/**
* Load oauth parameters from GET or POST
*
* @access public
* @param string $flag default [ FALSE ]
* @return void
*/
public function __construct(array $args)
{
$params = array();
// Load oauth_token from form-encoded body
isset($_SERVER['CONTENT_TYPE']) or $_SERVER['CONTENT_TYPE'] = getenv('CONTENT_TYPE');
// oauth_token already send in authorization header or the encrypt Content-Type is not single-part
if (stripos($_SERVER['CONTENT_TYPE'], 'application/x-www-form-urlencoded') === FALSE) {
throw new Oauth2_Exception_Token('invalid_request');
} else {
// Check all required parameters should NOT be empty
foreach ($args as $key => $val) {
if ($val === TRUE) {
if (isset($_POST[$key]) and $value = Oauth2::urldecode($_POST[$key])) {
$params[$key] = $value;
} else {
throw new Oauth2_Exception_Token('invalid_request');
}
}
}
}
$this->code = $params['code'];
$this->client_id = $params['client_id'];
unset($params['code'], $params['client_id']);
$this->_params = $params;
}
/**
* Load oauth parameters from GET or POST
*
* @access public
* @param string $flag default [ FALSE ]
* @return void
*/
public function __construct(array $args)
{
$params = array();
// Parse the "state" paramter
if (isset($_GET['state']) and $state = Oauth2::urldecode($_GET['state'])) {
$this->state = $state;
unset($_GET['state']);
}
// Check all required parameters should NOT be empty
foreach ($args as $key => $val) {
if ($val === TRUE) {
if (isset($_GET[$key]) and $value = Oauth2::urldecode($_GET[$key])) {
$params[$key] = $value;
} else {
$e = new Oauth2_Exception_Authorize('invalid_request');
$e->redirect_uri = isset($params['redirect_uri']) ? $params['redirect_uri'] : Oauth2::urldecode($_GET['redirect_uri']);
$e->state = $this->state;
throw $e;
}
}
}
$this->client_id = $params['client_id'];
$this->redirect_uri = $params['redirect_uri'];
// Remove all required parameters
unset($params['client_id'], $params['redirect_uri']);
$this->_params = $params;
}
/**
* Load request parameters from Authorization header, URI-Query parameters, Form-Encoded Body
*
* @access public
* @param string $args default [ NULL ]
* @return void
*/
public function __construct(array $args)
{
$params = array();
// Load oauth_token from form-encoded body
isset($_SERVER['CONTENT_TYPE']) or $_SERVER['CONTENT_TYPE'] = getenv('CONTENT_TYPE');
// oauth_token already send in authorization header or the encrypt Content-Type is not single-part
if (stripos($_SERVER['CONTENT_TYPE'], 'application/x-www-form-urlencoded') === FALSE) {
throw new Oauth2_Exception_Token('invalid_request');
} else {
if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) {
$_POST += array('client_id' => $_SERVER['PHP_AUTH_USER'], 'client_secret' => $_SERVER['PHP_AUTH_PW']);
}
// TODO Digest HTTP authentication
//else if( ! empty($_SERVER['PHP_AUTH_DIGEST']) AND $digest = parent::parse_digest($_SERVER['PHP_AUTH_DIGEST']))
//{
// $_POST += array('client_id' => $digest['username'], 'client_secret' => $digest['']);
//}
// Check all required parameters should NOT be empty
foreach ($args as $key => $val) {
if ($val === TRUE) {
if (isset($_POST[$key]) and $value = Oauth2::urldecode($_POST[$key])) {
$params[$key] = $value;
} else {
throw new Oauth2_Exception_Token('invalid_request');
}
}
}
}
$this->_params = $params;
}
/**
* Load request parameters from Authorization header, URI-Query parameters or Form-Encoded Body
*
* @access public
* @param string $args parameters are required, `array('oauth_token' => TRUE,)`
* @return void
*/
public function __construct(array $args)
{
$params = array();
/**
* Load oauth token from authorization header
*/
isset($_SERVER['HTTP_AUTHORIZATION']) or $_SERVER['HTTP_AUTHORIZATION'] = getenv('HTTP_AUTHORIZATION');
if (substr($_SERVER['HTTP_AUTHORIZATION'], 0, 12) === 'OAuth token=') {
$offset = 0;
$pattern = '/(([-_a-z]*)=("([^"]*)"|([^,]*)),?)/';
while (preg_match($pattern, $_SERVER['HTTP_AUTHORIZATION'], $matches, PREG_OFFSET_CAPTURE, $offset) > 0) {
$match = $matches[0];
$name = $matches[2][0];
$offset = $match[1] + strlen($match[0]);
if ($value = Oauth2::urldecode(isset($matches[5]) ? $matches[5][0] : $matches[4][0])) {
$params[$name] = $value;
}
}
}
// Replace the name of token to oauth_token
if (isset($params['token'])) {
$params['oauth_token'] = $params['token'];
unset($params['token']);
// Check all required parameters should NOT be empty
foreach ($args as $key => $val) {
if ($val === TRUE) {
if (!empty($params[$key])) {
throw new Oauth2_Exception_Access('invalid_request');
}
}
}
}
/**
* Load oauth_token from form-encoded body
*/
if (isset($_POST['oauth_token'])) {
isset($_SERVER['CONTENT_TYPE']) or $_SERVER['CONTENT_TYPE'] = getenv('CONTENT_TYPE');
// oauth_token already send in authorization header or the encrypt Content-Type is not single-part
if (isset($params['oauth_token']) or stripos($_SERVER['CONTENT_TYPE'], 'application/x-www-form-urlencoded') === FALSE) {
throw new Oauth2_Exception_Access('invalid_request');
} else {
// Check all required parameters should NOT be empty
foreach ($args as $key => $val) {
if ($val === TRUE) {
if (isset($_POST[$key]) and $value = Oauth2::urldecode($_POST[$key])) {
$params[$key] = $value;
} else {
throw new Oauth2_Exception_Access('invalid_request');
}
}
}
}
}
/**
* Load oauth_token from uri-query component
*/
if (isset($_GET['oauth_token'])) {
// oauth_token already send in authorization header or form-encoded body
if (isset($params['oauth_token'])) {
throw new Oauth2_Exception_Access('invalid_request');
} else {
// Check all required parameters should NOT be empty
foreach ($args as $key => $val) {
if ($val === TRUE) {
if (isset($_GET[$key]) and $value = Oauth2::urldecode($_GET[$key])) {
$params[$key] = $value;
} else {
throw new Oauth2_Exception_Access('invalid_request');
}
}
}
}
}
if (empty($params)) {
throw new Oauth2_Exception_Access('invalid_request');
}
$this->oauth_token = $params['oauth_token'];
unset($params['oauth_token']);
$this->_params = $params;
}
/**
* Utility function for turning the Authorization: header into parameters
* has to do some unescaping
* Can filter out any non-oauth parameters if needed (default behaviour)
*
* @access public
* @param string $headers
* @param string $oauth_only default [ TRUE ]
* @return array
*/
public static function parse_header()
{
$offset = 0;
$params = array();
$pattern = '/(([-_a-z]*)=("([^"]*)"|([^,]*)),?)/';
if (isset($_SERVER['HTTP_AUTHORIZATION']) && substr($_SERVER['HTTP_AUTHORIZATION'], 0, 12) === 'Token token=') {
while (preg_match($pattern, $_SERVER['HTTP_AUTHORIZATION'], $matches, PREG_OFFSET_CAPTURE, $offset) > 0) {
$match = $matches[0];
$name = $matches[2][0];
$content = isset($matches[5]) ? $matches[5][0] : $matches[4][0];
$params[$name] = Oauth2::urldecode($content);
$offset = $match[1] + strlen($match[0]);
}
}
unset($params['realm']);
return $params;
}
