/**
* Verify the request if it seemed to be signed.
*
* @param string token_type the kind of token needed, defaults to 'access'
* @exception OAuthException2 thrown when the request did not verify
* @return boolean true when signed, false when not signed
*/
public function verifyIfSigned($token_type = 'access')
{
if ($this->getParam('oauth_consumer_key')) {
LingotekOAuthRequestLogger::start($this);
$this->verify($token_type);
$signed = true;
LingotekOAuthRequestLogger::flush();
} else {
$signed = false;
}
return $signed;
}
/**
* Set the reply we received
*
* @param string request
*/
static function setReceived($reply)
{
LingotekOAuthRequestLogger::$received = $reply;
}
/**
* Open and close a curl session passing all the options to the curl libs
*
* @param array opts the curl options.
* @exception OAuthException2 when temporary file for PUT operation could not be created
* @return string the result of the curl action
*/
protected function curl_raw($opts = array())
{
if (isset($opts[CURLOPT_HTTPHEADER])) {
$header = $opts[CURLOPT_HTTPHEADER];
} else {
$header = array();
}
$ch = curl_init();
$method = $this->getMethod();
$url = $this->getRequestUrl();
$header[] = $this->getAuthorizationHeader();
$query = $this->getQueryString();
$body = $this->getBody();
$has_content_type = false;
foreach ($header as $h) {
if (strncasecmp($h, 'Content-Type:', 13) == 0) {
$has_content_type = true;
}
}
if (!is_null($body)) {
if ($method == 'TRACE') {
throw new OAuthException2('A body can not be sent with a TRACE operation');
}
// PUT and POST allow a request body
if (!empty($query)) {
$url .= '?' . $query;
}
// Make sure that the content type of the request is ok
if (!$has_content_type) {
$header[] = 'Content-Type: application/octet-stream';
$has_content_type = true;
}
// When PUTting, we need to use an intermediate file (because of the curl implementation)
if ($method == 'PUT') {
/*
if (version_compare(phpversion(), '5.2.0') >= 0)
{
// Use the data wrapper to create the file expected by the put method
$put_file = fopen('data://application/octet-stream;base64,'.base64_encode($body));
}
*/
$put_file = @tmpfile();
if (!$put_file) {
throw new OAuthException2('Could not create tmpfile for PUT operation');
}
fwrite($put_file, $body);
fseek($put_file, 0);
curl_setopt($ch, CURLOPT_PUT, true);
curl_setopt($ch, CURLOPT_INFILE, $put_file);
curl_setopt($ch, CURLOPT_INFILESIZE, strlen($body));
} else {
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $body);
}
} else {
// a 'normal' request, no body to be send
if ($method == 'POST') {
if (!$has_content_type) {
$header[] = 'Content-Type: application/x-www-form-urlencoded; charset=utf-8';
$has_content_type = true;
}
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $query);
} else {
if (!empty($query)) {
$url .= '?' . $query;
}
if ($method != 'GET') {
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, $method);
}
}
}
curl_setopt($ch, CURLOPT_HTTPHEADER, $header);
curl_setopt($ch, CURLOPT_USERAGENT, 'anyMeta/OAuth 1.0 - ($LastChangedRevision: 174 $)');
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 90);
foreach ($opts as $k => $v) {
if ($k != CURLOPT_HTTPHEADER) {
curl_setopt($ch, $k, $v);
}
}
$txt = curl_exec($ch);
if ($txt === false) {
$error = curl_error($ch);
curl_close($ch);
throw new OAuthException2('CURL error: ' . $error);
}
curl_close($ch);
if (!empty($put_file)) {
fclose($put_file);
}
// Tell the logger what we requested and what we received back
$data = $method . " {$url}\n" . implode("\n", $header);
if (is_string($body)) {
$data .= "\n\n" . $body;
} else {
if ($method == 'POST') {
$data .= "\n\n" . $query;
}
}
LingotekOAuthRequestLogger::setSent($data, $body);
LingotekOAuthRequestLogger::setReceived($txt);
return $txt;
}
/**
* Construct from the current request. Useful for checking the signature of a request.
* When not supplied with any parameters this will use the current request.
*
* @param string uri might include parameters
* @param string method GET, PUT, POST etc.
* @param string parameters additional post parameters, urlencoded (RFC1738)
* @param array headers headers for request
* @param string body optional body of the OAuth request (POST or PUT)
*/
function __construct($uri = null, $method = null, $parameters = '', $headers = array(), $body = null)
{
if (is_object($_SERVER)) {
// Tainted arrays - the normal stuff in anyMeta
if (!$method) {
$method = $_SERVER->REQUEST_METHOD->getRawUnsafe();
}
if (empty($uri)) {
$uri = $_SERVER->REQUEST_URI->getRawUnsafe();
}
} else {
// non anyMeta systems
if (!$method) {
if (isset($_SERVER['REQUEST_METHOD'])) {
$method = $_SERVER['REQUEST_METHOD'];
} else {
$method = 'GET';
}
}
$proto = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on' ? 'https' : 'http';
if (empty($uri)) {
if (strpos($_SERVER['REQUEST_URI'], "://") !== false) {
$uri = $_SERVER['REQUEST_URI'];
} else {
$uri = sprintf('%s://%s%s', $proto, $_SERVER['HTTP_HOST'], $_SERVER['REQUEST_URI']);
}
}
}
$headers = LingotekOAuthRequestLogger::getAllHeaders();
$this->method = strtoupper($method);
// If this is a post then also check the posted variables
if (strcasecmp($method, 'POST') == 0) {
// TODO: what to do with 'multipart/form-data'?
if ($this->getRequestContentType() == 'multipart/form-data') {
// Get the posted body (when available)
if (!isset($headers['X-OAuth-Test'])) {
$parameters .= $this->getRequestBodyOfMultipart();
}
}
if ($this->getRequestContentType() == 'application/x-www-form-urlencoded') {
// Get the posted body (when available)
if (!isset($headers['X-OAuth-Test'])) {
$parameters .= $this->getRequestBody();
}
} else {
$body = $this->getRequestBody();
}
} else {
if (strcasecmp($method, 'PUT') == 0) {
$body = $this->getRequestBody();
}
}
$this->method = strtoupper($method);
$this->headers = $headers;
// Store the values, prepare for oauth
$this->uri = $uri;
$this->body = $body;
$this->parseUri($parameters);
$this->parseHeaders();
$this->transcodeParams();
}
/**
* Try to fetch an XRDS file at the given location. Sends an accept header preferring the xrds file.
*
* @param string uri
* @return array (head,body), false on an error
*/
protected static function curl($uri)
{
$ch = curl_init();
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Accept: application/xrds+xml, */*;q=0.1'));
curl_setopt($ch, CURLOPT_USERAGENT, 'anyMeta/OAuth 1.0 - (OAuth Discovery $LastChangedRevision: 45 $)');
curl_setopt($ch, CURLOPT_URL, $uri);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
$txt = curl_exec($ch);
curl_close($ch);
// Tell the logger what we requested and what we received back
$data = "GET {$uri}";
LingotekOAuthRequestLogger::setSent($data, "");
LingotekOAuthRequestLogger::setReceived($txt);
return $txt;
}
function __construct($message)
{
Exception::__construct($message);
LingotekOAuthRequestLogger::addNote('OAuthException2: ' . $message);
}
/**
* Exchange a request token for an access token.
* The exchange is only succesful iff the request token has been authorized.
*
* Never returns, calls exit() when token is exchanged or when error is returned.
*/
public function accessToken()
{
LingotekOAuthRequestLogger::start($this);
try {
$this->verify('request');
$options = array();
$ttl = $this->getParam('xoauth_token_ttl', false);
if ($ttl) {
$options['token_ttl'] = $ttl;
}
$verifier = $this->getParam('oauth_verifier', false);
if ($verifier) {
$options['verifier'] = $verifier;
}
$store = OAuthStore::instance();
$token = $store->exchangeConsumerRequestForAccessToken($this->getParam('oauth_token', true), $options);
$result = 'oauth_token=' . $this->urlencode($token['token']) . '&oauth_token_secret=' . $this->urlencode($token['token_secret']);
if (!empty($token['token_ttl'])) {
$result .= '&xoauth_token_ttl=' . $this->urlencode($token['token_ttl']);
}
header('HTTP/1.1 200 OK');
header('Content-Length: ' . strlen($result));
header('Content-Type: application/x-www-form-urlencoded');
echo $result;
} catch (OAuthException2 $e) {
header('HTTP/1.1 401 Access Denied');
header('Content-Type: text/plain');
echo "OAuth Verification Failed: " . $e->getMessage();
}
LingotekOAuthRequestLogger::flush();
exit;
}