private void RequestOAuthAccessToken()
{
// Final step in oauth handshake
OAuthApplication oae = null;
string nonce = null;
string verifier = core.Http.Form["oauth_verifier"];
OAuthVerifier oAuthVerifier = null;
OAuthToken oauthToken = null;
try
{
oAuthVerifier = new OAuthVerifier(core, verifier);
}
catch (InvalidOAuthVerifierException)
{
core.Http.StatusCode = 401;
NameValueCollection response = new NameValueCollection();
response.Add("error", "unauthorised, invalid verifier");
core.Http.WriteAndEndResponse(response);
return;
}
if (oAuthVerifier.Expired)
{
core.Http.StatusCode = 401;
NameValueCollection response = new NameValueCollection();
response.Add("error", "unauthorised, verifier expired");
core.Http.WriteAndEndResponse(response);
return;
}
try
{
oauthToken = new OAuthToken(core, oAuthVerifier.TokenId);
}
catch (InvalidOAuthTokenException)
{
core.Http.StatusCode = 401;
NameValueCollection response = new NameValueCollection();
response.Add("error", "unauthorised, invalid token");
core.Http.WriteAndEndResponse(response);
return;
}
if (AuthoriseRequest("/oauth/access_token", oauthToken, out oae, out nonce))
{
oAuthVerifier.UseVerifier();
// TODO: check application is not already installed
SelectQuery query = new SelectQuery(typeof(PrimitiveApplicationInfo));
query.AddCondition("application_id", oauthToken.ApplicationId);
query.AddCondition("item_id", oAuthVerifier.UserId);
query.AddCondition("item_type_id", ItemKey.GetTypeId(core, typeof(User)));
System.Data.Common.DbDataReader appReader = db.ReaderQuery(query);
if (!appReader.HasRows)
{
appReader.Close();
appReader.Dispose();
OAuthToken oauthAuthToken = OAuthToken.Create(core, oae, nonce);
InsertQuery iQuery = new InsertQuery("primitive_apps");
iQuery.AddField("application_id", oauthToken.ApplicationId);
iQuery.AddField("item_id", oAuthVerifier.UserId);
iQuery.AddField("item_type_id", ItemKey.GetTypeId(core, typeof(User)));
iQuery.AddField("app_email_notifications", true);
iQuery.AddField("app_oauth_access_token", oauthAuthToken.Token);
iQuery.AddField("app_oauth_access_token_secret", oauthAuthToken.TokenSecret);
if (core.Db.Query(iQuery) > 0)
{
// successfull
}
db.CommitTransaction();
NameValueCollection response = new NameValueCollection();
response.Add("oauth_token", oauthAuthToken.Token);
response.Add("oauth_token_secret", oauthAuthToken.TokenSecret);
core.Http.WriteAndEndResponse(response);
}
else
{
appReader.Read();
PrimitiveApplicationInfo pai = new PrimitiveApplicationInfo(core, appReader);
appReader.Close();
appReader.Dispose();
NameValueCollection response = new NameValueCollection();
response.Add("oauth_token", pai.OAuthAccessToken);
response.Add("oauth_token_secret", pai.OAuthAccessTokenSecret);
core.Http.WriteAndEndResponse(response);
}
}
else
{
// FAIL
core.Http.StatusCode = 401;
NameValueCollection response = new NameValueCollection();
response.Add("error", "unauthorised, access token rejected");
core.Http.WriteAndEndResponse(response);
core.Http.End();
return;
}
}
public void ApplicationSettings(object sender, EventArgs e)
{
template.SetTemplate("account_primitive_application_settings.html");
long id = core.Functions.RequestLong("id", 0);
if (id == 0)
{
core.Display.ShowMessage("Error", "Error!");
return;
}
SelectQuery query = new SelectQuery("primitive_apps");
query.AddFields(ApplicationEntry.GetFieldsPrefixed(core, typeof(ApplicationEntry)));
query.AddFields(PrimitiveApplicationInfo.GetFieldsPrefixed(core, typeof(PrimitiveApplicationInfo)));
query.AddJoin(JoinTypes.Inner, new DataField("primitive_apps", "application_id"), new DataField("applications", "application_id"));
query.AddCondition("primitive_apps.application_id", id);
query.AddCondition("item_id", Owner.Id);
query.AddCondition("item_type_id", Owner.TypeId);
DataTable applicationTable = db.Query(query);
if (applicationTable.Rows.Count == 1)
{
ApplicationEntry ae = new ApplicationEntry(core, applicationTable.Rows[0]);
//List<string> applicationPermissions = new List<string>();
//applicationPermissions.Add("Can Access");
template.Parse("APPLICATION_NAME", ae.Title);
//core.Display.ParsePermissionsBox(template, "S_GAPPLICATION_PERMS", ae.Permissions, applicationPermissions);
template.Parse("S_APPLICATION_ID", ae.ApplicationId.ToString());
string radioChecked = " checked=\"checked\"";
if (Owner is User)
{
template.Parse("S_USER", true);
PrimitiveApplicationInfo ownerInfo = new PrimitiveApplicationInfo(core, Owner, ae.Id);
if (ownerInfo.EmailNotifications)
{
template.Parse("S_EMAIL_NOTIFICATIONS_YES", radioChecked);
}
else
{
template.Parse("S_EMAIL_NOTIFICATIONS_NO", radioChecked);
}
}
}
else
{
core.Display.ShowMessage("Error", "Error!");
}
}
public SessionState(Core core, Mysql db, OAuthToken token, HttpRequest Request, HttpResponse Response)
{
if (core == null)
{
throw new NullCoreException();
}
this.Request = Request;
this.Response = Response;
this.db = db;
this.core = core;
applicationId = token.ApplicationId;
SelectQuery query = new SelectQuery(typeof(PrimitiveApplicationInfo));
query.AddCondition("application_id", token.ApplicationId);
query.AddCondition("app_oauth_access_token", token.Token);
System.Data.Common.DbDataReader appReader = core.Db.ReaderQuery(query);
if (appReader.HasRows)
{
appReader.Read();
PrimitiveApplicationInfo pai = new PrimitiveApplicationInfo(core, appReader);
appReader.Close();
appReader.Dispose();
if (pai.Owner is User)
{
this.core = core;
this.db = core.Db;
isLoggedIn = true;
this.signInState = SessionSignInState.SignedIn;
loggedInMember = (User)pai.Owner;
ipAddress = IPAddress.Parse(SessionState.ReturnRealIPAddress(Request.ServerVariables));
this.sessionMethod = SessionMethods.OAuth;
}
}
else
{
appReader.Close();
appReader.Dispose();
this.core = core;
this.db = core.Db;
isLoggedIn = false;
this.signInState = SessionSignInState.SignedOut;
ipAddress = IPAddress.Parse(SessionState.ReturnRealIPAddress(Request.ServerVariables));
this.sessionMethod = SessionMethods.OAuth;
}
}
public bool Deauthorise(Core core, Primitive viewer, Primitive owner)
{
if (this.ApplicationType != Internals.ApplicationType.OAuth) return false;
try
{
PrimitiveApplicationInfo pai = new PrimitiveApplicationInfo(core, owner, this.Id);
OAuthToken token = new OAuthToken(core, pai.OAuthAccessToken);
token.UseToken();
token.Update();
DeleteQuery dQuery = new DeleteQuery(typeof(PrimitiveApplicationInfo));
dQuery.AddCondition("application_id", Id);
dQuery.AddCondition("item_id", owner.Id);
dQuery.AddCondition("item_type_id", owner.TypeId);
if (core.Db.Query(dQuery) > 0)
{
return true;
}
}
catch (InvalidPrimitiveAppInfoException)
{
}
catch (InvalidOAuthTokenException)
{
}
return false;
}
