/**
* Construct the request to be verified
*
* @param string request
* @param string method
*/
function __construct($uri = null, $method = 'GET')
{
$this->store = elggconnect_get_oauth_store();
//OAuthStore::instance();
parent::__construct($uri, $method);
OAuthRequestLogger::start($this);
}
/**
* Construct the request to be signed. Parses or appends the parameters in the params url.
* When you supply an params array, then the params should not be urlencoded.
* When you supply a string, then it is assumed it is of the type application/x-www-form-urlencoded
*
* @param string request url
* @param string method PUT, GET, POST etc.
* @param mixed params string (for urlencoded data, or array with name/value pairs)
* @param string body optional body for PUT and/or POST requests
*/
function __construct($request, $method = 'GET', $params = null, $body = null)
{
$this->store = elggconnect_get_oauth_store();
//OAuthStore::instance();
if (is_string($params)) {
parent::__construct($request, $method, $params);
} else {
parent::__construct($request, $method);
if (is_array($params)) {
foreach ($params as $name => $value) {
$this->setParam($name, $value);
}
}
}
// With put/ post we might have a body (not for application/x-www-form-urlencoded requests)
if ($method == 'PUT' || $method == 'POST') {
$this->setBody($body);
}
}
/**
* Logs the request to the database, sends any cached output.
* Also called on shutdown, to make sure we always log the request being handled.
*/
static function flush()
{
if (OAuthRequestLogger::$logging) {
OAuthRequestLogger::$logging = false;
if (is_null(OAuthRequestLogger::$sent)) {
// What has been sent to the user-agent?
$data = ob_get_contents();
if (strlen($data) > 0) {
ob_end_flush();
} elseif (ob_get_level()) {
ob_end_clean();
}
$hs = headers_list();
$sent = implode("\n", $hs) . "\n\n" . $data;
} else {
// The request we sent
$sent = OAuthRequestLogger::$sent;
}
if (is_null(OAuthRequestLogger::$received)) {
// Build the request we received
$hs0 = getallheaders();
$hs = array();
foreach ($hs0 as $h => $v) {
$hs[] = "{$h}: {$v}";
}
$data = '';
$fh = @fopen('php://input', 'r');
if ($fh) {
while (!feof($fh)) {
$s = fread($fh, 1024);
if (is_string($s)) {
$data .= $s;
}
}
fclose($fh);
}
$received = implode("\n", $hs) . "\n\n" . $data;
} else {
// The answer we received
$received = OAuthRequestLogger::$received;
}
// The request base string
if (OAuthRequestLogger::$request_object) {
$base_string = OAuthRequestLogger::$request_object->signatureBaseString();
} else {
$base_string = '';
}
// Figure out to what keys we want to log this request
$keys = array();
if (OAuthRequestLogger::$request_object) {
$consumer_key = OAuthRequestLogger::$request_object->getParam('oauth_consumer_key', true);
$token = OAuthRequestLogger::$request_object->getParam('oauth_token', true);
switch (get_class(OAuthRequestLogger::$request_object)) {
// tokens are access/request tokens by a consumer
case 'OAuthServer':
case 'OAuthRequestVerifier':
$keys['ocr_consumer_key'] = $consumer_key;
$keys['oct_token'] = $token;
break;
// tokens are access/request tokens to a server
// tokens are access/request tokens to a server
case 'OAuthRequester':
case 'OAuthRequestSigner':
$keys['osr_consumer_key'] = $consumer_key;
$keys['ost_token'] = $token;
break;
}
}
// Log the request
if (OAuthRequestLogger::$store_log) {
$store = elggconnect_get_oauth_store();
//OAuthStore::instance();
$store->addLog($keys, $received, $sent, $base_string, OAuthRequestLogger::$note, OAuthRequestLogger::$user_id);
}
OAuthRequestLogger::$log[] = array('keys' => $keys, 'received' => $received, 'sent' => $sent, 'base_string' => $base_string, 'note' => OAuthRequestLogger::$note);
}
}
/**
* Exchange a request token for an access token.
* The exchange is only succesful iff the request token has been authorized.
*
* Never returns, calls exit() when token is exchanged or when error is returned.
*/
public function accessToken()
{
OAuthRequestLogger::start($this);
try {
$this->verify('request');
$options = array();
$ttl = $this->getParam('xoauth_token_ttl', false);
if ($ttl) {
$options['token_ttl'] = $ttl;
}
$store = elggconnect_get_oauth_store();
//OAuthStore::instance();
$token = $store->exchangeConsumerRequestForAccessToken($this->getParam('oauth_token', true), $options);
$result = 'oauth_token=' . $this->urlencode($token['token']) . '&oauth_token_secret=' . $this->urlencode($token['token_secret']);
if (!empty($token['token_ttl'])) {
$result .= '&xoauth_token_ttl=' . $this->urlencode($token['token_ttl']);
}
header('HTTP/1.1 200 OK');
header('Content-Length: ' . strlen($result));
header('Content-Type: application/x-www-form-urlencoded');
echo $result;
} catch (OAuthException $e) {
header('HTTP/1.1 401 Access Denied');
header('Content-Type: text/plain');
echo "OAuth Verification Failed: " . $e->getMessage();
}
OAuthRequestLogger::flush();
exit;
}
/**
* Request an access token from the site belonging to consumer_key.
* Before this we got an request token, now we want to exchange it for
* an access token.
*
* @param string consumer_key
* @param string token
* @param int usr_id user requesting the access token
* @param string method (optional) change the method of the request, defaults to POST (as it should be)
* @param array options (optional) extra options for request, eg token_ttl
* @exception OAuthException when no key could be fetched
* @exception OAuthException when no server with consumer_key registered
*/
static function requestAccessToken($consumer_key, $token, $usr_id, $method = 'POST', $options = array())
{
OAuthRequestLogger::start();
$store = elggconnect_get_oauth_store();
//OAuthStore::instance();
$r = $store->getServerTokenSecrets($consumer_key, $token, 'request', $usr_id);
$uri = $r['access_token_uri'];
$token_name = $r['token_name'];
// Delete the server request token, this one was for one use only
$store->deleteServerToken($consumer_key, $r['token'], 0, true);
// Try to exchange our request token for an access token
$oauth = new OAuthRequester($uri, $method);
if (isset($options['token_ttl']) && is_numeric($options['token_ttl'])) {
$oauth->setParam('xoauth_token_ttl', intval($options['token_ttl']));
}
OAuthRequestLogger::setRequestObject($oauth);
$oauth->sign($usr_id, $r);
$text = $oauth->curl_raw();
if (empty($text)) {
throw new OAuthException('No answer from the server "' . $uri . '" while requesting a request token');
}
$data = $oauth->curl_parse($text);
if ($data['code'] != 200) {
throw new OAuthException('Unexpected result from the server "' . $uri . '" (' . $data['code'] . ') while requesting a request token');
}
$token = array();
$params = explode('&', $data['body']);
foreach ($params as $p) {
@(list($name, $value) = explode('=', $p, 2));
$token[$oauth->urldecode($name)] = $oauth->urldecode($value);
}
if (!empty($token['oauth_token']) && !empty($token['oauth_token_secret'])) {
$opts = array();
$opts['name'] = $token_name;
if (isset($token['xoauth_token_ttl'])) {
$opts['token_ttl'] = $token['xoauth_token_ttl'];
}
$store->addServerToken($consumer_key, 'access', $token['oauth_token'], $token['oauth_token_secret'], $usr_id, $opts);
} else {
throw new OAuthException('The server "' . $uri . '" did not return the oauth_token or the oauth_token_secret');
}
OAuthRequestLogger::flush();
}
