int oauth_admin_api_client(shd_t *cli, char *client_id, char *title, char *logo_url)
{
shmap_t *sess;
char buf[1024];
int err;
if (!client_id)
client_id = "";
sess = oauth_sess_load(cli, client_id);
if (!sess)
return (SHERR_INVAL);
if (!oauth_sess_login(sess)) {
oauth_admin_redir_login(cli, client_id);
return (0);
}
if (title && logo_url && (*title || *logo_url)) {
oauth_sess_client_set(sess, client_id, title, logo_url);
}
sprintf(buf, "<html><form action=\"/admin\"><input name=\"client_id\" value=\"%s\" disabled></input><input name=\"title\" value=\"%s\"></input><input name=\"logo_url\" value=\"%s\"><input type=\"submit\"></input></form></html>\r\n", client_id, title?title:"", logo_url?logo_url:"");
oauth_html_template(cli->buff_out, buf);
return (0);
}
int oauth_response_token(shd_t *cli, shbuf_t *buff, char *client_id, char *redirect_url, char *scope_str)
{
shmap_t *sess;
char text[1024];
char url[1024];
char key_str[256];
char *token;
int i;
sess = oauth_sess_load(cli, client_id);
if (!sess)
return (SHERR_INVAL);
if (client_id) {
oauth_sess_redirect_url_set(sess, client_id, redirect_url);
oauth_sess_scope_set(sess, client_id, scope_str);
}
if (oauth_sess_login(sess)) {
int bits = oauth_scope_bits(scope_str);
for (i = 0; i < MAX_OAUTH_SCOPE; i++) {
if (!(bits & (1 << i)))
continue;
fprintf(stderr, "DEBUG: oauth_response_token: access %s = %s\n", oauth_scope_label(1 << i), oauth_sess_access(sess, client_id, (1 << i))?"true":"false");
if (!oauth_sess_access(sess, client_id, (1 << i))) {
/* show access template */
oauth_response_access_template(sess, buff, client_id);
return (0);
}
}
/* successful login. */
oauth_response_app_template(sess, buff, client_id);
return (0);
}
/* show user/pass login template */
oauth_response_login_template(sess, buff, client_id, NULL);
return (0);
}
/** @returns A API key (known as an 'oauth access token'). */
int oauth_token_authorization_code(shd_t *cli, char *client_id, char *client_secret, char *auth_code, char *redirect_uri)
{
shmap_t *sess;
shjson_t *json;
shbuf_t *buff = cli->buff_out;
char text[1024];
char *sys_token;
char api_key[256];
char scope_str[256];
uint64_t uid;
int scope;
int err;
int idx;
time_t expire_diff;
int ok;
if (!cli)
return (SHERR_INVAL);
fprintf(stderr, "DEBUG: oauth_token_autorization_code()\n");
sess = oauth_sess_find(auth_code);
if (!sess) {
fprintf(stderr, "DEBUG: oauth_sess_find('%s') = NULL\n", auth_code);
return (SHERR_INVAL);
}
if (!oauth_sess_login(sess)) {
fprintf(stderr, "DEBUG: oauth_token_authorization_code: unable to login\n");
return (SHERR_KEYEXPIRED);
}
fprintf(stderr, "DEBUG: oauth-token_auth_code: oauth_sess_token: %s\n", oauth_sess_token(sess));
sys_token = http_token_decode(oauth_sess_token(sess));
fprintf(stderr, "DEBUG: oauth_tok_auth_code: oauth_sess_token/deoce: %s\n", sys_token);
if (!sys_token) {
fprintf(stderr, "DEBUG: no session token ('oauth auth code') avail.\n");
return (SHERR_ACCESS);
}
ok = (0 == strcmp(sys_token, auth_code));
free(sys_token);
if (!ok) {
fprintf(stderr, "DEBUG: sys_token(%s) != auth_code(%s)\n", sys_token, auth_code);
return (SHERR_ACCESS);
}
/* DEBUG: */
strcpy(api_key, oauth_api_token(cli, sess));
expire_diff = 300;
strcpy(scope_str, "read");
uid = 1;
json = shjson_init(NULL);
shjson_str_add(json, "access_token", api_key);
shjson_str_add(json, "token_type", "bearer");
shjson_num_add(json, "expires_in", expire_diff);
shjson_str_add(json, "refresh_token", ""); /* optional */
shjson_str_add(json, "scope", scope_str);
shjson_num_add(json, "uid", uid);
/* "info":{"name", "email"} .. */
oauth_html_json_template(cli->buff_out, json);
shjson_free(&json);
return (0);
}
int oauth_admin_api_user(shd_t *cli, char *client_id, char *password, char *fullname, char *address, char *zipcode, char *phone, int b_2fa)
{
shmap_t *sess;
char buf[1024];
char warning[256];
int err;
if (!client_id)
client_id = "";
sess = oauth_sess_load(cli, client_id);
if (!sess)
return (SHERR_INVAL);
if (!oauth_sess_login(sess)) {
oauth_admin_redir_login(cli, client_id);
return (0);
}
/* apply new user-defined settings */
if (fullname && *fullname) {
if (!oauth_admin_verify_fullname(fullname))
strcpy(warning, "Please specify a valid 'Real Name'.");
else
shmap_set_astr(sess, ashkey_str("fullname"), fullname);
}
if (address && *address) {
if (!oauth_admin_verify_address(address))
strcpy(warning, "Please specify a valid 'Street Address'.");
else
shmap_set_astr(sess, ashkey_str("address"), address);
}
if (zipcode && *zipcode) {
if (!oauth_admin_verify_zipcode(zipcode))
strcpy(warning, "Please specify a valid 'Zip Code'.");
else
shmap_set_astr(sess, ashkey_str("zipcode"), zipcode);
}
if (phone && *phone) {
if (!oauth_admin_verify_phone(phone))
strcpy(warning, "Please specify a valid 'Phone Number'.");
else
shmap_set_astr(sess, ashkey_str("phone"), phone);
}
/* initialize variables */
if (!shmap_get_str(sess, ashkey_str("fullname")))
shmap_set_astr(sess, ashkey_str("fullname"), "");
if (!shmap_get_str(sess, ashkey_str("address")))
shmap_set_astr(sess, ashkey_str("address"), "");
if (!shmap_get_str(sess, ashkey_str("zipcode")))
shmap_set_astr(sess, ashkey_str("zipcode"), "");
if (!shmap_get_str(sess, ashkey_str("2fa")))
shmap_set_astr(sess, ashkey_str("2fa"), "0");
/* response with JSON context */
shjson_t *json = shjson_init(NULL);
/* core attributes */
shjson_str_add(json, "fullname",
shmap_get_str(sess, ashkey_str("fullname")));
shjson_str_add(json, "address",
shmap_get_str(sess, ashkey_str("address")));
shjson_str_add(json, "zipcode",
shmap_get_str(sess, ashkey_str("zipcode")));
shjson_str_add(json, "phone",
shmap_get_str(sess, ashkey_str("phone")));
shjson_num_add(json, "2fa",
atoi(shmap_get_str(sess, ashkey_str("2fa"))));
oauth_html_json_template(cli->buff_out, json);
shjson_free(&json);
return (0);
}
int oauth_admin_user(shd_t *cli, char *client_id, char *password, char *fullname, char *address, char *zipcode, char *phone, int b_2fa)
{
shmap_t *sess;
char buf[1024];
char warning[1024];
int err;
memset(warning, 0, sizeof(warning));
if (!client_id)
client_id = "";
sess = oauth_sess_load(cli, client_id);
if (!sess)
return (SHERR_INVAL);
if (!oauth_sess_login(sess)) {
oauth_admin_redir_login(cli, client_id);
return (0);
}
/* update attributes with user-defined settings */
if (fullname && *fullname) {
if (!oauth_admin_verify_fullname(fullname))
strcpy(warning, "Please specify a valid 'Real Name'.");
else
shmap_set_astr(sess, ashkey_str("fullname"), fullname);
}
if (address && *address) {
if (!oauth_admin_verify_address(address))
strcpy(warning, "Please specify a valid 'Street Address'.");
else
shmap_set_astr(sess, ashkey_str("address"), address);
}
if (zipcode && *zipcode) {
if (!oauth_admin_verify_zipcode(zipcode))
strcpy(warning, "Please specify a valid 'Zip Code'.");
else
shmap_set_astr(sess, ashkey_str("zipcode"), zipcode);
}
if (phone && *phone) {
if (!oauth_admin_verify_phone(phone))
strcpy(warning, "Please specify a valid 'Phone Number'.");
else
shmap_set_astr(sess, ashkey_str("phone"), phone);
}
/* initialize variables */
if (!shmap_get_str(sess, ashkey_str("fullname")))
shmap_set_astr(sess, ashkey_str("fullname"), "");
if (!shmap_get_str(sess, ashkey_str("address")))
shmap_set_astr(sess, ashkey_str("address"), "");
if (!shmap_get_str(sess, ashkey_str("zipcode")))
shmap_set_astr(sess, ashkey_str("zipcode"), "");
if (!shmap_get_str(sess, ashkey_str("2fa")))
shmap_set_astr(sess, ashkey_str("2fa"), "0");
oauth_admin_user_template(sess, cli->buff_out, client_id, warning);
return (0);
}
