/inc/libs/oauth/class.oauth.1.client.php
PHP | 238 lines | 143 code | 31 blank | 64 comment | 27 complexity | 5986ba950ce82e20b8bf4ac39b75ebb8 MD5 | raw file
Possible License(s): GPL-2.0
- <?php
- # -- BEGIN LICENSE BLOCK ----------------------------------
- #
- # This file is part of scmSocialme, a plugin for Dotclear 2.
- #
- # Copyright (c) 2009-2013 Jean-Christian Denis and contributors
- # contact@jcdenis.fr http://jcd.lv
- #
- # Licensed under the GPL version 2.0 license.
- # A copy of this license is available in LICENSE file or at
- # http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
- #
- # -- END LICENSE BLOCK ------------------------------------
-
- /** @file
- * @brief oAuth 1.0a Client methods
- */
-
- /**
- * @ingroup SCM_LIB_OAUTH
- * @nosubgrouping
- * @brief oAuth 1.0a Client
- *
- * oAuth 1.0a RFC5849 flow and request utilities
- */
- class oAuth1Client extends oAuthClient
- {
- protected $signer_oauth_version = '1.0';
-
- public function requestClientCredential()
- {
- # Check if client is localy registred
- if (!$this->hasClient()) {
- throw new Exception('Client is not set.');
- }
-
- $params = array();
-
- # Client does not support callback or callback is set elsewhere #section-2.1
- if ($this->client['client_disable_redirection']) {
- $params['oauth_callback'] = 'oob'; # out-of-band
- }
- # Define callback url
- elseif (!empty($this->redirection_endpoint)) {
- $params['oauth_callback'] = $this->redirection_endpoint;
-
- # Add state params
- if (!empty($this->state)) {
- $params['oauth_callback'] .= '?'.http_build_query(array('state'=>$this->state),'','&');
- }
- }
-
- # Request temporary credential
- $response = $this->accessProtectedResource($this->client['server_request_uri'],'POST',$params,false);
-
- # Check server response http code
- if ($this->http_rsp_code != 200) {
- throw new Exception('Failed to request temporaly credential');
- }
-
- # Check and parse server response body
- parse_str($response,$token);
- if (empty($token)) {
- throw new Exception('Failed to parse server response.');
- }
-
- # Check server version
- if (!isset($token['oauth_callback_confirmed']) || $token['oauth_callback_confirmed'] != 'true') {
- throw new Exception('Required oAuth 1.0a compliant server.');
- }
-
- # Set temporary credential
- $this->updateUser(
- array(
- 'user_key' => !empty($token['oauth_token']) ? $token['oauth_token'] : null,
- 'user_secret' => !empty($token['oauth_token_secret']) ? $token['oauth_token_secret'] : null,
- 'user_flow' => 1
- )
- );
-
- # Redirect user to server to query grant
- http::redirect($this->client['server_authorize_uri'].'?'.http_build_query(array('oauth_token'=>$token['oauth_token']),'','&'));
- }
-
- public function requestUserCredential()
- {
- # Check if client is localy registred
- if (!$this->hasClient()) {
- throw new Exception('Client is not set.');
- }
-
- # Check oAuth flow
- if ($this->user['user_flow'] != 1) {
- throw new Exception('Authorization not complete. Request authorization first.');
- }
-
- # Check if redirection is too old
- if (isset($_REQUEST['oauth_token']) && $_REQUEST['oauth_token'] != $this->user['user_key']) {
- throw new Exception('Failed to request access. Expired token');
- }
-
- # Add oauth verifier to params if needed
- if (isset($_REQUEST['oauth_verifier']) && $_REQUEST['oauth_verifier'] != '') {
- $params['oauth_verifier'] = $_REQUEST['oauth_verifier'];
- }
-
- # Query server
- $response = $this->accessProtectedResource($this->client['server_token_uri'],'POST',$params,false);
-
- # Query failed
- if ($this->http_rsp_code != 200) {
- throw new Exception('Failed to request credential token.');
- }
-
- # Check and parse server response body
- parse_str($response,$rsp);
- if (empty($rsp)) {
- throw new Exception('Failed to parse server response.');
- }
- if (empty($rsp['oauth_token']) || empty($rsp['oauth_token_secret'])) {
- throw new Exception('Failed to find token in server response.');
- }
-
- # Set final token credential
- $this->updateUser(
- array(
- 'user_key' => $rsp['oauth_token'],
- 'user_secret' => $rsp['oauth_token_secret'],
- 'user_flow' => 2
- )
- );
-
- # All right baby, let's dance
- return $rsp;
- }
-
- /**
- * @todo implement it
- */
- public function refreshUserCredential()
- {
- return true;
- }
-
- public function revokeUserCredential()
- {
- $this->deleteUser();
- return true;
- }
-
- public function setDefaultSignerParameters()
- {
- $defaults = array(
- 'oauth_version' => $this->signer_oauth_version,
- 'oauth_nonce' => md5(microtime().mt_rand()),
- 'oauth_timestamp' => time(),
- 'oauth_consumer_key' => $this->client['client_key']
- );
-
- if ($this->user['user_key'] != '') {
- $defaults['oauth_token'] = $this->user['user_key'];
- }
-
- $this->signer_parameters = array_merge(
- oAuthClient::parseSignerParameters(
- parse_url($this->signer_http_url,PHP_URL_QUERY)
- ),
- $defaults,
- $this->signer_parameters
- );
- }
-
- /**
- * HMAC-SHA1 signature method
- *
- * Add signature parameters to request parameters
- */
- protected function signatureMethod_HMAC_SHA1()
- {
- $this->setSignerParameter(
- 'oauth_signature_method',
- $this->signer_sign_method,
- false
- );
- $this->setSignerParameter(
- 'oauth_signature',
- $this->buildSignature(),
- false
- );
- }
-
- /**
- * Build signature
- *
- * @retval string Signature
- */
- protected function buildSignature()
- {
- return base64_encode(hash_hmac('sha1',
- $this->getSignatureBaseString(),
- implode('&',oAuthClient::urlencode(array(
- $this->client['client_secret'],
- ($this->user['user_secret'] != '') ? $this->user['user_secret'] : ''
- ))),
- true
- ));
- }
-
- /**
- * Get signatuer base string
- *
- * @retval string Query style signature base string
- */
- protected function getSignatureBaseString()
- {
- return implode('&',oAuthClient::urlencode(array(
- $this->getNormalizedHttpMethod(),
- $this->getNormalizedHttpUrl(),
- $this->getSignableParameters()
- )));
- }
-
- /**
- * Get signable parameters
- *
- * @retval string Query style signature base parameters
- */
- protected function getSignableParameters()
- {
- $params = $this->signer_parameters;
-
- if (isset($params['oauth_signature'])) {
- unset($params['oauth_signature']);
- }
- return oAuthClient::buildHttpQuery($params);
- }
- }
- ?>