summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAaron Parecki <aaron@parecki.com>2017-02-09 21:45:04 -0800
committerAaron Parecki <aaron@parecki.com>2017-02-09 21:45:04 -0800
commiteab1a65f63f227bae126a554e3bf93aa05c70695 (patch)
tree0cabb48f96585b3db60ffc7e21c25e3ceb0c87cd
parent1894da9452edaf1f2b3de5a6a969d60844645a23 (diff)
provide option for choosing the scope to request
update to "create" scope by default, but allow the user to choose "post" as a fallback. also updates indieauth/client to 0.2 for json support.
-rw-r--r--composer.json5
-rw-r--r--composer.lock79
-rw-r--r--controllers/auth.php32
-rw-r--r--views/auth_start.php14
4 files changed, 64 insertions, 66 deletions
diff --git a/composer.json b/composer.json
index 6a6448d..7c3336c 100644
--- a/composer.json
+++ b/composer.json
@@ -3,10 +3,9 @@
"slim/slim": "2.2.*",
"saltybeagle/savant3": "dev-master",
"j4mie/idiorm": "1.4.*",
- "mf2/mf2": "0.2.*",
- "indieweb/mention-client": "0.*",
+ "mf2/mf2": "0.3.*",
"indieweb/date-formatter": "0.1.*",
- "indieauth/client": ">=0.1.11",
+ "indieauth/client": ">=0.2.0",
"mpratt/relativetime": ">=1.0",
"firebase/php-jwt": "2.*",
"abraham/twitteroauth": "*",
diff --git a/composer.lock b/composer.lock
index 891f3ed..a9244b4 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
- "content-hash": "05f646a93f2c1204dddd80c4670dcf15",
+ "content-hash": "b7a5b281de45ad549d11a38464bdfb24",
"packages": [
{
"name": "abraham/twitteroauth",
@@ -278,22 +278,22 @@
},
{
"name": "indieauth/client",
- "version": "0.1.13",
+ "version": "0.2.0",
"source": {
"type": "git",
"url": "https://github.com/indieweb/indieauth-client-php.git",
- "reference": "d438bb03db15b4ccc6c63228be16de7870b6ab99"
+ "reference": "4b9bd766a92b8abbe420f5889bf7ebac7678151d"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/d438bb03db15b4ccc6c63228be16de7870b6ab99",
- "reference": "d438bb03db15b4ccc6c63228be16de7870b6ab99",
+ "url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/4b9bd766a92b8abbe420f5889bf7ebac7678151d",
+ "reference": "4b9bd766a92b8abbe420f5889bf7ebac7678151d",
"shasum": ""
},
"require": {
"barnabywalters/mf-cleaner": "0.*",
- "indieweb/link-rel-parser": "0.1.1",
- "mf2/mf2": "0.2.*",
+ "indieweb/link-rel-parser": "0.1.*",
+ "mf2/mf2": "~0.3",
"php": ">5.3.0"
},
"type": "library",
@@ -313,7 +313,7 @@
}
],
"description": "IndieAuth Client Library",
- "time": "2016-02-08T23:56:31+00:00"
+ "time": "2017-02-09T23:42:05+00:00"
},
{
"name": "indieweb/date-formatter",
@@ -360,16 +360,16 @@
},
{
"name": "indieweb/link-rel-parser",
- "version": "0.1.1",
+ "version": "0.1.3",
"source": {
"type": "git",
"url": "https://github.com/indieweb/link-rel-parser-php.git",
- "reference": "9e0e635fd301a8b1da7bc181f651f029c531dbb6"
+ "reference": "295420e4f16d9a9d262a3c25a7a583794428f055"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/indieweb/link-rel-parser-php/zipball/9e0e635fd301a8b1da7bc181f651f029c531dbb6",
- "reference": "9e0e635fd301a8b1da7bc181f651f029c531dbb6",
+ "url": "https://api.github.com/repos/indieweb/link-rel-parser-php/zipball/295420e4f16d9a9d262a3c25a7a583794428f055",
+ "reference": "295420e4f16d9a9d262a3c25a7a583794428f055",
"shasum": ""
},
"require": {
@@ -402,46 +402,7 @@
"indieweb",
"microformats2"
],
- "time": "2013-12-23T00:14:58+00:00"
- },
- {
- "name": "indieweb/mention-client",
- "version": "0.4.7",
- "source": {
- "type": "git",
- "url": "https://github.com/indieweb/mention-client-php.git",
- "reference": "15271f4988c7bf661896fad188fdf0bf91877a7f"
- },
- "dist": {
- "type": "zip",
- "url": "https://api.github.com/repos/indieweb/mention-client-php/zipball/15271f4988c7bf661896fad188fdf0bf91877a7f",
- "reference": "15271f4988c7bf661896fad188fdf0bf91877a7f",
- "shasum": ""
- },
- "require": {
- "mf2/mf2": "0.2.*",
- "php": ">=5.3"
- },
- "type": "library",
- "autoload": {
- "psr-0": {
- "IndieWeb": "src/"
- }
- },
- "notification-url": "https://packagist.org/downloads/",
- "license": [
- "Apache-2.0"
- ],
- "authors": [
- {
- "name": "Aaron Parecki",
- "email": "aaron@parecki.com",
- "homepage": "http://aaronparecki.com/"
- }
- ],
- "description": "Client library for sending webmention and pingback notifications",
- "homepage": "https://github.com/indieweb/mention-client-php",
- "time": "2015-04-03T11:21:06+00:00"
+ "time": "2017-01-11T17:14:49+00:00"
},
{
"name": "j4mie/idiorm",
@@ -503,20 +464,20 @@
},
{
"name": "mf2/mf2",
- "version": "v0.2.12",
+ "version": "v0.3.0",
"source": {
"type": "git",
"url": "https://github.com/indieweb/php-mf2.git",
- "reference": "6701504876d6c9242eb310b35f41d40d9785ab4e"
+ "reference": "4fb2eb5365cbc0fd2e0c26ca748777d6c2539763"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/indieweb/php-mf2/zipball/6701504876d6c9242eb310b35f41d40d9785ab4e",
- "reference": "6701504876d6c9242eb310b35f41d40d9785ab4e",
+ "url": "https://api.github.com/repos/indieweb/php-mf2/zipball/4fb2eb5365cbc0fd2e0c26ca748777d6c2539763",
+ "reference": "4fb2eb5365cbc0fd2e0c26ca748777d6c2539763",
"shasum": ""
},
"require": {
- "php": ">=5.3.0"
+ "php": ">=5.4.0"
},
"require-dev": {
"phpunit/phpunit": "3.7.*"
@@ -536,7 +497,7 @@
},
"notification-url": "https://packagist.org/downloads/",
"license": [
- "MIT"
+ "CC0"
],
"authors": [
{
@@ -552,7 +513,7 @@
"parser",
"semantic"
],
- "time": "2015-07-12T14:10:01+00:00"
+ "time": "2016-03-14T12:13:34+00:00"
},
{
"name": "mpratt/relativetime",
diff --git a/controllers/auth.php b/controllers/auth.php
index baf5c2f..15ecd61 100644
--- a/controllers/auth.php
+++ b/controllers/auth.php
@@ -33,13 +33,14 @@ $app->get('/auth/start', function() use($app) {
$tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me);
$micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me);
+ $defaultScope = 'create';
+
if($tokenEndpoint && $micropubEndpoint && $authorizationEndpoint) {
// Generate a "state" parameter for the request
$state = IndieAuth\Client::generateStateParameter();
$_SESSION['auth_state'] = $state;
- $scope = 'post';
- $authorizationURL = IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, buildRedirectURI(), Config::$base_url, $state, $scope);
+ $authorizationURL = IndieAuth\Client::buildAuthorizationURL($authorizationEndpoint, $me, buildRedirectURI(), Config::$base_url, $state, $defaultScope);
} else {
$authorizationURL = false;
}
@@ -62,6 +63,11 @@ $app->get('/auth/start', function() use($app) {
$user->token_endpoint = $tokenEndpoint;
$user->save();
+ // Request whatever scope was previously granted
+ $authorizationURL = parse_url($authorizationURL);
+ $authorizationURL['scope'] = $user->micropub_scope;
+ $authorizationURL = http_build_url($authorizationURL);
+
$app->redirect($authorizationURL, 302);
} else {
@@ -77,6 +83,11 @@ $app->get('/auth/start', function() use($app) {
$user->save();
if(k($params, 'dontask') && $params['dontask']) {
+ // Request whatever scope was previously granted
+ $authorizationURL = parse_url($authorizationURL);
+ $authorizationURL['scope'] = $user->micropub_scope ?: $defaultScope;
+ $authorizationURL = http_build_url($authorizationURL);
+
$_SESSION['dontask'] = 1;
$app->redirect($authorizationURL, 302);
}
@@ -95,6 +106,23 @@ $app->get('/auth/start', function() use($app) {
}
});
+$app->get('/auth/redirect', function() use($app) {
+ $req = $app->request();
+ $params = $req->params();
+
+ if(!isset($params['scope']))
+ $params['scope'] = '';
+
+ $authorizationURL = parse_url($params['authorization_url']);
+ parse_str($authorizationURL['query'], $query);
+ $query['scope'] = $params['scope'];
+ $authorizationURL['query'] = http_build_query($query);
+ $authorizationURL = http_build_url($authorizationURL);
+
+ $app->redirect($authorizationURL);
+ return;
+});
+
$app->get('/auth/callback', function() use($app) {
$req = $app->request();
$params = $req->params();
diff --git a/views/auth_start.php b/views/auth_start.php
index 93f45e3..1fe0cdb 100644
--- a/views/auth_start.php
+++ b/views/auth_start.php
@@ -53,8 +53,18 @@
<p>Clicking the button below will take you to <strong>your</strong> authorization server which is where you will allow this app to be able to post to your site.</p>
- <a href="<?= $this->authorizationURL ?>" class="btn btn-primary">Authorize</a>
+ <form action="/auth/redirect" method="get">
+ <p>Choose the scope to request:</p>
+ <ul style="list-style-type: none;">
+ <li><input type="radio" name="scope" value="create" checked="checked"> create</li>
+ <li><input type="radio" name="scope" value="post"> post (legacy)</li>
+ </ul>
+
+ <button class="btn btn-primary" type="submit" id="auth-submit">Authorize</button>
+
+ <input type="hidden" name="authorization_url" value="<?= $this->authorizationURL ?>">
+ </form>
<?php endif; ?>
-</div> \ No newline at end of file
+</div>