/**
* One time exchange of username and password for access token and secret.
*
* @returns array("oauth_token" => "the-access-token",
* "oauth_token_secret" => "the-access-secret",
* "user_id" => "9436992",
* "screen_name" => "abraham",
* "x_auth_expires" => "0")
*/
function getXAuthToken($username, $password)
{
$parameters = array();
$parameters['x_auth_username'] = $username;
$parameters['x_auth_password'] = $password;
$parameters['x_auth_mode'] = 'client_auth';
$request = $this->oAuthRequest($this->accessTokenURL(), 'POST', $parameters);
$token = OAuth1Util::parse_parameters($request);
$this->token = new OAuth1Consumer($token['oauth_token'], $token['oauth_token_secret']);
return $token;
}
/**
* attempt to build up a request from what was passed to the server
*/
public static function from_request($http_method = NULL, $http_url = NULL, $parameters = NULL)
{
$scheme = !isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ? 'http' : 'https';
@$http_url or $http_url = $scheme . '://' . $_SERVER['HTTP_HOST'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['REQUEST_URI'];
@$http_method or $http_method = $_SERVER['REQUEST_METHOD'];
// We weren't handed any parameters, so let's find the ones relevant to
// this request.
// If you run XML-RPC or similar you should use this to provide your own
// parsed parameter-list
if (!$parameters) {
// Find request headers
$request_headers = OAuth1Util::get_headers();
// Parse the query-string to find GET parameters
$parameters = OAuth1Util::parse_parameters($_SERVER['QUERY_STRING']);
// It's a POST request of the proper content-type, so parse POST
// parameters and add those overriding any duplicates from GET
if ($http_method == "POST" && @strstr($request_headers["Content-Type"], "application/x-www-form-urlencoded")) {
$post_data = OAuth1Util::parse_parameters(file_get_contents(self::$POST_INPUT));
$parameters = array_merge($parameters, $post_data);
}
// We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuth1Util::split_header($request_headers['Authorization']);
$parameters = array_merge($parameters, $header_parameters);
}
}
// fix for friendica redirect system
// FIXME or don't, but figure out if this is absolutely necessary and act accordingly
$http_url = substr($http_url, 0, strpos($http_url, $parameters['q']) + strlen($parameters['q']));
unset($parameters['q']);
return new OAuth1Request($http_method, $http_url, $parameters);
}
