/** * 認証する * * @param string $authorizationData OAuth認証データ * @return void * @throws InvalidArgumentException, T2P_Exception */ public function verify($authorizationData) { if (!is_string($authorizationData) || strpos($authorizationData, 'OAuth ') !== 0) { throw new InvalidArgumentException('invalid authorization data'); } // リクエスト $ctx = stream_context_create(array('http' => array('header' => "Authorization: {$authorizationData}\r\n", 'user_agent' => __CLASS__))); $json = file_get_contents($this->serviceProvider, false, $ctx); t2p_get_logger()->dumpOAuthResponse($http_response_header, $json); // HTTPヘッダを解析 $headers = array(); $code = 0; foreach ($http_response_header as $header) { if (preg_match('/^HTTP\\/1\\.[01] (\\d+)/', $header, $matches)) { $code = intval($matches[1]); } elseif (strpos($header, ':') !== false) { list($key, $value) = explode(':', $header, 2); $headers[strtoupper(trim($key))] = trim($value); } } // 200 OK以外なら例外をスロー if ($code !== 200) { $e = new T2P_Exception('verification failed'); if ($code > 200) { $e->setHttpResponseCode($code); } throw $e; } return array('headers' => $headers, 'data' => json_decode($json, true)); }
<?php /** * API用エントリーポイント * * @package tweetie2photozou */ require __DIR__ . '/../webapp/config/bootstrap.php'; $logger = t2p_get_logger(); // リクエストを検証 if ($_SERVER['REQUEST_METHOD'] === 'POST' && array_key_exists('HTTP_X_AUTH_SERVICE_PROVIDER', $_SERVER) && array_key_exists('HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION', $_SERVER) && array_key_exists('message', $_POST) && is_string($_POST['message']) && array_key_exists('media', $_FILES) && is_array($_FILES['media']) && is_string($_FILES['media']['name']) && is_string($_FILES['media']['type']) && is_string($_FILES['media']['tmp_name']) && is_int($_FILES['media']['error']) && is_int($_FILES['media']['size'])) { $logger->dumpValidRequest(); } else { $logger->dumpInvalidRequest(); header('Content-Type: text/plain', true, 400); echo "invalid request\n"; return; } // 画像をリネーム $media = t2p_rename_media($_FILES['media']['tmp_name']); if ($media === false) { header('Content-Type: text/plain', true, 500); echo "cannot rename the media\n"; return; } // 認証&ポスト try { $oauth = new T2P_OAuth_Echo($_SERVER['HTTP_X_AUTH_SERVICE_PROVIDER']); $result = $oauth->verify($_SERVER['HTTP_X_VERIFY_CREDENTIALS_AUTHORIZATION']); $proxy = t2p_get_proxy($result['data']); $uri = $proxy->upload($media, $_POST['message']);