function authenticate()
 {
     $db = $this->db;
     $provider = new OAuthProvider();
     $provider->is2LeggedEndpoint(TRUE);
     $provider->consumerHandler(function ($provider) use($db) {
         $stmt = $db->prepare('SELECT consumerSecret FROM storageConsumers WHERE consumerKey = :key');
         $stmt->bindParam(':key', $provider->consumer_key);
         $stmt->execute();
         $row = $stmt->fetch();
         if ($row === FALSE || empty($row)) {
             return OAUTH_CONSUMER_KEY_UNKNOWN;
         }
         $provider->consumer_secret = $row['consumerSecret'];
         return OAUTH_OK;
     });
     $provider->timestampNonceHandler(function ($provider) {
         if ($provider->nonce == "bad") {
             return OAUTH_BAD_NONCE;
         } else {
             if ($provider->timestamp == "0") {
                 return OAUTH_BAD_TIMESTAMP;
             }
         }
         return OAUTH_OK;
     });
     $provider->checkOAuthRequest();
     $this->consumerKey = $provider->consumer_key;
 }
 public function oauth()
 {
     if (!$this->oauth) {
         $this->oauth = OAuthProvider::factory($this->OAuthProviderClass, $this->initArgs);
     }
     return $this->oauth;
 }
Esempio n. 3
0
 public function getOAuthProvider()
 {
     if (!$this->OAuthProvider) {
         $this->OAuthProvider = OAuthProvider::factory($this->OAuthProviderClass, $this->initArgs);
     }
     return $this->OAuthProvider;
 }
Esempio n. 4
0
 protected function init($args)
 {
     parent::init($args);
     if (!isset($args['OAUTH_CONSUMER_KEY'], $args['OAUTH_CONSUMER_SECRET']) || strlen($args['OAUTH_CONSUMER_KEY']) == 0 || strlen($args['OAUTH_CONSUMER_SECRET']) == 0) {
         throw new KurogoConfigurationException("Twitter Consumer key and secret not set");
     }
 }
Esempio n. 5
0
 public function generateaccesstoken()
 {
     if ($this->oauth_error) {
         return FALSE;
     }
     $access_token = md5(OAuthProvider::generateToken(20, FALSE));
     $access_token_secret = md5(OAuthProvider::generateToken(20, FALSE));
     $token = token::findbytoken($this->oauth->token);
     if (is_object($token)) {
         $token->changetoaccesstoken($access_token, $access_token_secret);
         return "access_token=" . $token->gettoken() . "&access_token_secret=" . $token->gettokensecret();
     }
     $this->oauth_error = TRUE;
     return FALSE;
 }
Esempio n. 6
0
 public function onRoute(MvcEvent $mvcEvent)
 {
     $request = $mvcEvent->getRequest();
     $response = $mvcEvent->getResponse();
     $app = $mvcEvent->getApplication();
     $match = $app->getMvcEvent()->getRouteMatch();
     $routeName = $match->getMatchedRouteName();
     $method = strtolower($request->getMethod());
     if (!$this->acl->hasResource($routeName)) {
         return;
     }
     $role = null;
     /**
      * Infer that if :
      * 1. the request is protected under 2 legged oauth,
      *    then it is a 2 legged oauth request
      * 2. the request is protected under 3 legged oauth,
      *    then it is a 3 legged oauth request
      * 3. otherwise it is not protected
      */
     if ($this->acl->isAllowed(BgOauthProviderAcl::TWO_LEGGED, $routeName, $method)) {
         $role = BgOauthProviderAcl::TWO_LEGGED;
         $this->oauthProvider->is2LeggedEndpoint();
     } elseif ($this->acl->isAllowed(BgOauthProviderAcl::THREE_LEGGED, $routeName, $method)) {
         $role = BgOauthProviderAcl::THREE_LEGGED;
     } else {
         return;
     }
     try {
         $this->oauthProvider->checkOAuthRequest();
     } catch (\OAuthException $e) {
         $error = \OAuthProvider::reportProblem($e);
         $response->setStatusCode(400);
         $response->setContent($error);
         $response->getHeaders()->addHeaders(array('WWW-Authenticate' => $error));
         return $response;
     }
     //Unreachable (I think).
     if (!$this->acl->isAllowed($role, $routeName, $method)) {
         $responseBody = array();
         $responseBody['error'] = 'Not Authorised';
         $responseBody['request'] = $request->getRequestUri();
         $response->setStatusCode(401);
         $response->setContent(json_encode($responseBody));
         $response->setHeaders($response->getHeaders()->addHeaderLine('Content-Type', 'application/json'));
         return $response;
     }
 }
Esempio n. 7
0
 public function onRoute(MvcEvent $mvcEvent)
 {
     $request = $mvcEvent->getRequest();
     $response = $mvcEvent->getResponse();
     /**
      * If it's a CLI request - return.
      */
     if ($request instanceof \Zend\Console\Request) {
         return;
     }
     $app = $mvcEvent->getApplication();
     $match = $app->getMvcEvent()->getRouteMatch();
     $routeName = $match->getMatchedRouteName();
     $method = strtolower($request->getMethod());
     if (!$this->acl->hasResource($routeName)) {
         return;
     }
     $role = null;
     /**
      * Infer that if :
      * 1. the request is protected under 2 legged oauth,
      *    then it is a 2 legged oauth request
      * 2. the request is protected under 3 legged oauth,
      *    then it is a 3 legged oauth request
      * 3. otherwise it is not protected
      */
     if ($this->acl->isAllowed(BgOauthProviderAcl::TWO_LEGGED, $routeName, $method)) {
         $role = BgOauthProviderAcl::TWO_LEGGED;
         $this->oauthProvider->is2LeggedEndpoint();
     } elseif ($this->acl->isAllowed(BgOauthProviderAcl::THREE_LEGGED, $routeName, $method)) {
         $role = BgOauthProviderAcl::THREE_LEGGED;
     } else {
         return;
     }
     try {
         $this->oauthProvider->checkOAuthRequest();
     } catch (\OAuthException $e) {
         $error = \OAuthProvider::reportProblem($e, false);
         $response->setStatusCode(Response::STATUS_CODE_401);
         $response->setContent($error);
         $response->getHeaders()->addHeaders(array('WWW-Authenticate' => $error));
         $mvcEvent->setError(self::ERROR);
         $mvcEvent->getApplication()->getEventManager()->trigger(MvcEvent::EVENT_DISPATCH_ERROR, $mvcEvent);
         return $response;
     }
     //Success!
 }
Esempio n. 8
0
 public function __construct($query_get)
 {
     $this->__action = $this->_get_action($query_get);
     try {
         $this->__provider = new OAuthProvider();
         $this->__provider->consumerHandler(array($this, 'lookupConsumer'));
         $this->__provider->timestampNonceHandler(array($this, 'timestampNonceChecker'));
         $this->__provider->tokenHandler(array($this, 'tokenHandler'));
         $this->__provider->setParam('kohana_uri', NULL);
         // Ignore the kohana_uri parameter
         $this->__provider->setRequestTokenPath('/v1/oauth/request_token');
         // No token needed for this end point
         $this->__provider->checkOAuthRequest();
     } catch (OAuthException $E) {
         echo OAuthProvider::reportProblem($E);
         $this->oauth_error = true;
     }
 }
Esempio n. 9
0
 public function endpoint()
 {
     $provider = new MyOAuthProvider();
     //we need to disable a check if it is our first call to requesttoken.
     $c = strtolower($this->args('api_call'));
     if ($c == 'requesttoken') {
         $provider->oauth->isRequestTokenEndpoint(true);
         $this->set('provider', $provider);
     } elseif ($c == 'accesstoken') {
         $this->set('provider', $provider);
     }
     try {
         $provider->oauth->checkOAuthRequest();
         $calls = array('requesttoken', 'accesstoken', 'listqueues', 'queueinfo', 'createqueue', 'listjobs', 'jobinfo', 'grabjob', 'grabslicejob', 'findnewjob', 'dropjob', 'canceljob', 'completejob', 'completeslicejob', 'downloadedjob', 'createjob', 'updatejobprogress', 'listbots', 'botinfo', 'registerbot', 'updatebot', 'updateslicejob', 'webcamupdate', 'getmybots', 'devicescanresults');
         if (in_array($c, $calls)) {
             $this->token = $provider->token;
             // TODO Find out if consumer is even needed
             $this->consumer = $provider->consumer;
             $fname = "api_{$c}";
             $data = $this->{$fname}();
         } else {
             throw new Exception("Specified api_call '{$c}' does not exist.");
         }
         $result = array('status' => 'success', 'data' => $data);
     } catch (OAuthException $e) {
         error_log("Something went wrong with OAuth");
         error_log($e->getMessage());
         error_log(print_r($this->args(), true));
         error_log(print_r($provider->oauth, true));
         error_log(OAuthProvider::reportProblem($e, true));
         $result = array('status' => 'error', 'error' => $e->getMessage());
     } catch (Exception $e) {
         error_log($e->getMessage());
         error_log(print_r($this->args(), true));
         $result = array('status' => 'error', 'error' => $e->getMessage());
     }
     //add in our version.
     $result['_api_version'] = self::$api_version;
     echo JSON::encode($result);
     exit;
 }
 protected function init($args)
 {
     parent::init($args);
     if (isset($args['GOOGLE_REQUIRE_LOGIN'])) {
         $this->requireLogin = $args['GOOGLE_REQUIRE_LOGIN'];
     }
     if (isset($args['OPENID_REALM'])) {
         if (!preg_match("@^https?://@", $args['OPENID_REALM'])) {
             throw new KurogoConfigurationException("Invalid OpenID realm {$args['OPENID_REALM']}. Realm must be a full url");
         }
         $this->realm = $args['OPENID_REALM'];
     }
     if (isset($args['OAUTH_CONSUMER_KEY'], $args['OAUTH_CONSUMER_SECRET'])) {
         if (!isset($args['GOOGLE_SCOPE'])) {
             throw new KurogoConfigurationException("GOOGLE_SCOPE parameter must be specified");
         } elseif (!is_array($args['GOOGLE_SCOPE'])) {
             throw new KurogoConfigurationException("GOOGLE_SCOPE parameter is not an array");
         }
         $this->scope = $args['GOOGLE_SCOPE'];
     }
 }
Esempio n. 11
0
 public function setUpOAuthAndDb($db)
 {
     $this->db = $db;
     try {
         $this->provider = new OAuthProvider();
         $this->provider->consumerHandler(array($this, 'lookupConsumer'));
         $this->provider->timestampNonceHandler(array($this, 'timestampNonceChecker'));
         $this->provider->tokenHandler(array($this, 'tokenHandler'));
         $this->provider->setRequestTokenPath('/v2/oauth/request_token');
         // No token needed for this end point
         $this->provider->checkOAuthRequest();
     } catch (OAuthException $E) {
         error_log(OAuthProvider::reportProblem($E));
         return false;
     }
     return true;
 }
Esempio n. 12
0
 public static function generateToken()
 {
     return sha1(OAuthProvider::generateToken(20));
 }
 /**
  * This function generates a verifier and returns it
  */
 public function generateVerifier()
 {
     $verifier = sha1(OAuthProvider::generateToken(20, true));
     return $verifier;
 }
Esempio n. 14
0
 public function getErrorAsString()
 {
     return OAuthProvider::reportProblem($this->oauthException);
 }
<?php

include 'common.inc.php';
try {
    $provider = new OAuthProvider($params);
    /* the endpoint which issues a request token is special, it doesn't take an oauth_token and hence there's no call to the tokenHandler() */
    $provider->isRequestTokenEndpoint(true);
    /* OAuthProvider will call this callback with the $provider object as an argument, you can throw errors from that handler and set the $provider->consumer_key if all is good */
    $provider->consumerHandler('lookupConsumer');
    /* similar to consumerHandler, throw errors related to the timestamp/nonce in this callback */
    $provider->timestampNonceHandler('timestampNonceChecker');
    /* this is the meat of request authorization, the first argument is the URL of this endpoint as the outside world sees it
     * the optional second argument is the HTTP method, GET, POST, etc ... the provider will try to detect this via $_SERVER["REQUEST_METHOD"] (usually reliable) when it's not set */
    $provider->checkOAuthRequest("http://localhost/request_token.php", PHP_SAPI == "cli" ? OAUTH_HTTP_METHOD_GET : NULL);
} catch (OAuthException $E) {
    /* when you catch OAuthException and echo OAuthProvider::reportProblem with it, you'll get the problem reporting extension described here:
     * http://wiki.oauth.net/ProblemReporting for free, it also sets the most appropriate HTTP response code */
    echo OAuthProvider::reportProblem($E);
}
 public function accessTokenAction()
 {
     $oauthProvider = $this->oauthProvider;
     $response = $this->getResponse();
     try {
         $oauthProvider->checkOAuthRequest();
         $accessToken = $oauthProvider->saveAccessToken();
         $responseUrl = array();
         $responseUrl['oauth_token'] = $accessToken->getToken();
         $responseUrl['oauth_token_secret'] = $accessToken->getTokenSecret();
         $response->setContent(http_build_query($responseUrl));
     } catch (\OAuthException $e) {
         $error = \OAuthProvider::reportProblem($e);
         $response->setStatusCode(400);
         $response->setContent($error);
         $response->getHeaders()->addHeaders(array('WWW-Authenticate' => $error));
     }
     return $response;
 }
 /**
  * OAuthServer constructor. At this stage does not do anything.
  */
 public function __construct($db)
 {
     parent::__construct();
     $this->db = $db;
 }
 /**
  * Wrapper around OAuthProvider::generateToken to add sha1 hashing at one place
  * @static
  * @param 	bool $sha1
  * @return 	string
  */
 public static function generateToken()
 {
     $token = OAuthProvider::generateToken(40, true);
     return sha1($token);
 }
<?php

include 'common.inc.php';
try {
    $provider = new OAuthProvider($params);
    $provider->your_own_member = "this is passed to every callback";
    $provider->consumerHandler('lookupConsumer');
    $provider->timestampNonceHandler('timestampNonceChecker');
    $provider->tokenHandler('tokenHandler');
    $provider->checkOAuthRequest("http://localhost/a_private_api.php", PHP_SAPI == "cli" ? OAUTH_HTTP_METHOD_GET : NULL);
} catch (OAuthException $E) {
    echo OAuthProvider::reportProblem($E);
}
Esempio n. 20
0
 /**
  * Short description for 'access_token'
  *
  * Long description (if any) ...
  *
  * @return     unknown Return description (if any) ...
  */
 private function access_token()
 {
     if (empty($this->_provider)) {
         $this->_response->setResponseProvides('application/x-www-form-urlencoded,text/html;q=0.9');
         $this->_response->setErrorMessage('oauth_problem=bad oauth provider', 501, 'Internal Server Error');
         return;
     }
     JLoader::import('Hubzero.User.Password');
     $xauth_request = false;
     $header = '';
     if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
         $header = $_SERVER['HTTP_AUTHORIZATION'];
     }
     // @FIXME: header check is inexact and could give false positives
     // @FIXME: pecl oauth provider doesn't handle x_auth in header
     // @FIXME: api application should convert xauth variables in
     //         header to form/query data as workaround
     // @FIXME: this code is here for future use if/when pecl oauth
     //         provider is fixed
     //
     if (isset($_GET['x_auth_mode']) || isset($_GET['x_auth_username']) || isset($_GET['x_auth_password']) || isset($_POST['x_auth_mode']) || isset($_POST['x_auth_username']) || isset($_POST['x_auth_password']) || strpos($header, 'x_auth_mode') !== false || strpos($header, 'x_auth_username') !== false || strpos($header, 'x_auth_mode') !== false) {
         $xauth_request = true;
     }
     if ($xauth_request) {
         if ($this->_provider->getConsumerData()->xauth == '0') {
             $this->_response->setResponseProvides('application/x-www-form-urlencoded,text/html;q=0.9');
             $this->_response->setErrorMessage('oauth_problem=permission_denied', 401, 'Unauthorized0');
             return;
         }
         if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == 'off') {
             $this->_response->setErrorMessage('SSL Required', 403, 'Forbidden');
             return;
         }
         if (isset($this->_provider->x_auth_mode)) {
             $x_auth_mode = $this->_provider->x_auth_mode;
         } else {
             if (isset($_POST['x_auth_mode'])) {
                 $x_auth_mode = $_POST['x_auth_mode'];
             } else {
                 if (isset($_GET['x_auth_mode'])) {
                     $x_auth_mode = $_GET['x_auth_mode'];
                 } else {
                     $x_auth_mode = '';
                 }
             }
         }
         if (isset($this->_provider->x_auth_username)) {
             $x_auth_username = $this->_provider->x_auth_username;
         } else {
             if (isset($_POST['x_auth_username'])) {
                 $x_auth_username = $_POST['x_auth_username'];
             } else {
                 if (isset($_GET['x_auth_username'])) {
                     $x_auth_username = $_GET['x_auth_username'];
                 } else {
                     $x_auth_username = '';
                 }
             }
         }
         if (isset($this->_provider->x_auth_password)) {
             $x_auth_password = $this->_provider->x_auth_password;
         } else {
             if (isset($_POST['x_auth_password'])) {
                 $x_auth_password = $_POST['x_auth_password'];
             } else {
                 if (isset($_GET['x_auth_password'])) {
                     $x_auth_password = $_GET['x_auth_password'];
                 } else {
                     $x_auth_password = '';
                 }
             }
         }
         if ($x_auth_mode != 'client_auth') {
             $this->_response->setResponseProvides('application/x-www-form-urlencoded,text/html;q=0.9');
             $this->_response->setErrorMessage('oauth_problem=permission_denied', 400, 'Bad Request');
             return;
         }
         $match = \Hubzero\User\Password::passwordMatches($x_auth_username, $x_auth_password, true);
         if (!$match) {
             $this->_response->setResponseProvides('application/x-www-form-urlencoded,text/html;q=0.9');
             $this->_response->setErrorMessage('oauth_problem=permission_denied', 401, 'Unauthorized');
             return;
         }
         $useraccount = User::getInstance(JUserHelper::getUserId($x_auth_username));
         $db = App::get('db');
         $db->setQuery("SELECT token,token_secret FROM #__oauthp_tokens WHERE consumer_id=" . $db->Quote($this->_provider->getConsumerData()->id) . " AND user_id =" . $db->Quote($useraccount->get('id')) . " LIMIT 1;");
         $result = $db->loadObject();
         if ($result === false) {
             $this->_response->setErrorMessage(500, 'Internal Server Error');
             return;
         }
         if (!is_object($result)) {
             if ($this->_provider->getConsumerData()->xauth_grant < 1) {
                 $this->_response->setErrorMessage(501, 'Internal Server Error');
                 return;
             }
             $token = sha1(OAuthProvider::generateToken(20, false));
             $token_secret = sha1(OAuthProvider::generateToken(20, false));
             $db = App::get('db');
             $db->setQuery("INSERT INTO #__oauthp_tokens (consumer_id,user_id,state,token,token_secret,callback_url) VALUE (" . $db->Quote($this->_provider->getConsumerData()->id) . "," . $db->Quote($useraccount->get('id')) . "," . "'1'," . $db->Quote($token) . "," . $db->Quote($token_secret) . "," . $db->Quote($this->_provider->getConsumerData()->callback_url) . ");");
             if (!$db->query()) {
                 $this->_response->setErrorMessage(502, 'Internal Server Error');
                 return;
             }
             if ($db->getAffectedRows() < 1) {
                 $this->_response->setErrorMessage(503, 'Internal Server Error');
                 return;
             }
             $this->_response->setResponseProvides('application/x-www-form-urlencoded,text/html;q=0.9');
             $this->_response->setMessage("oauth_token=" . $token . "&oauth_token_secret=" . $token_secret, 200, "OK");
         } else {
             $this->_response->setResponseProvides('application/x-www-form-urlencoded,text/html;q=0.9');
             $this->_response->setMessage("oauth_token=" . $result->token . "&oauth_token_secret=" . $result->token_secret, 200, "OK");
         }
         return;
     } else {
         $this->_response->setErrorMessage(503, 'Internal Server Error');
         return;
         // @FIXME: we don't support 3-legged auth yet
         // lookup request token to access token, give out access token
         // check verifier
         // check used flag
         $this->_response->setResponseProvides('application/x-www-form-urlencoded,text/html;q=0.9');
         $this->_response->setMessage("oauth_token=" . $token . "&oauth_token_secret=" . $token_secret, 200, "OK");
         return;
     }
 }
Esempio n. 21
0
 /**
  * Retrieves a token for use in registering this Known site with a hub. Tokens last for 10 minutes.
  * @return string
  */
 function getRegistrationToken()
 {
     if (empty(site()->config->hub_settings)) {
         site()->config->hub_settings = [];
     }
     if (!empty(site()->config->hub_settings['registration_token'])) {
         if (!empty(site()->config->hub_settings['registration_token_expiry'])) {
             if (site()->config->hub_settings['registration_token_expiry'] > time() - 600) {
                 return site()->config->hub_settings['registration_token'];
             }
         }
     }
     $token_generator = new \OAuthProvider([]);
     $token = $token_generator->generateToken(32);
     $config = site()->config;
     $config->hub_settings['registration_token'] = bin2hex($token);
     $config->hub_settings['registration_token_expiry'] = time();
     $config->save();
     site()->config = $config;
     return site()->config->hub_settings['registration_token'];
 }
Esempio n. 22
0
 public function flow()
 {
     if (isset($_GET['oauth_token'])) {
         $consumerKey = $_GET['oauth_consumer_key'];
         $consumerSecret = $_GET['oauth_consumer_secret'];
         $token = $_GET['oauth_token'];
         $tokenSecret = $_GET['oauth_token_secret'];
         $verifier = $_GET['oauth_verifier'];
         try {
             $consumer = getDb()->getCredential($token);
             $oauth = new OAuth($consumerKey, $consumerSecret, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_AUTHORIZATION);
             $oauth->setVersion('1.0a');
             $oauth->setToken($token, $tokenSecret);
             $accessToken = $oauth->getAccessToken(sprintf('%s://%s/v1/oauth/token/access', $this->utility->getProtocol(false), $_SERVER['HTTP_HOST']), null, $verifier);
             $accessToken['oauth_consumer_key'] = $consumerKey;
             $accessToken['oauth_consumer_secret'] = $consumerSecret;
             setcookie('oauth', http_build_query($accessToken));
             if (!isset($accessToken['oauth_token']) || !isset($accessToken['oauth_token_secret'])) {
                 echo sprintf('Invalid response when getting an access token: %s', http_build_query($accessToken));
             } else {
                 echo sprintf('You exchanged a request token for an access token<br><a href="?reloaded=1">Reload to make an OAuth request</a>', $accessToken['oauth_token'], $accessToken['oauth_token_secret']);
             }
         } catch (OAuthException $e) {
             $message = OAuthProvider::reportProblem($e);
             getLogger()->info($message);
             OPException::raise(new OPAuthorizationOAuthException($message));
         }
     } else {
         if (!isset($_GET['reloaded'])) {
             $callback = sprintf('%s://%s/v1/oauth/flow', $this->utility->getProtocol(false), $_SERVER['HTTP_HOST']);
             $name = isset($_GET['name']) ? $_GET['name'] : 'OAuth Test Flow';
             echo sprintf('<a href="%s://%s/v1/oauth/authorize?oauth_callback=%s&name=%s">Create a new client id</a>', $this->utility->getProtocol(false), $_SERVER['HTTP_HOST'], urlencode($callback), urlencode($name));
         } else {
             try {
                 parse_str($_COOKIE['oauth']);
                 $consumer = getDb()->getCredential($oauth_token);
                 $oauth = new OAuth($oauth_consumer_key, $oauth_consumer_secret, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_AUTHORIZATION);
                 $oauth->setToken($oauth_token, $oauth_token_secret);
                 $oauth->fetch(sprintf('http://%s/v1/oauth/test?oauth_consumer_key=%s', $_SERVER['HTTP_HOST'], $oauth_consumer_key));
                 $response_info = $oauth->getLastResponseInfo();
                 header("Content-Type: {$response_info["content_type"]}");
                 echo $oauth->getLastResponse();
             } catch (OAuthException $e) {
                 $message = OAuthProvider::reportProblem($e);
                 getLogger()->info($message);
                 OPException::raise(new OPAuthorizationOAuthException($message));
             }
         }
     }
 }
Esempio n. 23
0
 /**
  * Attempt to validate the incoming LTI request.
  */
 public function __construct()
 {
     try {
         $this->oauthProvider = new OAuthProvider();
         $this->oauthProvider->consumerHandler(array($this, 'consumerHandler'));
         $this->oauthProvider->timestampNonceHandler(array($this, 'timestampNonceHandler'));
         $this->oauthProvider->isRequestTokenEndpoint(true);
         $this->oauthProvider->setParam('url', NULL);
         $this->oauthProvider->checkOAuthRequest();
     } catch (OAuthException $e) {
         LTI::log(OAuthProvider::reportProblem($e));
         switch ($e->getCode()) {
             case OAUTH_BAD_NONCE:
                 wp_die(__('This LTI request has expired. Please return to your application and restart the launch process.'), __('LTI Error'));
                 break;
             case OAUTH_BAD_TIMESTAMP:
                 wp_die(__('This request is too old. Please return to your application and restart the launch process.'), __('LTI Error'));
                 break;
             case OAUTH_CONSUMER_KEY_UNKNOWN:
                 wp_die(__('Consumer key is unknown, or has been temporarily disabled. Please check your consumer key settings and restart the launch process.'), __('LTI Error'));
                 break;
             case OAUTH_CONSUMER_KEY_REFUSED:
                 wp_die(__('The consumer key was refused. Please check your configuration and follow up with the LTI provider for support.'), __('LTI Error'));
                 break;
             case OAUTH_INVALID_SIGNATURE:
                 wp_die(__('The request signature is invalid, or does not match the signature computed.'), __('LTI Error'));
                 break;
             case OAUTH_PARAMETER_ABSENT:
                 wp_die(__('A required launch parameter was not provided.'), __('LTI Error'));
                 break;
             case OAUTH_SIGNATURE_METHOD_REJECTED:
                 wp_die(__('The signature method was not accepted by the service provider.'), __('LTI Error'));
                 break;
             default:
                 // We really shouldn't get any of the other OAuthProvider error codes.
                 // log this.
                 wp_die(__('General launch error. Please follow up with the tool provider to consult any logs to further diagnose the issue.'), __('LTI Error'));
                 break;
         }
     }
 }