function verify_token() { if (!isset($_REQUEST['nonce']) || !wp_verify_nonce($_REQUEST['nonce'], 'keyring-verify-' . $this->get_name())) { Keyring::error(__('Invalid/missing verification nonce.', 'keyring')); exit; } // Load up the request token that got us here and globalize it if ($_REQUEST['state']) { global $keyring_request_token; $state = (int) $_REQUEST['state']; $keyring_request_token = $this->store->get_token(array('id' => $state, 'type' => 'request')); Keyring_Util::debug('xAuth/Instapaper Loaded Request Token ' . $_REQUEST['state']); Keyring_Util::debug($keyring_request_token); // Remove request token, don't need it any more. $this->store->delete(array('id' => $state, 'type' => 'request')); } if (!strlen($_POST['username'])) { $url = Keyring_Util::admin_url($this->get_name(), array('action' => 'request', 'error' => 'empty', 'kr_nonce' => wp_create_nonce('keyring-request'))); Keyring_Util::debug($url); wp_safe_redirect($url); exit; } $body = array('x_auth_mode' => 'client_auth', 'x_auth_password' => $_POST['password'], 'x_auth_username' => $_POST['username']); ksort($body); $this->set_token(new Keyring_Access_Token($this->get_name(), null, array())); $res = $this->request($this->access_token_url, array('method' => $this->access_token_method, 'raw_response' => true, 'body' => $body)); Keyring_Util::debug('OAuth1 Access Token Response'); Keyring_Util::debug($res); // We will get a 401 if they entered an incorrect user/pass combo. ::request // will then return a Keyring_Error if (Keyring_Util::is_error($res)) { $url = Keyring_Util::admin_url($this->get_name(), array('action' => 'request', 'error' => '401', 'kr_nonce' => wp_create_nonce('keyring-request'))); Keyring_Util::debug($url); wp_safe_redirect($url); exit; } parse_str($res, $token); $meta = array_merge(array('username' => $_POST['username']), $this->build_token_meta($token)); $access_token = new Keyring_Access_Token($this->get_name(), new OAuthToken($token['oauth_token'], $token['oauth_token_secret']), $meta); $access_token = apply_filters('keyring_access_token', $access_token); // If we didn't get a 401, then we'll assume it's OK $id = $this->store_token($access_token); $this->verified($id, $keyring_request_token); }
function request($url, array $params = array()) { Keyring_Util::debug($url); if ($this->requires_token() && empty($this->token)) { return new Keyring_Error('keyring-request-error', __('No token')); } $token = $this->token ? $this->token : null; if (!is_null($token)) { if ($this->authorization_header) { // type can be OAuth, Bearer, ... $params['headers']['Authorization'] = $this->authorization_header . ' ' . (string) $token; } else { $url = add_query_arg(array($this->authorization_parameter => urlencode((string) $token)), $url); } } $raw_response = false; if (isset($params['raw_response'])) { $raw_response = (bool) $params['raw_response']; unset($params['raw_response']); } $method = 'GET'; if (isset($params['method'])) { $method = strtoupper($params['method']); unset($params['method']); } Keyring_Util::debug('OAuth2 Params'); Keyring_Util::debug($params); switch (strtoupper($method)) { case 'GET': $res = wp_remote_get($url, $params); break; case 'POST': $params = array_merge(array('sslverify' => false), $params); $res = wp_remote_post($url, $params); break; default: $params = array_merge(array('method' => $method, 'sslverify' => false), $params); $res = wp_remote_request($url, $params); break; } Keyring_Util::debug('OAuth2 Response'); Keyring_Util::debug($res); $this->set_request_response_code(wp_remote_retrieve_response_code($res)); if (in_array(wp_remote_retrieve_response_code($res), array(200, 201, 202))) { if ($raw_response) { return wp_remote_retrieve_body($res); } else { return $this->parse_response(wp_remote_retrieve_body($res)); } } else { return new Keyring_Error('keyring-request-error', $res); } }
function verified($id, $request_token = null) { $c = get_called_class(); // If something else needs to be done, do it do_action('keyring_connection_verified', $c::NAME, $id, $request_token); // Back to Keyring admin, with ?service=SERVICE&created=UNIQUE_ID&kr_nonce=NONCE $kr_nonce = wp_create_nonce('keyring-created'); $url = apply_filters('keyring_verified_redirect', Keyring_Util::admin_url($c::NAME, array('action' => 'created', 'id' => $id, 'kr_nonce' => $kr_nonce)), $c::NAME); Keyring_Util::debug('Verified connection, redirect to ' . $url); wp_safe_redirect($url); exit; }
static function connect_to($service, $for) { Keyring_Util::debug('Connect to: ' . $service); // Redirect into Keyring's auth handler if a valid service is provided $kr_nonce = wp_create_nonce('keyring-request'); $request_nonce = wp_create_nonce('keyring-request-' . $service); wp_safe_redirect(Keyring_Util::admin_url($service, array('action' => 'request', 'kr_nonce' => $kr_nonce, 'nonce' => $request_nonce, 'for' => $for))); exit; }
function request($url, array $params = array()) { if ($this->requires_token() && empty($this->token)) { return new Keyring_Error('keyring-request-error', __('No token', 'keyring')); } $raw_response = false; if (isset($params['raw_response'])) { $raw_response = (bool) $params['raw_response']; unset($params['raw_response']); } $method = 'GET'; if (isset($params['method'])) { $method = strtoupper($params['method']); unset($params['method']); } $sign_parameters = true; if (isset($params['sign_parameters'])) { $sign_parameters = (bool) $params['sign_parameters']; unset($params['sign_parameters']); } // Should be an OAuthToken object $token = $this->token->token ? $this->token->token : null; Keyring_Util::debug($token); $sign_vars = false; if (isset($params['body']) && $sign_parameters) { if (is_string($params['body'])) { wp_parse_str($params['body'], $sign_vars); } else { if (is_array($params['body'])) { $sign_vars = $params['body']; } } } $req = $this->prepare_request($token, $method, $url, $sign_vars); $request_url = (string) $req; if ($this->token && $this->authorization_header) { $header = $req->to_header($this->authorization_realm); // Gives a complete header string, not just the second half $bits = explode(': ', $header, 2); $params['headers']['Authorization'] = $bits[1]; // This hack was introduced for Instapaper (http://stackoverflow.com/a/9645033/1507683), which is overly strict on // header formatting, but it doesn't seem to cause problems anywhere else. $params['headers']['Authorization'] = str_replace('",', '", ', $params['headers']['Authorization']); Keyring_Util::debug('OAuth1 Authorization Header'); Keyring_Util::debug($params['headers']['Authorization']); // oauth_verifier was probably added directly to the URL, need to manually remove it $request_url = remove_query_arg('oauth_verifier', $url); } $query = ''; $parsed = parse_url($request_url); if (!empty($parsed['query']) && 'POST' == $method) { $request_url = str_replace('?' . $parsed['query'], '', $request_url); $query = $parsed['query']; } Keyring_Util::debug("OAuth1 Request URL: {$request_url}"); switch ($method) { case 'GET': Keyring_Util::debug('OAuth1 GET ' . $request_url); $res = wp_remote_get($request_url, $params); break; case 'POST': $params = array_merge(array('body' => $query, 'sslverify' => false), $params); Keyring_Util::debug('OAuth1 POST ' . $request_url); Keyring_Util::debug($params); $res = wp_remote_post($request_url, $params); break; case 'PUT': $params = array_merge(array('method' => 'PUT'), $params); $res = wp_remote_request($request_url, $params); break; default: Keyring::error(__('Unsupported method specified.', 'keyring')); exit; } Keyring_Util::debug($res); $this->set_request_response_code(wp_remote_retrieve_response_code($res)); if (200 == wp_remote_retrieve_response_code($res) || 201 == wp_remote_retrieve_response_code($res)) { if ($raw_response) { return wp_remote_retrieve_body($res); } else { return $this->parse_response(wp_remote_retrieve_body($res)); } } else { return new Keyring_Error('keyring-request-error', $res); } }
function request($url, array $params = array()) { if ($this->requires_token() && empty($this->token)) { return new Keyring_Error('keyring-request-error', __('No token')); } if ($this->requires_token()) { $params['headers'] = array('Authorization' => 'Basic ' . $this->token); } $method = 'GET'; if (isset($params['method'])) { $method = strtoupper($params['method']); unset($params['method']); } $raw_response = false; if (isset($params['raw_response'])) { $raw_response = (bool) $params['raw_response']; unset($params['raw_response']); } Keyring_Util::debug("HTTP Basic {$method} {$url}"); Keyring_Util::debug($params); switch (strtoupper($method)) { case 'GET': $res = wp_remote_get($url, $params); break; case 'POST': $res = wp_remote_post($url, $params); break; default: Keyring::error(__('Unsupported method specified for verify_token.', 'keyring')); exit; } Keyring_Util::debug($res); $this->set_request_response_code(wp_remote_retrieve_response_code($res)); if (200 == wp_remote_retrieve_response_code($res) || 201 == wp_remote_retrieve_response_code($res)) { if ($raw_response) { return wp_remote_retrieve_body($res); } else { return $this->parse_response(wp_remote_retrieve_body($res)); } } else { return new Keyring_Error('keyring-request-error', $res); } }