From 1dac0ef8bee5fd862891ca4767626c91c013dbf7 Mon Sep 17 00:00:00 2001 From: Hugh Barnes Date: Fri, 14 Oct 2011 08:33:08 +1300 Subject: [PATCH 1/3] Set up a stub authtool page and toggle to open access to it --- flickrapi.module | 38 +++++++++++++++++++++++++++++++++++++- 1 files changed, 37 insertions(+), 1 deletions(-) diff --git a/flickrapi.module b/flickrapi.module index cf040c6..cd70cca 100644 --- a/flickrapi.module +++ b/flickrapi.module @@ -13,6 +13,12 @@ function flickrapi_menu() { 'page callback' => 'drupal_get_form', 'page arguments' => array('flickrapi_admin_settings') ); + $items['admin/settings/flickrapi/authtool'] = array( + 'title' => 'Authentication token callback tool', + 'type' => MENU_NORMAL_ITEM, + 'page callback' => 'flickrapi_auth_callback', + 'access callback' => 'flickrapi_auth_callback_access', + ); return $items; } @@ -33,6 +39,15 @@ function flickrapi_admin_settings() { '#default_value' => variable_get('flickrapi_api_secret', ''), '#description' => t("API key's secret from Flickr."), ); + + //TODO: lock/unlock auth tool toggle + $form['flickrapi_api_authtool_lock'] = array( + '#type' => 'checkbox', + '#title' => t('Lock access to the authentication token callback tool'), + '#required' => FALSE, + '#default_value' => variable_get('flickrapi_api_authtool_lock', TRUE), + '#description' => t("The Authentication token callback tool needs to be temporarily available globally, so that Flickr can access it to create the code. It will be re-locked imediately after use."), //TODO: link: admin/settings/flickrapi/authtool //TODO: a timeout on this? + ); $times = array(900, 1800, 2700, 3600, 7200, 10800, 14400, 18000, 21600, 43200, 86400); $ageoptions = drupal_map_assoc($times, 'format_interval'); $form['flickrapi_cache_duration'] = array( @@ -81,13 +96,14 @@ function flickrapi_phpFlickr() { module_load_include('php', 'flickrapi', 'phpFlickr/phpFlickr'); $api_key = variable_get('flickrapi_api_key', ''); + $api_secret = variable_get('flickrapi_api_secret', NULL); if (!$api_key) { drupal_set_message(t("Flickr API key not set"), 'error'); if (user_access('Administer global flickr api settings')) { drupal_set_message(t("Goto !link to configure the Flickr API settings", array('!link' => l('admin/settings/flickrapi', 'admin/settings/flickrapi')))); } } - $flickr = new phpFlickr($api_key); + $flickr = new phpFlickr($api_key,$api_secret); $flickr->enableCache("fs", variable_get('flickrcachepath', '/tmp')); return $flickr; } @@ -129,3 +145,23 @@ function flickrapi_get_user_nsid($identifier) { function flickrapi_is_nsid($id) { return preg_match('/^\d+@N\d+$/', $id); } + +function flickrapi_auth_callback(){ +/* + $f = new phpFlickr("", ""); + + //change this to the permissions you will need + $f->auth("read"); + + echo "Copy this token into your code: " . $_SESSION['phpFlickr_auth_token']; +*/ + //TODO: re-lock the authcode toggle + //TODO: flush menu privileges somehow/somewhere?? + return 'Hello world'; +} + +function flickrapi_auth_callback_access() { + $tool_unlocked = !(variable_get('flickrapi_api_authtool_lock', TRUE)); //added for readability only + return $tool_unlocked || user_access('administer site configuration'); +} + -- 1.7.2.5 From 69f44de3fb13b8e9474bf914d1d024880081e050 Mon Sep 17 00:00:00 2001 From: Hugh Barnes Date: Sun, 16 Oct 2011 17:58:23 +1300 Subject: [PATCH 2/3] Include setting for authorization token, use it in calls; also uses previously ignored flickrapi_api_secret setting in instantiation --- flickrapi.module | 17 ++++++++++++++++- 1 files changed, 16 insertions(+), 1 deletions(-) diff --git a/flickrapi.module b/flickrapi.module index cf040c6..f550239 100644 --- a/flickrapi.module +++ b/flickrapi.module @@ -33,6 +33,13 @@ function flickrapi_admin_settings() { '#default_value' => variable_get('flickrapi_api_secret', ''), '#description' => t("API key's secret from Flickr."), ); + $form['flickrapi_api_authcode'] = array( + '#type' => 'textfield', + '#title' => t('Authorization token'), + '#required' => FALSE, + '#default_value' => variable_get('flickrapi_api_authcode', ''), + '#description' => t("A code provided by Flickr, it can give others access to your private photos through this site."), + ); $times = array(900, 1800, 2700, 3600, 7200, 10800, 14400, 18000, 21600, 43200, 86400); $ageoptions = drupal_map_assoc($times, 'format_interval'); $form['flickrapi_cache_duration'] = array( @@ -87,7 +94,15 @@ function flickrapi_phpFlickr() { drupal_set_message(t("Goto !link to configure the Flickr API settings", array('!link' => l('admin/settings/flickrapi', 'admin/settings/flickrapi')))); } } - $flickr = new phpFlickr($api_key); + + $api_secret = variable_get('flickrapi_api_secret', NULL); + $api_authcode = variable_get('flickrapi_api_authcode', NULL); + + $flickr = new phpFlickr($api_key, $api_secret); + if (!empty($api_authcode)) { + $flickr->setToken($api_authcode); + } + $flickr->enableCache("fs", variable_get('flickrcachepath', '/tmp')); return $flickr; } -- 1.7.2.5 From 2036bfd7cbf7e2dfbf494c208476e3cc615a2c65 Mon Sep 17 00:00:00 2001 From: Hugh Barnes Date: Sun, 16 Oct 2011 11:28:59 +1300 Subject: [PATCH 3/3] Authtool works in a fashion but lots more enhancement and tinkering with flow required --- flickrapi.module | 68 ++++++++++++++++++++++++++++++++++++++++++------------ 1 files changed, 53 insertions(+), 15 deletions(-) diff --git a/flickrapi.module b/flickrapi.module index cd70cca..cfc71e9 100644 --- a/flickrapi.module +++ b/flickrapi.module @@ -14,10 +14,16 @@ function flickrapi_menu() { 'page arguments' => array('flickrapi_admin_settings') ); $items['admin/settings/flickrapi/authtool'] = array( - 'title' => 'Authentication token callback tool', + 'title' => 'Authentication token tool', + 'type' => MENU_NORMAL_ITEM, + 'page callback' => 'flickrapi_auth_tool', + 'access callback' => 'flickrapi_auth_tool_access', + ); + $items['admin/settings/flickrapi/authtool/callback'] = array( + 'title' => 'Authentication token tool callback', 'type' => MENU_NORMAL_ITEM, 'page callback' => 'flickrapi_auth_callback', - 'access callback' => 'flickrapi_auth_callback_access', + 'access callback' => 'flickrapi_auth_tool_access', ); return $items; } @@ -146,22 +152,54 @@ function flickrapi_is_nsid($id) { return preg_match('/^\d+@N\d+$/', $id); } -function flickrapi_auth_callback(){ -/* - $f = new phpFlickr("", ""); - - //change this to the permissions you will need - $f->auth("read"); - - echo "Copy this token into your code: " . $_SESSION['phpFlickr_auth_token']; -*/ +function flickrapi_auth_tool() { + //TODO: drupal_set_message "This page is locked/unlocked", or the callback page only? + //TODO: check that prerequisite settings have been made or handle error when they haven't + + $authcode = variable_get('flickrapi_api_authcode',NULL); + if (empty($authcode)) { + $f = flickrapi_phpFlickr(); + $f->auth("read"); #FIXME + + //TODO: variable_set + return 'Hello world, this is your new token: ' . $_SESSION['phpFlickr_auth_token']; + } + else { + if (user_access('administer site configuration')) { //'Administer global flickr api settings' ?? + return "Your existing code is $authcode."; //TODO: allow user to reset it? + } + else { + return "A code's already been set, no you can't see it"; //FIXME + } + } //TODO: re-lock the authcode toggle - //TODO: flush menu privileges somehow/somewhere?? - return 'Hello world'; + //TODO: flush menu privileges somehow/somewhere?? http://api.drupal.org/api/drupal/includes--menu.inc/function/menu_cache_clear/6 or http://api.drupal.org/api/drupal/includes--menu.inc/group/menu/6 +} + +function flickrapi_auth_callback($permissions='read',$redirect='') { //FIME: not sure if $redirect needs to be a param + $redirect = 'admin/settings/flickrapi/authtool'; #FIXME + unset($_SESSION['phpFlickr_auth_token']); + + if (isset($_SESSION['phpFlickr_auth_redirect']) && !empty($_SESSION['phpFlickr_auth_redirect'])) { + $redirect = $_SESSION['phpFlickr_auth_redirect']; + unset($_SESSION['phpFlickr_auth_redirect']); + } + + $f = flickrapi_phpFlickr(); + + if (empty($_GET['frob'])) { + $f->auth($permissions, FALSE); + } + else { + $f->auth_getToken($_GET['frob']); + } + + //TODO: variable_set ? + drupal_goto($redirect,NULL,NULL,303); } -function flickrapi_auth_callback_access() { +function flickrapi_auth_tool_access() { $tool_unlocked = !(variable_get('flickrapi_api_authtool_lock', TRUE)); //added for readability only - return $tool_unlocked || user_access('administer site configuration'); + return $tool_unlocked || user_access('administer site configuration'); //'Administer global flickr api settings' ?? } -- 1.7.2.5