$requestToken = $_REQUEST['oauth_token']; $store = new sspmod_oauth_OAuthStore(); $server = new sspmod_oauth_OAuthServer($store); $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); $plaintext_method = new OAuthSignatureMethod_PLAINTEXT(); $server->add_signature_method($hmac_method); $server->add_signature_method($plaintext_method); $config = SimpleSAML_Configuration::getInstance(); $session = SimpleSAML_Session::getInstance(); $as = 'saml2'; if (!$session->isValid($as)) { SimpleSAML_Auth_Default::initLogin($as, SimpleSAML_Utilities::selfURL()); } $attributes = $session->getAttributes(); #print_r($attributes); $store->authorize($requestToken, $attributes); if (isset($_REQUEST['oauth_callback'])) { SimpleSAML_Utilities::redirect($_REQUEST['oauth_callback']); } else { $t = new SimpleSAML_XHTML_Template($config, 'oauth:authorized.php'); $t->data['header'] = '{status:header_saml20_sp}'; $t->data['remaining'] = $session->remainingTime(); $t->data['sessionsize'] = $session->getSize(); $t->data['attributes'] = $attributes; $t->data['logouturl'] = SimpleSAML_Utilities::selfURLNoQuery() . '?logout'; $t->data['icon'] = 'bino.png'; $t->show(); } // // $req = OAuthRequest::from_request(); // $token = $server->fetch_request_token($req);
} if (!empty($_REQUEST['consent'])) { $consumer = $store->lookup_consumer_by_requestToken($requestToken); $t = new SimpleSAML_XHTML_Template($config, 'oauth:consent.php'); $t->data['header'] = '{status:header_saml20_sp}'; $t->data['consumer'] = $consumer; // array containint {name, description, key, secret, owner} keys $t->data['urlAgree'] = SimpleSAML_Utilities::addURLparameter(SimpleSAML_Utilities::selfURL(), array("consent" => "yes")); $t->data['logouturl'] = SimpleSAML_Utilities::selfURLNoQuery() . '?logout'; $t->show(); exit; // and be done. } $attributes = $session->getAttributes(); // Assume user consent at this point and proceed with authorizing the token list($url, $verifier) = $store->authorize($requestToken, $attributes); if ($url) { // If authorize() returns a URL, take user there (oauth1.0a) SimpleSAML_Utilities::redirectTrustedURL($url); } else { if (isset($_REQUEST['oauth_callback'])) { // If callback was provided in the request (oauth1.0) SimpleSAML_Utilities::redirectUntrustedURL($_REQUEST['oauth_callback']); } else { // No callback provided, display standard template $t = new SimpleSAML_XHTML_Template($config, 'oauth:authorized.php'); $t->data['header'] = '{status:header_saml20_sp}'; $t->data['remaining'] = $session->remainingTime(); $t->data['sessionsize'] = $session->getSize(); $t->data['attributes'] = $attributes; $t->data['logouturl'] = SimpleSAML_Utilities::selfURLNoQuery() . '?logout';