コード例 #1
0
ファイル: webserver.php プロジェクト: hegelmax/OAuth-2.0
 /**
  * Load oauth parameters from GET or POST
  *
  * @access	public
  * @param	string	$flag	default [ FALSE ]
  * @return	void
  */
 public function __construct(array $args)
 {
     $params = array();
     // Load oauth_token from form-encoded body
     isset($_SERVER['CONTENT_TYPE']) or $_SERVER['CONTENT_TYPE'] = getenv('CONTENT_TYPE');
     // oauth_token already send in authorization header or the encrypt Content-Type is not single-part
     if (stripos($_SERVER['CONTENT_TYPE'], 'application/x-www-form-urlencoded') === FALSE) {
         throw new Oauth2_Exception_Token('invalid_request');
     } else {
         // Check all required parameters should NOT be empty
         foreach ($args as $key => $val) {
             if ($val === TRUE) {
                 if (isset($_POST[$key]) and $value = Oauth2::urldecode($_POST[$key])) {
                     $params[$key] = $value;
                 } else {
                     throw new Oauth2_Exception_Token('invalid_request');
                 }
             }
         }
     }
     $this->code = $params['code'];
     $this->client_id = $params['client_id'];
     unset($params['code'], $params['client_id']);
     $this->_params = $params;
 }
コード例 #2
0
ファイル: code.php プロジェクト: hegelmax/OAuth-2.0
 /**
  * Load oauth parameters from GET or POST
  *
  * @access	public
  * @param	string	$flag	default [ FALSE ]
  * @return	void
  */
 public function __construct(array $args)
 {
     $params = array();
     // Parse the "state" paramter
     if (isset($_GET['state']) and $state = Oauth2::urldecode($_GET['state'])) {
         $this->state = $state;
         unset($_GET['state']);
     }
     // Check all required parameters should NOT be empty
     foreach ($args as $key => $val) {
         if ($val === TRUE) {
             if (isset($_GET[$key]) and $value = Oauth2::urldecode($_GET[$key])) {
                 $params[$key] = $value;
             } else {
                 $e = new Oauth2_Exception_Authorize('invalid_request');
                 $e->redirect_uri = isset($params['redirect_uri']) ? $params['redirect_uri'] : Oauth2::urldecode($_GET['redirect_uri']);
                 $e->state = $this->state;
                 throw $e;
             }
         }
     }
     $this->client_id = $params['client_id'];
     $this->redirect_uri = $params['redirect_uri'];
     // Remove all required parameters
     unset($params['client_id'], $params['redirect_uri']);
     $this->_params = $params;
 }
コード例 #3
0
ファイル: token.php プロジェクト: hegelmax/OAuth-2.0
 /**
  * Load request parameters from Authorization header, URI-Query parameters, Form-Encoded Body
  *
  * @access	public
  * @param	string	$args	default [ NULL ]
  * @return	void
  */
 public function __construct(array $args)
 {
     $params = array();
     // Load oauth_token from form-encoded body
     isset($_SERVER['CONTENT_TYPE']) or $_SERVER['CONTENT_TYPE'] = getenv('CONTENT_TYPE');
     // oauth_token already send in authorization header or the encrypt Content-Type is not single-part
     if (stripos($_SERVER['CONTENT_TYPE'], 'application/x-www-form-urlencoded') === FALSE) {
         throw new Oauth2_Exception_Token('invalid_request');
     } else {
         if (isset($_SERVER['PHP_AUTH_USER']) and isset($_SERVER['PHP_AUTH_PW'])) {
             $_POST += array('client_id' => $_SERVER['PHP_AUTH_USER'], 'client_secret' => $_SERVER['PHP_AUTH_PW']);
         }
         // TODO Digest HTTP authentication
         //else if( ! empty($_SERVER['PHP_AUTH_DIGEST']) AND $digest = parent::parse_digest($_SERVER['PHP_AUTH_DIGEST']))
         //{
         //    $_POST += array('client_id' => $digest['username'], 'client_secret' => $digest['']);
         //}
         // Check all required parameters should NOT be empty
         foreach ($args as $key => $val) {
             if ($val === TRUE) {
                 if (isset($_POST[$key]) and $value = Oauth2::urldecode($_POST[$key])) {
                     $params[$key] = $value;
                 } else {
                     throw new Oauth2_Exception_Token('invalid_request');
                 }
             }
         }
     }
     $this->_params = $params;
 }
コード例 #4
0
ファイル: access.php プロジェクト: hegelmax/OAuth-2.0
 /**
  * Load request parameters from Authorization header, URI-Query parameters or Form-Encoded Body
  *
  * @access	public
  * @param	string	$args	parameters are required, `array('oauth_token' => TRUE,)`
  * @return	void
  */
 public function __construct(array $args)
 {
     $params = array();
     /**
      * Load oauth token from authorization header
      */
     isset($_SERVER['HTTP_AUTHORIZATION']) or $_SERVER['HTTP_AUTHORIZATION'] = getenv('HTTP_AUTHORIZATION');
     if (substr($_SERVER['HTTP_AUTHORIZATION'], 0, 12) === 'OAuth token=') {
         $offset = 0;
         $pattern = '/(([-_a-z]*)=("([^"]*)"|([^,]*)),?)/';
         while (preg_match($pattern, $_SERVER['HTTP_AUTHORIZATION'], $matches, PREG_OFFSET_CAPTURE, $offset) > 0) {
             $match = $matches[0];
             $name = $matches[2][0];
             $offset = $match[1] + strlen($match[0]);
             if ($value = Oauth2::urldecode(isset($matches[5]) ? $matches[5][0] : $matches[4][0])) {
                 $params[$name] = $value;
             }
         }
     }
     // Replace the name of token to oauth_token
     if (isset($params['token'])) {
         $params['oauth_token'] = $params['token'];
         unset($params['token']);
         // Check all required parameters should NOT be empty
         foreach ($args as $key => $val) {
             if ($val === TRUE) {
                 if (!empty($params[$key])) {
                     throw new Oauth2_Exception_Access('invalid_request');
                 }
             }
         }
     }
     /**
      * Load oauth_token from form-encoded body
      */
     if (isset($_POST['oauth_token'])) {
         isset($_SERVER['CONTENT_TYPE']) or $_SERVER['CONTENT_TYPE'] = getenv('CONTENT_TYPE');
         // oauth_token already send in authorization header or the encrypt Content-Type is not single-part
         if (isset($params['oauth_token']) or stripos($_SERVER['CONTENT_TYPE'], 'application/x-www-form-urlencoded') === FALSE) {
             throw new Oauth2_Exception_Access('invalid_request');
         } else {
             // Check all required parameters should NOT be empty
             foreach ($args as $key => $val) {
                 if ($val === TRUE) {
                     if (isset($_POST[$key]) and $value = Oauth2::urldecode($_POST[$key])) {
                         $params[$key] = $value;
                     } else {
                         throw new Oauth2_Exception_Access('invalid_request');
                     }
                 }
             }
         }
     }
     /**
      * Load oauth_token from uri-query component
      */
     if (isset($_GET['oauth_token'])) {
         // oauth_token already send in authorization header or form-encoded body
         if (isset($params['oauth_token'])) {
             throw new Oauth2_Exception_Access('invalid_request');
         } else {
             // Check all required parameters should NOT be empty
             foreach ($args as $key => $val) {
                 if ($val === TRUE) {
                     if (isset($_GET[$key]) and $value = Oauth2::urldecode($_GET[$key])) {
                         $params[$key] = $value;
                     } else {
                         throw new Oauth2_Exception_Access('invalid_request');
                     }
                 }
             }
         }
     }
     if (empty($params)) {
         throw new Oauth2_Exception_Access('invalid_request');
     }
     $this->oauth_token = $params['oauth_token'];
     unset($params['oauth_token']);
     $this->_params = $params;
 }
コード例 #5
0
ファイル: core.php プロジェクト: hegelmax/OAuth-2.0
 /**
  * Utility function for turning the Authorization: header into parameters
  * has to do some unescaping
  * Can filter out any non-oauth parameters if needed (default behaviour)
  *
  * @access  public
  * @param   string    $headers
  * @param   string    $oauth_only    default [ TRUE ]
  * @return  array
  */
 public static function parse_header()
 {
     $offset = 0;
     $params = array();
     $pattern = '/(([-_a-z]*)=("([^"]*)"|([^,]*)),?)/';
     if (isset($_SERVER['HTTP_AUTHORIZATION']) && substr($_SERVER['HTTP_AUTHORIZATION'], 0, 12) === 'Token token=') {
         while (preg_match($pattern, $_SERVER['HTTP_AUTHORIZATION'], $matches, PREG_OFFSET_CAPTURE, $offset) > 0) {
             $match = $matches[0];
             $name = $matches[2][0];
             $content = isset($matches[5]) ? $matches[5][0] : $matches[4][0];
             $params[$name] = Oauth2::urldecode($content);
             $offset = $match[1] + strlen($match[0]);
         }
     }
     unset($params['realm']);
     return $params;
 }