private function checkConnection()
{
if (!isset($this->isvalid)) {
Neuron_Auth_OAuthStore::getStore();
if (OAuthRequestVerifier::requestIsSigned()) {
try {
$this->request = new OAuthRequestVerifier();
$req = $this->request;
$user_id = $req->verify();
// If we have an user_id, then login as that user (for this request)
if ($user_id) {
$this->userid = $user_id;
$this->isvalid = true;
return true;
}
} catch (OAuthException $e) {
// The request was signed, but failed verification
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: OAuth realm=""');
header('Content-Type: text/plain; charset=utf8');
echo $e->getMessage();
exit;
}
}
}
return false;
}
function request_is_signed()
{
try {
return OAuthRequestVerifier::requestIsSigned();
} catch (OAuthException2 $e) {
return FALSE;
}
}
public static function getConsummerKey()
{
self::storeInstance();
if (OAuthRequestVerifier::requestIsSigned()) {
try {
$req = new OAuthRequestVerifier();
$key = $req->getParam('oauth_consumer_key');
} catch (OAuthException $e) {
sfContext::getInstance()->getLogger()->err("oauthSecurityManager::checkAuthorized exception");
sfContext::getInstance()->getLogger()->err("Message: " + $e->getMessage());
$this->sendNotAuthorized();
}
} else {
sfContext::getInstance()->getLogger()->err("oauthSecurityManager::checkAuthorized request not signed");
$this->sendNotAuthorized();
}
return $key;
}
public function direct()
{
if (OAuthRequestVerifier::requestIsSigned()) {
try {
$req = new OAuthRequestVerifier();
$authUid = $req->verify();
if ($authUid) {
$registry = Zend_Registry::getInstance();
$people = Ml_Model_People::getInstance();
$authedUserInfo = $people->getById($authUid);
$registry->set("authedUserInfo", $authedUserInfo);
}
} catch (OAuthException $e) {
//If user authentication fails
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: OAuth realm=""');
header('Content-Type: text/plain; charset=utf8');
throw $e;
}
}
}
public function authorization()
{
if (OAuthRequestVerifier::requestIsSigned()) {
try {
$req = new OAuthRequestVerifier();
$user_id = $req->verify();
// If we have an user_id, then login as that user (for this request)
if ($user_id) {
self::setUid($user_id);
//这是 oauth 访问
self::$_oauth = true;
// **** Add your own code here ****
}
} catch (OAuthException $e) {
$msg = $e->getMessage();
throw new CHttpException(401, $msg);
exit;
}
} else {
$msg = "Can't verify request, missing oauth_consumer_key or oauth_token";
throw new CHttpException(401, $msg);
exit;
}
}
}
break;
case 'oauth':
Debug::LogEntry('audit', 'OAuth Webservice call');
Kit::ClassLoader('ServiceOAuth');
$oauth = new ServiceOAuth();
if (method_exists($oauth, $method)) {
$oauth->{$method}();
} else {
$serviceResponse->ErrorServerError('Unknown Request.');
}
break;
case 'rest':
$serviceResponse->StartTransaction();
// OAuth authorization.
if (OAuthRequestVerifier::requestIsSigned()) {
try {
$request = new OAuthRequestVerifier();
$userID = $request->verify();
if ($userID) {
// Create the login control system.
$userClass = Config::GetSetting('userModule');
$userClass = explode('.', $userClass);
Kit::ClassLoader($userClass[0]);
// Create a user.
$user = new User($db);
// Log this user in.
if (!$user->LoginServices($userID)) {
$serviceResponse->ErrorServerError('Unknown User.');
}
} else {
public static function isSigned()
{
return OAuthRequestVerifier::requestIsSigned();
}
/**
* This function checks if the request is CORS valid, if not checks for an authentication and setup the auth routes
*/
function checkOAuth()
{
global $validOrigins;
if (isset($_SERVER['HTTP_ORIGIN']) && in_array($_SERVER['HTTP_ORIGIN'], $validOrigins)) {
return;
}
//Command to generate the Request Tokens
$this->addRouteCommand(new RouteCommand("POST", "auth", "requestToken", function ($params = NULL) {
if (empty($_POST["userId"])) {
$this->showError(400);
}
$store = OAuthStore::instance('PDO', array('conn' => DBController::$db));
$key = $store->updateConsumer($_POST, $_POST["userId"], true);
$c = $store->getConsumer($key, $_POST["userId"]);
$result["key"] = $c["consumer_key"];
$result["secret"] = $c["consumer_secret"];
$this->showResult($result);
}, array("userId"), "Request a new token"));
// Create a new instance of OAuthStore and OAuthServer
$store = OAuthStore::instance('PDO', array('conn' => DBController::$db));
$server = new OAuthServer();
ResterUtils::Log(">> CHECKING OAUTH " . $_SERVER['REQUEST_METHOD']);
if (OAuthRequestVerifier::requestIsSigned()) {
//If the request is signed, allow from any source
header('Access-Control-Allow-Origin: *');
try {
$req = new OAuthRequestVerifier();
$id = $req->verify(false);
ResterUtils::Log("*** API USER " . $id . " ***");
} catch (OAuthException2 $e) {
// The request was signed, but failed verification
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: OAuth realm=""');
header('Content-Type: text/plain; charset=utf8');
ResterUtils::Log(">> OAUTH ERROR >> " . $e->getMessage());
exit;
}
} else {
ResterUtils::Log(">> OAUTH: Unsigned request");
if (isset($validOrigins)) {
foreach ($validOrigins as $origin) {
ResterUtils::Log(">> ADD ORIGIN: " . $origin);
header('Access-Control-Allow-Origin: ' . $origin);
}
} else {
//TODO; CHECK ORIGIN
header('HTTP/1.1 401 Unauthorized');
header('WWW-Authenticate: OAuth realm=""');
header('Content-Type: text/plain; charset=utf8');
echo "Authentication error";
ResterUtils::Log(">> OAUTH ERROR >> Request not signed");
ResterUtils::Log("*** AUTH ERROR *** ===>");
exit;
}
//$this->showError(401);
}
}
public function authorization()
{
// $data = $_REQUEST;
// $data = OAuthRequestLogger::getAllHeaders();
// $data = $_SERVER;
// $data = $_ENV;
// $headers = array_merge($_ENV, $_SERVER);
// $retarr = array();
// foreach ($headers as $key => $val) {
// //we need this header
// if (strpos(strtolower($key), 'content-type') !== FALSE)
// continue;
// if (strtoupper(substr($key, 0, 5)) != "HTTP_")
// unset($headers[$key]);
// $headers[$key] = 'xxxxxxxxxxxxxxxxx';
// }
// Normalize this array to Cased-Like-This structure.
// foreach ($headers AS $key => $value) {
// $key = preg_replace('/^HTTP_/i', '', $key);
// $key = str_replace(
// " ",
// "-",
// ucwords(strtolower(str_replace(array("-", "_"), " ", $key)))
// );
// $retarr[$key] = $value;
// }
// ksort($retarr);
// self::d($data);
// exit();
if (OAuthRequestVerifier::requestIsSigned()) {
// $data = $_SERVER;
// self::d($data);
// exit();
try {
$req = new OAuthRequestVerifier();
$user_id = $req->verify();
// If we have an user_id, then login as that user (for this request)
if ($user_id) {
self::setUid($user_id);
//This is oauth Access
self::$_oauth = true;
// **** Add your own code here ****
} else {
}
} catch (OAuthException $e) {
$msg = $e->getMessage();
throw new CHttpException(401, $msg);
exit;
}
} else {
// $data = $_REQUEST;
// $data = OAuthRequestLogger::getAllHeaders();
// $data = $_SERVER;
// self::d($data);
// exit();
$msg = "Can't verify request, missing oauth_consumer_key or oauth_token";
throw new CHttpException(401, $msg);
exit;
}
}
