protected function getInvalidationMark(RemoteContentRequest $request)
{
$token = $request->getToken();
if (!$token) {
return null;
}
$currentInvalidation = '';
if ($token->getOwnerId()) {
$ownerKey = $this->getKey($token->getOwnerId(), $token);
$cached = $this->invalidationEntry->expiredGet($ownerKey);
$ownerStamp = $cached['found'] ? $cached['data'] : false;
}
if ($token->getViewerId()) {
$viewerKey = $this->getKey($token->getViewerId(), $token);
$cached = $this->invalidationEntry->expiredGet($viewerKey);
$viewerStamp = $cached['found'] ? $cached['data'] : false;
}
if (isset($ownerStamp)) {
$currentInvalidation = $currentInvalidation . 'o=' . $ownerStamp . ';';
}
if (isset($viewerStamp)) {
$currentInvalidation = $currentInvalidation . 'v=' . $viewerStamp . ';';
}
return $currentInvalidation;
}
/**
* Implements section 6.3 of the OAuth spec.
*/
private function exchangeRequestToken(RemoteContentRequest $request)
{
try {
$accessor = $this->accessorInfo->getAccessor();
$url = $accessor->consumer->callback_url->accessTokenURL;
$msgParams = array();
$msgParams[ShindigOAuth::$OAUTH_TOKEN] = $accessor->requestToken;
self::addIdentityParams($msgParams, $request->getToken());
$callbackUrl = $this->requestParams->getReceivedCallback();
if (strlen($callbackUrl) > 0) {
$parsed_url = parse_url($callbackUrl);
parse_str($parsed_url["query"], $url_params);
if (strlen($url_params["oauth_token"]) > 0 && strlen($url_params["oauth_verifier"]) > 0 && $url_params["oauth_token"] == $accessor->requestToken) {
$msgParams[ShindigOAuth::$OAUTH_VERIFIER] = $url_params["oauth_verifier"];
} else {
throw new GadgetException("Invalid received callback URL: " . $callbackUrl);
}
}
$request = $this->newRequestMessageParams($url->url, $msgParams);
$reply = $this->sendOAuthMessage($request);
$reply->requireParameters(array(ShindigOAuth::$OAUTH_TOKEN, ShindigOAuth::$OAUTH_TOKEN_SECRET));
$accessor->accessToken = $reply->get_parameter(ShindigOAuth::$OAUTH_TOKEN);
$accessor->tokenSecret = $reply->get_parameter(ShindigOAuth::$OAUTH_TOKEN_SECRET);
} catch (Exception $e) {
// It's unfortunate the OAuth libraries throw a generic Exception.
throw new GadgetException("INTERNAL SERVER ERROR: " . $e);
}
}
/**
* Implements section 6.3 of the OAuth spec.
*/
private function exchangeRequestToken(RemoteContentRequest $request)
{
try {
$accessor = $this->accessorInfo->getAccessor();
$url = $accessor->consumer->callback_url->accessTokenURL;
$msgParams = array();
$msgParams[OAuth::$OAUTH_TOKEN] = $accessor->requestToken;
self::addIdentityParams($msgParams, $request->getToken());
$request = $this->newRequestMessageParams($url->url, $msgParams);
$reply = $this->sendOAuthMessage($request);
$reply->requireParameters(array(OAuth::$OAUTH_TOKEN, OAuth::$OAUTH_TOKEN_SECRET));
$accessor->accessToken = $reply->get_parameter(OAuth::$OAUTH_TOKEN);
$accessor->tokenSecret = $reply->get_parameter(OAuth::$OAUTH_TOKEN_SECRET);
} catch (Exception $e) {
// It's unfortunate the OAuth libraries throw a generic Exception.
throw new GadgetException("INTERNAL SERVER ERROR: " . $e);
}
}
private function signRequest(RemoteContentRequest $request)
{
$url = $request->getUrl();
$method = $request->getMethod();
try {
// Parse the request into parameters for OAuth signing, stripping out
// any OAuth or OpenSocial parameters injected by the client
$parsedUri = parse_url($url);
$resource = $url;
$contentType = $request->getHeader('Content-Type');
$signBody = stripos($contentType, 'application/x-www-form-urlencoded') !== false || $contentType == null;
$msgParams = array();
$postParams = array();
if ($request->getPostBody()) {
if ($signBody) {
// on normal application/x-www-form-urlencoded type post's encode and parse the post vars
parse_str($request->getPostBody(), $postParams);
$postParams = $this->sanitize($postParams);
} else {
// on any other content-type of post (application/{json,xml,xml+atom}) use the body signing hash
// see http://oauth.googlecode.com/svn/spec/ext/body_hash/1.0/drafts/4/spec.html for details
$msgParams['oauth_body_hash'] = base64_encode(sha1($request->getPostBody(), true));
}
}
if ($signBody && isset($postParams)) {
$msgParams = array_merge($msgParams, $postParams);
}
$this->addOpenSocialParams($msgParams, $request->getToken(), $request->getOptions()->ownerSigned, $request->getOptions()->viewerSigned);
$this->addOAuthParams($msgParams, $request->getToken());
$consumer = new OAuthConsumer(NULL, NULL, NULL);
$signatureMethod = new ShindigRsaSha1SignatureMethod($this->privateKeyObject, null);
$req_req = OAuthRequest::from_consumer_and_token($consumer, NULL, $method, $resource, $msgParams);
$req_req->sign_request($signatureMethod, $consumer, NULL);
// Rebuild the query string, including all of the parameters we added.
// We have to be careful not to copy POST parameters into the query.
// If post and query parameters share a name, they end up being removed
// from the query.
$forPost = array();
$postData = false;
if ($method == 'POST' && $signBody) {
foreach ($postParams as $key => $param) {
$forPost[$key] = $param;
if ($postData === false) {
$postData = array();
}
$postData[] = OAuthUtil::urlencode_rfc3986($key) . "=" . OAuthUtil::urlencode_rfc3986($param);
}
if ($postData !== false) {
$postData = implode("&", $postData);
}
}
$newQueryParts = array();
foreach ($req_req->get_parameters() as $key => $param) {
if (!isset($forPost[$key])) {
if (!is_array($param)) {
$newQueryParts[] = urlencode($key) . '=' . urlencode($param);
} else {
foreach ($param as $elem) {
$newQueryParts[] = urlencode($key) . '=' . urlencode($elem);
}
}
}
$newQuery = implode('&', $newQueryParts);
}
// Careful here; the OAuth form encoding scheme is slightly different than
// the normal form encoding scheme, so we have to use the OAuth library
// formEncode method.
$url = $parsedUri['scheme'] . '://' . $parsedUri['host'] . (isset($parsedUri['port']) ? ':' . $parsedUri['port'] : '') . (isset($parsedUri['path']) ? $parsedUri['path'] : '') . '?' . $newQuery;
$request->setUri($url);
if ($signBody) {
$request->setPostBody($postData);
}
} catch (Exception $e) {
throw new GadgetException($e);
}
}
