$store = new sspmod_oauth_OAuthStore(); $server = new sspmod_oauth_OAuthServer($store); $hmac_method = new OAuthSignatureMethod_HMAC_SHA1(); $plaintext_method = new OAuthSignatureMethod_PLAINTEXT(); $rsa_method = new sspmod_oauth_OAuthSignatureMethodRSASHA1(); $server->add_signature_method($hmac_method); $server->add_signature_method($plaintext_method); $server->add_signature_method($rsa_method); $config = SimpleSAML_Configuration::getInstance(); $session = SimpleSAML_Session::getSessionFromRequest(); $as = $oauthconfig->getString('auth'); if (!$session->isValid($as)) { SimpleSAML_Auth_Default::initLogin($as, SimpleSAML_Utilities::selfURL()); } if (!empty($_REQUEST['consent'])) { $consumer = $store->lookup_consumer_by_requestToken($requestToken); $t = new SimpleSAML_XHTML_Template($config, 'oauth:consent.php'); $t->data['header'] = '{status:header_saml20_sp}'; $t->data['consumer'] = $consumer; // array containint {name, description, key, secret, owner} keys $t->data['urlAgree'] = SimpleSAML_Utilities::addURLparameter(SimpleSAML_Utilities::selfURL(), array("consent" => "yes")); $t->data['logouturl'] = SimpleSAML_Utilities::selfURLNoQuery() . '?logout'; $t->show(); exit; // and be done. } $attributes = $session->getAttributes(); // Assume user consent at this point and proceed with authorizing the token list($url, $verifier) = $store->authorize($requestToken, $attributes); if ($url) { // If authorize() returns a URL, take user there (oauth1.0a)