Example #1
0
if (!isset($_GET['oauth_token'])) {
    echo "No token supplied.";
    exit;
}
require_once __DIR__ . '/../../lib/AutoLoader.php';
new AutoLoader();
try {
    $RequestToken = OAuthRequestTokenModel::loadFromToken($_GET['oauth_token'], Configuration::getDataStore());
} catch (DataStoreReadException $Exception) {
    echo $Exception->getMessage();
    exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['allow'])) {
    // User has no model, it just here by example, hence the open MySQL query
    // This is not a good way to actually store user data (plaintext password wtf)
    $DB = Configuration::getDataStore();
    $sql = "SELECT `user_id`, `user_name`, `user_password` FROM `user` WHERE `user_name` = '" . $DB->real_escape_string($_POST['user_name']) . "'";
    $result = $DB->query($sql);
    $row = $result->fetch_assoc();
    $result->close();
    if ($row['user_password'] != $_POST['user_password']) {
        echo "You hacker, be gone!";
        exit;
    }
    $verificationCode = OAuthProviderWrapper::generateToken();
    $RequestToken->setTokenVerificationCode($verificationCode);
    $RequestToken->setTokenUserId($row['user_id']);
    try {
        $RequestToken->save();
    } catch (DataStoreUpdateException $Exception) {
        echo $Exception->getMessage();
Example #2
0
<?php

/**
 * @author      Freek Lijten <*****@*****.**>
 */
require_once __DIR__ . '/../../lib/AutoLoader.php';
new AutoLoader();
$Provider = new OAuthProviderWrapper(OAuthProviderWrapper::TOKEN_VERIFY);
$response = $Provider->checkOAuthRequest();
if ($response !== true) {
    echo $response;
    exit;
}
try {
    $userId = $Provider->getUserId();
} catch (ProviderException $Exception) {
    $Exception->getMessage();
}
$sql = "SELECT * FROM `user_messages` WHERE `user_id` = '" . $userId . "'";
$result = Configuration::getDataStore()->query($sql);
$returnValue = "<messages>";
while ($row = $result->fetch_assoc()) {
    $returnValue .= "<message>" . $row['message_text'] . "</message>";
}
$returnValue .= "</messages>";
//Token is valid, lets output something
echo $returnValue;
<?php

/**
 * @Author	Freek Lijten
 */
require_once __DIR__ . '/../../lib/AutoLoader.php';
new AutoLoader();
//create consumer model
$Consumer = new OAuthConsumerModel(Configuration::getDataStore());
$Consumer->setConsumerCreateDate(time());
$Consumer->setConsumerKey(OAuthProviderWrapper::generateToken());
$Consumer->setConsumerSecret(OAuthProviderWrapper::generateToken());
try {
    $Consumer->save();
} catch (DataStoreCreateException $Exception) {
    echo $Exception->getMessage();
    exit;
}
echo "Consumer key: " . $Consumer->getConsumerKey() . "<br />Consumer secret: " . $Consumer->getConsumerSecret();
 /**
  * Checks if there is token information for the provided access token and sets the secret if it can be found.
  *
  * @static
  * @param 	$Provider
  * @return 	int
  */
 public static function checkAccessToken($Provider)
 {
     // Ideally this function should rethrow exceptions, but the internals of PECL's OAuth class
     // Expect one of the OAUTH constants to be returned. When left out an exception is thrown, negating
     // out exception thrown here.
     try {
         $DataStore = Configuration::getDataStore();
     } catch (DataStoreConnectException $Exception) {
         return OAUTH_TOKEN_REJECTED;
     }
     //Try to load the access token
     try {
         $AccessToken = OAuthAccessTokenModel::loadFromToken($Provider->token, $DataStore);
     } catch (DataStoreReadException $Exception) {
         return OAUTH_TOKEN_REJECTED;
     }
     //The consumer must be the same as the one this request token was originally issued for
     if ($AccessToken->getAccessTokenConsumerKey() != $Provider->consumer_key) {
         return OAUTH_TOKEN_REJECTED;
     }
     $Provider->token_secret = $AccessToken->getAccessTokenSecret();
     return OAUTH_OK;
 }