Overview

Packages

  • currencysymbol
  • MAbout
  • Mage
    • Admin
    • Adminhtml
    • AdminNotification
    • Api
    • Api2
    • Authorizenet
    • Backup
    • Bundle
    • Captcha
    • Catalog
    • CatalogIndex
    • CatalogInventory
    • CatalogRule
    • CatalogSearch
    • Centinel
    • Checkout
    • Cms
    • Compiler
    • Connect
    • Contacts
    • Core
    • Cron
    • CurrencySymbol
    • Customer
    • Dataflow
    • Directory
    • DirtectPost
    • Downloadable
    • Eav
    • GiftMessage
    • GoogleAnalytics
    • GoogleBase
    • GoogleCheckout
    • ImportExport
    • Index
    • Install
    • Log
    • Media
    • Newsletter
    • Oauth
    • Page
    • PageCache
    • Paygate
    • Payment
    • Paypal
    • PaypalUk
    • Persistent
    • Poll
    • ProductAlert
    • Rating
    • Reports
    • Review
    • Rss
    • Rule
    • Sales
    • SalesRule
    • Sedfriend
    • Sendfriend
    • Shipping
    • Sitemap
    • Tag
    • Tax
    • Usa
    • Weee
    • Widget
    • Wishlist
    • XmlConnect
  • None
  • Phoenix
    • Moneybookers
  • PHP
  • Zend
    • Date
    • Mime
    • XmlRpc

Classes

  • Mage_Oauth_Adminhtml_Oauth_Admin_TokenController
  • Mage_Oauth_Adminhtml_Oauth_AuthorizeController
  • Mage_Oauth_Adminhtml_Oauth_AuthorizedTokensController
  • Mage_Oauth_Adminhtml_Oauth_ConsumerController
  • Mage_Oauth_AuthorizeController
  • Mage_Oauth_Block_Adminhtml_Oauth_Admin_Token
  • Mage_Oauth_Block_Adminhtml_Oauth_Admin_Token_Grid
  • Mage_Oauth_Block_Adminhtml_Oauth_Authorize
  • Mage_Oauth_Block_Adminhtml_Oauth_Authorize_Button
  • Mage_Oauth_Block_Adminhtml_Oauth_AuthorizedTokens
  • Mage_Oauth_Block_Adminhtml_Oauth_AuthorizedTokens_Grid
  • Mage_Oauth_Block_Adminhtml_Oauth_Consumer
  • Mage_Oauth_Block_Adminhtml_Oauth_Consumer_Edit
  • Mage_Oauth_Block_Adminhtml_Oauth_Consumer_Edit_Form
  • Mage_Oauth_Block_Adminhtml_Oauth_Consumer_Grid
  • Mage_Oauth_Block_Authorize
  • Mage_Oauth_Block_Authorize_Abstract
  • Mage_Oauth_Block_Authorize_Button
  • Mage_Oauth_Block_Authorize_ButtonBaseAbstract
  • Mage_Oauth_Block_AuthorizeBaseAbstract
  • Mage_Oauth_Block_Customer_Token_List
  • Mage_Oauth_Customer_TokenController
  • Mage_Oauth_Exception
  • Mage_Oauth_Helper_Data
  • Mage_Oauth_InitiateController
  • Mage_Oauth_Model_Consumer
  • Mage_Oauth_Model_Consumer_Validator_KeyLength
  • Mage_Oauth_Model_Nonce
  • Mage_Oauth_Model_Observer
  • Mage_Oauth_Model_Resource_Consumer
  • Mage_Oauth_Model_Resource_Consumer_Collection
  • Mage_Oauth_Model_Resource_Nonce
  • Mage_Oauth_Model_Resource_Nonce_Collection
  • Mage_Oauth_Model_Resource_Setup
  • Mage_Oauth_Model_Resource_Token
  • Mage_Oauth_Model_Resource_Token_Collection
  • Mage_Oauth_Model_Server
  • Mage_Oauth_Model_Token
  • Mage_Oauth_TokenController
  • Overview
  • Package
  • Class
  • Tree 
  1: <?php
  2: /**
  3:  * Magento
  4:  *
  5:  * NOTICE OF LICENSE
  6:  *
  7:  * This source file is subject to the Open Software License (OSL 3.0)
  8:  * that is bundled with this package in the file LICENSE.txt.
  9:  * It is also available through the world-wide-web at this URL:
 10:  * http://opensource.org/licenses/osl-3.0.php
 11:  * If you did not receive a copy of the license and are unable to
 12:  * obtain it through the world-wide-web, please send an email
 13:  * to license@magentocommerce.com so we can send you a copy immediately.
 14:  *
 15:  * DISCLAIMER
 16:  *
 17:  * Do not edit or add to this file if you wish to upgrade Magento to newer
 18:  * versions in the future. If you wish to customize Magento for your
 19:  * needs please refer to http://www.magentocommerce.com for more information.
 20:  *
 21:  * @category    Mage
 22:  * @package     Mage_Oauth
 23:  * @copyright   Copyright (c) 2012 Magento Inc. (http://www.magentocommerce.com)
 24:  * @license     http://opensource.org/licenses/osl-3.0.php  Open Software License (OSL 3.0)
 25:  */
 26: 
 27: /**
 28:  * oAuth authorize controller
 29:  *
 30:  * @category    Mage
 31:  * @package     Mage_Oauth
 32:  * @author      Magento Core Team <core@magentocommerce.com>
 33:  */
 34: class Mage_Oauth_Adminhtml_Oauth_AuthorizeController extends Mage_Adminhtml_Controller_Action
 35: {
 36:     /**
 37:      * Session name
 38:      *
 39:      * @var string
 40:      */
 41:     protected $_sessionName = 'admin/session';
 42: 
 43:     /**
 44:      * Array of actions which can be processed without secret key validation
 45:      *
 46:      * @var array
 47:      */
 48:     public $_publicActions = array('index', 'simple', 'confirm', 'confirmSimple','reject', 'rejectSimple');
 49: 
 50:     /**
 51:      * Disable showing of login form
 52:      *
 53:      * @see Mage_Admin_Model_Observer::actionPreDispatchAdmin() method for explanation
 54:      * @return void
 55:      */
 56:     public function preDispatch()
 57:     {
 58:         $this->getRequest()->setParam('forwarded', true);
 59: 
 60:         // check login data before it set null in Mage_Admin_Model_Observer::actionPreDispatchAdmin
 61:         $loginError = $this->_checkLoginIsEmpty();
 62: 
 63:         parent::preDispatch();
 64: 
 65:         // call after parent::preDispatch(); to get session started
 66:         if ($loginError) {
 67:             Mage::getSingleton('adminhtml/session')
 68:                 ->addError(Mage::helper('adminhtml')->__('Invalid User Name or Password.'));
 69:             $params = array('_query' => array('oauth_token' => $this->getRequest()->getParam('oauth_token', null)));
 70:             $this->setFlag('', self::FLAG_NO_DISPATCH, true);
 71:             $this->setFlag('', self::FLAG_NO_POST_DISPATCH, true);
 72:             $params = array('_query' => array('oauth_token' => $this->getRequest()->getParam('oauth_token', null)));
 73:             $this->_redirect('*/*/*', $params);
 74:         }
 75:     }
 76: 
 77:     /**
 78:      * Index action.
 79:      *
 80:      * @return void
 81:      */
 82:     public function indexAction()
 83:     {
 84:         $this->_initForm();
 85: 
 86:         $this->_initLayoutMessages($this->_sessionName);
 87:         $this->renderLayout();
 88:     }
 89: 
 90:     /**
 91:      * Index action with a simple design
 92:      *
 93:      * @return void
 94:      */
 95:     public function simpleAction()
 96:     {
 97:         $this->_initForm(true);
 98:         $this->_initLayoutMessages($this->_sessionName);
 99:         $this->renderLayout();
100:     }
101: 
102:     /**
103:      * Init authorize page
104:      *
105:      * @param bool $simple
106:      * @return Mage_Oauth_Adminhtml_Oauth_AuthorizeController
107:      */
108:     protected function _initForm($simple = false)
109:     {
110:         /** @var $server Mage_Oauth_Model_Server */
111:         $server = Mage::getModel('oauth/server');
112:         /** @var $session Mage_Admin_Model_Session */
113:         $session = Mage::getSingleton($this->_sessionName);
114: 
115:         $isException = false;
116:         try {
117:             $server->checkAuthorizeRequest();
118:         } catch (Mage_Core_Exception $e) {
119:             $session->addError($e->getMessage());
120:         } catch (Mage_Oauth_Exception $e) {
121:             $isException = true;
122:             $session->addException($e, $this->__('An error occurred. Your authorization request is invalid.'));
123:         } catch (Exception $e) {
124:             $isException = true;
125:             $session->addException($e, $this->__('An error occurred.'));
126:         }
127: 
128:         $this->loadLayout();
129:         $layout = $this->getLayout();
130:         $logged = $session->isLoggedIn();
131: 
132:         $contentBlock = $layout->getBlock('content');
133:         if ($logged) {
134:             $contentBlock->unsetChild('oauth.authorize.form');
135:             /** @var $block Mage_Oauth_Block_Adminhtml_Oauth_Authorize_Button */
136:             $block = $contentBlock->getChild('oauth.authorize.button');
137:         } else {
138:             $contentBlock->unsetChild('oauth.authorize.button');
139:             /** @var $block Mage_Oauth_Block_Adminhtml_Oauth_Authorize */
140:             $block = $contentBlock->getChild('oauth.authorize.form');
141:         }
142: 
143:         $block->setIsSimple($simple)
144:             ->setToken($this->getRequest()->getQuery('oauth_token'))
145:             ->setHasException($isException);
146:         return $this;
147:     }
148: 
149:     /**
150:      * Init confirm page
151:      *
152:      * @param bool $simple
153:      * @return Mage_Oauth_Adminhtml_Oauth_AuthorizeController
154:      */
155:     protected function _initConfirmPage($simple = false)
156:     {
157:         /** @var $helper Mage_Oauth_Helper_Data */
158:         $helper = Mage::helper('oauth');
159: 
160:         /** @var $session Mage_Admin_Model_Session */
161:         $session = Mage::getSingleton($this->_sessionName);
162: 
163:         /** @var $user Mage_Admin_Model_User */
164:         $user = $session->getData('user');
165:         if (!$user) {
166:             $session->addError($this->__('Please login to proceed authorization.'));
167:             $url = $helper->getAuthorizeUrl(Mage_Oauth_Model_Token::USER_TYPE_ADMIN);
168:             $this->_redirectUrl($url);
169:             return $this;
170:         }
171: 
172:         $this->loadLayout();
173: 
174:         /** @var $block Mage_Oauth_Block_Adminhtml_Oauth_Authorize */
175:         $block = $this->getLayout()->getBlock('content')->getChild('oauth.authorize.confirm');
176:         $block->setIsSimple($simple);
177: 
178:         try {
179:             /** @var $server Mage_Oauth_Model_Server */
180:             $server = Mage::getModel('oauth/server');
181: 
182:             $token = $server->authorizeToken($user->getId(), Mage_Oauth_Model_Token::USER_TYPE_ADMIN);
183: 
184:             if (($callback = $helper->getFullCallbackUrl($token))) { //false in case of OOB
185:                 $this->getResponse()->setRedirect($callback . ($simple ? '&simple=1' : ''));
186:                 return $this;
187:             } else {
188:                 $block->setVerifier($token->getVerifier());
189:                 $session->addSuccess($this->__('Authorization confirmed.'));
190:             }
191:         } catch (Mage_Core_Exception $e) {
192:             $block->setHasException(true);
193:             $session->addError($e->getMessage());
194:         } catch (Exception $e) {
195:             $block->setHasException(true);
196:             $session->addException($e, $this->__('An error occurred on confirm authorize.'));
197:         }
198: 
199:         $this->_initLayoutMessages($this->_sessionName);
200:         $this->renderLayout();
201: 
202:         return $this;
203:     }
204: 
205:     /**
206:      * Init reject page
207:      *
208:      * @param bool $simple
209:      * @return Mage_Oauth_AuthorizeController
210:      */
211:     protected function _initRejectPage($simple = false)
212:     {
213:         /** @var $server Mage_Oauth_Model_Server */
214:         $server = Mage::getModel('oauth/server');
215: 
216:         /** @var $session Mage_Admin_Model_Session */
217:         $session = Mage::getSingleton($this->_sessionName);
218: 
219:         $this->loadLayout();
220: 
221:         /** @var $block Mage_Oauth_Block_Authorize */
222:         $block = $this->getLayout()->getBlock('oauth.authorize.reject');
223:         $block->setIsSimple($simple);
224: 
225:         try {
226:             $token = $server->checkAuthorizeRequest();
227:             /** @var $helper Mage_Oauth_Helper_Data */
228:             $helper = Mage::helper('oauth');
229: 
230:             if (($callback = $helper->getFullCallbackUrl($token, true))) {
231:                 $this->_redirectUrl($callback . ($simple ? '&simple=1' : ''));
232:                 return $this;
233:             } else {
234:                 $session->addNotice($this->__('The application access request is rejected.'));
235:             }
236:         } catch (Mage_Core_Exception $e) {
237:             $session->addError($e->getMessage());
238:         } catch (Exception $e) {
239:             $session->addException($e, $this->__('An error occurred on reject authorize.'));
240:         }
241: 
242:         //display exception
243:         $this->_initLayoutMessages($this->_sessionName);
244:         $this->renderLayout();
245: 
246:         return $this;
247:     }
248: 
249:     /**
250:      * Check is login data has empty login or pass
251:      * See Mage_Admin_Model_Session: there is no any error message if login or password is empty
252:      *
253:      * @return boolean
254:      */
255:     protected function _checkLoginIsEmpty()
256:     {
257:         $error = false;
258:         $action = $this->getRequest()->getActionName();
259:         if (($action == 'index' || $action == 'simple') && $this->getRequest()->getPost('login')) {
260:             $postLogin  = $this->getRequest()->getPost('login');
261:             $username   = isset($postLogin['username']) ? $postLogin['username'] : '';
262:             $password   = isset($postLogin['password']) ? $postLogin['password'] : '';
263:             if (empty($username) || empty($password)) {
264:                 $error = true;
265:             }
266:         }
267:         return $error;
268:     }
269: 
270:     /**
271:      * Confirm token authorization action
272:      */
273:     public function confirmAction()
274:     {
275:         $this->_initConfirmPage();
276:     }
277: 
278:     /**
279:      * Confirm token authorization simple page
280:      */
281:     public function confirmSimpleAction()
282:     {
283:         $this->_initConfirmPage();
284:     }
285: 
286:     /**
287:      * Reject token authorization action
288:      */
289:     public function rejectAction()
290:     {
291:         $this->_initRejectPage();
292:     }
293: 
294:     /**
295:      * Reject token authorization simple page
296:      */
297:     public function rejectSimpleAction()
298:     {
299:         $this->_initRejectPage();
300:     }
301: }
302:
Magento 1.7.0.2 API documentation generated by ApiGen 2.8.0