public function action_authorize() { if ($this->token and $this->token->token !== Arr::get($_GET, 'oauth_token')) { // Delete the token, it is not valid Cookie::delete($this->cookie); // Send the user back to the beginning Request::instance()->redirect($this->request->uri(array('action' => 'index'))); } // Get the verifier $verifier = Arr::get($_GET, 'oauth_verifier'); // Store the verifier in the token $this->token->verifier($verifier); // Exchange the request token for an access token $this->token = $this->provider->access_token($this->consumer, $this->token); // Store the access token Cookie::set($this->cookie, serialize($this->token)); // At this point, we need to retrieve a unique twitter id for the user. $response = OAuth_Request::factory('resource', 'GET', 'http://api.twitter.com/1/account/verify_credentials.json')->param('oauth_consumer_key', Kohana::config('oauth.twitter.key'))->param('oauth_token', $this->token)->sign(OAuth_Signature::factory('HMAC-SHA1'), $this->consumer, $this->token)->execute(); $response = json_decode($response); $twitter_id = $response->screen_name; $user = ORM::factory('user')->where('username', '=', $twitter_id)->find(); !$user->id and Request::instance()->redirect('/auth/confirm?id=' . $twitter_id); Auth::instance()->force_login($user); Session::instance()->set('notification', 'Succesfully logged in.'); Request::instance()->redirect('/'); }
public function action_complete() { if ($this->token AND $this->token->token !== Arr::get($_GET, 'oauth_token')) { // Delete the token, it is not valid Cookie::delete($this->cookie); // Send the user back to the beginning $this->request->redirect($this->request->uri(array('action' => 'index'))); } // Get the verifier $verifier = Arr::get($_GET, 'oauth_verifier'); // Store the verifier in the token $this->token->verifier($verifier); // Exchange the request token for an access token $this->token = $this->provider->access_token($this->consumer, $this->token); // Store the access token Cookie::set($this->cookie, serialize($this->token)); // At this point, we need to retrieve a unique twitter id for the user. // http://apiwiki.twitter.com/Twitter-REST-API-Method%3A-account%C2%A0verify_credentials // @todo try/catch? $response = OAuth_Request::factory('resource', 'GET', 'http://api.twitter.com/1/account/verify_credentials.json') ->param('oauth_consumer_key', Kohana::config('oauth.twitter.key')) ->param('oauth_token', $this->token) ->sign(OAuth_Signature::factory('HMAC-SHA1'), $this->consumer, $this->token) ->execute(); $response = json_decode($response); if ( ! $twitter_id = (int) $response->id) exit('error'); // Check whether that id exists in our users table (twitter_id field). $user = ORM::factory('user')->where('twitter_id', '=', $twitter_id)->find(); // If not, store the new twitter_id (as a new user). Also ask for signup info like email? if ( ! $user->loaded()) { // Add user $user->twitter_id = $twitter_id; $user->save(); // Give user the "login" and "user" role $user->add('roles', ORM::factory('role', array('name' => 'login'))); $user->add('roles', ORM::factory('role', array('name' => 'user'))); // @todo postpone give "user" role until after user completes the email field in his profile? } // If yes, log the user in and give him a normal auth session. Auth::instance()->force_login($user); $this->request->redirect(''); }
/** * Overloads default class properties from the options. * * Any of the provider options can be set here: * * Type | Option | Description | Default Value * ----------|---------------|------------------------------------------------|----------------- * mixed | signature | Signature method name or object | provider default * * @param array provider options * @return void */ public function __construct(array $options = NULL) { if (isset($options['signature'])) { // Set the signature method name or object $this->signature = $options['signature']; } if (!is_object($this->signature)) { // Convert the signature name into an object $this->signature = OAuth_Signature::factory($this->signature); } }
/** * Overloads default class properties from the options. * * Any of the provider options can be set here: * * Type | Option | Description | Default Value * ----------|---------------|------------------------------------------------|----------------- * mixed | signature | Signature method name or object | provider default * * @param array provider options * @return void */ public function __construct(array $options = NULL) { if (isset($options['signature'])) { // Set the signature method name or object $this->signature = $options['signature']; } if (!is_object($this->signature)) { // Convert the signature name into an object $this->signature = OAuth_Signature::factory($this->signature); } if (!$this->name) { // Attempt to guess the name from the class name $this->name = strtolower(substr(get_class($this), strlen('OAuth_Provider_'))); } }
/** * Sign the request, setting the `oauth_signature_method` and `oauth_signature`. * * @param OAuth_Signature signature * @param OAuth_Consumer consumer * @param OAuth_Token token * @return $this * @uses OAuth_Signature::sign */ public function sign(OAuth_Signature $signature, OAuth_Consumer $consumer, OAuth_Token $token = NULL) { // Create a new signature class from the method $this->param('oauth_signature_method', $signature->name); // Sign the request using the consumer and token $this->param('oauth_signature', $signature->sign($this, $consumer, $token)); return $this; }