summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--composer.json7
-rw-r--r--composer.lock394
-rw-r--r--controllers/auth.php46
-rw-r--r--controllers/controllers.php8
-rw-r--r--controllers/static.php8
-rw-r--r--public/css/style.css6
-rw-r--r--views/auth_callback.php16
-rw-r--r--views/auth_start.php52
8 files changed, 430 insertions, 107 deletions
diff --git a/composer.json b/composer.json
index 4be0552..3797d3d 100644
--- a/composer.json
+++ b/composer.json
@@ -3,9 +3,9 @@
"slim/slim": "2.2.*",
"saltybeagle/savant3": "dev-master",
"j4mie/idiorm": "1.4.*",
- "mf2/mf2": "^0.3.2",
+ "mf2/mf2": "^0.4",
"indieweb/date-formatter": "0.3.*",
- "indieauth/client": ">=0.2.0",
+ "indieauth/client": ">=0.4.0",
"mpratt/relativetime": ">=1.0",
"firebase/php-jwt": "2.*",
"abraham/twitteroauth": "*",
@@ -15,7 +15,8 @@
"tantek/cassis": "*",
"p3k/timezone": "*",
"gajus/dindent": "^2.0",
- "p3k/xray": "^1.3"
+ "p3k/xray": ">=1.6.5",
+ "p3k/utils": "^1.2"
},
"autoload": {
"files": [
diff --git a/composer.lock b/composer.lock
index b039686..60025aa 100644
--- a/composer.lock
+++ b/composer.lock
@@ -4,7 +4,7 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file",
"This file is @generated automatically"
],
- "content-hash": "26d324e17ac5eeecdeaae4ff4e279213",
+ "content-hash": "ba9a9e78ffbc647f0609e84b08957ee1",
"packages": [
{
"name": "abraham/twitteroauth",
@@ -247,16 +247,16 @@
},
{
"name": "ezyang/htmlpurifier",
- "version": "v4.9.3",
+ "version": "v4.10.0",
"source": {
"type": "git",
"url": "https://github.com/ezyang/htmlpurifier.git",
- "reference": "95e1bae3182efc0f3422896a3236e991049dac69"
+ "reference": "d85d39da4576a6934b72480be6978fb10c860021"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/95e1bae3182efc0f3422896a3236e991049dac69",
- "reference": "95e1bae3182efc0f3422896a3236e991049dac69",
+ "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/d85d39da4576a6934b72480be6978fb10c860021",
+ "reference": "d85d39da4576a6934b72480be6978fb10c860021",
"shasum": ""
},
"require": {
@@ -290,7 +290,65 @@
"keywords": [
"html"
],
- "time": "2017-06-03T02:28:16+00:00"
+ "time": "2018-02-23T01:58:20+00:00"
+ },
+ {
+ "name": "facebook/graph-sdk",
+ "version": "5.6.3",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/facebook/php-graph-sdk.git",
+ "reference": "90e92bd1816fe718e55184ab85910dfcf488432c"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/facebook/php-graph-sdk/zipball/90e92bd1816fe718e55184ab85910dfcf488432c",
+ "reference": "90e92bd1816fe718e55184ab85910dfcf488432c",
+ "shasum": ""
+ },
+ "require": {
+ "php": "^5.4|^7.0"
+ },
+ "require-dev": {
+ "guzzlehttp/guzzle": "~5.0",
+ "mockery/mockery": "~0.8",
+ "phpunit/phpunit": "~4.0"
+ },
+ "suggest": {
+ "guzzlehttp/guzzle": "Allows for implementation of the Guzzle HTTP client",
+ "paragonie/random_compat": "Provides a better CSPRNG option in PHP 5"
+ },
+ "type": "library",
+ "extra": {
+ "branch-alias": {
+ "dev-master": "5.x-dev"
+ }
+ },
+ "autoload": {
+ "psr-4": {
+ "Facebook\\": "src/Facebook/"
+ },
+ "files": [
+ "src/Facebook/polyfills.php"
+ ]
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "Facebook Platform"
+ ],
+ "authors": [
+ {
+ "name": "Facebook",
+ "homepage": "https://github.com/facebook/php-graph-sdk/contributors"
+ }
+ ],
+ "description": "Facebook SDK for PHP",
+ "homepage": "https://github.com/facebook/php-graph-sdk",
+ "keywords": [
+ "facebook",
+ "sdk"
+ ],
+ "time": "2018-07-03T02:25:00+00:00"
},
{
"name": "firebase/php-jwt",
@@ -383,24 +441,27 @@
},
{
"name": "indieauth/client",
- "version": "0.2.2",
+ "version": "0.4.1",
"source": {
"type": "git",
"url": "https://github.com/indieweb/indieauth-client-php.git",
- "reference": "225ece31ddafaee3348eabdc915422c457498a84"
+ "reference": "3e47004ccfccddc5760639f4faf9ed5ceadb460e"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/225ece31ddafaee3348eabdc915422c457498a84",
- "reference": "225ece31ddafaee3348eabdc915422c457498a84",
+ "url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/3e47004ccfccddc5760639f4faf9ed5ceadb460e",
+ "reference": "3e47004ccfccddc5760639f4faf9ed5ceadb460e",
"shasum": ""
},
"require": {
- "barnabywalters/mf-cleaner": "0.*",
- "indieweb/link-rel-parser": "0.1.*",
- "mf2/mf2": "~0.3",
+ "indieweb/representative-h-card": "^0.1.2",
+ "mf2/mf2": ">=0.3.2",
+ "p3k/http": ">=0.1.6",
"php": ">5.3.0"
},
+ "require-dev": {
+ "phpunit/phpunit": "4.8.*"
+ },
"type": "library",
"autoload": {
"psr-0": {
@@ -409,16 +470,16 @@
},
"notification-url": "https://packagist.org/downloads/",
"license": [
- "Apache 2.0"
+ "Apache-2.0"
],
"authors": [
{
"name": "Aaron Parecki",
- "homepage": "http://aaronparecki.com"
+ "homepage": "https://aaronparecki.com"
}
],
"description": "IndieAuth Client Library",
- "time": "2017-07-01T15:43:45+00:00"
+ "time": "2018-03-13T23:39:55+00:00"
},
{
"name": "indieweb/date-formatter",
@@ -514,6 +575,51 @@
"time": "2017-01-11T17:14:49+00:00"
},
{
+ "name": "indieweb/representative-h-card",
+ "version": "0.1.2",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/indieweb/representative-h-card-php.git",
+ "reference": "b70b01bd0dd7f2a940602137335dbf46ab6e2e38"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/indieweb/representative-h-card-php/zipball/b70b01bd0dd7f2a940602137335dbf46ab6e2e38",
+ "reference": "b70b01bd0dd7f2a940602137335dbf46ab6e2e38",
+ "shasum": ""
+ },
+ "require": {
+ "php": ">=5.4"
+ },
+ "require-dev": {
+ "mf2/mf2": "0.2.*",
+ "phpunit/phpunit": "*"
+ },
+ "type": "library",
+ "autoload": {
+ "files": [
+ "src/mf2/representative-h-card.php"
+ ]
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "Apache-2.0"
+ ],
+ "authors": [
+ {
+ "name": "Aaron Parecki",
+ "homepage": "http://aaronparecki.com"
+ }
+ ],
+ "keywords": [
+ "h-card",
+ "indieweb",
+ "mf2",
+ "microformats"
+ ],
+ "time": "2015-12-23T18:11:19+00:00"
+ },
+ {
"name": "j4mie/idiorm",
"version": "v1.4.1",
"source": {
@@ -572,17 +678,82 @@
"time": "2013-12-12T10:25:27+00:00"
},
{
+ "name": "masterminds/html5",
+ "version": "2.3.0",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/Masterminds/html5-php.git",
+ "reference": "2c37c6c520b995b761674de3be8455a381679067"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/Masterminds/html5-php/zipball/2c37c6c520b995b761674de3be8455a381679067",
+ "reference": "2c37c6c520b995b761674de3be8455a381679067",
+ "shasum": ""
+ },
+ "require": {
+ "ext-libxml": "*",
+ "php": ">=5.3.0"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "4.*",
+ "sami/sami": "~2.0",
+ "satooshi/php-coveralls": "1.0.*"
+ },
+ "type": "library",
+ "extra": {
+ "branch-alias": {
+ "dev-master": "2.2-dev"
+ }
+ },
+ "autoload": {
+ "psr-4": {
+ "Masterminds\\": "src"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Matt Butcher",
+ "email": "technosophos@gmail.com"
+ },
+ {
+ "name": "Asmir Mustafic",
+ "email": "goetas@gmail.com"
+ },
+ {
+ "name": "Matt Farina",
+ "email": "matt@mattfarina.com"
+ }
+ ],
+ "description": "An HTML5 parser and serializer.",
+ "homepage": "http://masterminds.github.io/html5-php",
+ "keywords": [
+ "HTML5",
+ "dom",
+ "html",
+ "parser",
+ "querypath",
+ "serializer",
+ "xml"
+ ],
+ "time": "2017-09-04T12:26:28+00:00"
+ },
+ {
"name": "mf2/mf2",
- "version": "v0.3.2",
+ "version": "v0.4.4",
"source": {
"type": "git",
"url": "https://github.com/indieweb/php-mf2.git",
- "reference": "dc0d90d4ee30864bcf37cd3a8fc8db94f9134cc4"
+ "reference": "463351e3a3620663cfa335849ce904da39ef1314"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/indieweb/php-mf2/zipball/dc0d90d4ee30864bcf37cd3a8fc8db94f9134cc4",
- "reference": "dc0d90d4ee30864bcf37cd3a8fc8db94f9134cc4",
+ "url": "https://api.github.com/repos/indieweb/php-mf2/zipball/463351e3a3620663cfa335849ce904da39ef1314",
+ "reference": "463351e3a3620663cfa335849ce904da39ef1314",
"shasum": ""
},
"require": {
@@ -594,7 +765,8 @@
"phpunit/phpunit": "4.8.*"
},
"suggest": {
- "barnabywalters/mf-cleaner": "To more easily handle the canonical data php-mf2 gives you"
+ "barnabywalters/mf-cleaner": "To more easily handle the canonical data php-mf2 gives you",
+ "masterminds/html5": "Alternative HTML parser for PHP, for better HTML5 support."
},
"bin": [
"bin/fetch-mf2",
@@ -608,7 +780,7 @@
},
"notification-url": "https://packagist.org/downloads/",
"license": [
- "CC0"
+ "CC0-1.0"
],
"authors": [
{
@@ -624,7 +796,7 @@
"parser",
"semantic"
],
- "time": "2017-05-27T15:27:47+00:00"
+ "time": "2018-08-01T20:02:45+00:00"
},
{
"name": "mpratt/relativetime",
@@ -676,21 +848,21 @@
},
{
"name": "p3k/http",
- "version": "0.1.5",
+ "version": "0.1.7",
"source": {
"type": "git",
"url": "https://github.com/aaronpk/p3k-http.git",
- "reference": "3740fe135e6d58457d7528e7c05a67b68e020a79"
+ "reference": "1826647c4902a18dea5ec532f21509ba4d51210b"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/aaronpk/p3k-http/zipball/3740fe135e6d58457d7528e7c05a67b68e020a79",
- "reference": "3740fe135e6d58457d7528e7c05a67b68e020a79",
+ "url": "https://api.github.com/repos/aaronpk/p3k-http/zipball/1826647c4902a18dea5ec532f21509ba4d51210b",
+ "reference": "1826647c4902a18dea5ec532f21509ba4d51210b",
"shasum": ""
},
"require": {
"indieweb/link-rel-parser": "0.1.*",
- "mf2/mf2": "0.3.*"
+ "mf2/mf2": ">=0.3.2"
},
"type": "library",
"autoload": {
@@ -710,7 +882,7 @@
],
"description": "A simple wrapper API around the PHP curl functions",
"homepage": "https://github.com/aaronpk/p3k-http",
- "time": "2017-04-29T17:43:29+00:00"
+ "time": "2018-03-04T15:21:58+00:00"
},
{
"name": "p3k/multipart",
@@ -749,6 +921,59 @@
"time": "2016-12-28T14:50:41+00:00"
},
{
+ "name": "p3k/picofeed",
+ "version": "v0.1.38",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/aaronpk/picoFeed.git",
+ "reference": "989c0bcf2eac016a4104abce1aadff791fc287ab"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/aaronpk/picoFeed/zipball/989c0bcf2eac016a4104abce1aadff791fc287ab",
+ "reference": "989c0bcf2eac016a4104abce1aadff791fc287ab",
+ "shasum": ""
+ },
+ "require": {
+ "ext-dom": "*",
+ "ext-iconv": "*",
+ "ext-libxml": "*",
+ "ext-simplexml": "*",
+ "ext-xml": "*",
+ "php": ">=5.3.0",
+ "zendframework/zendxml": "^1.0"
+ },
+ "require-dev": {
+ "phpdocumentor/reflection-docblock": "2.0.4",
+ "phpunit/phpunit": "4.8.26",
+ "symfony/yaml": "2.8.7"
+ },
+ "suggest": {
+ "ext-curl": "PicoFeed will use cURL if present"
+ },
+ "bin": [
+ "picofeed"
+ ],
+ "type": "library",
+ "autoload": {
+ "psr-0": {
+ "PicoFeed": "lib/"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Frédéric Guillot"
+ }
+ ],
+ "description": "Modern library to handle RSS/Atom feeds",
+ "homepage": "https://github.com/miniflux/picoFeed",
+ "time": "2017-11-30T00:16:58+00:00"
+ },
+ {
"name": "p3k/timezone",
"version": "0.1.0",
"source": {
@@ -791,26 +1016,75 @@
"time": "2017-01-12T17:30:08+00:00"
},
{
+ "name": "p3k/utils",
+ "version": "1.2.0",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/aaronpk/p3k-utils.git",
+ "reference": "ecd0ba1afca8e586f09792f7be5052e142d3cbde"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/aaronpk/p3k-utils/zipball/ecd0ba1afca8e586f09792f7be5052e142d3cbde",
+ "reference": "ecd0ba1afca8e586f09792f7be5052e142d3cbde",
+ "shasum": ""
+ },
+ "require": {
+ "php": ">=5.5"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^4.8.13",
+ "predis/predis": "1.1.*"
+ },
+ "type": "library",
+ "autoload": {
+ "files": [
+ "src/global.php",
+ "src/url.php",
+ "src/utils.php",
+ "src/date.php",
+ "src/cache.php",
+ "src/geo.php"
+ ]
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "MIT"
+ ],
+ "authors": [
+ {
+ "name": "Aaron Parecki",
+ "homepage": "https://aaronparecki.com"
+ }
+ ],
+ "description": "Some helpful functions used by https://p3k.io projects",
+ "homepage": "https://github.com/aaronpk/p3k-utils",
+ "time": "2018-03-28T13:44:56+00:00"
+ },
+ {
"name": "p3k/xray",
- "version": "v1.3.1",
+ "version": "v1.6.5",
"source": {
"type": "git",
"url": "https://github.com/aaronpk/XRay.git",
- "reference": "a37ed3bbaeec5ddb51d6a6ae285c5ab608d31978"
+ "reference": "fcbbbf219dcd89cf9322973a2b12b8392cafc33b"
},
"dist": {
"type": "zip",
- "url": "https://api.github.com/repos/aaronpk/XRay/zipball/a37ed3bbaeec5ddb51d6a6ae285c5ab608d31978",
- "reference": "a37ed3bbaeec5ddb51d6a6ae285c5ab608d31978",
+ "url": "https://api.github.com/repos/aaronpk/XRay/zipball/fcbbbf219dcd89cf9322973a2b12b8392cafc33b",
+ "reference": "fcbbbf219dcd89cf9322973a2b12b8392cafc33b",
"shasum": ""
},
"require": {
"cebe/markdown": "1.1.*",
"dg/twitter-php": "3.6.*",
- "ezyang/htmlpurifier": "4.*",
+ "ezyang/htmlpurifier": "4.10.*",
+ "facebook/graph-sdk": "^5.5",
"indieweb/link-rel-parser": "0.1.*",
- "mf2/mf2": "^0.3.2",
- "p3k/http": "0.1.*",
+ "masterminds/html5": "^2.3",
+ "mf2/mf2": "^0.4",
+ "p3k/http": ">=0.1.7",
+ "p3k/picofeed": ">=0.1.38",
"p3k/timezone": "*"
},
"require-dev": {
@@ -834,7 +1108,7 @@
],
"description": "X-Ray returns structured data from any URL",
"homepage": "https://github.com/aaronpk/XRay",
- "time": "2017-09-22T19:35:08+00:00"
+ "time": "2018-08-01T20:25:25+00:00"
},
{
"name": "saltybeagle/savant3",
@@ -936,6 +1210,52 @@
},
"notification-url": "https://packagist.org/downloads/",
"time": "2016-04-04T15:31:04+00:00"
+ },
+ {
+ "name": "zendframework/zendxml",
+ "version": "1.1.0",
+ "source": {
+ "type": "git",
+ "url": "https://github.com/zendframework/ZendXml.git",
+ "reference": "267db6a2c431a08a8f8ff0f1f4c302a5ba6f5b99"
+ },
+ "dist": {
+ "type": "zip",
+ "url": "https://api.github.com/repos/zendframework/ZendXml/zipball/267db6a2c431a08a8f8ff0f1f4c302a5ba6f5b99",
+ "reference": "267db6a2c431a08a8f8ff0f1f4c302a5ba6f5b99",
+ "shasum": ""
+ },
+ "require": {
+ "php": "^5.6 || ^7.0"
+ },
+ "require-dev": {
+ "phpunit/phpunit": "^5.7.27 || ^6.5.8 || ^7.1.4",
+ "zendframework/zend-coding-standard": "~1.0.0"
+ },
+ "type": "library",
+ "extra": {
+ "branch-alias": {
+ "dev-master": "1.1.x-dev",
+ "dev-develop": "1.2.x-dev"
+ }
+ },
+ "autoload": {
+ "psr-4": {
+ "ZendXml\\": "src/"
+ }
+ },
+ "notification-url": "https://packagist.org/downloads/",
+ "license": [
+ "BSD-3-Clause"
+ ],
+ "description": "Utility library for XML usage, best practices, and security in PHP",
+ "keywords": [
+ "ZendFramework",
+ "security",
+ "xml",
+ "zf"
+ ],
+ "time": "2018-04-30T15:11:04+00:00"
}
],
"packages-dev": [],
diff --git a/controllers/auth.php b/controllers/auth.php
index e6a2d24..d812956 100644
--- a/controllers/auth.php
+++ b/controllers/auth.php
@@ -31,9 +31,11 @@ $app->get('/auth/start', function() use($app) {
$_SESSION['attempted_me'] = $me;
- $authorizationEndpoint = IndieAuth\Client::discoverAuthorizationEndpoint($me);
- $tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me);
- $micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me);
+ $_SESSION['indieauth'] = [
+ 'authorization_endpoint' => ($authorizationEndpoint=IndieAuth\Client::discoverAuthorizationEndpoint($me)),
+ 'token_endpoint' => ($tokenEndpoint=IndieAuth\Client::discoverTokenEndpoint($me)),
+ 'micropub_endpoint' => ($micropubEndpoint=IndieAuth\Client::discoverMicropubEndpoint($me)),
+ ];
$defaultScope = 'create update media';
@@ -74,16 +76,6 @@ $app->get('/auth/start', function() use($app) {
} else {
- if(!$user)
- $user = ORM::for_table('users')->create();
- $user->url = $me;
- $user->date_created = date('Y-m-d H:i:s');
- $user->micropub_endpoint = $micropubEndpoint;
- $user->authorization_endpoint = $authorizationEndpoint;
- $user->token_endpoint = $tokenEndpoint;
- $user->micropub_access_token = ''; // blank out the access token if they attempt to sign in again
- $user->save();
-
if(k($params, 'dontask') && $params['dontask']) {
// Request whatever scope was previously granted
$authorizationURL = parse_url($authorizationURL);
@@ -131,7 +123,12 @@ $app->get('/auth/callback', function() use($app) {
// If there is no state in the session, start the login again
if(!array_key_exists('auth_state', $_SESSION)) {
- $app->redirect('/?error=missing_session_state');
+ $html = render('auth_error', array(
+ 'title' => 'Auth Callback',
+ 'error' => 'Missing session state',
+ 'errorDescription' => 'Something went wrong, please try signing in again, and make sure cookies are enabled for this domain.'
+ ));
+ $app->response()->body($html);
return;
}
@@ -182,12 +179,11 @@ $app->get('/auth/callback', function() use($app) {
// An authorization code is in the query string, and we want to exchange that for an access token at the token endpoint.
// Discover the endpoints
- $micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me);
- $tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me);
+ $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint'];
+ $tokenEndpoint = $_SESSION['indieauth']['token_endpoint'];
if($tokenEndpoint) {
- $token = IndieAuth\Client::getAccessToken($tokenEndpoint, $params['code'], $me, buildRedirectURI(), Config::$base_url, k($params,'state'), true);
-
+ $token = IndieAuth\Client::getAccessToken($tokenEndpoint, $params['code'], $me, buildRedirectURI(), Config::$base_url, true);
} else {
$token = array('auth'=>false, 'response'=>false);
}
@@ -197,11 +193,11 @@ $app->get('/auth/callback', function() use($app) {
// If a valid access token was returned, store the token info in the session and they are signed in
if(k($token['auth'], array('me','access_token','scope'))) {
// Double check that the domain of the returned "me" matches the expected
- if(parse_url($token['auth']['me'], PHP_URL_HOST) != parse_url($me, PHP_URL_HOST)) {
+ if(!\p3k\url\host_matches($token['auth']['me'], $me)) {
$html = render('auth_error', [
'title' => 'Error Signing In',
'error' => 'Invalid user',
- 'errorDescription' => 'The user URL that was returned in the access token did not match the domain of the user signing in.'
+ 'errorDescription' => 'The user URL that was returned from the token endpoint (<code>'.$token['auth']['me'].'</code>) did not match the domain of the user signing in (<code>'.$me.'</code>).'
]);
$app->response()->body($html);
return;
@@ -223,6 +219,8 @@ $app->get('/auth/callback', function() use($app) {
$user->url = $me;
$user->date_created = date('Y-m-d H:i:s');
}
+ $user->authorization_endpoint = $_SESSION['indieauth']['authorization_endpoint'];
+ $user->token_endpoint = $tokenEndpoint;
$user->micropub_endpoint = $micropubEndpoint;
$user->micropub_access_token = $token['auth']['access_token'];
$user->micropub_scope = $token['auth']['scope'];
@@ -237,6 +235,7 @@ $app->get('/auth/callback', function() use($app) {
unset($_SESSION['auth_state']);
unset($_SESSION['attempted_me']);
+ unset($_SESSION['indieauth']);
if($redirectToDashboardImmediately || k($_SESSION, 'dontask')) {
unset($_SESSION['dontask']);
@@ -253,6 +252,11 @@ $app->get('/auth/callback', function() use($app) {
$app->redirect('/new?' . http_build_query($query), 302);
}
} else {
+ $tokenResponse = $token['response'];
+ $parsed = @json_decode($tokenResponse);
+ if($parsed)
+ $tokenResponse = json_encode($parsed, JSON_PRETTY_PRINT+JSON_UNESCAPED_SLASHES);
+
$html = render('auth_callback', array(
'title' => 'Sign In',
'me' => $me,
@@ -260,7 +264,7 @@ $app->get('/auth/callback', function() use($app) {
'meParts' => parse_url($me),
'tokenEndpoint' => $tokenEndpoint,
'auth' => $token['auth'],
- 'response' => $token['response'],
+ 'response' => $tokenResponse,
'curl_error' => (array_key_exists('error', $token) ? $token['error'] : false),
'destination' => (k($_SESSION, 'redirect_after_login') ?: '/new')
));
diff --git a/controllers/controllers.php b/controllers/controllers.php
index 237c4bb..cc74674 100644
--- a/controllers/controllers.php
+++ b/controllers/controllers.php
@@ -724,7 +724,7 @@ $app->get('/code', function() use($app) {
'nginx' => ['conf'],
'apache' => [],
'text' => ['txt'],
- ];
+ ];
ksort($languages);
$language_map = [];
foreach($languages as $lang=>$exts) {
@@ -989,18 +989,18 @@ $app->get('/edit', function() use($app) {
'error' => 'There was a problem!',
'error_description' => $error
]);
- return;
+ return;
}
// Until all interfaces are complete, show an error here for unsupported ones
- if(!in_array($url, ['/favorite','/repost'])) {
+ if(!in_array($url, ['/favorite','/repost','/code'])) {
render('edit/error', [
'title' => 'Not Yet Supported',
'summary' => '',
'error' => 'Not Yet Supported',
'error_description' => 'Editing is not yet supported for this type of post.'
]);
- return;
+ return;
}
$app->redirect($url . '?edit=' . $params['url'], 302);
diff --git a/controllers/static.php b/controllers/static.php
index 9822d6b..8c4425d 100644
--- a/controllers/static.php
+++ b/controllers/static.php
@@ -11,7 +11,7 @@ function doc_pages($page=null) {
'syndication' => 'Syndication',
'post-status' => 'Post Status',
];
- if($page == null)
+ if($page == null)
return $pages;
else
return $pages[$page];
@@ -28,7 +28,7 @@ $app->get('/', function($format='html') use($app) {
render('index', array(
'title' => 'Quill',
'meta' => '',
- 'authorizing' => false
+ 'authorizing' => false,
));
});
@@ -42,7 +42,7 @@ $app->get('/creating-a-micropub-endpoint', function() use($app) {
$app->get('/docs', function() use($app) {
render('docs/index', array(
- 'title' => 'Documentation',
+ 'title' => 'Documentation',
'authorizing' => false,
'pages' => doc_pages()
));
@@ -51,7 +51,7 @@ $app->get('/docs', function() use($app) {
$app->get('/docs/:page', function($page) use($app) {
if(file_exists('views/docs/'.$page.'.php'))
render('docs/'.$page, array(
- 'title' => doc_pages($page).' - Quill Documentation',
+ 'title' => doc_pages($page).' - Quill Documentation',
'authorizing' => false
));
else
diff --git a/public/css/style.css b/public/css/style.css
index 6dcf682..c68a55c 100644
--- a/public/css/style.css
+++ b/public/css/style.css
@@ -108,6 +108,8 @@ body {
font-family: Menlo,Monaco,Consolas,"Courier New",monospace;
word-break: break-all;
word-wrap: break-word;
+ overflow: scroll;
+ white-space: pre;
}
@@ -208,7 +210,7 @@ body {
}
-/**
+/**
* nicer file upload
*/
.btn-file {
@@ -229,7 +231,7 @@ body {
background: white;
cursor: inherit;
display: block;
-}
+}
.glyphicon-spin {
diff --git a/views/auth_callback.php b/views/auth_callback.php
index acdac8f..4d6ad5e 100644
--- a/views/auth_callback.php
+++ b/views/auth_callback.php
@@ -54,11 +54,15 @@
<h3>Token endpoint response</h3>
- <p>Below is the raw response from your token endpoint (<?= $this->tokenEndpoint ?>):</p>
- <div class="bs-callout bs-callout-info pre">
- <?= $this->curl_error ?>
- <?= htmlspecialchars($this->response) ?>
- </div>
+ <p>Below is the raw response from your token endpoint (<code><?= $this->tokenEndpoint ?></code>):</p>
+
+ <?php if($this->curl_error): ?>
+ <div class="bs-callout bs-callout-info pre"><?= $this->curl_error ?></div>
+ <?php endif ?>
+
+ <?php if($this->response): ?>
+ <div class="bs-callout bs-callout-info pre"><?= htmlspecialchars($this->response) ?></div>
+ <?php endif ?>
<?php else: ?>
@@ -70,4 +74,4 @@
<?php endif; ?>
-</div> \ No newline at end of file
+</div>
diff --git a/views/auth_start.php b/views/auth_start.php
index d41ffb4..a6df0da 100644
--- a/views/auth_start.php
+++ b/views/auth_start.php
@@ -1,62 +1,54 @@
<div class="narrow">
<?= partial('partials/header') ?>
-<div id="authorization_endpoint">
- <h3>Authorization Endpoint</h3>
- <p><i>The authorization endpoint tells this app where to direct your browser to sign you in.</i></p>
+<?php if(!$this->authorizationEndpoint): ?>
+ <div id="authorization_endpoint">
+ <h3>Authorization Endpoint</h3>
+
+ <p><i>The authorization endpoint tells this app where to direct your browser to sign you in.</i></p>
- <?php if($this->authorizationEndpoint): ?>
- <div class="bs-callout bs-callout-success">Found your authorization endpoint: <code><?= $this->authorizationEndpoint ?></code></div>
- <?php else: ?>
<div class="bs-callout bs-callout-danger">Could not find your authorization endpoint!</div>
<p>You need to set your authorization endpoint in a <code>&lt;link&gt;</code> tag on your home page.</p>
<?= partial('partials/auth-endpoint-help') ?>
- <?php endif; ?>
-</div>
+ </div>
+<?php endif; ?>
-<div id="token_endpoint">
- <h3>Token Endpoint</h3>
+<?php if(!$this->tokenEndpoint): ?>
+ <div id="token_endpoint">
+ <h3>Token Endpoint</h3>
- <p><i>The token endpoint is where this app will make a request to get an access token after obtaining authorization.</i></p>
+ <p><i>The token endpoint is where this app will make a request to get an access token after obtaining authorization.</i></p>
- <?php if($this->tokenEndpoint): ?>
- <div class="bs-callout bs-callout-success">Found your token endpoint: <code><?= $this->tokenEndpoint ?></code></div>
- <?php else: ?>
<div class="bs-callout bs-callout-danger">Could not find your token endpoint!</div>
<p>You need to set your token endpoint in a <code>&lt;link&gt;</code> tag on your home page.</p>
<?= partial('partials/token-endpoint-help') ?>
- <?php endif; ?>
-
-</div>
+ </div>
+<?php endif; ?>
-<div id="micropub_endpoint">
- <h3>Micropub Endpoint</h3>
+<?php if(!$this->micropubEndpoint): ?>
+ <div id="micropub_endpoint">
+ <h3>Micropub Endpoint</h3>
- <p><i>The Micropub endpoint is the URL this app will use to post new photos.</i></p>
+ <p><i>The Micropub endpoint is the URL this app will use to post new photos.</i></p>
- <?php if($this->micropubEndpoint): ?>
- <div class="bs-callout bs-callout-success">
- Found your Micropub endpoint: <code><?= $this->micropubEndpoint ?></code>
- </div>
- <?php else: ?>
<div class="bs-callout bs-callout-danger">Could not find your Micropub endpoint!</div>
<p>You need to set your Micropub endpoint in a <code>&lt;link&gt;</code> tag on your home page.</p>
<?= partial('partials/micropub-endpoint-help', $this) ?>
- <?php endif; ?>
+ </div>
+<?php endif; ?>
-</div>
<?php if($this->authorizationURL): ?>
- <h3>Ready!</h3>
+ <h3>Sign In</h3>
- <p>Clicking the button below will take you to <strong>your</strong> authorization server which is where you will allow this app to be able to post to your site.</p>
+ <p>Click the button below to go to your website to allow this app to be able to post to your site.</p>
<form action="/auth/redirect" method="get">
<p>Choose the scope to request:</p>
<ul style="list-style-type: none;">
- <li><input type="radio" name="scope" value="create update" checked="checked"> create update</li>
+ <li><input type="radio" name="scope" value="create update media" checked="checked"> create update media (default)</li>
<li><input type="radio" name="scope" value="create"> create</li>
<li><input type="radio" name="scope" value="post"> post (legacy)</li>
</ul>