/** * Connect Step 2 * * @return null */ public function actionConnectStep2() { $providerHandle = craft()->httpSession->get('oauth.console.providerHandle'); $referer = craft()->httpSession->get('oauth.console.referer'); // connect $provider = craft()->oauth->getProvider($providerHandle); if ($response = craft()->oauth->connect(array('plugin' => 'oauth', 'provider' => $providerHandle))) { if ($response['success']) { // token $token = $response['token']; $tokenArray = OauthHelper::tokenToArray($token); // save token craft()->httpSession->add('oauth.console.token.' . $providerHandle, $tokenArray); // session notice craft()->userSession->setNotice(Craft::t("Connected.")); } else { craft()->userSession->setError(Craft::t($response['errorMsg'])); } } else { // session error craft()->userSession->setError(Craft::t("Couldn’t connect")); } // redirect $this->redirect($referer); }
/** * construct an authorization url * * @param string $baseUrl * @param array $params * @return boolean */ protected function _buildAuthorizeUrl($baseUrl, $params) { $uri = OauthHelper::parseUri($baseUrl); if (!isset($uri['query'])) { $uri['query'] = array(); } $uri['query'] = array_merge($uri['query'], $params); return OauthHelper::buildUri($uri); }
/** * Connect * * @return null */ public function actionConnect() { $token = false; $success = false; $error = false; $errorMsg = false; // handle $providerHandle = craft()->httpSession->get('oauth.handle'); if (!$providerHandle) { $providerHandle = craft()->request->getParam('provider'); if ($providerHandle) { craft()->httpSession->add('oauth.handle', $providerHandle); } else { throw new Exception("Couldn’t retrieve OAuth provider."); } } // session vars $scope = craft()->httpSession->get('oauth.scope'); $authorizationOptions = craft()->httpSession->get('oauth.authorizationOptions'); $referer = craft()->httpSession->get('oauth.referer'); OauthPlugin::log('OAuth Connect - Connect with `' . $providerHandle . '` OAuth provider' . "\r\n" . 'Session Data: ' . print_r(['oauth.referer' => $referer, 'oauth.scope' => $scope, 'oauth.authorizationOptions' => $authorizationOptions], true) . "\r\n", LogLevel::Info); try { // provider $provider = craft()->oauth->getProvider($providerHandle); // connect $tokenResponse = $provider->connect(['scope' => $scope, 'authorizationOptions' => $authorizationOptions]); // token if ($tokenResponse) { $token = OauthHelper::realTokenToArray($tokenResponse); } else { throw new Exception("Error with token"); } $success = true; } catch (\League\OAuth2\Client\Provider\Exception\IdentityProviderException $e) { $error = true; $errorMsg = $e->getMessage(); if ($errorMsg == 'invalid_client') { $errorMsg = Craft::t("Invalid OAuth client ID or secret."); } } catch (\Exception $e) { $error = true; $errorMsg = $e->getMessage(); } // build up response $response = array('error' => $error, 'errorMsg' => $errorMsg, 'success' => $success, 'token' => $token); OauthPlugin::log("OAuth Connect - Response\r\n" . 'Session Data: ' . print_r(['oauth.response' => $response], true) . "\r\n", LogLevel::Info); craft()->httpSession->add('oauth.response', $response); // redirect $this->redirect($referer); }
/** * Connect * * @return null */ public function actionConnect() { $token = false; $success = false; $error = false; $errorMsg = false; // handle $providerHandle = craft()->httpSession->get('oauth.handle'); if (!$providerHandle) { $providerHandle = craft()->request->getParam('provider'); if ($providerHandle) { craft()->httpSession->add('oauth.handle', $providerHandle); } else { throw new Exception("Couldn’t retrieve OAuth provider."); } } // session vars $scope = craft()->httpSession->get('oauth.scope'); $authorizationOptions = craft()->httpSession->get('oauth.authorizationOptions'); $referer = craft()->httpSession->get('oauth.referer'); OauthPlugin::log('OAuth Connect - Step 2A' . "\r\n" . print_r(['handle' => $providerHandle, 'scope' => $scope, 'authorizationOptions' => $authorizationOptions, 'referer' => $referer], true), LogLevel::Info, true); try { // provider $provider = craft()->oauth->getProvider($providerHandle); // connect $tokenResponse = $provider->connect(['scope' => $scope, 'authorizationOptions' => $authorizationOptions]); // token if ($tokenResponse) { $token = OauthHelper::realTokenToArray($tokenResponse); } else { throw new Exception("Error with token"); } $success = true; } catch (\Exception $e) { $error = true; $errorMsg = $e->getMessage(); } // build up response $response = array('error' => $error, 'errorMsg' => $errorMsg, 'success' => $success, 'token' => $token); OauthPlugin::log('OAuth Connect - Step 2B' . "\r\n" . print_r(['response' => $response], true), LogLevel::Info, true); craft()->httpSession->add('oauth.response', $response); // redirect $this->redirect($referer); }
/** * Normalize parameter values. Parameters are sorted by name, using lexicographical byte value ordering. * If two or more parameters share the same name, they are sorted by their value. * Parameters are concatenated in their sorted order into a single string. * For each parameter, the name is separated from the corresponding value by an "=" character, * even if the value is empty. Each name-value pair is separated by an "&" character. */ public function normalize($params) { ksort($params); $paramList = array(); foreach ($params as $k => $values) { if (is_array($values)) { asort($values); foreach ($values as $v) { $paramList[] = OauthHelper::escape($k) . '=' . OauthHelper::escape($v); } } else { $paramList[] = OauthHelper::escape($k) . '=' . OauthHelper::escape($values); } } return implode('&', $paramList); }
/** * Creates a request and parses the result as url_encoded. This is used internally for the RequestToken and AccessToken requests. * * @param string $httpMethod * @param string $path * @param Token $token * @param array $requestOptions * @param array $params * @return array */ public function tokenRequest($httpMethod, $path, &$token = null, $requestOptions = array(), $params = array()) { $response = $this->request($httpMethod, $path, $token, $requestOptions, $params); $code = $response['status']['code']; if ($code >= 200 && $code <= 299) { //if ($response['status']['code'] == "200") {} if (substr($response['body'], 0, 4) == 'Fail') { throw new FailRequestException($response['body']); } $data = explode('&', $response['body']); OauthHelper::log($data); $result = array(); foreach ($data as $rec) { list($key, $value) = split('=', $rec); //$result[$key] = $value; $result[$key] = OauthHelper::unescape($value); } $response['status']['success'] = true; return $result; } elseif ($code >= 300 && $code <= 399) { $response['status']['success'] = false; } elseif ($code >= 400 && $code <= 499) { throw new UnauthorizedException($response); } else { $response['status']['success'] = false; } return false; }
/** * Get request parameter * * @return array */ public function parameters() { if (!empty($this->options['clobber_request'])) { if (isset($this->options['parameters'])) { $params = $this->options['parameters']; } else { $params = array(); } } else { $params = array_merge($this->__requestParams(), $this->__queryParams()); $params = array_merge($params, $this->headerParams()); if (isset($this->options['parameters'])) { $params = array_merge($params, $this->options['parameters']); } } ksort($params); OauthHelper::log($params); return $params; }
/** * Build url for redirection * * @return string */ protected function _gatherUrl() { $params = $this->Controller->params['url']; $url = $params['url']; unset($params['url']); if (count($params) > 0) { $url .= '?' . OauthHelper::mapper($params, '&', ''); } if (strlen($url) > 0 && strpos($url, 0, 1) != '/') { $url = '/' . $url; } if (strlen($url) == 0) { $url = '/'; } return $url; }
/** * Authorization header for OAuth * * @return string */ public function oauthHeader($options = array()) { $headerParams = array(); foreach ($this->oauthParameters() as $name => $value) { $headerParams[] = $name . '="' . OauthHelper::escape($value) . '"'; } $headerParamsStr = join(', ', $headerParams); if (!empty($this->options['realm'])) { $realm = 'realm="' . $this->options['realm'] . '", "'; } else { $realm = ''; } return "OAuth " . $realm . $headerParamsStr; }
/** * Constructor * */ public function __construct() { parent::__construct(OauthHelper::generateKey(16), OauthHelper::generateKey()); }
public function getToken() { return OauthHelper::getRealToken($this); }
/** * Connect * * @return null */ public function actionConnect() { // OAuth Step 2 $error = false; $success = false; $token = false; $errorMsg = false; try { // handle $this->handle = craft()->httpSession->get('oauth.handle'); if (!$this->handle) { $this->handle = craft()->request->getParam('provider'); craft()->httpSession->add('oauth.handle', $this->handle); } // session vars $this->scope = craft()->httpSession->get('oauth.scope'); $this->authorizationOptions = craft()->httpSession->get('oauth.authorizationOptions'); $this->referer = craft()->httpSession->get('oauth.referer'); OauthHelper::log('OAuth Connect - Step 2A' . "\r\n" . print_r(['handle' => $this->handle, 'scope' => $this->scope, 'authorizationOptions' => $this->authorizationOptions, 'referer' => $this->referer], true), LogLevel::Info, true); // google cancel if (craft()->request->getParam('error')) { throw new Exception("An error occured: " . craft()->request->getParam('error')); } // twitter cancel if (craft()->request->getParam('denied')) { throw new Exception("An error occured: " . craft()->request->getParam('denied')); } // provider $provider = craft()->oauth->getProvider($this->handle); // source oauth provider $oauthProvider = $provider->getProvider(); // init service switch ($provider->getOauthVersion()) { case 2: $state = craft()->request->getParam('state'); $code = craft()->request->getParam('code'); $oauth2state = craft()->httpSession->get('oauth2state'); if (is_null($code)) { OauthHelper::log('OAuth 2 Connect - Step 1', LogLevel::Info); $oauthProvider->setScopes($this->scope); $options = $this->authorizationOptions; if (!empty($this->authorizationOptions['access_type']) && $this->authorizationOptions['access_type'] == 'offline') { unset($this->authorizationOptions['access_type']); $oauthProvider->setAccessType('offline'); } $authorizationUrl = $oauthProvider->getAuthorizationUrl($options); craft()->httpSession->add('oauth2state', $oauthProvider->state); OauthHelper::log('OAuth 2 Connect - Step 1 - Data' . "\r\n" . print_r(['authorizationUrl' => $authorizationUrl, 'oauth2state' => craft()->httpSession->get('oauth2state')], true), LogLevel::Info); craft()->request->redirect($authorizationUrl); } elseif (!$state || $state !== $oauth2state) { OauthHelper::log('OAuth 2 Connect - Step 1.5' . "\r\n" . print_r(['error' => "Invalid state", 'state' => $state, 'oauth2state' => $oauth2state], true), LogLevel::Info, true); craft()->httpSession->remove('oauth2state'); throw new Exception("Invalid state"); } else { OauthHelper::log('OAuth 2 Connect - Step 2', LogLevel::Info, true); $token = $oauthProvider->getAccessToken('authorization_code', ['code' => $code]); OauthHelper::log('OAuth 2 Connect - Step 2 - Data' . "\r\n" . print_r(['code' => $code, 'token' => $token], true), LogLevel::Info, true); } break; case 1: $user = craft()->request->getParam('user'); $oauth_token = craft()->request->getParam('oauth_token'); $oauth_verifier = craft()->request->getParam('oauth_verifier'); $denied = craft()->request->getParam('denied'); // if(isset($_GET['user'])) // { // echo "user exists !"; // } // if ($user) // { // OauthHelper::log('OAuth 1 Connect - Step 3', LogLevel::Info, true); // if (!craft()->httpSession->get('token_credentials')) // { // throw new Exception("Token credentials not provided"); // } // $token = unserialize(craft()->httpSession->get('oauth2state')); // } // else if ($oauth_token && $oauth_verifier) { OauthHelper::log('OAuth 1 Connect - Step 2', LogLevel::Info, true); $temporaryCredentials = unserialize(craft()->httpSession->get('temporary_credentials')); $token = $oauthProvider->getTokenCredentials($temporaryCredentials, $oauth_token, $oauth_verifier); craft()->httpSession->add('token_credentials', serialize($token)); OauthHelper::log('OAuth 1 Connect - Step 2 - Data' . "\r\n" . print_r(['temporaryCredentials' => $temporaryCredentials, 'oauth_token' => $oauth_token, 'oauth_verifier' => $oauth_verifier, 'token' => $token], true), LogLevel::Info, true); } elseif ($denied) { OauthHelper::log('OAuth 1 Connect - Step 1.5' . "\r\n" . print_r(["Client access denied by the user"], true), LogLevel::Info, true); throw new Exception("Client access denied by the user"); } else { OauthHelper::log('OAuth 1 Connect - Step 1', LogLevel::Info, true); $temporaryCredentials = $oauthProvider->getTemporaryCredentials(); craft()->httpSession->add('temporary_credentials', serialize($temporaryCredentials)); $authorizationUrl = $oauthProvider->getAuthorizationUrl($temporaryCredentials); craft()->request->redirect($authorizationUrl); OauthHelper::log('OAuth 1 Connect - Step 1 - Data' . "\r\n" . print_r(['temporaryCredentials' => $temporaryCredentials, 'authorizationUrl' => $authorizationUrl], true), LogLevel::Info, true); } break; default: throw new Exception("Couldn't handle connect for this provider"); } $success = true; } catch (\Exception $e) { $error = true; $errorMsg = $e->getMessage(); } // we now have $token, build up response $tokenArray = null; if ($token) { $tokenArray = OauthHelper::realTokenToArray($token); } if (!is_array($tokenArray)) { throw new Exception("Error with token"); } $response = array('error' => $error, 'errorMsg' => $errorMsg, 'success' => $success, 'token' => $tokenArray); OauthHelper::log('OAuth Connect - Step 2B' . "\r\n" . print_r(['response' => $response], true), LogLevel::Info, true); craft()->httpSession->add('oauth.response', $response); // redirect $this->redirect($this->referer); }
/** * Connect * * @return null */ public function actionConnect() { $error = false; $success = false; $token = false; $errorMsg = false; try { // handle $this->handle = craft()->httpSession->get('oauth.handle'); if (!$this->handle) { $this->handle = craft()->request->getParam('provider'); craft()->httpSession->add('oauth.handle', $this->handle); } // session vars $this->scopes = craft()->httpSession->get('oauth.scopes'); $this->params = craft()->httpSession->get('oauth.params'); $this->referer = craft()->httpSession->get('oauth.referer'); // google cancel if (craft()->request->getParam('error')) { throw new Exception("An error occured: " . craft()->request->getParam('error')); } // twitter cancel if (craft()->request->getParam('denied')) { throw new Exception("An error occured: " . craft()->request->getParam('denied')); } // provider $provider = craft()->oauth->getProvider($this->handle); if (is_array($this->scopes)) { $provider->setScopes($this->scopes); } // init service switch ($provider->oauthVersion) { case 2: if (!isset($_GET['code'])) { $authUrl = $provider->getAuthorizationUrl($this->params); $_SESSION['oauth2state'] = $provider->getProvider()->state; header('Location: ' . $authUrl); exit; } elseif (empty($_GET['state']) || $_GET['state'] !== $_SESSION['oauth2state']) { unset($_SESSION['oauth2state']); throw new Exception("Invalid state"); } else { $token = $provider->getProvider()->getAccessToken('authorization_code', ['code' => $_GET['code']]); } break; case 1: if (isset($_GET['user'])) { if (!isset($_SESSION['token_credentials'])) { throw new Exception("Token credentials not provided"); } $token = unserialize($_SESSION['token_credentials']); } elseif (isset($_GET['oauth_token']) && isset($_GET['oauth_verifier'])) { $temporaryCredentials = unserialize($_SESSION['temporary_credentials']); $token = $provider->getProvider()->getTokenCredentials($temporaryCredentials, $_GET['oauth_token'], $_GET['oauth_verifier']); unset($_SESSION['temporary_credentials']); $_SESSION['token_credentials'] = serialize($token); } elseif (isset($_GET['denied'])) { throw new Exception("Client access denied by the user"); } else { $temporaryCredentials = $provider->getProvider()->getTemporaryCredentials(); $_SESSION['temporary_credentials'] = serialize($temporaryCredentials); $provider->getProvider()->authorize($temporaryCredentials); } break; default: throw new Exception("Couldn't handle connect for this provider"); } $success = true; } catch (\Exception $e) { $error = true; $errorMsg = $e->getMessage(); } // we now have $token, build up response $tokenArray = null; if ($token) { $tokenArray = OauthHelper::realTokenToArray($token); } $response = array('error' => $error, 'errorMsg' => $errorMsg, 'success' => $success, 'token' => $tokenArray); craft()->httpSession->add('oauth.response', $response); // redirect $this->redirect($this->referer); }
/** * Return query uri based on request configuration * * @return string */ public function query() { if (isset($this->sock->config['request']['uri']['query'])) { $qParams = $this->sock->config['request']['uri']['query']; if (is_array($qParams) && count($qParams) > 0) { $url = '' . OauthHelper::mapper($qParams, '&', ''); } elseif (is_string($qParams)) { $url = $qParams; } else { $url = ''; } return $url; } return ''; }
/** * Fetch query parameters * * @return string */ private function __queryParams() { $url = $this->request->query(); if (strlen($url) > 0) { $url = "?{$url}"; } return $url; if (isset($this->request->sock->config['request']['uri']['query'])) { $qParams = $this->request->sock->config['request']['uri']['query']; if (is_array($qParams) && count($qParams) > 0) { $url = '?' . OauthHelper::mapper($qParams, '&', ''); } elseif (is_string($qParams)) { $url = $qParams; } else { $url = '?'; } return $url; } else { return ''; } }
/** * Secret key for request * * @return string */ protected function _secret() { OauthHelper::log($this->escape($this->consumerSecret) . '&' . $this->escape($this->tokenSecret)); return $this->consumerSecret . '&' . $this->escape($this->tokenSecret); }