function lookup_consumer($consumer_key) { $consumEnt = oauth_lookup_consumer_entity($consumer_key); if ($consumEnt) { return oauth_consumer_from_entity($consumEnt); } else { return NULL; } }
<?php // must be logged in gatekeeper(); global $CONFIG, $SESSION; // Get the logged in user $user = get_loggedin_user(); $consumer_key = get_input('consumer_key'); $return_to = html_entity_decode(get_input('return_to')); $user_auth = html_entity_decode(get_input('user_auth')); $request_url = html_entity_decode(get_input('request_url')); $access_url = html_entity_decode(get_input('access_url')); // make our consumer object $consumEnt = oauth_lookup_consumer_entity($consumer_key); $consumer = oauth_consumer_from_entity($consumEnt); // get a new request token if ($consumEnt->revA) { $token = oauth_get_new_request_token($consumer, $request_url, $consumEnt->callbackUrl); } else { $token = oauth_get_new_request_token($consumer, $request_url); } if ($token != null) { // save our token if ($consumEnt->revA) { $tokEnt = oauth_save_request_token($token, $consumer, $user, $consumEnt->callbackUrl); } else { $tokEnt = oauth_save_request_token($token, $consumer, $user); } // save our information to the session and send the user off to get the token validated $SESSION['oauth_return_to'] = $return_to; $SESSION['oauth_token'] = $tokEnt->getGUID();
<?php global $CONFIG; // must be logged in to use this page gatekeeper(); $user = get_loggedin_user(); // TODO: check against oauth-based login to disable one token signing another $tokenKey = get_input('oauth_token'); $tokEnt = oauth_lookup_token_entity($tokenKey, 'request'); if ($tokEnt) { // sign the token and tie it to this user $tokEnt->owner_guid = $user->getGUID(); $tokEnt->container_guid = $user->getGUID(); $tokEnt->save(); // get our consumer $consumEnt = oauth_lookup_consumer_entity($tokEnt->consumerKey); if ($consumEnt->revA) { // Rev A requires we create a verifier $verifier = oauth_generate_verifier(); $tokEnt->verifier = $verifier; $url = $tokEnt->callbackUrl; // make sure the callback url is a proper extension of the registered one if it exists if ($consumEnt->callbackUrl) { if (!$url || !strstr($url, $consumEnt->callbackUrl)) { $url = $consumEnt->callbackUrl; } } if ($url && $url != 'oob') { // Pick the correct separator to use $separator = "?"; if (strpos($url, "?") !== false) {
<?php global $CONFIG; try { $server = oauth_get_server(); $req = OAuthRequest::from_request(null, null, oauth_get_params()); $token = $server->fetch_request_token($req); $consumEnt = oauth_lookup_consumer_entity($req->get_parameter('oauth_consumer_key')); $tokEnt = oauth_lookup_token_entity($token->key, 'request', $consumEnt); if ($consumEnt->revA) { // make sure the callback url is a proper extension of the registered one if it exists if ($consumEnt->callbackUrl) { if (!$tokEnt->callbackUrl || !strstr($tokEnt->callbackUrl, $consumEnt->callbackUrl)) { throw new OAuthException('Callback URL does not match registered value'); } } } // save the nonce $consumerKey = $req->get_parameter('oauth_consumer_key'); $nonce = $req->get_parameter('oauth_nonce'); // save our nonce for later checking oauth_save_nonce($consumerKey, $nonce); echo $token; if ($consumEnt->revA) { // add the callback confirmed tag echo '&oauth_callback_confirmed=true'; } } catch (OAuthException $e) { header('', true, 401); // return HTTP 401: Not Authorized echo $e->getMessage() . "\n<hr />\n";
function oauth_cron_cleanup($hook, $entity_type, $returnvalue, $params) { elgg_set_ignore_access(true); $nonces = elgg_get_entities(array('type' => 'object', 'subtype' => 'oauthnonce', 'limit' => 0)); $deleted = 0; $now = time(); foreach ($nonces as $nonce) { //print 'Now: ' . $now . "\n" . 'Exp: ' . $nonce->expires; //print "\n\n"; if ($now > $nonce->expires) { $nonce->delete(); $deleted++; } } $tokens = elgg_get_entities(array('type' => 'object', 'subtype' => 'oauthtoken', 'limit' => 0)); $tokenTimeout = 60 * 60; // unclaimed request tokens are good for one hour $tdeleted = 0; foreach ($tokens as $token) { $consumEnt = oauth_lookup_consumer_entity($token->consumerKey); if (!$consumEnt) { // no consumer entity, delete it $token->delete(); $tdeleted++; } else { if ($token->requestToken && $token->accessToken) { // both flavors of token, clean the request token // Should this actually be a delete? $token->clearMetaData('requestToken'); $tdeleted++; } else { if ($token->requestToken && $now > $token->getTimeCreated() + $tokenTimeout) { $token->delete(); $tdeleted++; } else { if ($token->accessToken && $token->callbackUrl) { $token->clearMetaData('callbackUrl'); } } } } } elgg_set_ignore_access(false); if ($deleted || $tdeleted) { print 'Cleaned up ' . $deleted . ' OAuth nonces and ' . $tdeleted . ' OAuth tokens'; print "\n"; } }