/** * Applikation Accesstoken ermitteln * und in Datenbank speichern (3-legged-oauth). * * @param array $aArgs * @return void */ private function registerAccess($aArgs) { try { if (isset($_GET['user']) && $_GET['user'] != '') { $sUser = $_GET['user']; } else { $sUser = $this->_sDefaultUsername; } // Wenn mit SQL Datenbank authentifiziert werden soll, hole Reqeust Token und Secret aus DB if ($this->_bAuthenticateWithoutDB === false) { if (Immocaster_Data_Mysql::getInstance()->getApplicationToken($sUser)) { return false; } $oToken = Immocaster_Data_Mysql::getInstance()->getRequestTokenWithoutSession(); $sToken = $oToken->ic_key; $sSecret = $oToken->ic_secret; } else { $sToken = $_SESSION['request_token']; $sSecret = $_SESSION['request_token_secret']; unset($_SESSION); } $token = new OAuthToken($sToken, $sSecret); $req = parent::restRequest('oauth/access_token', array(), true); $req->set_parameter('oauth_verifier', $_GET['oauth_verifier']); $req->set_parameter('oauth_token', $sToken); $req->set_parameter('oauth_signature_method', "HMAC-SHA1"); $req->sign_request($this->_oSignatureMethod, $this->_oConsumer, $token); $sConsKey = rawurlencode($this->_sConsumerSecret) . '&' . $sSecret; $sSignature = urlencode(base64_encode(hash_hmac('sha1', $req->get_signature_base_string(), $sConsKey, true))); $authHeader = $req->to_header(); $opts = array('http' => array('header' => $authHeader . ',oauth_signature_method="HMAC-SHA1",oauth_signature="' . $sSignature . '"' . "\r\n" . 'User-Agent: ' . IMMOCASTER_USER_AGENT)); if ($this->_sUrlReadingType == 'curl') { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $this->_sUri . '/restapi/security/oauth/access_token'); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_HTTPHEADER, $opts['http']); if ($this->_sProxyName) { curl_setopt($ch, CURLOPT_PROXY, $this->_sProxyName); if ($this->_sProxyPort) { curl_setopt($ch, CURLOPT_PROXYPORT, $this->_sProxyPort); } } $result = curl_exec($ch); curl_close($ch); } else { $result = file_get_contents($this->_sUri . '/restapi/security/oauth/access_token', false, stream_context_create($opts)); } if (!$result) { $this->registerRequest($aArgs); return false; } $aAccessToken = Immocaster_Tools_Helper::makeArrayFromString($result); if ($this->_bAuthenticateWithoutDB === false) { if (Immocaster_Data_Mysql::getInstance()->saveApplicationToken($aAccessToken['oauth_token'], $aAccessToken['oauth_token_secret'], $sUser)) { return true; } } } catch (Exception $e) { echo $e->getMessage(); } return $aAccessToken; }
/** * Applikation Accesstoken ermitteln * und in Datenbank speichern (3-legged-oauth). * * @param array $aArgs * @return void */ private function registerAccess($aArgs) { try { if (Immocaster_Data_Mysql::getInstance()->getApplicationToken()) { return false; } $oToken = Immocaster_Data_Mysql::getInstance()->getRequestToken(Immocaster_Data_Session::getInstance()->getVar('request_token')); $token = new OAuthToken($oToken->ic_key, $oToken->ic_secret); $req = parent::restRequest('oauth/access_token', array(), true); $req->set_parameter('oauth_verifier', $_GET['oauth_verifier']); $req->set_parameter('oauth_token', $oToken->ic_key); $req->set_parameter('oauth_signature_method', "HMAC-SHA1"); $req->sign_request($this->_oSignatureMethod, $this->_oConsumer, $token); $sConsKey = rawurlencode($this->_sConsumerSecret) . '&' . $oToken->ic_secret; $sSignature = urlencode(base64_encode(hash_hmac('sha1', $req->get_signature_base_string(), $sConsKey, true))); $authHeader = $req->to_header(); $opts = array('http' => array('header' => $authHeader . ',oauth_signature_method="HMAC-SHA1",oauth_signature="' . $sSignature . '"' . "\r\n" . 'User-Agent: ' . IMMOCASTER_USER_AGENT)); @($result = file_get_contents($this->_sUri . '/restapi/security/oauth/access_token', false, stream_context_create($opts))); if (!$result) { $this->registerRequest($aArgs); return false; } $aAccessToken = Immocaster_Tools_Helper::makeArrayFromString($result); if (Immocaster_Data_Mysql::getInstance()->saveApplicationToken($aAccessToken['oauth_token'], $aAccessToken['oauth_token_secret'])) { return true; } } catch (Exception $e) { echo $e->getMessage(); } return false; }