public function flow()
{
if (isset($_GET['oauth_token'])) {
$consumerKey = $_GET['oauth_consumer_key'];
$consumerSecret = $_GET['oauth_consumer_secret'];
$token = $_GET['oauth_token'];
$tokenSecret = $_GET['oauth_token_secret'];
$verifier = $_GET['oauth_verifier'];
try {
$consumer = getDb()->getCredential($token);
$oauth = new OAuth($consumerKey, $consumerSecret, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_AUTHORIZATION);
$oauth->setVersion('1.0a');
$oauth->setToken($token, $tokenSecret);
$accessToken = $oauth->getAccessToken(sprintf('%s://%s/v1/oauth/token/access', $this->utility->getProtocol(false), $_SERVER['HTTP_HOST']), null, $verifier);
$accessToken['oauth_consumer_key'] = $consumerKey;
$accessToken['oauth_consumer_secret'] = $consumerSecret;
setcookie('oauth', http_build_query($accessToken));
if (!isset($accessToken['oauth_token']) || !isset($accessToken['oauth_token_secret'])) {
echo sprintf('Invalid response when getting an access token: %s', http_build_query($accessToken));
} else {
echo sprintf('You exchanged a request token for an access token<br><a href="?reloaded=1">Reload to make an OAuth request</a>', $accessToken['oauth_token'], $accessToken['oauth_token_secret']);
}
} catch (OAuthException $e) {
$message = OAuthProvider::reportProblem($e);
getLogger()->info($message);
OPException::raise(new OPAuthorizationOAuthException($message));
}
} else {
if (!isset($_GET['reloaded'])) {
$callback = sprintf('%s://%s/v1/oauth/flow', $this->utility->getProtocol(false), $_SERVER['HTTP_HOST']);
$name = isset($_GET['name']) ? $_GET['name'] : 'OAuth Test Flow';
echo sprintf('<a href="%s://%s/v1/oauth/authorize?oauth_callback=%s&name=%s">Create a new client id</a>', $this->utility->getProtocol(false), $_SERVER['HTTP_HOST'], urlencode($callback), urlencode($name));
} else {
try {
parse_str($_COOKIE['oauth']);
$consumer = getDb()->getCredential($oauth_token);
$oauth = new OAuth($oauth_consumer_key, $oauth_consumer_secret, OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_AUTHORIZATION);
$oauth->setToken($oauth_token, $oauth_token_secret);
$oauth->fetch(sprintf('http://%s/v1/oauth/test?oauth_consumer_key=%s', $_SERVER['HTTP_HOST'], $oauth_consumer_key));
$response_info = $oauth->getLastResponseInfo();
header("Content-Type: {$response_info["content_type"]}");
echo $oauth->getLastResponse();
} catch (OAuthException $e) {
$message = OAuthProvider::reportProblem($e);
getLogger()->info($message);
OPException::raise(new OPAuthorizationOAuthException($message));
}
}
}
}
/**
* @see OAuthHanlder::GetSignedRequestParameters()
*/
public function GetSignedRequestParameters($credentials, $url, $method = NULL)
{
if (empty($method)) {
$method = 'POST';
}
$params = array();
$params['oauth_consumer_key'] = $credentials['oauth_consumer_key'];
$params['oauth_token'] = $credentials['oauth_token'];
$params['oauth_signature_method'] = 'HMAC-SHA1';
$params['oauth_timestamp'] = time();
$params['oauth_nonce'] = uniqid();
$params['oauth_version'] = '1.0a';
$oauth = new OAuth($credentials['oauth_consumer_key'], $credentials['oauth_consumer_secret'], OAUTH_SIG_METHOD_HMACSHA1, OAUTH_AUTH_TYPE_AUTHORIZATION);
$oauth->setRequestEngine(OAUTH_REQENGINE_CURL);
$oauth->setVersion('1.0a');
$oauth->setToken($credentials['oauth_token'], $credentials['oauth_token_secret']);
$oauth->setTimestamp($params['oauth_timestamp']);
$oauth->setNonce($params['oauth_nonce']);
$oauth->setVersion($params['oauth_version']);
$signature = $oauth->generateSignature(self::$OAUTH_METHOD_ENUMS[$method], $url);
$params['oauth_signature'] = $signature;
return $params;
}
/**
* Constructs a new OAuth client object.
* @param array $credentials the credentials to use
* @param string $authorizationType the authorization type to use
* @return OAuth a new OAuth client
*/
private function GetClient($credentials, $authorizationType = NULL)
{
$client = new OAuth($credentials['oauth_consumer_key'], $credentials['oauth_consumer_secret'], OAUTH_SIG_METHOD_HMACSHA1, $authorizationType);
$client->setRequestEngine(OAUTH_REQENGINE_CURL);
$client->setVersion('1.0a');
if (isset($credentials['oauth_token']) && isset($credentials['oauth_token_secret'])) {
$client->setToken($credentials['oauth_token'], $credentials['oauth_token_secret']);
}
// SSL settings.
if (defined('SSL_VERIFY_PEER') && SSL_VERIFY_PEER) {
$client->setSSLChecks(OAUTH_SSLCHECK_PEER);
} else {
$client->setSSLChecks(OAUTH_SSLCHECK_NONE);
}
if (defined('SSL_VERIFY_HOST') && SSL_VERIFY_HOST) {
if ($client->sslChecks == OAUTH_SSLCHECK_PEER) {
$client->setSSLChecks(OAUTH_SSLCHECK_BOTH);
} else {
$client->setSSLChecks(OAUTH_SSLCHECK_HOST);
}
}
if (defined('SSL_CA_PATH') && SSL_CA_PATH != '') {
// The second parameter must be explicitly set to NULL due to a bug in
// version 1.2.2 and earlier. See https://bugs.php.net/bug.php?id=60226
$client->setCAPath(SSL_CA_PATH, NULL);
}
if (defined('SSL_CA_FILE') && SSL_CA_FILE != '') {
$client->setCAPath(NULL, SSL_CA_FILE);
}
return $client;
}
