/**
* The 3 legged oauth class needs a way to store the access key and token
* it uses the apiCache class to do so.
*
* Constructing this class will initiate the 3 legged oauth work flow, including redirecting
* to the OAuth provider's site if required(!)
*
* @param string $consumerKey
* @param string $consumerSecret
* @return apiOAuth3Legged the logged-in provider instance
*/
public function authenticate($service)
{
global $apiConfig;
$this->service = $service;
$this->service['authorization_token_url'] .= '?scope=' . apiClientOAuthUtil::urlencodeRFC3986($service['scope']) . '&domain=' . apiClientOAuthUtil::urlencodeRFC3986($apiConfig['site_name']) . '&oauth_token=';
if (isset($_GET['oauth_verifier']) && isset($_GET['oauth_token']) && isset($_GET['uid'])) {
$uid = $_GET['uid'];
$secret = $this->cache->get($this->cacheKey . ":nonce:" . $uid);
$this->cache->delete($this->cacheKey . ":nonce:" . $uid);
$token = $this->upgradeRequestToken($_GET['oauth_token'], $secret, $_GET['oauth_verifier']);
return json_encode($token);
} else {
// Initialize the OAuth dance, first request a request token, then kick the client to the authorize URL
// First we store the current URL in our cache, so that when the oauth dance is completed we can return there
$callbackUrl = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 'https://' : 'http://') . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
$uid = uniqid();
$token = $this->obtainRequestToken($callbackUrl, $uid);
$this->cache->set($this->cacheKey . ":nonce:" . $uid, $token->secret);
$this->redirectToAuthorization($token);
}
}
/**
* builds the Authorization: header
*/
public function to_header()
{
$out = 'Authorization: OAuth ';
$total = array();
foreach ($this->parameters as $k => $v) {
if (substr($k, 0, 5) != "oauth") {
continue;
}
$out .= apiClientOAuthUtil::urlencodeRFC3986($k) . '="' . apiClientOAuthUtil::urlencodeRFC3986($v) . '", ';
}
$out = substr_replace($out, '', strlen($out) - 2);
return $out;
}
