/**
* Connect Step 2
*
* @return null
*/
public function actionConnectStep2()
{
$providerHandle = craft()->httpSession->get('oauth.console.providerHandle');
$referer = craft()->httpSession->get('oauth.console.referer');
// connect
$provider = craft()->oauth->getProvider($providerHandle);
if ($response = craft()->oauth->connect(array('plugin' => 'oauth', 'provider' => $providerHandle))) {
if ($response['success']) {
// token
$token = $response['token'];
$tokenArray = OauthHelper::tokenToArray($token);
// save token
craft()->httpSession->add('oauth.console.token.' . $providerHandle, $tokenArray);
// session notice
craft()->userSession->setNotice(Craft::t("Connected."));
} else {
craft()->userSession->setError(Craft::t($response['errorMsg']));
}
} else {
// session error
craft()->userSession->setError(Craft::t("Couldn’t connect"));
}
// redirect
$this->redirect($referer);
}
/**
* construct an authorization url
*
* @param string $baseUrl
* @param array $params
* @return boolean
*/
protected function _buildAuthorizeUrl($baseUrl, $params)
{
$uri = OauthHelper::parseUri($baseUrl);
if (!isset($uri['query'])) {
$uri['query'] = array();
}
$uri['query'] = array_merge($uri['query'], $params);
return OauthHelper::buildUri($uri);
}
/**
* Connect
*
* @return null
*/
public function actionConnect()
{
$token = false;
$success = false;
$error = false;
$errorMsg = false;
// handle
$providerHandle = craft()->httpSession->get('oauth.handle');
if (!$providerHandle) {
$providerHandle = craft()->request->getParam('provider');
if ($providerHandle) {
craft()->httpSession->add('oauth.handle', $providerHandle);
} else {
throw new Exception("Couldn’t retrieve OAuth provider.");
}
}
// session vars
$scope = craft()->httpSession->get('oauth.scope');
$authorizationOptions = craft()->httpSession->get('oauth.authorizationOptions');
$referer = craft()->httpSession->get('oauth.referer');
OauthPlugin::log('OAuth Connect - Connect with `' . $providerHandle . '` OAuth provider' . "\r\n" . 'Session Data: ' . print_r(['oauth.referer' => $referer, 'oauth.scope' => $scope, 'oauth.authorizationOptions' => $authorizationOptions], true) . "\r\n", LogLevel::Info);
try {
// provider
$provider = craft()->oauth->getProvider($providerHandle);
// connect
$tokenResponse = $provider->connect(['scope' => $scope, 'authorizationOptions' => $authorizationOptions]);
// token
if ($tokenResponse) {
$token = OauthHelper::realTokenToArray($tokenResponse);
} else {
throw new Exception("Error with token");
}
$success = true;
} catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) {
$error = true;
$errorMsg = $e->getMessage();
if ($errorMsg == 'invalid_client') {
$errorMsg = Craft::t("Invalid OAuth client ID or secret.");
}
} catch (\Exception $e) {
$error = true;
$errorMsg = $e->getMessage();
}
// build up response
$response = array('error' => $error, 'errorMsg' => $errorMsg, 'success' => $success, 'token' => $token);
OauthPlugin::log("OAuth Connect - Response\r\n" . 'Session Data: ' . print_r(['oauth.response' => $response], true) . "\r\n", LogLevel::Info);
craft()->httpSession->add('oauth.response', $response);
// redirect
$this->redirect($referer);
}
/**
* Connect
*
* @return null
*/
public function actionConnect()
{
$token = false;
$success = false;
$error = false;
$errorMsg = false;
// handle
$providerHandle = craft()->httpSession->get('oauth.handle');
if (!$providerHandle) {
$providerHandle = craft()->request->getParam('provider');
if ($providerHandle) {
craft()->httpSession->add('oauth.handle', $providerHandle);
} else {
throw new Exception("Couldn’t retrieve OAuth provider.");
}
}
// session vars
$scope = craft()->httpSession->get('oauth.scope');
$authorizationOptions = craft()->httpSession->get('oauth.authorizationOptions');
$referer = craft()->httpSession->get('oauth.referer');
OauthPlugin::log('OAuth Connect - Step 2A' . "\r\n" . print_r(['handle' => $providerHandle, 'scope' => $scope, 'authorizationOptions' => $authorizationOptions, 'referer' => $referer], true), LogLevel::Info, true);
try {
// provider
$provider = craft()->oauth->getProvider($providerHandle);
// connect
$tokenResponse = $provider->connect(['scope' => $scope, 'authorizationOptions' => $authorizationOptions]);
// token
if ($tokenResponse) {
$token = OauthHelper::realTokenToArray($tokenResponse);
} else {
throw new Exception("Error with token");
}
$success = true;
} catch (\Exception $e) {
$error = true;
$errorMsg = $e->getMessage();
}
// build up response
$response = array('error' => $error, 'errorMsg' => $errorMsg, 'success' => $success, 'token' => $token);
OauthPlugin::log('OAuth Connect - Step 2B' . "\r\n" . print_r(['response' => $response], true), LogLevel::Info, true);
craft()->httpSession->add('oauth.response', $response);
// redirect
$this->redirect($referer);
}
/**
* Normalize parameter values. Parameters are sorted by name, using lexicographical byte value ordering.
* If two or more parameters share the same name, they are sorted by their value.
* Parameters are concatenated in their sorted order into a single string.
* For each parameter, the name is separated from the corresponding value by an "=" character,
* even if the value is empty. Each name-value pair is separated by an "&" character.
*/
public function normalize($params)
{
ksort($params);
$paramList = array();
foreach ($params as $k => $values) {
if (is_array($values)) {
asort($values);
foreach ($values as $v) {
$paramList[] = OauthHelper::escape($k) . '=' . OauthHelper::escape($v);
}
} else {
$paramList[] = OauthHelper::escape($k) . '=' . OauthHelper::escape($values);
}
}
return implode('&', $paramList);
}
/**
* Creates a request and parses the result as url_encoded. This is used internally for the RequestToken and AccessToken requests.
*
* @param string $httpMethod
* @param string $path
* @param Token $token
* @param array $requestOptions
* @param array $params
* @return array
*/
public function tokenRequest($httpMethod, $path, &$token = null, $requestOptions = array(), $params = array())
{
$response = $this->request($httpMethod, $path, $token, $requestOptions, $params);
$code = $response['status']['code'];
if ($code >= 200 && $code <= 299) {
//if ($response['status']['code'] == "200") {}
if (substr($response['body'], 0, 4) == 'Fail') {
throw new FailRequestException($response['body']);
}
$data = explode('&', $response['body']);
OauthHelper::log($data);
$result = array();
foreach ($data as $rec) {
list($key, $value) = split('=', $rec);
//$result[$key] = $value;
$result[$key] = OauthHelper::unescape($value);
}
$response['status']['success'] = true;
return $result;
} elseif ($code >= 300 && $code <= 399) {
$response['status']['success'] = false;
} elseif ($code >= 400 && $code <= 499) {
throw new UnauthorizedException($response);
} else {
$response['status']['success'] = false;
}
return false;
}
/**
* Get request parameter
*
* @return array
*/
public function parameters()
{
if (!empty($this->options['clobber_request'])) {
if (isset($this->options['parameters'])) {
$params = $this->options['parameters'];
} else {
$params = array();
}
} else {
$params = array_merge($this->__requestParams(), $this->__queryParams());
$params = array_merge($params, $this->headerParams());
if (isset($this->options['parameters'])) {
$params = array_merge($params, $this->options['parameters']);
}
}
ksort($params);
OauthHelper::log($params);
return $params;
}
/**
* Build url for redirection
*
* @return string
*/
protected function _gatherUrl()
{
$params = $this->Controller->params['url'];
$url = $params['url'];
unset($params['url']);
if (count($params) > 0) {
$url .= '?' . OauthHelper::mapper($params, '&', '');
}
if (strlen($url) > 0 && strpos($url, 0, 1) != '/') {
$url = '/' . $url;
}
if (strlen($url) == 0) {
$url = '/';
}
return $url;
}
/**
* Authorization header for OAuth
*
* @return string
*/
public function oauthHeader($options = array())
{
$headerParams = array();
foreach ($this->oauthParameters() as $name => $value) {
$headerParams[] = $name . '="' . OauthHelper::escape($value) . '"';
}
$headerParamsStr = join(', ', $headerParams);
if (!empty($this->options['realm'])) {
$realm = 'realm="' . $this->options['realm'] . '", "';
} else {
$realm = '';
}
return "OAuth " . $realm . $headerParamsStr;
}
/**
* Constructor
*
*/
public function __construct()
{
parent::__construct(OauthHelper::generateKey(16), OauthHelper::generateKey());
}
public function getToken()
{
return OauthHelper::getRealToken($this);
}
/**
* Connect
*
* @return null
*/
public function actionConnect()
{
// OAuth Step 2
$error = false;
$success = false;
$token = false;
$errorMsg = false;
try {
// handle
$this->handle = craft()->httpSession->get('oauth.handle');
if (!$this->handle) {
$this->handle = craft()->request->getParam('provider');
craft()->httpSession->add('oauth.handle', $this->handle);
}
// session vars
$this->scope = craft()->httpSession->get('oauth.scope');
$this->authorizationOptions = craft()->httpSession->get('oauth.authorizationOptions');
$this->referer = craft()->httpSession->get('oauth.referer');
OauthHelper::log('OAuth Connect - Step 2A' . "\r\n" . print_r(['handle' => $this->handle, 'scope' => $this->scope, 'authorizationOptions' => $this->authorizationOptions, 'referer' => $this->referer], true), LogLevel::Info, true);
// google cancel
if (craft()->request->getParam('error')) {
throw new Exception("An error occured: " . craft()->request->getParam('error'));
}
// twitter cancel
if (craft()->request->getParam('denied')) {
throw new Exception("An error occured: " . craft()->request->getParam('denied'));
}
// provider
$provider = craft()->oauth->getProvider($this->handle);
// source oauth provider
$oauthProvider = $provider->getProvider();
// init service
switch ($provider->getOauthVersion()) {
case 2:
$state = craft()->request->getParam('state');
$code = craft()->request->getParam('code');
$oauth2state = craft()->httpSession->get('oauth2state');
if (is_null($code)) {
OauthHelper::log('OAuth 2 Connect - Step 1', LogLevel::Info);
$oauthProvider->setScopes($this->scope);
$options = $this->authorizationOptions;
if (!empty($this->authorizationOptions['access_type']) && $this->authorizationOptions['access_type'] == 'offline') {
unset($this->authorizationOptions['access_type']);
$oauthProvider->setAccessType('offline');
}
$authorizationUrl = $oauthProvider->getAuthorizationUrl($options);
craft()->httpSession->add('oauth2state', $oauthProvider->state);
OauthHelper::log('OAuth 2 Connect - Step 1 - Data' . "\r\n" . print_r(['authorizationUrl' => $authorizationUrl, 'oauth2state' => craft()->httpSession->get('oauth2state')], true), LogLevel::Info);
craft()->request->redirect($authorizationUrl);
} elseif (!$state || $state !== $oauth2state) {
OauthHelper::log('OAuth 2 Connect - Step 1.5' . "\r\n" . print_r(['error' => "Invalid state", 'state' => $state, 'oauth2state' => $oauth2state], true), LogLevel::Info, true);
craft()->httpSession->remove('oauth2state');
throw new Exception("Invalid state");
} else {
OauthHelper::log('OAuth 2 Connect - Step 2', LogLevel::Info, true);
$token = $oauthProvider->getAccessToken('authorization_code', ['code' => $code]);
OauthHelper::log('OAuth 2 Connect - Step 2 - Data' . "\r\n" . print_r(['code' => $code, 'token' => $token], true), LogLevel::Info, true);
}
break;
case 1:
$user = craft()->request->getParam('user');
$oauth_token = craft()->request->getParam('oauth_token');
$oauth_verifier = craft()->request->getParam('oauth_verifier');
$denied = craft()->request->getParam('denied');
// if(isset($_GET['user']))
// {
// echo "user exists !";
// }
// if ($user)
// {
// OauthHelper::log('OAuth 1 Connect - Step 3', LogLevel::Info, true);
// if (!craft()->httpSession->get('token_credentials'))
// {
// throw new Exception("Token credentials not provided");
// }
// $token = unserialize(craft()->httpSession->get('oauth2state'));
// }
// else
if ($oauth_token && $oauth_verifier) {
OauthHelper::log('OAuth 1 Connect - Step 2', LogLevel::Info, true);
$temporaryCredentials = unserialize(craft()->httpSession->get('temporary_credentials'));
$token = $oauthProvider->getTokenCredentials($temporaryCredentials, $oauth_token, $oauth_verifier);
craft()->httpSession->add('token_credentials', serialize($token));
OauthHelper::log('OAuth 1 Connect - Step 2 - Data' . "\r\n" . print_r(['temporaryCredentials' => $temporaryCredentials, 'oauth_token' => $oauth_token, 'oauth_verifier' => $oauth_verifier, 'token' => $token], true), LogLevel::Info, true);
} elseif ($denied) {
OauthHelper::log('OAuth 1 Connect - Step 1.5' . "\r\n" . print_r(["Client access denied by the user"], true), LogLevel::Info, true);
throw new Exception("Client access denied by the user");
} else {
OauthHelper::log('OAuth 1 Connect - Step 1', LogLevel::Info, true);
$temporaryCredentials = $oauthProvider->getTemporaryCredentials();
craft()->httpSession->add('temporary_credentials', serialize($temporaryCredentials));
$authorizationUrl = $oauthProvider->getAuthorizationUrl($temporaryCredentials);
craft()->request->redirect($authorizationUrl);
OauthHelper::log('OAuth 1 Connect - Step 1 - Data' . "\r\n" . print_r(['temporaryCredentials' => $temporaryCredentials, 'authorizationUrl' => $authorizationUrl], true), LogLevel::Info, true);
}
break;
default:
throw new Exception("Couldn't handle connect for this provider");
}
$success = true;
} catch (\Exception $e) {
$error = true;
$errorMsg = $e->getMessage();
}
// we now have $token, build up response
$tokenArray = null;
if ($token) {
$tokenArray = OauthHelper::realTokenToArray($token);
}
if (!is_array($tokenArray)) {
throw new Exception("Error with token");
}
$response = array('error' => $error, 'errorMsg' => $errorMsg, 'success' => $success, 'token' => $tokenArray);
OauthHelper::log('OAuth Connect - Step 2B' . "\r\n" . print_r(['response' => $response], true), LogLevel::Info, true);
craft()->httpSession->add('oauth.response', $response);
// redirect
$this->redirect($this->referer);
}
/**
* Connect
*
* @return null
*/
public function actionConnect()
{
$error = false;
$success = false;
$token = false;
$errorMsg = false;
try {
// handle
$this->handle = craft()->httpSession->get('oauth.handle');
if (!$this->handle) {
$this->handle = craft()->request->getParam('provider');
craft()->httpSession->add('oauth.handle', $this->handle);
}
// session vars
$this->scopes = craft()->httpSession->get('oauth.scopes');
$this->params = craft()->httpSession->get('oauth.params');
$this->referer = craft()->httpSession->get('oauth.referer');
// google cancel
if (craft()->request->getParam('error')) {
throw new Exception("An error occured: " . craft()->request->getParam('error'));
}
// twitter cancel
if (craft()->request->getParam('denied')) {
throw new Exception("An error occured: " . craft()->request->getParam('denied'));
}
// provider
$provider = craft()->oauth->getProvider($this->handle);
if (is_array($this->scopes)) {
$provider->setScopes($this->scopes);
}
// init service
switch ($provider->oauthVersion) {
case 2:
if (!isset($_GET['code'])) {
$authUrl = $provider->getAuthorizationUrl($this->params);
$_SESSION['oauth2state'] = $provider->getProvider()->state;
header('Location: ' . $authUrl);
exit;
} elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) {
unset($_SESSION['oauth2state']);
throw new Exception("Invalid state");
} else {
$token = $provider->getProvider()->getAccessToken('authorization_code', ['code' => $_GET['code']]);
}
break;
case 1:
if (isset($_GET['user'])) {
if (!isset($_SESSION['token_credentials'])) {
throw new Exception("Token credentials not provided");
}
$token = unserialize($_SESSION['token_credentials']);
} elseif (isset($_GET['oauth_token']) && isset($_GET['oauth_verifier'])) {
$temporaryCredentials = unserialize($_SESSION['temporary_credentials']);
$token = $provider->getProvider()->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']);
unset($_SESSION['temporary_credentials']);
$_SESSION['token_credentials'] = serialize($token);
} elseif (isset($_GET['denied'])) {
throw new Exception("Client access denied by the user");
} else {
$temporaryCredentials = $provider->getProvider()->getTemporaryCredentials();
$_SESSION['temporary_credentials'] = serialize($temporaryCredentials);
$provider->getProvider()->authorize($temporaryCredentials);
}
break;
default:
throw new Exception("Couldn't handle connect for this provider");
}
$success = true;
} catch (\Exception $e) {
$error = true;
$errorMsg = $e->getMessage();
}
// we now have $token, build up response
$tokenArray = null;
if ($token) {
$tokenArray = OauthHelper::realTokenToArray($token);
}
$response = array('error' => $error, 'errorMsg' => $errorMsg, 'success' => $success, 'token' => $tokenArray);
craft()->httpSession->add('oauth.response', $response);
// redirect
$this->redirect($this->referer);
}
/**
* Return query uri based on request configuration
*
* @return string
*/
public function query()
{
if (isset($this->sock->config['request']['uri']['query'])) {
$qParams = $this->sock->config['request']['uri']['query'];
if (is_array($qParams) && count($qParams) > 0) {
$url = '' . OauthHelper::mapper($qParams, '&', '');
} elseif (is_string($qParams)) {
$url = $qParams;
} else {
$url = '';
}
return $url;
}
return '';
}
/**
* Fetch query parameters
*
* @return string
*/
private function __queryParams()
{
$url = $this->request->query();
if (strlen($url) > 0) {
$url = "?{$url}";
}
return $url;
if (isset($this->request->sock->config['request']['uri']['query'])) {
$qParams = $this->request->sock->config['request']['uri']['query'];
if (is_array($qParams) && count($qParams) > 0) {
$url = '?' . OauthHelper::mapper($qParams, '&', '');
} elseif (is_string($qParams)) {
$url = $qParams;
} else {
$url = '?';
}
return $url;
} else {
return '';
}
}
/**
* Secret key for request
*
* @return string
*/
protected function _secret()
{
OauthHelper::log($this->escape($this->consumerSecret) . '&' . $this->escape($this->tokenSecret));
return $this->consumerSecret . '&' . $this->escape($this->tokenSecret);
}
