OAuth support and the basics of diff uploading.
[potlatch2.git] / net / systemeD / potlatch2 / save / OAuthPanel.mxml
1 <?xml version="1.0" encoding="utf-8"?>
2 <mx:TitleWindow
3         xmlns:mx="http://www.adobe.com/2006/mxml" 
4         layout="vertical"
5         horizontalAlign="center" title="Authorisation Required"
6         creationComplete="getRequestToken()"
7         height="250">
8         
9         <mx:ViewStack id="contentStack" width="100%" height="100%">
10         
11         <mx:VBox id="okPanel" width="100%" height="100%">
12           <mx:Text width="100%" text="{getAuthText()}"/>
13           <mx:VBox width="100%" id="gotLinkBox" visible="false">
14             <mx:Text width="100%">
15               <mx:text>
16                 Click the link below to open a web page where
17                 you will be asked to authorise access to this app.
18               </mx:text>
19             </mx:Text>
20             <mx:LinkButton id="link"
21                 label="http://oauth.dev.openstreetmap.org/oauth/authorize?somekey"
22                 click="openURL(authoriseURL); tryAccessButton.enabled=true;"/>
23             <mx:Text width="100%">
24               <mx:text>Once you've authorised the access click the 'Try Access' button below</mx:text>
25             </mx:Text>
26             <mx:Text styleName="failText" visible="false" id="deniedLabel">
27               <mx:text><![CDATA[<b>Access was denied, please check, and try again</b>]]></mx:text>
28             </mx:Text>
29           </mx:VBox>
30         </mx:VBox>
31         
32         <mx:VBox id="permFailPanel" width="100%" height="100%">
33           <mx:Text styleName="failText" width="100%" condenseWhite="true">
34             <mx:htmlText><![CDATA[
35               <p>The server refused this application's credentials -- an authorisation link
36               could not be obtained.
37               </p><p>
38               <b>OAuth access will not be possible.</b>
39               </p><p>
40               Please contact application vendor to find out what's going on.
41             ]]></mx:htmlText>
42           </mx:Text>
43         </mx:VBox>
44         
45         <mx:VBox id="tempFailPanel" width="100%" height="100%">
46           <mx:Text width="100%">
47             <mx:text>
48               There was a problem contacting the server to get authorisation.
49               This may be a temporary error, try again later.
50             </mx:text>
51           </mx:Text>
52         </mx:VBox>
53         
54         </mx:ViewStack>
55         
56         <mx:ControlBar horizontalAlign="right">
57         
58             <mx:ProgressBar id="progress" label="Contacting server..." labelPlacement="top"
59                 indeterminate="true"/>
60         <mx:Spacer width="100%"/>
61
62             <mx:Button label="Cancel" click="PopUpManager.removePopUp(this);"/>
63             <mx:Button id="tryAccessButton" label="Try Access" click="getAccessToken()" enabled="false"/>
64         </mx:ControlBar>
65         
66         <mx:Script><![CDATA[
67         import flash.events.Event;
68         import flash.net.*;
69         import mx.managers.PopUpManager;
70         import net.systemeD.halcyon.connection.*;
71         import org.iotashan.oauth.*;
72
73         private var connection:Connection;
74         private var requestToken:OAuthToken;
75         private var _accessToken:OAuthToken;
76         private var authoriseURL:String;
77         private var lastHTTPStatus:int = 0;
78         
79         public static var ACCESS_TOKEN_EVENT:String = "gotAccessToken";
80         
81         private function getAuthText():String {
82             return "To save data you must authorise this application to edit "+
83                     Connection.serverName + " on your behalf.";
84         }
85         
86         private function openURL(url:String):void {
87             var urlRequest:URLRequest = new URLRequest(url);
88             navigateToURL(urlRequest, "_blank");
89         }
90         
91         private function getRequestToken():void {
92             connection = Connection.getConnectionInstance();
93             
94             var sig:IOAuthSignatureMethod = new OAuthSignatureMethod_HMAC_SHA1();
95             var consumer:OAuthConsumer = getConsumer();
96             var url:String = Connection.getParam("oauth_request_url", "http://127.0.0.1:3000/oauth/request_token");
97             
98             var params:Object = new Object();
99             var oauthRequest:OAuthRequest = new OAuthRequest("GET", url, params, consumer, null);
100             var urlStr:Object = oauthRequest.buildRequest(sig, OAuthRequest.RESULT_TYPE_URL_STRING)
101             
102             // build the actual request
103             var urlReq:URLRequest = new URLRequest(String(urlStr));
104             var loader:URLLoader = new URLLoader();
105             loader.addEventListener(Event.COMPLETE, loadedRequestToken);
106             loader.addEventListener(IOErrorEvent.IO_ERROR, requestTokenError);
107             loader.addEventListener(HTTPStatusEvent.HTTP_STATUS, recordStatus);
108             loader.load(urlReq);
109         }
110         
111         private function recordStatus(event:HTTPStatusEvent):void {
112             lastHTTPStatus = event.status;
113         }
114         
115         private function requestTokenError(event:IOErrorEvent):void {
116             trace("error occured... last status was: "+lastHTTPStatus);
117             
118             if ( lastHTTPStatus == 401 ) {
119                 // this means authorisation was refused -- refused at this stage
120                 // means our consumer token is broken
121                 contentStack.selectedChild = permFailPanel;
122             } else {
123                 contentStack.selectedChild = tempFailPanel;
124             }
125             progress.visible = false;
126         }
127         
128         private function loadedRequestToken(event:Event):void {
129             trace("Yay! response: "+URLLoader(event.target).data);
130             requestToken = getResponseToken(URLLoader(event.target));
131             
132             var url:String = Connection.getParam("oauth_auth_url", "http://127.0.0.1:3000/oauth/authorize");            
133             link.label = url;
134             authoriseURL = url + "?oauth_token="+requestToken.key;
135             progress.visible = false;
136             gotLinkBox.visible = true;
137         }
138
139         private function getResponseToken(loader:URLLoader):OAuthToken {
140             var vars:URLVariables = new URLVariables(loader.data);
141             
142             // build out request token
143             var token:OAuthToken = new OAuthToken(
144                 String(vars["oauth_token"]),
145                 String(vars["oauth_token_secret"]));
146             return token;
147         }
148         
149         private function getAccessToken():void {
150             var sig:IOAuthSignatureMethod = new OAuthSignatureMethod_HMAC_SHA1();
151             var consumer:OAuthConsumer = getConsumer();
152             var url:String = Connection.getParam("oauth_access_url", "http://127.0.0.1:3000/oauth/access_token");
153
154             var oauthRequest:OAuthRequest = new OAuthRequest("GET", url, null, consumer, requestToken);
155             var urlStr:Object = oauthRequest.buildRequest(sig, OAuthRequest.RESULT_TYPE_URL_STRING)
156
157             var urlReq:URLRequest = new URLRequest(String(urlStr));
158             var loader:URLLoader = new URLLoader();
159             loader.addEventListener(Event.COMPLETE, loadedAccessToken);
160             loader.addEventListener(IOErrorEvent.IO_ERROR, accessTokenError);
161             loader.addEventListener(HTTPStatusEvent.HTTP_STATUS, recordStatus);
162             loader.load(urlReq);
163             
164             progress.label = "Checking access";
165             progress.visible = true;  
166         }
167         
168         private function loadedAccessToken(event:Event):void {
169             trace("Yay! response: "+URLLoader(event.target).data);
170             progress.label = "Received Access";
171             progress.indeterminate = false;
172             progress.setProgress(100,100);
173             PopUpManager.removePopUp(this);
174             
175             _accessToken = getResponseToken(URLLoader(event.target));
176             dispatchEvent(new Event(ACCESS_TOKEN_EVENT));
177         }
178         
179         public function get accessToken():OAuthToken {
180             return _accessToken;
181         }
182         
183         private function accessTokenError(event:IOErrorEvent):void {
184             if ( lastHTTPStatus == 401 ) {
185                 deniedLabel.htmlText = "<b>Access was denied, please check, and try again</b>";
186             } else {
187                 deniedLabel.htmlText = "<b>Error occurred</b> ("+lastHTTPStatus+"): please try again";
188             }
189             deniedLabel.visible = true;
190         }
191         
192         private function getConsumer():OAuthConsumer {
193             var key:String = Connection.getParam("oauth_consumer_key", "");
194             var secret:String = Connection.getParam("oauth_consumer_secret", "");
195             return new OAuthConsumer(key, secret);
196         }
197         
198         ]]></mx:Script>
199 </mx:TitleWindow>
200