This repository has been archived by the owner on May 13, 2018. It is now read-only.
forked from hugowetterberg/services_oauth
/
services_oauth.module
250 lines (229 loc) · 7.58 KB
/
services_oauth.module
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
<?php
// $Id$
/**
* Implementation of hook_services_authentication().
*/
function services_oauth_authentication_info() {
return array(
'#file' => 'services_oauth.inc',
'#title' => t('OAuth authentication'),
'#description' => t('An open protocol to allow secure API authorization'),
'security_settings' => '_services_oauth_security_settings',
'security_settings_submit' => '_services_oauth_security_settings_submit',
'alter_methods' => '_services_oauth_alter_methods',
'authenticate_call' => '_services_oauth_authenticate_call',
);
}
/**
* Implementation of hook_perm().
*/
function services_oauth_perm() {
return array('services oauth authorize consumers', 'services oauth register consumers');
}
/**
* Implementation of hook_menu().
*/
function services_oauth_menu() {
$menu = array();
$menu['oauth/authorize'] = array(
'page callback' => 'drupal_get_form',
'page arguments' => array('_services_oauth_authorize'),
'access callback' => '_services_oauth_always_true',
'file' => 'services_oauth.pages.inc',
'type' => MENU_CALLBACK,
);
$menu['oauth/authorized'] = array(
'title' => 'Authorization finished',
'page callback' => '_services_oauth_authorized',
'access callback' => '_services_oauth_always_true',
'file' => 'services_oauth.pages.inc',
'type' => MENU_CALLBACK,
);
$menu['oauth/request_token'] = array(
'page callback' => '_services_oauth_request_token',
'access callback' => '_services_oauth_always_true',
'file' => 'services_oauth.pages.inc',
'type' => MENU_CALLBACK,
);
$menu['oauth/access_token'] = array(
'page callback' => '_services_oauth_access_token',
'access callback' => '_services_oauth_always_true',
'file' => 'services_oauth.pages.inc',
'type' => MENU_CALLBACK,
);
$menu['user/%user/applications'] = array(
'title' => 'Applications',
'page callback' => 'drupal_get_form',
'page arguments' => array('_services_oauth_user_applications', 1),
'access callback' => 'oauth_services_user_access',
'access arguments' => array(1),
'file' => 'services_oauth.pages.inc',
'type' => MENU_LOCAL_TASK,
);
$menu['user/%user/applications/add'] = array(
'title' => 'Add application',
'page callback' => 'drupal_get_form',
'page arguments' => array('_services_oauth_user_applications_add', 1),
'access callback' => 'user_access',
'access arguments' => array('services oauth register consumers'),
'file' => 'services_oauth.pages.inc',
'type' => MENU_CALLBACK,
);
$menu['user/%user/applications/authorization/%'] = array(
'title' => 'Edit authorization',
'page callback' => 'drupal_get_form',
'page arguments' => array('_services_oauth_user_authorization_edit', 1, 4),
'access callback' => 'oauth_services_user_access',
'access arguments' => array(1),
'file' => 'services_oauth.pages.inc',
'type' => MENU_CALLBACK,
);
$menu['user/%user/applications/authorization/%/delete'] = array(
'title' => 'Edit authorization',
'page callback' => 'drupal_get_form',
'page arguments' => array('_services_oauth_user_authorization_delete', 1, 4),
'access callback' => 'oauth_services_user_access',
'access arguments' => array(1),
'file' => 'services_oauth.pages.inc',
'type' => MENU_CALLBACK,
);
$menu['admin/build/services/authentication'] = array(
'title' => 'Authentication',
'page callback' => 'drupal_get_form',
'page arguments' => array('_services_oauth_admin_authentication'),
'access arguments' => array('administer services'),
'file' => 'services_oauth.admin.inc',
'type' => MENU_LOCAL_TASK,
);
$menu['admin/build/services/authorization'] = array(
'title' => 'Authorization levels',
'page callback' => 'drupal_get_form',
'page arguments' => array('_services_oauth_admin_authorization'),
'access arguments' => array('administer services'),
'file' => 'services_oauth.admin.inc',
'type' => MENU_LOCAL_TASK,
);
$menu['admin/build/services/authorization/%/delete'] = array(
'title' => 'Delete authorization level',
'page callback' => 'drupal_get_form',
'page arguments' => array('_services_oauth_admin_authorization_delete', 4),
'access arguments' => array('administer services'),
'file' => 'services_oauth.admin.inc',
'type' => MENU_LOCAL_TASK,
);
return $menu;
}
/**
* Returns the authorization levels as an associative array
* keyed after the machine readable name.
*
* @return array
*/
function services_oauth_authorization_levels() {
global $levels;
if (!$levels) {
$levels = array();
$res = db_query("SELECT * FROM {services_oauth_authorization_levels}");
while ($level = db_fetch_object($res)) {
$levels[$level->name] = $level;
}
}
return $levels;
}
function oauth_services_user_access($user) {
return user_edit_access($user) && (user_access('services oauth authorize consumers', $user) || user_access('services oauth register consumers', $user));
}
/**
* This function is used as a access callback
* when the authentication of the request shouldn't be
* done by the menu system.
*
* @return bool
* Always returns TRUE
*/
function _services_oauth_always_true() {
return TRUE;
}
/**
* Creates a new authorization level
*
* @param string $name
* The machine-readable name of the authorization level
* @param string $title
* The human-readable name of the authentication level
* @param string $description
* The description of the authentication level
* @return void
*/
function services_oauth_write_authorization_level($name, $title, $description) {
$levels = services_oauth_authorization_levels();
$update = NULL;
if (isset($levels[$name])) {
$update = array('name');
}
drupal_write_record('services_oauth_authorization_levels', $values = array(
'name' => $name,
'title' => $title,
'description' => $description,
), $update);
}
/**
* Deletes a authorization level
*
* @param string $name
* The machine-readable name of the authorization level
* @return void
*/
function services_oauth_delete_authorization_level($name) {
db_query("DELETE FROM {services_oauth_authorization_levels} WHERE name='%s'", array(
':name' => $name,
));
}
/**
* Implementation of hook_xrds().
*/
function services_oauth_xrds() {
$xrds = array();
$xrds['oauth'] = array(
'services' => array(
array(
'data' => array(
'Type' => array('http://oauth.net/discovery/1.0'),
'URI' => array('#main'),
),
),
array(
'data' => array(
'Type' => array(
'http://oauth.net/core/1.0/endpoint/request',
'http://oauth.net/core/1.0/parameters/auth-header',
'http://oauth.net/core/1.0/parameters/uri-query',
'http://oauth.net/core/1.0/signature/HMAC-SHA1',
),
'URI' => array(url('oauth/request_token', array('absolute'=>TRUE))),
),
),
array(
'data' => array(
'Type' => array(
'http://oauth.net/core/1.0/endpoint/authorize',
'http://oauth.net/core/1.0/parameters/uri-query',
),
'URI' => array(url('oauth/authorize', array('absolute'=>TRUE))),
),
),
array(
'data' => array(
'Type' => array(
'http://oauth.net/core/1.0/endpoint/access',
'http://oauth.net/core/1.0/parameters/auth-header',
'http://oauth.net/core/1.0/parameters/uri-query',
'http://oauth.net/core/1.0/signature/HMAC-SHA1',
),
'URI' => array(url('oauth/access_token', array('absolute'=>TRUE))),
),
),
),
);
return $xrds;
}