Added created and changed timestamps for tokens and consumers.

In the process of adding support for editing authorizations.
In the process of adding support for authorization levels.

services_oauth.admin.inc

@@ -1,13 +1,41 @@
 <?php
 // $Id$
 
+function _services_oauth_admin_authorization() {
+  $form = array();
+
+  $levels = services_oauth_authorization_levels();
+  foreach ($levels as $key => $title) {
+    $set = array(
+      '#type' => 'fieldset',
+      '#title' => $key . ' - ' . $title,
+      '#tree' => TRUE,
+      'title' => array(
+        '#type' => 'textfield',
+        '#maxlength' => 255,
+        '#title' => t('Title'),
+        '#value' => $title,
+      ),
+    );
+    $form[$key] = $set;
+  }
+
+  $form['submit'] = array(
+    '#type' => 'submit',
+    '#value' => t('Save'),
+  );
+
+  return $form;
+}
+
 function _services_oauth_admin_authentication() {
   $form = array();
-  
+
   $form['intro'] = array('#value' => '<p>' . t('You can change the lowest required OAuth authentication level for resources and methods here. This doesn\'t affect the access checks, so the security of your site <em>should</em> not be affected by changing the authentication requirements.') . '</p>');
 
   $methods = services_get_all(FALSE);
   $resources = services_get_all_resources(FALSE);
+  $auth_levels = array_merge(array('*' => t('Full access')), services_oauth_authorization_levels());
 
   foreach ($resources as $name => $resource) {
     $ra = array($name => $resource);
@@ -25,7 +53,7 @@ function _services_oauth_admin_authentication() {
         '#collapsed' => TRUE,
         '#tree' => TRUE,
       );
-      
+
       $cred = $controller['#auth'] ? 'token' : ($controller['#key'] ? ($controller['#verify_key'] ? 'consumer' : 'unsigned_consumer') : 'none');
       $c['credentials'] = array(
         '#type' => 'radios',
@@ -38,7 +66,14 @@ function _services_oauth_admin_authentication() {
         ),
         '#default_value' => $cred,
       );
-
+
+      $c['authorization'] = array(
+        '#type' => 'checkboxes',
+        '#title' => t('Required authorization'),
+        '#options' => $auth_levels,
+        '#default_value' => $controller['#default_auth_level'] ? $controller['#default_auth_level'] : array('*'),
+      );
+
       $res_set[$path] = $c;
     }
 

services_oauth.install

@@ -1,2 +1,42 @@
 <?php
 // $Id$
+
+function services_oauth_install() {
+  drupal_install_schema('services_oauth');
+
+  // Create default authorization levels
+  $insert = "INSERT INTO {services_oauth_authorization_levels}(name, title) VALUES('%s','%s')";
+  db_query($insert, array(':name' => 'read',    ':title' => 'Read access'));
+  db_query($insert, array(':name' => 'update',  ':title' => 'Update access'));
+  db_query($insert, array(':name' => 'create',  ':title' => 'Create access'));
+  db_query($insert, array(':name' => 'delete',  ':title' => 'Delete access'));
+}
+
+function services_oauth_uninstall() {
+  drupal_uninstall_schema('services_oauth');
+}
+
+function services_oauth_schema() {
+  $schema = array();
+
+  $schema['services_oauth_authorization_levels'] = array(
+    'description' => t('Stores the different authorization levels that are available for access tokens.'),
+    'fields' => array(
+      'name' => array(
+        'description' => t('The computer-readable name of the authorization level.'),
+        'type'        => 'varchar',
+        'length'      => 32,
+        'not null'    => TRUE,
+      ),
+      'title' => array(
+        'description' => t('The localizable title of the authorization level.'),
+        'type'        => 'varchar',
+        'length'      => 255,
+        'not null'    => TRUE,
+      ),
+    ),
+    'primary key' => array('name'),
+  );
+
+  return $schema;
+}

services_oauth.module

@@ -71,6 +71,16 @@ function services_oauth_menu() {
     'type' => MENU_CALLBACK,
   );
 
+  $menu['user/%user/applications/authorization/%'] = array(
+    'title' => 'Edit authorization',
+    'page callback' => 'drupal_get_form',
+    'page arguments' => array('_services_oauth_user_authorization_edit', 1, 4),
+    'access callback' => 'oauth_services_user_access',
+    'access arguments' => array(1),
+    'file' => 'services_oauth.pages.inc',
+    'type' => MENU_CALLBACK,
+  );
+
   $menu['admin/build/services/authentication'] = array(
     'title' => 'Authentication',
     'page callback' => 'drupal_get_form',
@@ -80,9 +90,30 @@ function services_oauth_menu() {
     'type' => MENU_LOCAL_TASK,
   );
 
+  $menu['admin/build/services/authorization'] = array(
+    'title' => 'Authorization levels',
+    'page callback' => 'drupal_get_form',
+    'page arguments' => array('_services_oauth_admin_authorization'),
+    'access arguments' => array('administer services'),
+    'file' => 'services_oauth.admin.inc',
+    'type' => MENU_LOCAL_TASK,
+  );
+
   return $menu;
 }
 
+function services_oauth_authorization_levels() {
+  global $levels;
+  if (!$levels) {
+    $levels = array();
+    $res = db_query("SELECT * FROM {services_oauth_authorization_levels}");
+    while ($level = db_fetch_object($res)) {
+      $levels[$level->name] = $level->title;
+    }
+  }
+  return $levels;
+}
+
 function oauth_services_user_access($user) {
   return user_edit_access($user) && (user_access('access services', $user) || user_access('services oauth register consumers', $user));
 }

services_oauth.pages.inc

@@ -195,6 +195,36 @@ function _services_oauth_user_applications($form_state, $account) {
       '#type' => 'fieldset',
       '#title' => t('Authorizations'),
     );
+
+    $tokens = oauth_common_user_access_tokens($account->uid);
+    $consumers = array();
+    foreach ($tokens as $token) {
+      if (!isset($consumers[$token->consumer_key])) {
+        $consumers[$token->consumer_key] = DrupalOAuthConsumer::load($token->consumer_key);
+      }
+      $consumer = $consumers[$token->consumer_key];
+
+      $auth[$token->key] = array(
+        '#prefix' => '<div class="consumer-authorization">',
+        '#suffix' => '</div>',
+        'consumer_name' => array(
+          '#type' => 'item',
+          '#title' => t('Application'),
+          '#value' => $consumer->name,
+        ),
+        'access_key' => array(
+          '#type' => 'item',
+          '#title' => t('Token key'),
+          '#value' => $token->key,
+        ),
+        'remove_link' => array(
+          '#type' => 'item',
+          '#value' => l('Edit authorization', 'user/' . $account->uid . 
+            '/applications/authorization/' . $token->key),
+        ),
+      );
+    }
+
     $form['authorizations'] = $auth;
   }
 
@@ -208,6 +238,59 @@ function _services_oauth_user_applications_submit($form, $form_state) {
   }
 }
 
+function _services_oauth_user_authorization_edit($form_state, $user, $key) {
+  $form = array();
+
+  $token = DrupalOAuthToken::load($key);
+  $consumer = DrupalOAuthConsumer::load($token->consumer_key);
+
+  drupal_set_title(t('Authorization for !app', array('!app' => $consumer->name)));
+
+  $form['authorized'] = array(
+    '#type' => 'checkbox',
+    '#title' => t('Authorized'),
+    '#value' => $token->authorized,
+  );
+
+  $form['created'] = array(
+    '#type' => 'item',
+    '#title' => t('Created'),
+    '#value' => format_date($token->created),
+  );
+
+  $form['changed'] = array(
+    '#type' => 'item',
+    '#title' => t('Changed'),
+    '#value' => format_date($token->changed),
+  );
+
+  $form['key'] = array(
+    '#type' => 'item',
+    '#title' => t('Key'),
+    '#value' => $token->key,
+  );
+
+  $auth_txt = array();
+  foreach ($token->services as $service) {
+    if ($service == '*') {
+      $auth_txt[] = t('Full access');
+    }
+  }
+
+  $form['allowed'] = array(
+    '#type' => 'fieldset',
+    '#title' => t('Permissions'),
+  );
+
+  services_oauth_permissions_form($form['allowed'], $token->services);
+
+  return $form;
+}
+
+function services_oauth_permissions_form(&$form, $default_services=array('*')) {
+
+}
+
 function _services_oauth_user_applications_add($form_state, $account) {
   $form = array();