public function verify() { static $result = null; if ($result === null) { $db = Application::database(); $options = array('key' => $this->request->authorization['oauth_consumer_key'], 'limit' => 1); $rows = $db->view('applications/channel', $options); $secret = $rows[0]['value']['secret']; $time = $base_string = array(); $base_string['oauth_consumer_key'] = $this->request->authorization['oauth_consumer_key']; $base_string['oauth_nonce'] = $this->request->authorization['oauth_nonce']; $base_string['oauth_signature_method'] = $this->request->authorization['oauth_signature_method']; $base_string['oauth_timestamp'] = $this->request->authorization['oauth_timestamp']; $base_string['oauth_token'] = ''; $base_string['oauth_version'] = $this->request->authorization['oauth_version']; $string = $_SERVER['REQUEST_METHOD'] . "&http://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'] . "&" . http_build_query($base_string); $string = urlencode($string); $signature = base64_encode(hash_hmac('sha1', $string, $secret, true)); $sig1 = base64_decode(urldecode($this->request->authorization['oauth_signature'])); $sig2 = base64_decode($signature); $result = rawurlencode($sig1) == rawurlencode($sig2); } return $result; }
require $_SERVER['DOCUMENT_ROOT'] . '/application/services/api/system/Environment.php'; require $_SERVER['DOCUMENT_ROOT'] . '/application/forms/custom/api/StoryPut.php'; $request = new RenegadeRequest(); if ($request->isAuthorized) { $input = fopen("php://input", "r"); $document = stream_get_contents($input); fclose($input); $form = new StoryPut($document); $form->process(); if ($form->isValid()) { $filename = basename($_SERVER['REQUEST_URI']); $data = $form->formData(); if (!isset($data['language'])) { $data['language'] = 'en'; } $data['type'] = Configuration::kStoryType; $data = json_encode($data); $db = Application::database(); $result = $db->put($data, $filename); unset($result['ok']); unset($result['rev']); echo json_encode($result); } else { $error = array('error' => 'Invalid Story'); echo json_encode($error); } } else { $error = array('error' => 'Not Authorized'); echo json_encode($error); }