2 if(!defined('sugarEntry') || !sugarEntry) die('Not A Valid Entry Point');
3 /*********************************************************************************
4 * SugarCRM Community Edition is a customer relationship management program developed by
5 * SugarCRM, Inc. Copyright (C) 2004-2011 SugarCRM Inc.
7 * This program is free software; you can redistribute it and/or modify it under
8 * the terms of the GNU Affero General Public License version 3 as published by the
9 * Free Software Foundation with the addition of the following permission added
10 * to Section 15 as permitted in Section 7(a): FOR ANY PART OF THE COVERED WORK
11 * IN WHICH THE COPYRIGHT IS OWNED BY SUGARCRM, SUGARCRM DISCLAIMS THE WARRANTY
12 * OF NON INFRINGEMENT OF THIRD PARTY RIGHTS.
14 * This program is distributed in the hope that it will be useful, but WITHOUT
15 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
16 * FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
19 * You should have received a copy of the GNU Affero General Public License along with
20 * this program; if not, see http://www.gnu.org/licenses or write to the Free
21 * Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
24 * You can contact SugarCRM, Inc. headquarters at 10050 North Wolfe Road,
25 * SW2-130, Cupertino, CA 95014, USA. or at email address contact@sugarcrm.com.
27 * The interactive user interfaces in modified source and object code versions
28 * of this program must display Appropriate Legal Notices, as required under
29 * Section 5 of the GNU Affero General Public License version 3.
31 * In accordance with Section 7(b) of the GNU Affero General Public License version 3,
32 * these Appropriate Legal Notices must retain the display of the "Powered by
33 * SugarCRM" logo. If the display of the logo is not reasonably feasible for
34 * technical reasons, the Appropriate Legal Notices must display the words
35 * "Powered by SugarCRM".
36 ********************************************************************************/
40 require_once 'include/SugarOAuthServer.php';
42 class OauthTokensViewAuthorize extends SugarView
44 public function display()
46 if(!SugarOAuthServer::enabled()) {
47 sugar_die($GLOBALS['mod_strings']['LBL_OAUTH_DISABLED']);
50 $sugar_smarty = new Sugar_Smarty();
51 $sugar_smarty->assign('APP', $GLOBALS['app_strings']);
52 $sugar_smarty->assign('MOD', $GLOBALS['mod_strings']);
53 $sugar_smarty->assign('token', $_REQUEST['token']);
54 $sugar_smarty->assign('sid', session_id());
56 $token = OAuthToken::load($_REQUEST['token']);
57 if(empty($token) || empty($token->consumer) || $token->tstate != OAuthToken::REQUEST || empty($token->consumer_obj)) {
58 sugar_die('Invalid token');
61 if(empty($_REQUEST['confirm'])) {
62 $sugar_smarty->assign('consumer', sprintf($GLOBALS['mod_strings']['LBL_OAUTH_CONSUMERREQ'], $token->consumer_obj->name));
63 // SM: roles disabled for now
64 // $roles = array('' => '');
65 // $allroles = ACLRole::getAllRoles();
66 // foreach($allroles as $role) {
67 // $roles[$role->id] = $role->name;
69 // $sugar_smarty->assign('roles', $roles);
71 $_SESSION['oauth_hash'] = $hash;
72 $sugar_smarty->assign('hash', $hash);
73 echo $sugar_smarty->fetch('modules/OAuthTokens/tpl/authorize.tpl');
75 if($_REQUEST['sid'] != session_id() || $_SESSION['oauth_hash'] != $_REQUEST['hash']) {
76 sugar_die('Invalid request');
78 $verify = $token->authorize(array("user" => $current_user->id));
79 $sugar_smarty->assign('VERIFY', $verify);
80 $sugar_smarty->assign('token', '');
81 echo $sugar_smarty->fetch('modules/OAuthTokens/tpl/authorized.tpl');