/vendor/hwi/oauth-bundle/OAuth/ResourceOwner/GenericOAuth1ResourceOwner.php
PHP | 244 lines | 159 code | 41 blank | 44 comment | 13 complexity | c2806044c3dff24226e178f21db9aa09 MD5 | raw file
- <?php
- /*
- * This file is part of the HWIOAuthBundle package.
- *
- * (c) Hardware.Info <opensource@hardware.info>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
- namespace HWI\Bundle\OAuthBundle\OAuth\ResourceOwner;
- use Buzz\Message\RequestInterface as HttpRequestInterface;
- use HWI\Bundle\OAuthBundle\Security\Core\Authentication\Token\OAuthToken;
- use HWI\Bundle\OAuthBundle\Security\OAuthUtils;
- use Symfony\Component\HttpFoundation\Request;
- use Symfony\Component\OptionsResolver\OptionsResolverInterface;
- use Symfony\Component\Security\Core\Exception\AuthenticationException;
- /**
- * GenericOAuth1ResourceOwner
- *
- * @author Francisco Facioni <fran6co@gmail.com>
- */
- class GenericOAuth1ResourceOwner extends AbstractResourceOwner
- {
- /**
- * {@inheritDoc}
- */
- public function getUserInformation(array $accessToken, array $extraParameters = array())
- {
- $parameters = array_merge(array(
- 'oauth_consumer_key' => $this->options['client_id'],
- 'oauth_timestamp' => time(),
- 'oauth_nonce' => $this->generateNonce(),
- 'oauth_version' => '1.0',
- 'oauth_signature_method' => $this->options['signature_method'],
- 'oauth_token' => $accessToken['oauth_token'],
- ), $extraParameters);
- $url = $this->options['infos_url'];
- $parameters['oauth_signature'] = OAuthUtils::signRequest(
- HttpRequestInterface::METHOD_GET,
- $url,
- $parameters,
- $this->options['client_secret'],
- $accessToken['oauth_token_secret'],
- $this->options['signature_method']
- );
- $content = $this->doGetUserInformationRequest($url, $parameters)->getContent();
- $response = $this->getUserResponse();
- $response->setResponse($content);
- $response->setResourceOwner($this);
- $response->setOAuthToken(new OAuthToken($accessToken));
- return $response;
- }
- /**
- * {@inheritDoc}
- */
- public function getAuthorizationUrl($redirectUri, array $extraParameters = array())
- {
- $token = $this->getRequestToken($redirectUri, $extraParameters);
- return $this->normalizeUrl($this->options['authorization_url'], array('oauth_token' => $token['oauth_token']));
- }
- /**
- * {@inheritDoc}
- */
- public function getAccessToken(Request $request, $redirectUri, array $extraParameters = array())
- {
- try {
- if (null === $requestToken = $this->storage->fetch($this, $request->query->get('oauth_token'))) {
- throw new \RuntimeException('No request token found in the storage.');
- }
- } catch (\InvalidArgumentException $e) {
- throw new AuthenticationException('Given token is not valid.');
- }
- $parameters = array_merge(array(
- 'oauth_consumer_key' => $this->options['client_id'],
- 'oauth_timestamp' => time(),
- 'oauth_nonce' => $this->generateNonce(),
- 'oauth_version' => '1.0',
- 'oauth_signature_method' => $this->options['signature_method'],
- 'oauth_token' => $requestToken['oauth_token'],
- 'oauth_verifier' => $request->query->get('oauth_verifier'),
- ), $extraParameters);
- $url = $this->options['access_token_url'];
- $parameters['oauth_signature'] = OAuthUtils::signRequest(
- HttpRequestInterface::METHOD_POST,
- $url,
- $parameters,
- $this->options['client_secret'],
- $requestToken['oauth_token_secret'],
- $this->options['signature_method']
- );
- $response = $this->doGetTokenRequest($url, $parameters);
- $response = $this->getResponseContent($response);
- if (isset($response['oauth_problem'])) {
- throw new AuthenticationException(sprintf('OAuth error: "%s"', $response['oauth_problem']));
- }
- if (!isset($response['oauth_token']) || !isset($response['oauth_token_secret'])) {
- throw new AuthenticationException('Not a valid request token.');
- }
- return $response;
- }
- /**
- * {@inheritDoc}
- */
- public function handles(Request $request)
- {
- return $request->query->has('oauth_token');
- }
- /**
- * {@inheritdoc}
- */
- public function isCsrfTokenValid($csrfToken)
- {
- // OAuth1.0a passes token with every call
- return true;
- }
- /**
- * {@inheritDoc}
- */
- public function getRequestToken($redirectUri, array $extraParameters = array())
- {
- $timestamp = time();
- $parameters = array_merge(array(
- 'oauth_consumer_key' => $this->options['client_id'],
- 'oauth_timestamp' => $timestamp,
- 'oauth_nonce' => $this->generateNonce(),
- 'oauth_version' => '1.0',
- 'oauth_callback' => $redirectUri,
- 'oauth_signature_method' => $this->options['signature_method'],
- ), $extraParameters);
- $url = $this->options['request_token_url'];
- $parameters['oauth_signature'] = OAuthUtils::signRequest(
- HttpRequestInterface::METHOD_POST,
- $url,
- $parameters,
- $this->options['client_secret'],
- '',
- $this->options['signature_method']
- );
- $apiResponse = $this->httpRequest($url, null, $parameters, array(), HttpRequestInterface::METHOD_POST);
- $response = $this->getResponseContent($apiResponse);
- if (isset($response['oauth_problem'])) {
- throw new AuthenticationException(sprintf('OAuth error: "%s"', $response['oauth_problem']));
- }
- if (isset($response['oauth_callback_confirmed']) && ($response['oauth_callback_confirmed'] != 'true')) {
- throw new AuthenticationException('Defined OAuth callback was not confirmed.');
- }
- if (!isset($response['oauth_token']) || !isset($response['oauth_token_secret'])) {
- throw new AuthenticationException('Not a valid request token.');
- }
- $response['timestamp'] = $timestamp;
- $this->storage->save($this, $response);
- return $response;
- }
- /**
- * {@inheritDoc}
- */
- protected function httpRequest($url, $content = null, $parameters = array(), $headers = array(), $method = null)
- {
- foreach ($parameters as $key => $value) {
- $parameters[$key] = $key . '="' . rawurlencode($value) . '"';
- }
- if (!$this->options['realm']) {
- array_unshift($parameters, 'realm="' . rawurlencode($this->options['realm']) . '"');
- }
- $headers[] = 'Authorization: OAuth ' . implode(', ', $parameters);
- return parent::httpRequest($url, $content, $headers, $method);
- }
- /**
- * {@inheritDoc}
- */
- protected function doGetTokenRequest($url, array $parameters = array())
- {
- return $this->httpRequest($url, null, $parameters, array(), HttpRequestInterface::METHOD_POST);
- }
- /**
- * {@inheritDoc}
- */
- protected function doGetUserInformationRequest($url, array $parameters = array())
- {
- return $this->httpRequest($url, null, $parameters);
- }
- /**
- * {@inheritDoc}
- */
- protected function configureOptions(OptionsResolverInterface $resolver)
- {
- parent::configureOptions($resolver);
- $resolver->setRequired(array(
- 'request_token_url',
- ));
- $resolver->setDefaults(array(
- 'realm' => null,
- 'signature_method' => 'HMAC-SHA1',
- ));
- if (method_exists($resolver, 'setDefined')) {
- $resolver->setAllowedValues('signature_method', array('HMAC-SHA1', 'RSA-SHA1', 'PLAINTEXT'));
- } else {
- $resolver->setAllowedValues(array(
- 'signature_method' => array('HMAC-SHA1', 'RSA-SHA1', 'PLAINTEXT'),
- ));
- }
- }
- }