コード例 #1
0
ファイル: accesstoken.php プロジェクト: lorea/Hydra-dev 
global $CONFIG;
/*
 $cid = get_input('oauth_consumer_key');
 $tid = get_input('oauth_token');
 $consumEnt = oauth_lookup_consumer_entity($cid);
 print 'Consumer: ' . $cid;
 print_r($consumEnt);
 print_r(oauth_consumer_from_entity($consumEnt));
 $tokEnt = oauth_lookup_token_entity($consumEnt, 'request', $tid);
 print 'Token: ' . $tid;
 print_r($tokEnt);
 print_r(oauth_token_from_entity($tokEnt));
*/
try {
    $server = oauth_get_server();
    $req = OAuthRequest::from_request(null, null, oauth_get_params());
    $token = $server->fetch_access_token($req);
    // save the nonce
    $consumerKey = $req->get_parameter('oauth_consumer_key');
    $tokenKey = $req->get_parameter('oauth_token');
    $nonce = $req->get_parameter('oauth_nonce');
    // save our nonce for later checking
    oauth_save_nonce($consumerKey, $nonce, $tokenKey);
    echo $token;
} catch (OAuthException $e) {
    header('', true, 401);
    // return HTTP 401: Not Authorized
    echo $e->getMessage() . "\n<hr />\n";
    die;
}
コード例 #2
0
ファイル: start.php プロジェクト: lorea/Hydra-dev 
function oauth_pam_handler($credentials = NULL)
{
    global $CONFIG;
    try {
        $server = oauth_get_server();
        if ($server->this_request_validated) {
            return true;
        }
        // check to see if the request is a valid OAuth request
        //print_r(oauth_get_params());
        $req = OAuthRequest::from_request(null, null, oauth_get_params());
        //print $req->get_signature_base_string();
        $ct = $server->verify_request($req);
        // returns a pair of consumer/token
        $consumer = $ct[0];
        $token = $ct[1];
        $nonce = $req->get_parameter('oauth_nonce');
        // save our nonce for later checking
        oauth_save_nonce($consumer->key, $nonce, $token->key);
    } catch (OAuthException $e) {
        // there was an OAuth exception
        //print 'OAuth Exception: ';
        //print_r($e);
        //die();
        return false;
    }
    // look up a valid access token
    $tokEnt = oauth_lookup_token_entity($token->key, 'access', $consumer);
    if (!$tokEnt) {
        // no token found, bail
        //print 'No Token';
        return false;
    }
    // get the user associated with this token
    $user = $tokEnt->getOwnerEntity();
    // couldn't get the user
    if (!$user) {
        //print 'No user';
        return false;
    }
    // not an actual user
    if (!$user instanceof ElggUser) {
        //print 'Not a real user';
        return false;
    }
    // try logging in the user object here
    if (!login($user)) {
        // couldn't log in
        //print 'Could not log in';
        return false;
    }
    // if we've made it this far, then we've managed to log the
    // user in with a valid OAuth credential set
    // save the fact that we've validated this request already
    $server->this_request_validated = true;
    // tell the PAM system that it worked
    return true;
}