PageRenderTime 46ms CodeModel.GetById 15ms RepoModel.GetById 1ms app.codeStats 0ms

/libraries/oauth.php

https://github.com/calvinfroedge/codeigniter-oauth
PHP | 215 lines | 121 code | 27 blank | 67 comment | 15 complexity | 49824f4a5bf449be6000e175aed36633 MD5 | raw file
    

  1. <?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
    2. 

  2. 

  3. class OAuth
    4. 

  4. {
    5. 

  5. 	/*
    6. 

  6. 	* The CodeIgniter Instance
    7. 

  7. 	*/
    8. 

  8. 	public $ci;
    9. 

  9. 

  10. 	/*
    11. 

  11. 	* The Type of Auth Being Used
    12. 

  12. 	*/
    13. 

  13. 	public $type;	
    14. 

  14. 	
    15. 

  15. 	/*
    16. 

  16. 	* The Constructor Method
    17. 

  17. 	*/	
    18. 

  18. 	public function __construct()
    19. 

  19. 	{
    20. 

  20. 		$this->ci = &get_instance();
    21. 

  21. 		$this->ci->load->config('oauth', TRUE);
    22. 

  22. 		$this->ci->lang->load('messages');
    23. 

  23. 		$this->ci->load->library('session');
    24. 

  24. 		$this->ci->load->helper('url');
    25. 

  25. 	}
    26. 

  26. 

  27. 	/**
    28. 

  28. 	 * Make a call. Uses other helper methods to make the request.
    29. 

  29. 	 *
    30. 

  30. 	 * @param	string	The login method to use
    31. 

  31. 	 * @param	array	$params[0] is the login method, $params[1] are the params for the request
    32. 

  32. 	 * @return	object	Should return a success or failure, along with a response.
    33. 

  33. 	 */		
    34. 

  34. 	public function __call($method, $params)
    35. 

  35. 	{
    36. 

  36. 		$loaded = $this->_load_module($params[0], $method);
    37. 

  37. 		if($loaded)
    38. 

  38. 		{
    39. 

  39. 			return (isset($params[1])) 
    40. 

  40. 			? $this->type->$method($params[1])
    41. 

  41. 			: $this->type->$method();
    42. 

  42. 		}
    43. 

  43. 		else
    44. 

  44. 		{
    45. 

  45. 			return $this->response('failure', array(
    46. 

  46. 					'error' => $this->ci->lang->line('error_request_denied')
    47. 

  47. 				)
    48. 

  48. 			);
    49. 

  49. 		}
    50. 

  50. 	}	
    51. 

  51. 

  52. 	/**
    53. 

  53. 	 * Try to load an authentication module
    54. 

  54. 	 *
    55. 

  55. 	 * @param	string	The authentication module to load
    56. 

  56. 	 * @return	mixed	Will return bool if file is not found.  Will return file as object if found.
    57. 

  57. 	 */		
    58. 

  58. 	private function _load_module($module, $method)
    59. 

  59. 	{
    60. 

  60. 		$module_location = dirname(__FILE__).'/providers/'.$module.'.php';
    61. 

  61. 		if (!is_file($module_location))
    62. 

  62. 		{
    63. 

  63. 			return FALSE;
    64. 

  64. 		}
    65. 

  65. 		
    66. 

  66. 		if(!class_exists($module))
    67. 

  67. 		{
    68. 

  68. 			ob_start();
    69. 

  69. 			include $module_location;
    70. 

  70. 			ob_get_clean();
    71. 

  71. 			
    72. 

  72. 			$this->type = new $module($this);
    73. 

  73. 		}
    74. 

  74. 

  75. 		if(method_exists($this->type, $method))
    76. 

  76. 		{
    77. 

  77. 				return TRUE;
    78. 

  78. 		}		
    79. 

  79. 	}
    80. 

  80. 

  81. 	/**
    82. 

  82. 	 * Build the request to the Oauth Provider
    83. 

  83. 	 *
    84. 

  84. 	 * @param	array	Params to set
    85. 

  85. 	 * @param	string	The method to use (such as POST)
    86. 

  86. 	 * @param	string	The endpoint for the reuest
    87. 

  87. 	 * @param	string	The secret key
    88. 

  88. 	 * @return	string	Response from the _http call
    89. 

  89. 	 */	
    90. 

  90.     public function make_request($params, $method, $endpoint, $secret)
    91. 

  91.     {
    92. 

  92.          // BUILD SIGNATURE
    93. 

  93.             // encode params keys, values, join and then sort.
    94. 

  94.             $keys = $this->_urlencode_rfc3986(array_keys($params));
    95. 

  95.             $values = $this->_urlencode_rfc3986(array_values($params));
    96. 

  96.             $params = array_combine($keys, $values);
    97. 

  97.             uksort($params, 'strcmp');
    98. 

  98. 

  99.             // convert params to string 
    100. 

  100.             foreach ($params as $k => $v) {$pairs[] = $this->_urlencode_rfc3986($k).'='.$this->_urlencode_rfc3986($v);}
    101. 

  101.             $concatenatedParams = implode('&', $pairs);
    102. 

  102. 

  103.             // form base string (first key)
    104. 

  104.             $baseString= "$method&".$this->_urlencode_rfc3986($endpoint)."&".$this->_urlencode_rfc3986($concatenatedParams);
    105. 

  105.             // form secret (second key)
    106. 

  106.             $secret = $this->_urlencode_rfc3986($secret)."&";
    107. 

  107.             // make signature and append to params
    108. 

  108.             $params['oauth_signature'] = $this->_urlencode_rfc3986(base64_encode(hash_hmac('sha1', $baseString, $secret, TRUE)));
    109. 

  109. 

  110.          // BUILD URL
    111. 

  111.             // Resort
    112. 

  112.             uksort($params, 'strcmp');
    113. 

  113.             // convert params to string 
    114. 

  114.             foreach ($params as $k => $v) {$urlPairs[] = $k."=".$v;}
    115. 

  115.             $concatenatedUrlParams = implode('&', $urlPairs);
    116. 

  116.             // form url
    117. 

  117.             $url = $endpoint."?".$concatenatedUrlParams;
    118. 

  118. 			
    119. 

  119.          // Send to cURL
    120. 

  120.          return $this->_http($url);          
    121. 

  121.     }  
    122. 

  122. 

  123. 	/**
    124. 

  124. 	 * Make the Curl Call to the Oauth Proivder
    125. 

  125. 	 *
    126. 

  126. 	 * @param	string	The URL to make the call to
    127. 

  127. 	 * @param	array	Array of post fields
    128. 

  128. 	 * @return	mixed	Could vary per provider
    129. 

  129. 	 */	
    130. 

  130.     private function _http($url, $post_data = null)
    131. 

  131.     {       
    132. 

  132.         $ch = curl_init();
    133. 

  133. 

  134.         curl_setopt($ch, CURLOPT_URL, $url);
    135. 

  135.         curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 30);
    136. 

  136.         curl_setopt($ch, CURLOPT_TIMEOUT, 30);
    137. 

  137.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
    138. 

  138.         curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
    139. 

  139. 

  140.         if(isset($post_data))
    141. 

  141.         {
    142. 

  142.             curl_setopt($ch, CURLOPT_POST, 1);
    143. 

  143.             curl_setopt($ch, CURLOPT_POSTFIELDS, $post_data);
    144. 

  144.         }
    145. 

  145. 

  146.         $response = curl_exec($ch);
    147. 

  147.         $this->http_status = curl_getinfo($ch, CURLINFO_HTTP_CODE);
    148. 

  148.         $this->last_api_call = $url;
    149. 

  149. 

  150.         return $response;
    151. 

  151.     }
    152. 

  152. 

  153. 	/**
    154. 

  154. 	 * URL Encode the request
    155. 

  155. 	 *
    156. 

  156. 	 * @param	mixed	The input array  / string
    157. 

  157. 	 * @return	mixed
    158. 

  158. 	 */	
    159. 

  159.     private function _urlencode_rfc3986($input)
    160. 

  160.     {
    161. 

  161.         if (is_array($input)) {
    162. 

  162.             return array_map(array('Oauth', '_urlencode_rfc3986'), $input);
    163. 

  163.         }
    164. 

  164.         else if (is_scalar($input)) {
    165. 

  165.             return str_replace('+',' ',str_replace('%7E', '~', rawurlencode($input)));
    166. 

  166.         }
    167. 

  167.         else{
    168. 

  168.             return '';
    169. 

  169.         }
    170. 

  170.     }
    171. 

  171. 	/**
    172. 

  172. 	 * Parses an XML response and creates an object using SimpleXML
    173. 

  173. 	 *
    174. 

  174. 	 * @param 	string	raw xml string
    175. 

  175. 	 * @return	object	response object
    176. 

  176. 	*/		
    177. 

  177. 	public function parse_xml($xml_str)
    178. 

  178. 	{
    179. 

  179. 		$xml_str = trim($xml_str);
    180. 

  180. 		$xml_str = preg_replace('/xmlns="(.+?)"/', '', $xml_str);
    181. 

  181. 		if($xml_str[0] != '<')
    182. 

  182. 		{
    183. 

  183. 			$xml_str = explode('<', $xml_str);
    184. 

  184. 			unset($xml_str[0]);
    185. 

  185. 			$xml_str = '<'.implode('<', $xml_str);
    186. 

  186. 		}
    187. 

  187. 		
    188. 

  188. 		$xml = new SimpleXMLElement($xml_str);
    189. 

  189. 		
    190. 

  190. 		return $xml;
    191. 

  191. 	}	
    192. 

  192. 	
    193. 

  193. 	/**
    194. 

  194. 	 * Normalize the response
    195. 

  195. 	 *
    196. 

  196. 	 * @param	string	The reponse status (success or failure)
    197. 

  197. 	 * @return	object	The response status and details
    198. 

  198. 	 */		
    199. 

  199. 	public function response($status, $details)
    200. 

  200. 	{
    201. 

  201. 		$return = array(
    202. 

  202. 			'status' => $status
    203. 

  203. 		);
    204. 

  204. 		
    205. 

  205. 		if(isset($details['token'])) $return['token'] = $details['token'];
    206. 

  206. 		
    207. 

  207. 		if(isset($details['token2'])) $return['token2'] = $details['token2'];
    208. 

  208. 		
    209. 

  209. 		if(isset($details['error'])) $return['error'] = $details['error'];
    210. 

  210. 		
    211. 

  211. 		if(isset($details['user'])) $return['user'] = $details['user'];
    212. 

  212. 		
    213. 

  213. 		return (object) $return;
    214. 

  214. 	}
    215. 

  215. }
    216. 

  216.