From 7d090a45d21f8a662d8562abedf4d8dba70a70e0 Mon Sep 17 00:00:00 2001
From: Michiel de Jong <michiel@unhosted.org>
Date: Wed, 9 May 2012 15:17:01 +0200
Subject: [PATCH] attempt at reusing access tokens
---
apps/remoteStorage/auth.php | 40 +++++++++++++-----------
apps/remoteStorage/lib_remoteStorage.php | 12 +++++++
2 files changed, 33 insertions(+), 19 deletions(-)
diff --git a/apps/remoteStorage/auth.php b/apps/remoteStorage/auth.php
index a5cbd6aca02..ac8c2423291 100755
--- a/apps/remoteStorage/auth.php
+++ b/apps/remoteStorage/auth.php
@@ -62,6 +62,8 @@ if(count($pathParts) == 2 && $pathParts[0] == '') {
//TODO: check if this can be faked by editing the cookie in firebug!
$token=OC_remoteStorage::createCategories($appUrl, $categories);
header('Location: '.$_GET['redirect_uri'].'#access_token='.$token.'&token_type=bearer');
+ } else if($existingToken = OC_remoteStorage::getTokenFor($appUrl, $categories)) {
+ header('Location: '.$_GET['redirect_uri'].'#access_token='.$existingToken.'&token_type=bearer');
} else {
?>
<!DOCTYPE html>
@@ -82,25 +84,25 @@ if(count($pathParts) == 2 && $pathParts[0] == '') {
</header>
<section id="main">
<div id="oauth">
- <h2><img src="../remoteStorage-big.png" alt="remoteStorage" /></h2>
- <p><strong><?php $appUrlParts = explode('/', $_GET['redirect_uri']); echo htmlentities($appUrlParts[2]); ?></strong>
- requests read & write access to your
- <?php
- $categories = explode(',', htmlentities($_GET['scope']));
- if(!count($categories)) {
- echo htmlentities($_GET['scope']);
- } else {
- echo '<em>'.$categories[0].'</em>';
- if(count($categories)==2) {
- echo ' and <em>'.$categories[1].'</em>';
- } else if(count($categories)>2) {
- for($i=1; $i<count($categories)-1; $i++) {
- echo ', <em>'.$categories[$i].'</em>';
- }
- echo ', and <em>'.$categories[$i].'</em>';
- }
- }
- ?>.
+ <h2><img src="../remoteStorage-big.png" alt="remoteStorage" /></h2>
+ <p><strong><?php $appUrlParts = explode('/', $_GET['redirect_uri']); echo htmlentities($appUrlParts[2]); ?></strong>
+ requests read & write access to your
+ <?php
+ $categories = explode(',', htmlentities($_GET['scope']));
+ if(!count($categories)) {
+ echo htmlentities($_GET['scope']);
+ } else {
+ echo '<em>'.$categories[0].'</em>';
+ if(count($categories)==2) {
+ echo ' and <em>'.$categories[1].'</em>';
+ } else if(count($categories)>2) {
+ for($i=1; $i<count($categories)-1; $i++) {
+ echo ', <em>'.$categories[$i].'</em>';
+ }
+ echo ', and <em>'.$categories[$i].'</em>';
+ }
+ }
+ ?>.
</p>
<form accept-charset="UTF-8" method="post">
<input id="allow-auth" name="allow" type="submit" value="Allow" />
diff --git a/apps/remoteStorage/lib_remoteStorage.php b/apps/remoteStorage/lib_remoteStorage.php
index b6a7a43b7b2..3e366ad29ea 100755
--- a/apps/remoteStorage/lib_remoteStorage.php
+++ b/apps/remoteStorage/lib_remoteStorage.php
@@ -13,6 +13,18 @@ class OC_remoteStorage {
return $ret;
}
+ public static function getTokenFor($appUrl, $categories) {
+ $user=OCP\USER::getUser();
+ $query=OCP\DB::prepare("SELECT token FROM *PREFIX*authtoken WHERE user=? AND appUrl=? AND category=? LIMIT 1");
+ $result=$query->execute(array($user, $appUrl, $categories));
+ $ret = array();
+ if($row=$result->fetchRow()) {
+ return $row['token'];
+ } else {
+ return false;
+ }
+ }
+
public static function getAllTokens() {
$user=OCP\USER::getUser();
$query=OCP\DB::prepare("SELECT token,appUrl,category FROM *PREFIX*authtoken WHERE user=? LIMIT 100");
--
GitLab