diff options
| -rw-r--r-- | composer.json | 7 | ||||
| -rw-r--r-- | composer.lock | 394 | ||||
| -rw-r--r-- | controllers/auth.php | 46 | ||||
| -rw-r--r-- | controllers/controllers.php | 8 | ||||
| -rw-r--r-- | controllers/static.php | 8 | ||||
| -rw-r--r-- | public/css/style.css | 6 | ||||
| -rw-r--r-- | views/auth_callback.php | 16 | ||||
| -rw-r--r-- | views/auth_start.php | 52 |
8 files changed, 430 insertions, 107 deletions
diff --git a/composer.json b/composer.json index 4be0552..3797d3d 100644 --- a/composer.json +++ b/composer.json @@ -3,9 +3,9 @@ "slim/slim": "2.2.*", "saltybeagle/savant3": "dev-master", "j4mie/idiorm": "1.4.*", - "mf2/mf2": "^0.3.2", + "mf2/mf2": "^0.4", "indieweb/date-formatter": "0.3.*", - "indieauth/client": ">=0.2.0", + "indieauth/client": ">=0.4.0", "mpratt/relativetime": ">=1.0", "firebase/php-jwt": "2.*", "abraham/twitteroauth": "*", @@ -15,7 +15,8 @@ "tantek/cassis": "*", "p3k/timezone": "*", "gajus/dindent": "^2.0", - "p3k/xray": "^1.3" + "p3k/xray": ">=1.6.5", + "p3k/utils": "^1.2" }, "autoload": { "files": [ diff --git a/composer.lock b/composer.lock index b039686..60025aa 100644 --- a/composer.lock +++ b/composer.lock @@ -4,7 +4,7 @@ "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", "This file is @generated automatically" ], - "content-hash": "26d324e17ac5eeecdeaae4ff4e279213", + "content-hash": "ba9a9e78ffbc647f0609e84b08957ee1", "packages": [ { "name": "abraham/twitteroauth", @@ -247,16 +247,16 @@ }, { "name": "ezyang/htmlpurifier", - "version": "v4.9.3", + "version": "v4.10.0", "source": { "type": "git", "url": "https://github.com/ezyang/htmlpurifier.git", - "reference": "95e1bae3182efc0f3422896a3236e991049dac69" + "reference": "d85d39da4576a6934b72480be6978fb10c860021" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/95e1bae3182efc0f3422896a3236e991049dac69", - "reference": "95e1bae3182efc0f3422896a3236e991049dac69", + "url": "https://api.github.com/repos/ezyang/htmlpurifier/zipball/d85d39da4576a6934b72480be6978fb10c860021", + "reference": "d85d39da4576a6934b72480be6978fb10c860021", "shasum": "" }, "require": { @@ -290,7 +290,65 @@ "keywords": [ "html" ], - "time": "2017-06-03T02:28:16+00:00" + "time": "2018-02-23T01:58:20+00:00" + }, + { + "name": "facebook/graph-sdk", + "version": "5.6.3", + "source": { + "type": "git", + "url": "https://github.com/facebook/php-graph-sdk.git", + "reference": "90e92bd1816fe718e55184ab85910dfcf488432c" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/facebook/php-graph-sdk/zipball/90e92bd1816fe718e55184ab85910dfcf488432c", + "reference": "90e92bd1816fe718e55184ab85910dfcf488432c", + "shasum": "" + }, + "require": { + "php": "^5.4|^7.0" + }, + "require-dev": { + "guzzlehttp/guzzle": "~5.0", + "mockery/mockery": "~0.8", + "phpunit/phpunit": "~4.0" + }, + "suggest": { + "guzzlehttp/guzzle": "Allows for implementation of the Guzzle HTTP client", + "paragonie/random_compat": "Provides a better CSPRNG option in PHP 5" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "5.x-dev" + } + }, + "autoload": { + "psr-4": { + "Facebook\\": "src/Facebook/" + }, + "files": [ + "src/Facebook/polyfills.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Facebook Platform" + ], + "authors": [ + { + "name": "Facebook", + "homepage": "https://github.com/facebook/php-graph-sdk/contributors" + } + ], + "description": "Facebook SDK for PHP", + "homepage": "https://github.com/facebook/php-graph-sdk", + "keywords": [ + "facebook", + "sdk" + ], + "time": "2018-07-03T02:25:00+00:00" }, { "name": "firebase/php-jwt", @@ -383,24 +441,27 @@ }, { "name": "indieauth/client", - "version": "0.2.2", + "version": "0.4.1", "source": { "type": "git", "url": "https://github.com/indieweb/indieauth-client-php.git", - "reference": "225ece31ddafaee3348eabdc915422c457498a84" + "reference": "3e47004ccfccddc5760639f4faf9ed5ceadb460e" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/225ece31ddafaee3348eabdc915422c457498a84", - "reference": "225ece31ddafaee3348eabdc915422c457498a84", + "url": "https://api.github.com/repos/indieweb/indieauth-client-php/zipball/3e47004ccfccddc5760639f4faf9ed5ceadb460e", + "reference": "3e47004ccfccddc5760639f4faf9ed5ceadb460e", "shasum": "" }, "require": { - "barnabywalters/mf-cleaner": "0.*", - "indieweb/link-rel-parser": "0.1.*", - "mf2/mf2": "~0.3", + "indieweb/representative-h-card": "^0.1.2", + "mf2/mf2": ">=0.3.2", + "p3k/http": ">=0.1.6", "php": ">5.3.0" }, + "require-dev": { + "phpunit/phpunit": "4.8.*" + }, "type": "library", "autoload": { "psr-0": { @@ -409,16 +470,16 @@ }, "notification-url": "https://packagist.org/downloads/", "license": [ - "Apache 2.0" + "Apache-2.0" ], "authors": [ { "name": "Aaron Parecki", - "homepage": "http://aaronparecki.com" + "homepage": "https://aaronparecki.com" } ], "description": "IndieAuth Client Library", - "time": "2017-07-01T15:43:45+00:00" + "time": "2018-03-13T23:39:55+00:00" }, { "name": "indieweb/date-formatter", @@ -514,6 +575,51 @@ "time": "2017-01-11T17:14:49+00:00" }, { + "name": "indieweb/representative-h-card", + "version": "0.1.2", + "source": { + "type": "git", + "url": "https://github.com/indieweb/representative-h-card-php.git", + "reference": "b70b01bd0dd7f2a940602137335dbf46ab6e2e38" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/indieweb/representative-h-card-php/zipball/b70b01bd0dd7f2a940602137335dbf46ab6e2e38", + "reference": "b70b01bd0dd7f2a940602137335dbf46ab6e2e38", + "shasum": "" + }, + "require": { + "php": ">=5.4" + }, + "require-dev": { + "mf2/mf2": "0.2.*", + "phpunit/phpunit": "*" + }, + "type": "library", + "autoload": { + "files": [ + "src/mf2/representative-h-card.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "Apache-2.0" + ], + "authors": [ + { + "name": "Aaron Parecki", + "homepage": "http://aaronparecki.com" + } + ], + "keywords": [ + "h-card", + "indieweb", + "mf2", + "microformats" + ], + "time": "2015-12-23T18:11:19+00:00" + }, + { "name": "j4mie/idiorm", "version": "v1.4.1", "source": { @@ -572,17 +678,82 @@ "time": "2013-12-12T10:25:27+00:00" }, { + "name": "masterminds/html5", + "version": "2.3.0", + "source": { + "type": "git", + "url": "https://github.com/Masterminds/html5-php.git", + "reference": "2c37c6c520b995b761674de3be8455a381679067" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Masterminds/html5-php/zipball/2c37c6c520b995b761674de3be8455a381679067", + "reference": "2c37c6c520b995b761674de3be8455a381679067", + "shasum": "" + }, + "require": { + "ext-libxml": "*", + "php": ">=5.3.0" + }, + "require-dev": { + "phpunit/phpunit": "4.*", + "sami/sami": "~2.0", + "satooshi/php-coveralls": "1.0.*" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.2-dev" + } + }, + "autoload": { + "psr-4": { + "Masterminds\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Matt Butcher", + "email": "technosophos@gmail.com" + }, + { + "name": "Asmir Mustafic", + "email": "goetas@gmail.com" + }, + { + "name": "Matt Farina", + "email": "matt@mattfarina.com" + } + ], + "description": "An HTML5 parser and serializer.", + "homepage": "http://masterminds.github.io/html5-php", + "keywords": [ + "HTML5", + "dom", + "html", + "parser", + "querypath", + "serializer", + "xml" + ], + "time": "2017-09-04T12:26:28+00:00" + }, + { "name": "mf2/mf2", - "version": "v0.3.2", + "version": "v0.4.4", "source": { "type": "git", "url": "https://github.com/indieweb/php-mf2.git", - "reference": "dc0d90d4ee30864bcf37cd3a8fc8db94f9134cc4" + "reference": "463351e3a3620663cfa335849ce904da39ef1314" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/indieweb/php-mf2/zipball/dc0d90d4ee30864bcf37cd3a8fc8db94f9134cc4", - "reference": "dc0d90d4ee30864bcf37cd3a8fc8db94f9134cc4", + "url": "https://api.github.com/repos/indieweb/php-mf2/zipball/463351e3a3620663cfa335849ce904da39ef1314", + "reference": "463351e3a3620663cfa335849ce904da39ef1314", "shasum": "" }, "require": { @@ -594,7 +765,8 @@ "phpunit/phpunit": "4.8.*" }, "suggest": { - "barnabywalters/mf-cleaner": "To more easily handle the canonical data php-mf2 gives you" + "barnabywalters/mf-cleaner": "To more easily handle the canonical data php-mf2 gives you", + "masterminds/html5": "Alternative HTML parser for PHP, for better HTML5 support." }, "bin": [ "bin/fetch-mf2", @@ -608,7 +780,7 @@ }, "notification-url": "https://packagist.org/downloads/", "license": [ - "CC0" + "CC0-1.0" ], "authors": [ { @@ -624,7 +796,7 @@ "parser", "semantic" ], - "time": "2017-05-27T15:27:47+00:00" + "time": "2018-08-01T20:02:45+00:00" }, { "name": "mpratt/relativetime", @@ -676,21 +848,21 @@ }, { "name": "p3k/http", - "version": "0.1.5", + "version": "0.1.7", "source": { "type": "git", "url": "https://github.com/aaronpk/p3k-http.git", - "reference": "3740fe135e6d58457d7528e7c05a67b68e020a79" + "reference": "1826647c4902a18dea5ec532f21509ba4d51210b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/aaronpk/p3k-http/zipball/3740fe135e6d58457d7528e7c05a67b68e020a79", - "reference": "3740fe135e6d58457d7528e7c05a67b68e020a79", + "url": "https://api.github.com/repos/aaronpk/p3k-http/zipball/1826647c4902a18dea5ec532f21509ba4d51210b", + "reference": "1826647c4902a18dea5ec532f21509ba4d51210b", "shasum": "" }, "require": { "indieweb/link-rel-parser": "0.1.*", - "mf2/mf2": "0.3.*" + "mf2/mf2": ">=0.3.2" }, "type": "library", "autoload": { @@ -710,7 +882,7 @@ ], "description": "A simple wrapper API around the PHP curl functions", "homepage": "https://github.com/aaronpk/p3k-http", - "time": "2017-04-29T17:43:29+00:00" + "time": "2018-03-04T15:21:58+00:00" }, { "name": "p3k/multipart", @@ -749,6 +921,59 @@ "time": "2016-12-28T14:50:41+00:00" }, { + "name": "p3k/picofeed", + "version": "v0.1.38", + "source": { + "type": "git", + "url": "https://github.com/aaronpk/picoFeed.git", + "reference": "989c0bcf2eac016a4104abce1aadff791fc287ab" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/aaronpk/picoFeed/zipball/989c0bcf2eac016a4104abce1aadff791fc287ab", + "reference": "989c0bcf2eac016a4104abce1aadff791fc287ab", + "shasum": "" + }, + "require": { + "ext-dom": "*", + "ext-iconv": "*", + "ext-libxml": "*", + "ext-simplexml": "*", + "ext-xml": "*", + "php": ">=5.3.0", + "zendframework/zendxml": "^1.0" + }, + "require-dev": { + "phpdocumentor/reflection-docblock": "2.0.4", + "phpunit/phpunit": "4.8.26", + "symfony/yaml": "2.8.7" + }, + "suggest": { + "ext-curl": "PicoFeed will use cURL if present" + }, + "bin": [ + "picofeed" + ], + "type": "library", + "autoload": { + "psr-0": { + "PicoFeed": "lib/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Frédéric Guillot" + } + ], + "description": "Modern library to handle RSS/Atom feeds", + "homepage": "https://github.com/miniflux/picoFeed", + "time": "2017-11-30T00:16:58+00:00" + }, + { "name": "p3k/timezone", "version": "0.1.0", "source": { @@ -791,26 +1016,75 @@ "time": "2017-01-12T17:30:08+00:00" }, { + "name": "p3k/utils", + "version": "1.2.0", + "source": { + "type": "git", + "url": "https://github.com/aaronpk/p3k-utils.git", + "reference": "ecd0ba1afca8e586f09792f7be5052e142d3cbde" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/aaronpk/p3k-utils/zipball/ecd0ba1afca8e586f09792f7be5052e142d3cbde", + "reference": "ecd0ba1afca8e586f09792f7be5052e142d3cbde", + "shasum": "" + }, + "require": { + "php": ">=5.5" + }, + "require-dev": { + "phpunit/phpunit": "^4.8.13", + "predis/predis": "1.1.*" + }, + "type": "library", + "autoload": { + "files": [ + "src/global.php", + "src/url.php", + "src/utils.php", + "src/date.php", + "src/cache.php", + "src/geo.php" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Aaron Parecki", + "homepage": "https://aaronparecki.com" + } + ], + "description": "Some helpful functions used by https://p3k.io projects", + "homepage": "https://github.com/aaronpk/p3k-utils", + "time": "2018-03-28T13:44:56+00:00" + }, + { "name": "p3k/xray", - "version": "v1.3.1", + "version": "v1.6.5", "source": { "type": "git", "url": "https://github.com/aaronpk/XRay.git", - "reference": "a37ed3bbaeec5ddb51d6a6ae285c5ab608d31978" + "reference": "fcbbbf219dcd89cf9322973a2b12b8392cafc33b" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/aaronpk/XRay/zipball/a37ed3bbaeec5ddb51d6a6ae285c5ab608d31978", - "reference": "a37ed3bbaeec5ddb51d6a6ae285c5ab608d31978", + "url": "https://api.github.com/repos/aaronpk/XRay/zipball/fcbbbf219dcd89cf9322973a2b12b8392cafc33b", + "reference": "fcbbbf219dcd89cf9322973a2b12b8392cafc33b", "shasum": "" }, "require": { "cebe/markdown": "1.1.*", "dg/twitter-php": "3.6.*", - "ezyang/htmlpurifier": "4.*", + "ezyang/htmlpurifier": "4.10.*", + "facebook/graph-sdk": "^5.5", "indieweb/link-rel-parser": "0.1.*", - "mf2/mf2": "^0.3.2", - "p3k/http": "0.1.*", + "masterminds/html5": "^2.3", + "mf2/mf2": "^0.4", + "p3k/http": ">=0.1.7", + "p3k/picofeed": ">=0.1.38", "p3k/timezone": "*" }, "require-dev": { @@ -834,7 +1108,7 @@ ], "description": "X-Ray returns structured data from any URL", "homepage": "https://github.com/aaronpk/XRay", - "time": "2017-09-22T19:35:08+00:00" + "time": "2018-08-01T20:25:25+00:00" }, { "name": "saltybeagle/savant3", @@ -936,6 +1210,52 @@ }, "notification-url": "https://packagist.org/downloads/", "time": "2016-04-04T15:31:04+00:00" + }, + { + "name": "zendframework/zendxml", + "version": "1.1.0", + "source": { + "type": "git", + "url": "https://github.com/zendframework/ZendXml.git", + "reference": "267db6a2c431a08a8f8ff0f1f4c302a5ba6f5b99" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/zendframework/ZendXml/zipball/267db6a2c431a08a8f8ff0f1f4c302a5ba6f5b99", + "reference": "267db6a2c431a08a8f8ff0f1f4c302a5ba6f5b99", + "shasum": "" + }, + "require": { + "php": "^5.6 || ^7.0" + }, + "require-dev": { + "phpunit/phpunit": "^5.7.27 || ^6.5.8 || ^7.1.4", + "zendframework/zend-coding-standard": "~1.0.0" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.1.x-dev", + "dev-develop": "1.2.x-dev" + } + }, + "autoload": { + "psr-4": { + "ZendXml\\": "src/" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "description": "Utility library for XML usage, best practices, and security in PHP", + "keywords": [ + "ZendFramework", + "security", + "xml", + "zf" + ], + "time": "2018-04-30T15:11:04+00:00" } ], "packages-dev": [], diff --git a/controllers/auth.php b/controllers/auth.php index e6a2d24..d812956 100644 --- a/controllers/auth.php +++ b/controllers/auth.php @@ -31,9 +31,11 @@ $app->get('/auth/start', function() use($app) { $_SESSION['attempted_me'] = $me; - $authorizationEndpoint = IndieAuth\Client::discoverAuthorizationEndpoint($me); - $tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me); - $micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me); + $_SESSION['indieauth'] = [ + 'authorization_endpoint' => ($authorizationEndpoint=IndieAuth\Client::discoverAuthorizationEndpoint($me)), + 'token_endpoint' => ($tokenEndpoint=IndieAuth\Client::discoverTokenEndpoint($me)), + 'micropub_endpoint' => ($micropubEndpoint=IndieAuth\Client::discoverMicropubEndpoint($me)), + ]; $defaultScope = 'create update media'; @@ -74,16 +76,6 @@ $app->get('/auth/start', function() use($app) { } else { - if(!$user) - $user = ORM::for_table('users')->create(); - $user->url = $me; - $user->date_created = date('Y-m-d H:i:s'); - $user->micropub_endpoint = $micropubEndpoint; - $user->authorization_endpoint = $authorizationEndpoint; - $user->token_endpoint = $tokenEndpoint; - $user->micropub_access_token = ''; // blank out the access token if they attempt to sign in again - $user->save(); - if(k($params, 'dontask') && $params['dontask']) { // Request whatever scope was previously granted $authorizationURL = parse_url($authorizationURL); @@ -131,7 +123,12 @@ $app->get('/auth/callback', function() use($app) { // If there is no state in the session, start the login again if(!array_key_exists('auth_state', $_SESSION)) { - $app->redirect('/?error=missing_session_state'); + $html = render('auth_error', array( + 'title' => 'Auth Callback', + 'error' => 'Missing session state', + 'errorDescription' => 'Something went wrong, please try signing in again, and make sure cookies are enabled for this domain.' + )); + $app->response()->body($html); return; } @@ -182,12 +179,11 @@ $app->get('/auth/callback', function() use($app) { // An authorization code is in the query string, and we want to exchange that for an access token at the token endpoint. // Discover the endpoints - $micropubEndpoint = IndieAuth\Client::discoverMicropubEndpoint($me); - $tokenEndpoint = IndieAuth\Client::discoverTokenEndpoint($me); + $micropubEndpoint = $_SESSION['indieauth']['micropub_endpoint']; + $tokenEndpoint = $_SESSION['indieauth']['token_endpoint']; if($tokenEndpoint) { - $token = IndieAuth\Client::getAccessToken($tokenEndpoint, $params['code'], $me, buildRedirectURI(), Config::$base_url, k($params,'state'), true); - + $token = IndieAuth\Client::getAccessToken($tokenEndpoint, $params['code'], $me, buildRedirectURI(), Config::$base_url, true); } else { $token = array('auth'=>false, 'response'=>false); } @@ -197,11 +193,11 @@ $app->get('/auth/callback', function() use($app) { // If a valid access token was returned, store the token info in the session and they are signed in if(k($token['auth'], array('me','access_token','scope'))) { // Double check that the domain of the returned "me" matches the expected - if(parse_url($token['auth']['me'], PHP_URL_HOST) != parse_url($me, PHP_URL_HOST)) { + if(!\p3k\url\host_matches($token['auth']['me'], $me)) { $html = render('auth_error', [ 'title' => 'Error Signing In', 'error' => 'Invalid user', - 'errorDescription' => 'The user URL that was returned in the access token did not match the domain of the user signing in.' + 'errorDescription' => 'The user URL that was returned from the token endpoint (<code>'.$token['auth']['me'].'</code>) did not match the domain of the user signing in (<code>'.$me.'</code>).' ]); $app->response()->body($html); return; @@ -223,6 +219,8 @@ $app->get('/auth/callback', function() use($app) { $user->url = $me; $user->date_created = date('Y-m-d H:i:s'); } + $user->authorization_endpoint = $_SESSION['indieauth']['authorization_endpoint']; + $user->token_endpoint = $tokenEndpoint; $user->micropub_endpoint = $micropubEndpoint; $user->micropub_access_token = $token['auth']['access_token']; $user->micropub_scope = $token['auth']['scope']; @@ -237,6 +235,7 @@ $app->get('/auth/callback', function() use($app) { unset($_SESSION['auth_state']); unset($_SESSION['attempted_me']); + unset($_SESSION['indieauth']); if($redirectToDashboardImmediately || k($_SESSION, 'dontask')) { unset($_SESSION['dontask']); @@ -253,6 +252,11 @@ $app->get('/auth/callback', function() use($app) { $app->redirect('/new?' . http_build_query($query), 302); } } else { + $tokenResponse = $token['response']; + $parsed = @json_decode($tokenResponse); + if($parsed) + $tokenResponse = json_encode($parsed, JSON_PRETTY_PRINT+JSON_UNESCAPED_SLASHES); + $html = render('auth_callback', array( 'title' => 'Sign In', 'me' => $me, @@ -260,7 +264,7 @@ $app->get('/auth/callback', function() use($app) { 'meParts' => parse_url($me), 'tokenEndpoint' => $tokenEndpoint, 'auth' => $token['auth'], - 'response' => $token['response'], + 'response' => $tokenResponse, 'curl_error' => (array_key_exists('error', $token) ? $token['error'] : false), 'destination' => (k($_SESSION, 'redirect_after_login') ?: '/new') )); diff --git a/controllers/controllers.php b/controllers/controllers.php index 237c4bb..cc74674 100644 --- a/controllers/controllers.php +++ b/controllers/controllers.php @@ -724,7 +724,7 @@ $app->get('/code', function() use($app) { 'nginx' => ['conf'], 'apache' => [], 'text' => ['txt'], - ]; + ]; ksort($languages); $language_map = []; foreach($languages as $lang=>$exts) { @@ -989,18 +989,18 @@ $app->get('/edit', function() use($app) { 'error' => 'There was a problem!', 'error_description' => $error ]); - return; + return; } // Until all interfaces are complete, show an error here for unsupported ones - if(!in_array($url, ['/favorite','/repost'])) { + if(!in_array($url, ['/favorite','/repost','/code'])) { render('edit/error', [ 'title' => 'Not Yet Supported', 'summary' => '', 'error' => 'Not Yet Supported', 'error_description' => 'Editing is not yet supported for this type of post.' ]); - return; + return; } $app->redirect($url . '?edit=' . $params['url'], 302); diff --git a/controllers/static.php b/controllers/static.php index 9822d6b..8c4425d 100644 --- a/controllers/static.php +++ b/controllers/static.php @@ -11,7 +11,7 @@ function doc_pages($page=null) { 'syndication' => 'Syndication', 'post-status' => 'Post Status', ]; - if($page == null) + if($page == null) return $pages; else return $pages[$page]; @@ -28,7 +28,7 @@ $app->get('/', function($format='html') use($app) { render('index', array( 'title' => 'Quill', 'meta' => '', - 'authorizing' => false + 'authorizing' => false, )); }); @@ -42,7 +42,7 @@ $app->get('/creating-a-micropub-endpoint', function() use($app) { $app->get('/docs', function() use($app) { render('docs/index', array( - 'title' => 'Documentation', + 'title' => 'Documentation', 'authorizing' => false, 'pages' => doc_pages() )); @@ -51,7 +51,7 @@ $app->get('/docs', function() use($app) { $app->get('/docs/:page', function($page) use($app) { if(file_exists('views/docs/'.$page.'.php')) render('docs/'.$page, array( - 'title' => doc_pages($page).' - Quill Documentation', + 'title' => doc_pages($page).' - Quill Documentation', 'authorizing' => false )); else diff --git a/public/css/style.css b/public/css/style.css index 6dcf682..c68a55c 100644 --- a/public/css/style.css +++ b/public/css/style.css @@ -108,6 +108,8 @@ body { font-family: Menlo,Monaco,Consolas,"Courier New",monospace; word-break: break-all; word-wrap: break-word; + overflow: scroll; + white-space: pre; } @@ -208,7 +210,7 @@ body { } -/** +/** * nicer file upload */ .btn-file { @@ -229,7 +231,7 @@ body { background: white; cursor: inherit; display: block; -} +} .glyphicon-spin { diff --git a/views/auth_callback.php b/views/auth_callback.php index acdac8f..4d6ad5e 100644 --- a/views/auth_callback.php +++ b/views/auth_callback.php @@ -54,11 +54,15 @@ <h3>Token endpoint response</h3> - <p>Below is the raw response from your token endpoint (<?= $this->tokenEndpoint ?>):</p> - <div class="bs-callout bs-callout-info pre"> - <?= $this->curl_error ?> - <?= htmlspecialchars($this->response) ?> - </div> + <p>Below is the raw response from your token endpoint (<code><?= $this->tokenEndpoint ?></code>):</p> + + <?php if($this->curl_error): ?> + <div class="bs-callout bs-callout-info pre"><?= $this->curl_error ?></div> + <?php endif ?> + + <?php if($this->response): ?> + <div class="bs-callout bs-callout-info pre"><?= htmlspecialchars($this->response) ?></div> + <?php endif ?> <?php else: ?> @@ -70,4 +74,4 @@ <?php endif; ?> -</div>
\ No newline at end of file +</div> diff --git a/views/auth_start.php b/views/auth_start.php index d41ffb4..a6df0da 100644 --- a/views/auth_start.php +++ b/views/auth_start.php @@ -1,62 +1,54 @@ <div class="narrow"> <?= partial('partials/header') ?> -<div id="authorization_endpoint"> - <h3>Authorization Endpoint</h3> - <p><i>The authorization endpoint tells this app where to direct your browser to sign you in.</i></p> +<?php if(!$this->authorizationEndpoint): ?> + <div id="authorization_endpoint"> + <h3>Authorization Endpoint</h3> + + <p><i>The authorization endpoint tells this app where to direct your browser to sign you in.</i></p> - <?php if($this->authorizationEndpoint): ?> - <div class="bs-callout bs-callout-success">Found your authorization endpoint: <code><?= $this->authorizationEndpoint ?></code></div> - <?php else: ?> <div class="bs-callout bs-callout-danger">Could not find your authorization endpoint!</div> <p>You need to set your authorization endpoint in a <code><link></code> tag on your home page.</p> <?= partial('partials/auth-endpoint-help') ?> - <?php endif; ?> -</div> + </div> +<?php endif; ?> -<div id="token_endpoint"> - <h3>Token Endpoint</h3> +<?php if(!$this->tokenEndpoint): ?> + <div id="token_endpoint"> + <h3>Token Endpoint</h3> - <p><i>The token endpoint is where this app will make a request to get an access token after obtaining authorization.</i></p> + <p><i>The token endpoint is where this app will make a request to get an access token after obtaining authorization.</i></p> - <?php if($this->tokenEndpoint): ?> - <div class="bs-callout bs-callout-success">Found your token endpoint: <code><?= $this->tokenEndpoint ?></code></div> - <?php else: ?> <div class="bs-callout bs-callout-danger">Could not find your token endpoint!</div> <p>You need to set your token endpoint in a <code><link></code> tag on your home page.</p> <?= partial('partials/token-endpoint-help') ?> - <?php endif; ?> - -</div> + </div> +<?php endif; ?> -<div id="micropub_endpoint"> - <h3>Micropub Endpoint</h3> +<?php if(!$this->micropubEndpoint): ?> + <div id="micropub_endpoint"> + <h3>Micropub Endpoint</h3> - <p><i>The Micropub endpoint is the URL this app will use to post new photos.</i></p> + <p><i>The Micropub endpoint is the URL this app will use to post new photos.</i></p> - <?php if($this->micropubEndpoint): ?> - <div class="bs-callout bs-callout-success"> - Found your Micropub endpoint: <code><?= $this->micropubEndpoint ?></code> - </div> - <?php else: ?> <div class="bs-callout bs-callout-danger">Could not find your Micropub endpoint!</div> <p>You need to set your Micropub endpoint in a <code><link></code> tag on your home page.</p> <?= partial('partials/micropub-endpoint-help', $this) ?> - <?php endif; ?> + </div> +<?php endif; ?> -</div> <?php if($this->authorizationURL): ?> - <h3>Ready!</h3> + <h3>Sign In</h3> - <p>Clicking the button below will take you to <strong>your</strong> authorization server which is where you will allow this app to be able to post to your site.</p> + <p>Click the button below to go to your website to allow this app to be able to post to your site.</p> <form action="/auth/redirect" method="get"> <p>Choose the scope to request:</p> <ul style="list-style-type: none;"> - <li><input type="radio" name="scope" value="create update" checked="checked"> create update</li> + <li><input type="radio" name="scope" value="create update media" checked="checked"> create update media (default)</li> <li><input type="radio" name="scope" value="create"> create</li> <li><input type="radio" name="scope" value="post"> post (legacy)</li> </ul> |