/modules/mod_oauth/resources/resource_oauth_authorize.erl

https://code.google.com/p/zotonic/ · Erlang · 70 lines · 39 code · 14 blank · 17 comment · 0 complexity · 95de8767adf24a285dab37b7ca3c27a7 MD5 · raw file 

    

  1. %% @author Arjan Scherpenisse <arjan@scherpenisse.net>
    2. 

  2. %% @copyright 2009 Arjan Scherpenisse <arjan@scherpenisse.net>
    3. 

  3. %% Date: 2009-10-01
    4. 

  4. %% @doc Authorizing an OAuth request key
    5. 

  5. 

  6. %% Copyright 2009 Arjan Scherpenisse
    7. 

  7. %%
    8. 

  8. %% Licensed under the Apache License, Version 2.0 (the "License");
    9. 

  9. %% you may not use this file except in compliance with the License.
    10. 

  10. %% You may obtain a copy of the License at
    11. 

  11. %% 
    12. 

  12. %%     http://www.apache.org/licenses/LICENSE-2.0
    13. 

  13. %% 
    14. 

  14. %% Unless required by applicable law or agreed to in writing, software
    15. 

  15. %% distributed under the License is distributed on an "AS IS" BASIS,
    16. 

  16. %% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    17. 

  17. %% See the License for the specific language governing permissions and
    18. 

  18. %% limitations under the License.
    19. 

  19. 

  20. -module(resource_oauth_authorize).
    21. 

  21. -author("Arjan Scherpenisse <arjan@scherpenisse.net>").
    22. 

  22. 

  23. -export([
    24. 

  24.          is_authorized/2,
    25. 

  25.          resource_exists/2,
    26. 

  26.          allowed_methods/2,
    27. 

  27.          process_post/2
    28. 

  28. ]).
    29. 

  29. 

  30. -include_lib("resource_html.hrl").
    31. 

  31. 

  32. 

  33. allowed_methods(ReqData, Context) ->
    34. 

  34.     {['POST', 'GET', 'HEAD'], ReqData, Context}.
    35. 

  35. 

  36. 

  37. is_authorized(ReqData, Context) ->
    38. 

  38.     z_acl:wm_is_authorized(use, mod_admin, ReqData, Context).
    39. 

  39. 

  40. 

  41. resource_exists(ReqData, Context) ->
    42. 

  42.     Token = m_oauth_app:get_request_token(z_context:get_q("oauth_token", Context), Context),
    43. 

  43.     case Token of
    44. 

  44.         undefined ->
    45. 

  45.             {false, ReqData, Context};
    46. 

  46.         _ ->
    47. 

  47.             Context1 = z_context:set("token", Token, Context),
    48. 

  48.             {true, ReqData, Context1}
    49. 

  49.     end.
    50. 

  50. 

  51. 

  52. html(Context) ->
    53. 

  53.     Vars = [ {token, z_context:get("token", Context)} ],
    54. 

  54.     Html = z_template:render("oauth_authorize.tpl", Vars, Context),
    55. 

  55. 	z_context:output(Html, Context).
    56. 

  56. 

  57. 

  58. process_post(ReqData, Context) ->
    59. 

  59.     Token = z_context:get("token", Context),
    60. 

  60.     ?DEBUG(Token),
    61. 

  61.     m_oauth_app:authorize_request_token(Token, Context#context.user_id, Context),
    62. 

  62.     Redirect = case z_db:get(callback_uri, Token) of
    63. 

  63.                    <<>> ->
    64. 

  64.                        "/oauth/authorize/finished";
    65. 

  65.                    X when is_binary(X) ->
    66. 

  66.                        binary_to_list(X)
    67. 

  67.                end,
    68. 

  68.     Redirect1 = Redirect ++ "?oauth_token=" ++ oauth_uri:encode(binary_to_list(z_db:get(token, Token))),
    69. 

  69.     ReqData1 = wrq:set_resp_header("Location", Redirect1, ReqData),
    70. 

  70.     {{halt, 301}, ReqData1, Context}.
    71.