@@ -23,11 +23,7 @@ public function index() {
2323 // make sure they actually submitted something
2424 if (!empty ($ me )){
2525
26- //clean up the url given to us, just in case
27- $ me = trim ($ me );
28- if (strpos ($ me , 'http ' ) !== 0 ){
29- $ me = 'http:// ' .$ me ;
30- }
26+ $ me = $ this ->normalize_url ($ me );
3127
3228 //look up user's auth provider
3329 $ auth_endpoint = IndieAuth \Client::discoverAuthorizationEndpoint ($ me );
@@ -39,19 +35,23 @@ public function index() {
3935
4036 $ redir_url = $ this ->url ->link ('auth/login/callback ' , ($ controller ? 'c= ' .$ controller : '' ), '' );
4137 if ($ scope ){
38+ // if a scope is given we are actually looking to get a token
4239 $ redir_url = $ this ->url ->link ('auth/login/tokencallback ' , ($ controller ? 'c= ' .$ controller : '' ), '' );
4340 }
4441
4542 //build our get request
43+ $ trimmed_me = trim ($ me , '/ ' ); //in case we get it back without the /
4644 $ data_array = array (
4745 'me ' => $ me ,
4846 'redirect_uri ' => $ redir_url ,
49- 'response_type ' => 'code ' ,
50- 'state ' => substr (md5 ($ me .$ this ->url ->link ('' )),0 ,8 ),
47+ 'response_type ' => 'id ' ,
48+ 'state ' => substr (md5 ($ trimmed_me .$ this ->url ->link ('' )),0 ,8 ),
5149 'client_id ' => $ this ->url ->link ('' )
5250 );
51+ $ this ->log ->write (print_r ($ data_array ,true ));
5352 if ($ scope ){
5453 $ data_array ['scope ' ] = $ scope ;
54+ $ data_array ['response_type ' ] = 'code ' ;
5555 }
5656
5757 $ get_data = http_build_query ($ data_array );
@@ -79,16 +79,28 @@ public function callback() {
7979 $ redir_url = $ this ->url ->link ('auth/login/callback ' , 'c= ' .$ this ->request ->get ['c ' ], '' );
8080 }
8181
82- $ me = $ this ->request ->get ['me ' ];
82+ $ me = $ this ->normalize_url ( $ this -> request ->get ['me ' ]) ;
8383 $ code = $ this ->request ->get ['code ' ];
8484 $ state = (isset ($ this ->request ->get ['state ' ]) ? $ this ->request ->get ['state ' ] : null );
8585
86+ $ this ->log ->write ('callback received ... ' );
87+ $ this ->log ->write (print_r ($ this ->request ->get ,true ));
88+
8689 $ result = $ this ->confirm_auth ($ me , $ code , $ redir_url , $ state );
8790
8891 if ($ result ){
8992 // we successfullly confirmed auth
9093 $ this ->session ->data ['user_site ' ] = $ this ->request ->get ['me ' ];
91- $ this ->session ->data ['success ' ] = "You are now logged in as " .$ this ->request ->get ['me ' ];
94+ $ this ->session ->data ['success ' ] = "You are now logged in as " .$ me ;
95+
96+ $ token_user = str_replace (array ('http:// ' , 'https:// ' ),array ('' ,'' ), $ me );
97+
98+ $ myself = trim ($ this ->normalize_url (HTTP_SERVER ),'/ ' );
99+ $ myself = trim (str_replace (array ('http:// ' , 'https:// ' ),array ('' ,'' ), $ myself ), '/ ' );
100+
101+ if ($ token_user == $ myself ) {
102+ $ this ->session ->data ['is_owner ' ] = true ;
103+ }
92104 }
93105
94106 $ this ->response ->redirect ($ url );
@@ -108,11 +120,12 @@ public function tokencallback() {
108120 $ redir_url = $ this ->url ->link ('auth/login/tokencallback ' , 'c= ' .$ this ->request ->get ['c ' ], '' );
109121 }
110122
111- $ me = $ this ->request ->get ['me ' ];
123+ $ me = $ this ->normalize_url ( $ this -> request ->get ['me ' ]) ;
112124 $ code = $ this ->request ->get ['code ' ];
113125 $ state = (isset ($ this ->request ->get ['state ' ]) ? $ this ->request ->get ['state ' ] : null );
114126
115127 $ result = $ this ->confirm_auth ($ me , $ code , $ redir_url , $ state );
128+ $ this ->log ->write ($ result );
116129
117130 if ($ result ){
118131 // we successfullly confirmed auth
@@ -146,6 +159,8 @@ private function confirm_auth( $me, $code, $redir, $state = null ) {
146159 }
147160
148161 $ post_data = http_build_query ($ post_array );
162+ $ this ->log ->write ('post_data: ' .$ post_data );
163+ $ this ->log ->write ('endpoint: ' .$ auth_endpoint );
149164
150165 $ ch = curl_init ($ auth_endpoint );
151166
@@ -159,11 +174,19 @@ private function confirm_auth( $me, $code, $redir, $state = null ) {
159174
160175 $ results = array ();
161176 parse_str ($ response , $ results );
162-
177+ $ this ->log ->write ('endpoint_response: ' .$ response );
178+ //$this->log->write(print_r($results, true));
179+
180+ $ results ['me ' ] = $ this ->normalize_url ($ results ['me ' ]);
181+
182+ $ trimmed_me = trim ($ me , '/ ' );
183+ $ trimmed_result_me = trim ($ results ['me ' ], '/ ' );
184+
163185 if ($ state ){
164- return ($ results ['me ' ] == $ me && $ state == substr (md5 ($ me .$ client_id ),0 ,8 ));
186+ //$this->log->write('state = '.$state. ' ' .substr(md5($trimmed_me.$client_id),0,8));
187+ return ($ trimmed_result_me == $ trimmed_me && $ state == substr (md5 ($ trimmed_me .$ client_id ),0 ,8 ));
165188 } else {
166- return $ results [ ' me ' ] == $ me ;
189+ return $ trimmed_result_me == $ trimmed_me ;
167190 }
168191
169192 }
@@ -207,5 +230,14 @@ private function get_token( $me, $code, $redir, $state = null ) {
207230
208231 return $ results ;
209232 }
233+
234+
235+ private function normalize_url ($ url ) {
236+ $ url = trim ($ url );
237+ if (strpos ($ url , 'http ' ) !== 0 ){
238+ $ url = 'http:// ' .$ url ;
239+ }
240+ return $ url ;
241+ }
210242}
211243?>
0 commit comments