function lookup_consumer($consumer_key)
{
$consumEnt = oauth_lookup_consumer_entity($consumer_key);
if ($consumEnt) {
return oauth_consumer_from_entity($consumEnt);
} else {
return NULL;
}
}
<?php
// must be logged in
gatekeeper();
global $CONFIG, $SESSION;
// Get the logged in user
$user = get_loggedin_user();
$consumer_key = get_input('consumer_key');
$return_to = html_entity_decode(get_input('return_to'));
$user_auth = html_entity_decode(get_input('user_auth'));
$request_url = html_entity_decode(get_input('request_url'));
$access_url = html_entity_decode(get_input('access_url'));
// make our consumer object
$consumEnt = oauth_lookup_consumer_entity($consumer_key);
$consumer = oauth_consumer_from_entity($consumEnt);
// get a new request token
if ($consumEnt->revA) {
$token = oauth_get_new_request_token($consumer, $request_url, $consumEnt->callbackUrl);
} else {
$token = oauth_get_new_request_token($consumer, $request_url);
}
if ($token != null) {
// save our token
if ($consumEnt->revA) {
$tokEnt = oauth_save_request_token($token, $consumer, $user, $consumEnt->callbackUrl);
} else {
$tokEnt = oauth_save_request_token($token, $consumer, $user);
}
// save our information to the session and send the user off to get the token validated
$SESSION['oauth_return_to'] = $return_to;
$SESSION['oauth_token'] = $tokEnt->getGUID();
<?php
global $CONFIG;
// must be logged in to use this page
gatekeeper();
$user = get_loggedin_user();
// TODO: check against oauth-based login to disable one token signing another
$tokenKey = get_input('oauth_token');
$tokEnt = oauth_lookup_token_entity($tokenKey, 'request');
if ($tokEnt) {
// sign the token and tie it to this user
$tokEnt->owner_guid = $user->getGUID();
$tokEnt->container_guid = $user->getGUID();
$tokEnt->save();
// get our consumer
$consumEnt = oauth_lookup_consumer_entity($tokEnt->consumerKey);
if ($consumEnt->revA) {
// Rev A requires we create a verifier
$verifier = oauth_generate_verifier();
$tokEnt->verifier = $verifier;
$url = $tokEnt->callbackUrl;
// make sure the callback url is a proper extension of the registered one if it exists
if ($consumEnt->callbackUrl) {
if (!$url || !strstr($url, $consumEnt->callbackUrl)) {
$url = $consumEnt->callbackUrl;
}
}
if ($url && $url != 'oob') {
// Pick the correct separator to use
$separator = "?";
if (strpos($url, "?") !== false) {
<?php
global $CONFIG;
try {
$server = oauth_get_server();
$req = OAuthRequest::from_request(null, null, oauth_get_params());
$token = $server->fetch_request_token($req);
$consumEnt = oauth_lookup_consumer_entity($req->get_parameter('oauth_consumer_key'));
$tokEnt = oauth_lookup_token_entity($token->key, 'request', $consumEnt);
if ($consumEnt->revA) {
// make sure the callback url is a proper extension of the registered one if it exists
if ($consumEnt->callbackUrl) {
if (!$tokEnt->callbackUrl || !strstr($tokEnt->callbackUrl, $consumEnt->callbackUrl)) {
throw new OAuthException('Callback URL does not match registered value');
}
}
}
// save the nonce
$consumerKey = $req->get_parameter('oauth_consumer_key');
$nonce = $req->get_parameter('oauth_nonce');
// save our nonce for later checking
oauth_save_nonce($consumerKey, $nonce);
echo $token;
if ($consumEnt->revA) {
// add the callback confirmed tag
echo '&oauth_callback_confirmed=true';
}
} catch (OAuthException $e) {
header('', true, 401);
// return HTTP 401: Not Authorized
echo $e->getMessage() . "\n<hr />\n";
function oauth_cron_cleanup($hook, $entity_type, $returnvalue, $params)
{
elgg_set_ignore_access(true);
$nonces = elgg_get_entities(array('type' => 'object', 'subtype' => 'oauthnonce', 'limit' => 0));
$deleted = 0;
$now = time();
foreach ($nonces as $nonce) {
//print 'Now: ' . $now . "\n" . 'Exp: ' . $nonce->expires;
//print "\n\n";
if ($now > $nonce->expires) {
$nonce->delete();
$deleted++;
}
}
$tokens = elgg_get_entities(array('type' => 'object', 'subtype' => 'oauthtoken', 'limit' => 0));
$tokenTimeout = 60 * 60;
// unclaimed request tokens are good for one hour
$tdeleted = 0;
foreach ($tokens as $token) {
$consumEnt = oauth_lookup_consumer_entity($token->consumerKey);
if (!$consumEnt) {
// no consumer entity, delete it
$token->delete();
$tdeleted++;
} else {
if ($token->requestToken && $token->accessToken) {
// both flavors of token, clean the request token
// Should this actually be a delete?
$token->clearMetaData('requestToken');
$tdeleted++;
} else {
if ($token->requestToken && $now > $token->getTimeCreated() + $tokenTimeout) {
$token->delete();
$tdeleted++;
} else {
if ($token->accessToken && $token->callbackUrl) {
$token->clearMetaData('callbackUrl');
}
}
}
}
}
elgg_set_ignore_access(false);
if ($deleted || $tdeleted) {
print 'Cleaned up ' . $deleted . ' OAuth nonces and ' . $tdeleted . ' OAuth tokens';
print "\n";
}
}
