コード例 #1
0
ファイル: authorize.php プロジェクト: navanjr/OAuth-consumer
    echo $Exception->getMessage();
    exit;
}
if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['allow'])) {
    // User has no model, it just here by example, hence the open MySQL query
    // This is not a good way to actually store user data (plaintext password wtf)
    $DB = Configuration::getDataStore();
    $sql = "SELECT `user_id`, `user_name`, `user_password` FROM `user` WHERE `user_name` = '" . $DB->real_escape_string($_POST['user_name']) . "'";
    $result = $DB->query($sql);
    $row = $result->fetch_assoc();
    $result->close();
    if ($row['user_password'] != $_POST['user_password']) {
        echo "You hacker, be gone!";
        exit;
    }
    $verificationCode = OAuthProviderWrapper::generateToken();
    $RequestToken->setTokenVerificationCode($verificationCode);
    $RequestToken->setTokenUserId($row['user_id']);
    try {
        $RequestToken->save();
    } catch (DataStoreUpdateException $Exception) {
        echo $Exception->getMessage();
        exit;
    }
    header('location: ' . $RequestToken->getTokenCallback() . '?oauth_token=' . $RequestToken->getToken() . '&oauth_verifier=' . $verificationCode);
} else {
    if ($_SERVER['REQUEST_METHOD'] == 'POST' && !empty($_POST['allow'])) {
        //The user specifically denied access. Lets delete the request token
        try {
            $RequestToken->delete();
        } catch (DataStoreDeleteException $Exception) {
コード例 #2
0
<?php

/**
 * @Author	Freek Lijten
 */
require_once __DIR__ . '/../../lib/AutoLoader.php';
new AutoLoader();
//create consumer model
$Consumer = new OAuthConsumerModel(Configuration::getDataStore());
$Consumer->setConsumerCreateDate(time());
$Consumer->setConsumerKey(OAuthProviderWrapper::generateToken());
$Consumer->setConsumerSecret(OAuthProviderWrapper::generateToken());
try {
    $Consumer->save();
} catch (DataStoreCreateException $Exception) {
    echo $Exception->getMessage();
    exit;
}
echo "Consumer key: " . $Consumer->getConsumerKey() . "<br />Consumer secret: " . $Consumer->getConsumerSecret();
コード例 #3
0
ファイル: api.php プロジェクト: navanjr/OAuth-consumer
<?php

/**
 * @author      Freek Lijten <*****@*****.**>
 */
require_once __DIR__ . '/../../lib/AutoLoader.php';
new AutoLoader();
$Provider = new OAuthProviderWrapper(OAuthProviderWrapper::TOKEN_VERIFY);
$response = $Provider->checkOAuthRequest();
if ($response !== true) {
    echo $response;
    exit;
}
try {
    $userId = $Provider->getUserId();
} catch (ProviderException $Exception) {
    $Exception->getMessage();
}
$sql = "SELECT * FROM `user_messages` WHERE `user_id` = '" . $userId . "'";
$result = Configuration::getDataStore()->query($sql);
$returnValue = "<messages>";
while ($row = $result->fetch_assoc()) {
    $returnValue .= "<message>" . $row['message_text'] . "</message>";
}
$returnValue .= "</messages>";
//Token is valid, lets output something
echo $returnValue;
コード例 #4
0
<?php

/**
 * @Author	Freek Lijten
 */
require_once __DIR__ . '/../../lib/AutoLoader.php';
new AutoLoader();
$Provider = new OAuthProviderWrapper(OAuthProviderWrapper::TOKEN_ACCESS);
$response = $Provider->checkOAuthRequest();
if ($response !== true) {
    echo $response;
    exit;
}
try {
    $Provider->outputAccessToken();
} catch (ProviderException $Exception) {
    echo $Exception->getMessage();
}
exit;
コード例 #5
0
 /**
  * Tests if the provided RequestToken meets the RFC specs and if so creates and outputs an AccessToken
  *
  * @throws ProviderException
  */
 public function outputAccessToken()
 {
     $DataStore = Configuration::getDataStore();
     $token = OAuthProviderWrapper::generateToken();
     $tokenSecret = OAuthProviderWrapper::generateToken();
     $AccessToken = new OAuthAccessTokenModel($DataStore);
     $RequestToken = OAuthRequestTokenModel::loadFromToken($this->Provider->token, $DataStore);
     $AccessToken->setAccessToken($token);
     $AccessToken->setAccessTokenSecret($tokenSecret);
     $AccessToken->setAccessTokenDate(time());
     $AccessToken->setAccessTokenConsumerKey($this->Provider->consumer_key);
     $AccessToken->setAccessTokenUserId($RequestToken->getTokenUserId());
     $AccessToken->setAccessTokenScope($RequestToken->getTokenScope());
     try {
         $AccessToken->save();
     } catch (DataStoreCreateException $Exception) {
         throw new ProviderException($Exception->getMessage());
     }
     //The access token was saved. This means the request token that was exchanged for it can be deleted.
     try {
         $RequestToken->delete();
     } catch (DataStoreDeleteException $Exception) {
         throw new ProviderException($Exception->getMessage());
     }
     //all is well, output token
     echo "oauth_token={$token}&oauth_token_secret={$tokenSecret}";
 }