/**
* Clean up old authorized tokens for specified consumer-user pairs
*
* @param Mage_Oauth_Model_Token $exceptToken Token just created to exclude from delete
* @return int The number of affected rows
*/
public function cleanOldAuthorizedTokensExcept(Mage_Oauth_Model_Token $exceptToken)
{
if (!$exceptToken->getId() || !$exceptToken->getAuthorized()) {
Mage::throwException('Invalid token to except');
}
$adapter = $this->_getWriteAdapter();
$where = $adapter->quoteInto('authorized = 1 AND consumer_id = ?', $exceptToken->getConsumerId(), Zend_Db::INT_TYPE);
$where .= $adapter->quoteInto(' AND entity_id <> ?', $exceptToken->getId(), Zend_Db::INT_TYPE);
if ($exceptToken->getCustomerId()) {
$where .= $adapter->quoteInto(' AND customer_id = ?', $exceptToken->getCustomerId(), Zend_Db::INT_TYPE);
} elseif ($exceptToken->getAdminId()) {
$where .= $adapter->quoteInto(' AND admin_id = ?', $exceptToken->getAdminId(), Zend_Db::INT_TYPE);
} else {
Mage::throwException('Invalid token to except');
}
return $adapter->delete($this->getMainTable(), $where);
}
/**
* Get delete URL
*
* @param Mage_Oauth_Model_Token $row
* @return string|null
*/
public function getDeleteUrl($row)
{
return $this->getUrl('*/*/delete', array('id' => $row->getId()));
}
/**
* Load token object, validate it depending on request type, set access data and save
*
* @return Mage_Oauth_Model_Server
* @throws Mage_Oauth_Exception
*/
protected function _initToken()
{
$this->_token = Mage::getModel('oauth/token');
if (self::REQUEST_INITIATE != $this->_requestType) {
$this->_validateTokenParam();
$this->_token->load($this->_protocolParams['oauth_token'], 'token');
if (!$this->_token->getId()) {
$this->_throwException('', self::ERR_TOKEN_REJECTED);
}
if (self::REQUEST_TOKEN == $this->_requestType) {
$this->_validateVerifierParam();
if ($this->_token->getVerifier() != $this->_protocolParams['oauth_verifier']) {
$this->_throwException('', self::ERR_VERIFIER_INVALID);
}
if ($this->_token->getConsumerId() != $this->_consumer->getId()) {
$this->_throwException('', self::ERR_TOKEN_REJECTED);
}
if (Mage_Oauth_Model_Token::TYPE_REQUEST != $this->_token->getType()) {
$this->_throwException('', self::ERR_TOKEN_USED);
}
} elseif (self::REQUEST_AUTHORIZE == $this->_requestType) {
if ($this->_token->getAuthorized()) {
$this->_throwException('', self::ERR_TOKEN_USED);
}
} elseif (self::REQUEST_RESOURCE == $this->_requestType) {
if (Mage_Oauth_Model_Token::TYPE_ACCESS != $this->_token->getType()) {
$this->_throwException('', self::ERR_TOKEN_REJECTED);
}
if ($this->_token->getRevoked()) {
$this->_throwException('', self::ERR_TOKEN_REVOKED);
}
if ($this->_token->getConsumerId() != $this->_consumer->getId()) {
$this->_throwException('', self::ERR_TOKEN_REJECTED);
}
//TODO: Implement check for expiration (after it implemented in token model)
}
} else {
$this->_validateCallbackUrlParam();
}
return $this;
}
/**
* Get delete link
*
* @param Mage_Oauth_Model_Token $model
* @return string
*/
public function getDeleteLink(Mage_Oauth_Model_Token $model)
{
return Mage::getUrl('oauth/customer_token/delete/', array('id' => $model->getId()));
}
