+ }
+ if ( ! ($group->usesPlugin ( $pluginname )) ) {//check if the group has the oauthprovider plugin active
+ exit_error("Error, First activate the $pluginname plugin through the Project's Admin Interface", 'oauthprovider');
+ }
+ $userperm = $group->getPermission($user);//we'll check if the user belongs to the group (optional)
+ if ( !$userperm->IsMember()) {
+ exit_error("Access Denied, You are not a member of this project", 'oauthprovider');
+ }
+ // other perms checks here...
+ oauthprovider_Project_Header(array('group'=>$group->getID(),'title'=>$pluginname . ' Project Plugin!','pagename'=>$pluginname,'sectionvals'=>array($group->getPublicName())));
+ // DO THE STUFF FOR THE PROJECT PART HERE
+
+ echo "We are in the Project oauthprovider plugin page for group (project) $id <br><br>";
+
+ } elseif ($type == 'user') {
+ if($name) $realuser = user_get_object_by_name($name);
+ else $realuser = user_get_object($id);
+ if (!($realuser) || !($realuser->usesPlugin($pluginname))) {
+ exit_error("First activate the User's $pluginname plugin through Account Manteinance Page", 'oauthprovider');
+ }
+ if ( (!$user) || ($user->getID() != $id)) { // if someone else tried to access the private oauthprovider part of this user
+ exit_error("Access Denied, You cannot access other user's personal $pluginname", 'oauthprovider');
+ }
+ oauthprovider_User_Header(array('title'=>'My '.$pluginname,'pagename'=>"$pluginname",'sectionvals'=>array($realuser->getUnixName())));
+ // DO THE STUFF FOR THE USER PART HERE
+ echo "We are in the User oauthprovider plugin page for user <br><br>";
+
+ } elseif ($type == 'admin') {
+ if($name) {
+ $group = group_get_object_by_name($name);
+ $id = $group->getID();
+ }
+ else $group = group_get_object($id);
+
+ if ( !$group) {
+ exit_error("Invalid Project", 'oauthprovider');
+ }
+ if ( ! ($group->usesPlugin ( $pluginname )) ) {//check if the group has the oauthprovider plugin active
+ exit_error("Error, First activate the $pluginname plugin through the Project's Admin Interface", 'oauthprovider');
+ }
+ $userperm = $group->getPermission($user);//we'll check if the user belongs to the group
+ if ( !$userperm->IsMember()) {
+ exit_error("Access Denied, You are not a member of this project", 'oauthprovider');
+ }
+ //only project admin can access here
+ if ( $userperm->isAdmin() ) {
+ oauthprovider_Project_Header(array('group'=>$id, 'title'=>$pluginname . ' Project Plugin!','pagename'=>"$pluginname",'sectionvals'=>array(group_getname($id))));
+ // DO THE STUFF FOR THE PROJECT ADMINISTRATION PART HERE
+ //echo "We are in the Project oauthprovider plugin page for <font color=\"#ff0000\">ADMINISTRATION</font> <br><br>";
+
+ } else {
+ exit_error("Access Denied, You are not a project Admin", 'oauthprovider');
+ }
+ }
+ else {
+ exit_error("Cannot Process your request: Invalid TYPE specified", 'oauthprovider');
+ }
+ }
+ $i = 0;
+
+?>
\ No newline at end of file
Added: trunk/src/plugins/oauthprovider/www/consumer.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/consumer.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/consumer.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,148 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+require_once 'checks.php';
+
+$user = session_get_user(); // get the session user
+$t_consumers = OauthAuthzConsumer::load_all();
+
+$t_can_manage = false;
+if(forge_check_global_perm ('forge_admin')) $t_can_manage = true;
+
+if(count($t_consumers)>0) {
+?>
+
+<br/>
+<table align="center" cellspacing="1">
+
+ <tr>
+ <td class="form-title"><?php echo $plugin_oauthprovider_consumers ?></td>
+ </tr>
+
+ <tr class="row-category">
+ <td><?php echo $plugin_oauthprovider_consumer ?></td>
+ <td><?php echo $plugin_oauthprovider_url ?></td>
+ <td><?php echo $plugin_oauthprovider_desc ?></td>
+ <td><?php echo $plugin_oauthprovider_email ?></td>
+ <td><?php echo $plugin_oauthprovider_key ?></td>
+ <td><?php echo $plugin_oauthprovider_secret ?></td>
+ <td></td>
+ <td></td>
+ </tr>
+
+<?php
+
+ foreach( $t_consumers as $t_consumer ) { ?>
+ <tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+ <td><?php echo ( $t_consumer->getName() ) ?></td>
+ <td class="center"><?php echo ( $t_consumer->getURL() ) ?></td>
+ <td class="center"><?php echo ( $t_consumer->getDesc() ) ?></td>
+ <td class="center"><?php echo ( $t_consumer->getEmail() ) ?></td>
+ <td><?php echo ( substr($t_consumer->key, 0, 10).'...' ) ?></td>
+ <td><?php
+ if ( $t_can_manage ) {
+ echo ( substr($t_consumer->secret, 0, 10).'...' );
+ }
+ else {
+ echo '**************';
+ } ?></td>
+ <td class="center">
+ <?php
+ if ( $t_can_manage ) {
+
+ print util_make_link('/plugins/'.$pluginname.'/consumer_manage.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname . '&consumer_id=' . $t_consumer->getId() , $plugin_oauthprovider_manage);
+ }
+ ?>
+ </td>
+ <td class="center">
+ <?php
+ if ( $t_can_manage ) {
+ print util_make_link('/plugins/'.$pluginname.'/consumer_delete.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname . '&consumer_id=' . $t_consumer->getId() . '&plugin_oauthprovider_consumer_delete_token='.form_generate_key(), $plugin_oauthprovider_delete);
+
+ }
+ ?>
+ </td>
+ </tr>
+<?php } ?>
+
+</table>
+
+<?php
+}
+else {
+ echo '<p>There are currently no customers in the database.</p>';
+}
+
+if ( $t_can_manage ) { ?>
+<br/>
+<form action="<?php echo 'consumer_create.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname ?>" method="post">
+<?php echo '<input type="hidden" name="plugin_oauthprovider_consumer_create_token" value="'.form_generate_key().'"/>' ?>
+<table class="width50" align="center" cellspacing="1">
+
+<tr>
+<td class="form-title" colspan="2"><?php echo $plugin_oauthprovider_create_consumer ?></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_name ?></td>
+<td><input name="consumer_name" maxlength="128" size="40"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_url ?></td>
+<td><input name="consumer_url" maxlength="250" size="40"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_desc ?></td>
+<td><input name="consumer_desc" maxlength="250" size="40"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_email ?></td>
+<td><input name="consumer_email" maxlength="250" size="40"/></td>
+</tr>
+
+
+
+<tr>
+<td class="center" colspan="2"><input type="submit" value="<?php echo $plugin_oauthprovider_create_consumer ?>"/></td>
+</tr>
+
+</table>
+</form>
+<?php }
+
+
+ site_project_footer(array());
+
+// Local Variables:
+// mode: php
+// c-file-style: "bsd"
+// End:
+
+?>
Added: trunk/src/plugins/oauthprovider/www/consumer_create.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/consumer_create.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/consumer_create.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,67 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+
+require_once 'checks.php';
+
+
+if(!form_key_is_valid(getStringFromRequest('plugin_oauthprovider_consumer_create_token'))) {
+ exit_form_double_submit('admin');
+}
+
+//access_ensure_global_level( plugin_config_get( 'manage_threshold' ) ); // equivalent function to be added later for ff
+session_require_global_perm('forge_admin');
+
+$f_consumer_name = getStringFromPost( 'consumer_name' );
+$f_consumer_url = getStringFromPost( 'consumer_url' );
+$f_consumer_desc = getStringFromPost( 'consumer_desc' );
+$f_consumer_email = getStringFromPost( 'consumer_email' );
+
+ if (($msg=OauthAuthzConsumer::check_consumer_values($f_consumer_name, $f_consumer_url, $f_consumer_desc, $f_consumer_email))!=null) {
+ //$missing_params[] = _('"Consumer Name"');
+ echo "<p><font color=\"#ff0000\">.$msg.</font></p>";
+ //exit_missing_param('', $missing_params,'oauthprovider');
+ form_release_key(getStringFromRequest('plugin_oauthprovider_consumer_create_token'));
+ include 'consumer.php';
+ }
+ else {
+ $key_secret = OauthAuthzConsumer::new_consumer_keys_generate();
+ $f_consumer_key = $key_secret[0];
+ $f_consumer_secret = $key_secret[1];
+ $f_consumer_url = (htmlspecialchars($f_consumer_url));
+ $f_consumer_desc = (htmlspecialchars($f_consumer_desc));
+ $f_consumer_email = (htmlspecialchars($f_consumer_email));
+ $t_consumer = new OauthAuthzConsumer( $f_consumer_name, $f_consumer_key, $f_consumer_secret, $f_consumer_url, $f_consumer_desc, $f_consumer_email );
+ $t_consumer->save();
+
+ form_release_key(getStringFromRequest('plugin_oauthprovider_consumer_create_token'));
+
+ session_redirect( '/plugins/'.$pluginname.'/consumer.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname);
+ }
+
+
+
Added: trunk/src/plugins/oauthprovider/www/consumer_delete.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/consumer_delete.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/consumer_delete.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,44 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+require_once 'checks.php';
+
+
+form_key_is_valid(getStringFromRequest('plugin_oauthprovider_consumer_delete_token'));
+
+//access_ensure_global_level( plugin_config_get( 'manage_threshold' ) ); // equivalent function to be added later for ff
+session_require_global_perm('forge_admin');
+
+$f_consumer_id = getStringFromGet( 'consumer_id' );
+
+$t_consumer = OauthAuthzConsumer::load( $f_consumer_id );
+
+//helper_ensure_confirmed( sprintf( $plugin_oauthprovider_ensure_consumer_delete, $t_consumer->getName() ), $plugin_oauthprovider_delete_consumer );
+
+$t_consumer->delete();
+
+form_release_key(getStringFromRequest('plugin_oauthprovider_consumer_delete_token'));
+session_redirect( '/plugins/'.$pluginname.'/index.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname);
Added: trunk/src/plugins/oauthprovider/www/consumer_manage.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/consumer_manage.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/consumer_manage.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,106 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+require_once 'checks.php';
+
+session_require_global_perm('forge_admin');
+
+$f_consumer_id = getIntFromGet( 'consumer_id' );
+
+$t_consumer = OauthAuthzConsumer::load( $f_consumer_id );
+
+$i = 0;
+?>
+
+<br/>
+<table class="width75" align="center" cellspacing="1">
+
+<tr>
+<td class="form-title" colspan="2"><?php echo $plugin_oauthprovider_manage_consumer ?></td>
+<td class="right">
+<?php
+ print util_make_link('/plugins/'.$pluginname.'/index.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname , $plugin_oauthprovider_back);
+?>
+</td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_name ?></td>
+<td colspan="2"><?php echo ( $t_consumer->getName() ) ?></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_url ?></td>
+<td colspan="2"><?php echo ( $t_consumer->getUrl() ) ?></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_desc ?></td>
+<td colspan="2"><?php echo ( $t_consumer->getDesc() ) ?></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_email ?></td>
+<td colspan="2"><?php echo ( $t_consumer->getEmail() ) ?></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_key ?></td>
+<td colspan="2"><?php echo ( $t_consumer->key ) ?></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_secret ?></td>
+<td colspan="2"><?php echo ( $t_consumer->secret ) ?></td>
+</tr>
+
+<tr>
+<td width="30%"></td>
+<td width="20%"></td>
+<td width="50%"></td>
+</tr>
+
+<tr>
+<td colspan="1">
+<form action="<?php echo 'consumer_update_page.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname . '&consumer_id=' . $t_consumer->getId() ?>" method="post">
+ <input type="submit" value="<?php echo $plugin_oauthprovider_update_consumer ?>"/>
+</form>
+</td>
+<td colspan="1">
+<form action="<?php echo 'consumer_delete.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname . '&consumer_id=' . $t_consumer->getId() ?>" method="post">
+ <?php echo '<input type="hidden" name="plugin_oauthprovider_consumer_delete_token" value="'.form_generate_key().'"/>' ?>
+ <input type="submit" value="<?php echo $plugin_oauthprovider_delete_consumer ?>"/>
+</form>
+</td>
+</tr>
+
+</table>
+
+<?php
+//html_page_bottom1( __FILE__ );
+site_project_footer(array());
+
+
Added: trunk/src/plugins/oauthprovider/www/consumer_update.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/consumer_update.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/consumer_update.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,62 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+require_once 'checks.php';
+
+form_key_is_valid(getStringFromRequest( 'plugin_oauthprovider_consumer_update_token' ));
+
+//access_ensure_global_level( plugin_config_get( 'manage_threshold' ) ); // equivalent function to be added later for ff
+session_require_global_perm('forge_admin');
+
+$f_consumer_id = getIntFromPost( 'consumer_id' );
+$f_consumer_name = getStringFromPost( 'consumer_name' );
+$f_consumer_url = getStringFromPost( 'consumer_url' );
+$f_consumer_desc = getStringFromPost( 'consumer_desc' );
+$f_consumer_email = getStringFromPost( 'consumer_email' );
+if(array_key_exists('keys_update', $_POST)) {
+ $key_secret = OauthAuthzConsumer::new_consumer_keys_generate();
+ $f_consumer_key = $key_secret[0];
+ $f_consumer_secret = $key_secret[1];
+}else {
+ $f_consumer_key = getStringFromPost( 'consumer_key' );
+ $f_consumer_secret = getStringFromPost( 'consumer_secret' );
+}
+
+$t_consumer = OauthAuthzConsumer::load( $f_consumer_id );
+
+$t_consumer->setName($f_consumer_name);
+$t_consumer->setURL($f_consumer_url);
+$t_consumer->setDesc($f_consumer_desc);
+$t_consumer->setEmail($f_consumer_email);
+$t_consumer->key = $f_consumer_key;
+$t_consumer->secret = $f_consumer_secret;
+
+$t_consumer->save();
+
+form_release_key(getStringFromRequest( 'plugin_oauthprovider_consumer_update_token' ));
+
+session_redirect( '/plugins/'.$pluginname.'/consumer_manage.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname. '&consumer_id=' . $t_consumer->getId() );
Added: trunk/src/plugins/oauthprovider/www/consumer_update_page.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/consumer_update_page.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/consumer_update_page.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,93 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+require_once 'checks.php';
+
+session_require_global_perm('forge_admin');
+
+$f_consumer_id = getIntFromGet( 'consumer_id' );
+
+$t_consumer = OauthAuthzConsumer::load( $f_consumer_id );
+
+
+$i=0;
+?>
+
+<br/>
+<form action="<?php echo 'consumer_update.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname ?>" method="post">
+<?php echo '<input type="hidden" name="plugin_oauthprovider_consumer_update_token" value="'.form_generate_key().'"/>' ?>
+<input type="hidden" name="consumer_id" value="<?php echo $t_consumer->getId() ?>"/>
+<table class="width60" align="center" cellspacing="1">
+
+<tr>
+<td class="form-title"><?php echo $plugin_oauthprovider_update_consumer ?></td>
+<td class="right"><?php print util_make_link("/plugins/".$pluginname.'/consumer_manage.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname. '&consumer_id=' . $t_consumer->getId(), $plugin_oauthprovider_back_consumer ); ?></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_name ?></td>
+<td><input name="consumer_name" maxlength="128" size="40" value="<?php echo ( $t_consumer->getName() ) ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_url ?></td>
+<td><input name="consumer_url" maxlength="250" size="40" value="<?php echo ( $t_consumer->getUrl() ) ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_desc ?></td>
+<td><input name="consumer_desc" maxlength="250" size="40" value="<?php echo ( $t_consumer->getDesc() ) ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_email ?></td>
+<td><input name="consumer_email" maxlength="250" size="40" value="<?php echo ( $t_consumer->getEmail() ) ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_key ?></td>
+<td><input name="consumer_key" readonly="readonly" maxlength="250" size="40" value="<?php echo ( $t_consumer->key ) ?>"/></td>
+</tr>
+
+<tr <?php echo $HTML->boxGetAltRowStyle($i++) ?>>
+<td class="category"><?php echo $plugin_oauthprovider_secret ?></td>
+<td><input name="consumer_secret" readonly="readonly" maxlength="250" size="40" value="<?php echo ( $t_consumer->secret ) ?>"/></td>
+</tr>
+
+<tr>
+<td class="center" colspan="1"><input type="submit" name="update" value="<?php echo $plugin_oauthprovider_update_consumer ?>"/></td>
+<td class="center" colspan="1"><input type="submit" name="keys_update" value="<?php echo $plugin_oauthprovider_renew_keys_update_consumer ?>"/></td>
+</tr>
+</table>
+</form>
+
+
+<?php
+//html_page_bottom1( __FILE__ );
+site_project_footer(array());
+
+
Added: trunk/src/plugins/oauthprovider/www/echo.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/echo.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/echo.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,70 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+# This script demonstrates the way to protect access to a resource using OAuth.
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+//require_once 'checks.php';
+
+
+
+
+try {
+ $oauthprovider_server = new OAuthServer(FFDbOAuthDataStore::singleton());
+
+ $hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
+ $oauthprovider_server->add_signature_method($hmac_method);
+
+ $req = OAuthRequest::from_request();
+ list($consumer, $token) = $oauthprovider_server->verify_request( $req);
+
+ // Now, the request is valid.
+
+ // We know which consumer is connected
+ echo "Authenticated as consumer : \n";
+ //print_r($consumer);
+ echo " name: ". $consumer->getName() ."\n";
+ echo " key: $consumer->key\n";
+ echo "\n";
+
+ // And on behalf of which user it connects
+ echo "Authenticated with access token whose key is : $token->key \n";
+ echo "\n";
+ $t_token = OauthAuthzAccessToken::load_by_key($token->key);
+ $user_object =& user_get_object($t_token->getUserId());
+ $user = $user_object->getRealName().' ('.$user_object->getUnixName().')';
+ echo "Acting on behalf of user : $user\n";
+ echo "\n";
+
+ echo "Received message : \n";
+ $message = $_GET['message'];
+ print_r($message);
+
+
+} catch (OAuthException $e) {
+ print($e->getMessage() . "\n<hr />\n");
+ print_r($req);
+ die();
+}
Added: trunk/src/plugins/oauthprovider/www/index.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/index.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/index.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,71 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('../../env.inc.php');
+require_once 'checks.php';
+
+?>
+
+<h3>OAuth endpoints</h3>
+
+<p>This OAuthProvider plugin provides the following OAuth endpoints for OAuth consumers to use, in "3-legs" mode.</p>
+
+<?php
+ $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http' : 'https';
+ $http_url = $scheme . '://' . $_SERVER['HTTP_HOST'];
+?>
+
+<ul>
+ <li><b>Request Token URL:</b> <tt><?php echo $http_url . '/plugins/'.$pluginname.'/request_token.php' ?></tt> (GET)</li>
+ <li><b>User Authorization URL:</b> <tt><?php echo $http_url . '/plugins/'.$pluginname.'/authorize.php' ?></tt></li>
+ <li><b>Access Token URL:</b> <tt><?php echo $http_url . '/plugins/'.$pluginname.'/access_token.php' ?></tt></li>
+</ul>
+
+ <p>For instance, with Zend_Oauth, in PHP, the consumer should use such code to request a token :<pre><tt>
+ $consumer = new Zend_OAuth_Consumer($config);
+ $consumer->setRequestMethod(Zend_Oauth::GET);
+ $consumer->setRequestTokenUrl($BASE_FF_URL.'/plugins/oauthprovider/request_token.php');
+ $customServiceParameters= array(
+ 'type' => 'group',
+ 'id' => n
+ );
+ $token = $consumer->getRequestToken($customServiceParameters);</tt></pre></p>
+
+<h3>Signature method</h3>
+
+ <p>The <b>HMAC_SHA1</b> signature method is the only one supported at the moment.</p>
+
+<?php
+//global $plugin_oauthprovider_consumers, $plugin_oauthprovider_request_tokens;
+# Create a basic href link to the manage.php plugin page
+if(($type == 'admin')||(forge_check_global_perm ('forge_admin')) ){
+ echo '<a href="', '/plugins/'.$pluginname.'/consumer.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname , '">', 'Consumers', '</a> <br>';
+}
+
+
+echo '<a href="', '/plugins/'.$pluginname.'/request_tokens.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname , '">', 'Request tokens', '</a><br> ';
+echo '<a href="', '/plugins/'.$pluginname.'/access_tokens.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname , '">', 'Access tokens', '</a><br> ';
+
+//html_page_bottom();
+site_project_footer(array());
Added: trunk/src/plugins/oauthprovider/www/request_token.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/request_token.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/request_token.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,56 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+
+// This is not exactly using FusionForge, as is not meant for humans, and just an endpoint of the OAuth protocol.
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+//require_once 'checks.php';
+
+/*if (!session_loggedin()) {
+ exit_not_logged_in();
+ }*/
+
+try {
+ $oauthprovider_server = new OAuthServer(FFDbOAuthDataStore::singleton());
+
+ $hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
+ $oauthprovider_server->add_signature_method($hmac_method);
+
+ // Retrieves a new request token for the calling consumer
+ $req = OAuthRequest::from_request();//print_r($req->get_parameters());exit;
+ $token = $oauthprovider_server->fetch_request_token($req);
+
+ // the default print method is exactly what must be returned
+ print $token;
+
+} catch (OAuthException $e) {
+ print("Exception on trying to get a request token: ".$e->getMessage() . "\n<hr />\n");
+ print("Exception on trying to get a request token: ".$e->getTraceAsString() . "\n<hr />\n");
+ print_r($req);
+ die();
+}
+
+?>
Added: trunk/src/plugins/oauthprovider/www/request_tokens.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/request_tokens.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/request_tokens.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,81 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+
+require_once 'checks.php';
+
+/*if($type!=admin)
+{
+ exit_error("Only the Project Admin can access this page.", 'oauthprovider');
+}*/
+
+$t_tokens = OauthAuthzRequestToken::load_all(user_getid());
+
+$headers = array(
+ $plugin_oauthprovider_consumer_name,
+ $plugin_oauthprovider_key,
+ $plugin_oauthprovider_secret,
+ $plugin_oauthprovider_authorized,
+ $plugin_oauthprovider_user,
+ $plugin_oauthprovider_time_stamp,
+ 'DELETE'
+ );
+
+echo $HTML->boxTop($plugin_oauthprovider_request_tokens);
+echo $HTML->boxBottom();
+echo $HTML->listTableTop($headers);
+
+$i=0;
+foreach( $t_tokens as $t_token ) {
+ $consumer = OauthAuthzConsumer::load($t_token->getConsumerId());
+ echo '<tr '.$HTML->boxGetAltRowStyle($i).'>';
+ echo '<td>'.util_make_link('/plugins/'.$pluginname.'/consumer_manage.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname.'&token_id=' . $t_token->getConsumerId(), $consumer->getName()).'</td>';
+ echo '<td>'.$t_token->key.'</td>';
+ echo '<td>'.$t_token->secret.'</td>';
+ echo '<td>'.$t_token->authorized.'</td>';
+ if($t_token->getUserId() > 0 ) {
+ $user_object =& user_get_object($t_token->getUserId());
+ $user = $user_object->getRealName().' ('.$user_object->getUnixName().')';
+ } else {
+ $user = "-";
+ }
+ echo '<td>'.$user.'</td>';
+ echo '<td>'.date(DATE_RFC822, $t_token->gettime_stamp()) .'</td>';
+ echo '<td>'.util_make_link('/plugins/'.$pluginname.'/token_delete.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname.'&token_id=' . $t_token->getId() . '&token_type=request' . '&plugin_oauthprovider_token_delete_token='.form_generate_key(), $plugin_oauthprovider_delete).'</td>';
+ echo '</tr>';
+ $i++;
+
+}
+
+echo $HTML->listTableBottom();
+
+//html_page_bottom1( __FILE__ );
+site_project_footer(array());
+
+
+
+
+
Added: trunk/src/plugins/oauthprovider/www/token_authorize.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/token_authorize.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/token_authorize.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,69 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+require_once 'checks.php';
+
+
+// invoked when the user decides to authorize a request token
+form_key_is_valid(getStringFromRequest('plugin_oauthprovider_token_authorize_token'));
+
+try {
+
+ $f_token_id = getStringFromPost( 'token_id' );
+ $f_callback_url = urldecode(getStringFromPost( 'callback_url' ));
+ $f_role_id = getStringFromPost( 'rolelist' );
+
+ // echo "token_id : $f_token_id \n";
+ // echo "callback_url: $f_callback_url \n";
+ $t_token = OauthAuthzRequestToken::load( $f_token_id );
+
+ if($t_token) {
+ $p_token = $t_token->key;
+ $consumer = OauthAuthzConsumer::load($t_token->getConsumerId());
+
+ // ask for confirmation
+ //helper_ensure_confirmed( sprintf( $plugin_oauthprovider_ensure_authorize, $consumer->getName() ), $plugin_oauthprovider_authorize_token );
+ //equivalent for fusionforge not found yet
+
+ $user_id = user_getid();
+ // echo "user : $user_id";
+
+ // mark as authorized by the user in the DB
+ $t_token->authorize($user_id, $f_role_id);
+
+ form_release_key(getStringFromRequest('plugin_oauthprovider_token_authorize_token'));
+
+ //echo "Redirect : $callback_url?oauth_token=$p_token \n";exit;
+ Header("Location: $f_callback_url?oauth_token=$p_token");
+ //session_redirect( $f_callback_url . "?oauthprovider_token=$p_token" );
+ }
+
+} catch (OAuthException $e) {
+
+ error_parameters($e->getMessage(), "OauthAuthz");
+ exit_error( "Error trying to authorise token!", 'oauthprovider' );
+
+}
Added: trunk/src/plugins/oauthprovider/www/token_delete.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/token_delete.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/token_delete.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,51 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+require_once 'checks.php';
+
+
+form_key_is_valid(getStringFromRequest('plugin_oauthprovider_token_delete_token'));
+
+//access_ensure_global_level( plugin_config_get( 'manage_threshold' ) ); // equivalent function to be added later for ff
+//session_require_global_perm('project_admin');
+
+$f_token_id = getStringFromGet( 'token_id' );
+$f_type = getStringFromGet( 'token_type' );
+
+if($f_type == 'access') {
+ $t_token = OauthAuthzAccessToken::load( $f_token_id );
+}
+else if ($f_type == 'request'){
+ $t_token = OauthAuthzRequestToken::load( $f_token_id );
+}
+
+//helper_ensure_confirmed( sprintf( $plugin_oauthprovider_ensure_token_delete, $t_token->key ), $plugin_oauthprovider_delete_token );
+//equivalent for fusionforge not found yet
+
+$t_token->delete();
+
+form_release_key(getStringFromRequest('plugin_oauthprovider_token_delete_token'));
+session_redirect( '/plugins/'.$pluginname.'/'. $f_type.'_tokens.php?type='.$type.'&id='.$id.'&pluginname='.$pluginname);
Added: trunk/src/plugins/oauthprovider/www/token_deny.php
===================================================================
--- trunk/src/plugins/oauthprovider/www/token_deny.php (rev 0)
+++ trunk/src/plugins/oauthprovider/www/token_deny.php 2011-03-11 09:32:45 UTC (rev 12674)
@@ -0,0 +1,67 @@
+<?php
+
+/**
+ * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License
+ * as published by the Free Software Foundation; either version 2
+ * of the License, or (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ *
+ * This program has been developed in the frame of the COCLICO
+ * project with financial support of its funders.
+ *
+ */
+
+
+require_once('../../env.inc.php');
+require_once $gfwww.'include/pre.php';
+
+require_once 'checks.php';
+
+// deletes a request token if the users refuses to authorize it for a consumer
+form_key_is_valid(getStringFromRequest('plugin_oauthprovider_token_deny_token'));
+
+try {
+
+ $f_token_id = getStringFromPost( 'token_id' );
+
+ // echo "token_id : $f_token_id \n";
+
+ $t_token = OauthAuthzRequestToken::load( $f_token_id );
+
+ if($t_token) {
+ $consumer = OauthAuthzConsumer::load($t_token->getConsumerId());
+
+ // ask for confirmation
+ // helper_ensure_confirmed( sprintf( $plugin_oauthprovider_ensure_authorize, $consumer->getName() ), $plugin_oauthprovider_authorize_token );
+
+ $t_token->delete();
+
+ ?>
+
+<h2><?php echo $plugin_oauthprovider_authorization_denied ?></h2>
+
+<p><?php echo sprintf( $plugin_oauthprovider_denied_consumer_authorization, $consumer->getName() )?></p>
+
+<?php
+
+ form_release_key(getStringFromRequest('plugin_oauthprovider_token_deny_token'));
+
+ }
+
+} catch (OAuthException $e) {
+
+ error_parameters($e->getMessage(), "OauthAuthz");
+ exit_error( "Error trying to deny/delete token!", 'oauthprovider' );
+
+}
More information about the Fusionforge-commits
mailing list