archive/phabricator
1
0
Fork 0
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity

Use modern UI for OAuthServer details page

Browse Source 
Summary: Mostly just UI updates and policy enforcement. Improves error message when trying to authorize an already-authorized application.

Test Plan:
{F131584}

{F131585}

{F131586}

Reviewers: btrahan

Reviewed By: btrahan

Subscribers: epriestley

Differential Revision: https://secure.phabricator.com/D8564
This commit is contained in:
epriestley
2014-03-18 15:39:45 -07:00
parent 1534033664
commit 5721560663
7 changed files with 226 additions and 162 deletions
Download Patch File Download Diff File Expand all files Collapse all files

94
src/applications/oauthserver/controller/PhabricatorOAuthServerTestController.php
View File

@@ -1,55 +1,81 @@
<?php
/**
* @group oauthserver
*/
final class PhabricatorOAuthServerTestController
extends PhabricatorOAuthServerController {
extends PhabricatorOAuthServerController {
private $id;
public function shouldRequireLogin() {
return true;
}
public function willProcessRequest(array $data) {
$this->id = $data['id'];
}
public function processRequest() {
$request = $this->getRequest();
$current_user = $request->getUser();
$server = new PhabricatorOAuthServer();
$request = $this->getRequest();
$viewer = $request->getUser();
$panels = array();
$results = array();
if (!$request->isFormPost()) {
return new Aphront400Response();
}
$action = $request->getStr('action');
if ($action !== 'testclientauthorization') {
$client = id(new PhabricatorOAuthServerClientQuery())
->setViewer($viewer)
->withIDs(array($this->id))
->executeOne();
if (!$client) {
return new Aphront404Response();
}
$user_phid = $current_user->getPHID();
$client_phid = $request->getStr('client_phid');
$client = id(new PhabricatorOAuthServerClient)
->loadOneWhere('phid = %s', $client_phid);
if (!$client) {
throw new Exception('Failed to load client!');
}
if ($client->getCreatorPHID() != $user_phid ||
$current_user->getPHID() != $user_phid) {
throw new Exception(
'Only allowed to make test data for yourself '.
'for clients you own!'
);
$view_uri = $client->getViewURI();
// Look for an existing authorization.
$authorization = id(new PhabricatorOAuthClientAuthorizationQuery())
->setViewer($viewer)
->withUserPHIDs(array($viewer->getPHID()))
->withClientPHIDs(array($client->getPHID()))
->executeOne();
if ($authorization) {
$dialog = id(new AphrontDialogView())
->setUser($viewer)
->setTitle(pht('Already Authorized'))
->appendParagraph(
pht(
'You have already authorized this application to access your '.
'account.'))
->addCancelButton($view_uri, pht('Close'));
return id(new AphrontDialogResponse())->setDialog($dialog);
}
// blankclientauthorizations don't get scope
$scope = array();
$server->setUser($current_user);
$server->setClient($client);
$authorization = $server->authorizeClient($scope);
if ($request->isFormPost()) {
$server = id(new PhabricatorOAuthServer())
->setUser($viewer)
->setClient($client);
$id = $authorization->getID();
$panel_uri = '/settings/panel/oauthorizations/?id='.$id;
$scope = array();
$authorization = $server->authorizeClient($scope);
return id(new AphrontRedirectResponse())->setURI($panel_uri);
$id = $authorization->getID();
$panel_uri = '/settings/panel/oauthorizations/?id='.$id;
return id(new AphrontRedirectResponse())->setURI($panel_uri);
}
// TODO: It would be nice to put scope options in this dialog, maybe?
$dialog = id(new AphrontDialogView())
->setUser($viewer)
->setTitle(pht('Authorize Application?'))
->appendParagraph(
pht(
'This will create an authorization, permitting %s to access '.
'your account.',
phutil_tag('strong', array(), $client->getName())))
->addCancelButton($view_uri)
->addSubmitButton(pht('Authorize Application'));
return id(new AphrontDialogResponse())->setDialog($dialog);
}
}