You are here

function oauth_common_form_authorize_submit in OAuth 1.0 7.3

Same name and namespace in other branches
  1. 6.3 oauth_common.pages.inc \oauth_common_form_authorize_submit()
  2. 7.4 oauth_common.pages.inc \oauth_common_form_authorize_submit()

Form submit handler that grants access to the consumer

File

./oauth_common.pages.inc, line 275
Page callbacks for OAuth module

Code

function oauth_common_form_authorize_submit(&$form, &$form_state) {
  global $user;
  $values = $form_state['values'];

  // Save the list of all services that the user allowed the
  // consumer to do
  $token = $values['token'];
  $token->uid = $user->uid;
  $token->authorized = 1;
  $consumer = $token->consumer;
  $context = oauth_common_context_load($consumer->context);
  if (!$context) {
    drupal_set_message(t("Can't find OAuth context, check the site's settings."), 'error');
    return;
  }

  // Add services
  if (!empty($values['full_access'])) {

    // TODO: Full access should be a configurable auth level
    $token->services = array(
      '*',
    );
  }
  elseif (!empty($values['levels'])) {
    $token->services = array_keys(array_filter($values['levels']));
  }
  else {
    $token->services = array();
  }
  $token
    ->write(TRUE);
  if (!empty($consumer->callback_url) && $consumer->callback_url !== 'oob') {

    // Pick the callback url apart and add the token parameter
    $callback = parse_url($consumer->callback_url);
    $query = array();
    if (!empty($callback['query'])) {
      parse_str($callback['query'], $query);
    }
    $query['oauth_token'] = $token->key;
    $query['oauth_verifier'] = hash('sha1', $token->expires);

    // Append Consumer provided query parameters according to the spec 6.2.3 for OAuth 1.0a.
    $oauth_query = array();
    $oauth_callback = !empty($token->callback_url) ? parse_url($token->callback_url) : '';
    if (!empty($oauth_callback['query'])) {
      parse_str($oauth_callback['query'], $oauth_query);
    }

    // Build the and combine the query parameters.
    $callback['query'] = http_build_query($query + $oauth_query, 'idx_', '&');

    // Return to the consumer site
    header('Location: ' . _oauth_common_glue_url($callback), TRUE, 302);
    exit;
  }
  else {
    drupal_goto('oauth/authorized');
  }
}