/**
* Performs a request to the given request URL.
*
* @param string $requestURL Resource that is to be requested (e.g. https://apps.na.collabserv.com/communities/service/html/mycommunities)
* @param string $callbackURL The callback URL (e.g. http://127.0.0.1:8443/demo/application/OAuthSample.php)
* @param string $method GET, PUT or POST. POST by default
*/
public function request($requestURL, $callbackURL, $method = 'POST', $endpointName = 'connections')
{
$callbackURL = $callbackURL . "&requestMethod=" . $method . "&requestURL=" . urlencode($requestURL) . "&endpointName=" . $endpointName;
$store = SBTCredentialStore::getInstance();
try {
// STEP 1: If we do not have an OAuth token yet, go get one
if (empty($_GET["oauth_token"])) {
$store = SBTCredentialStore::getInstance();
$settings = new SBTSettings();
$random = mt_rand(0, 999999);
$nonce = sha1($random);
$parameters = array('oauth_version' => '1.0', 'oauth_callback' => $callbackURL, 'oauth_timestamp' => time(), 'oauth_signature' => $settings->getConsumerSecret($endpointName) . '&' . $settings->getConsumerKey($endpointName), 'oauth_signature_method' => 'PLAINTEXT', 'oauth_nonce' => $nonce, 'oauth_consumer_key' => $settings->getConsumerKey($endpointName));
$tokenURL = $settings->getRequestTokenURL($endpointName) . '?' . http_build_query($parameters, null, '&');
$client = new Client($tokenURL);
$client->setDefaultOption('verify', false);
$headers = null;
$body = null;
$options = array();
$response = null;
try {
$request = $client->createRequest($method, $tokenURL, $headers, $body, $options);
if ($settings->forceSSLTrust($endpointName)) {
$request->getCurlOptions()->set(CURLOPT_SSL_VERIFYHOST, false);
$request->getCurlOptions()->set(CURLOPT_SSL_VERIFYPEER, false);
}
$response = $request->send();
} catch (Guzzle\Http\Exception\BadResponseException $e) {
$response = $e->getResponse();
print_r($response->getBody(TRUE));
}
foreach ($response->getHeaderLines() as $h) {
if (strpos($h, "Content-Type") === 0) {
header($h, TRUE);
}
}
header(':', true, $response->getStatusCode());
header('X-PHP-Response-Code: ' . $response->getStatusCode(), true, $response->getStatusCode());
parse_str($response->getBody(TRUE), $info);
if (isset($info['oauth_token'])) {
$store->storeRequestToken($info['oauth_token'], $endpointName);
}
if (isset($info['oauth_token_secret'])) {
$store->storeRequestTokenSecret($info['oauth_token_secret'], $endpointName);
}
if (!headers_sent()) {
header("Location: " . $settings->getAuthorizationURL($endpointName) . "?oauth_token=" . $info['oauth_token']);
} else {
echo '<script type="text/javascript" language="javascript">window.location = "' . $settings->getAuthorizationURL($endpointName) . "?oauth_token=" . $info['oauth_token'] . '";</script>';
}
}
} catch (OAuth1Exception2 $e) {
echo "OAuth1Exception2: " . $e->getMessage();
}
}
/**
* Tests whether settings are saved correctly by simulating post
* requests using mock data.
*/
function test_endpoint_save_settings()
{
// Load mock data
require 'mock_data.php';
if (!class_exists('SBTEndpointUpdate')) {
require BASE_PATH . '/controllers/SBTEndpointUpdate.php';
}
// Fake post request - populate it with mock data
$_POST['endpoint_name'] = $config['wp_endpoint_2_name'];
$_POST['endpoint_url'] = $config['wp_endpoint_2_url'];
$_POST['consumer_key'] = $config['wp_endpoint_2_consumer_key'];
$_POST['consumer_secret'] = $config['wp_endpoint_2_consumer_secret'];
$_POST['authorization_url'] = $config['wp_endpoint_2_authorization_url'];
$_POST['access_token_url'] = $config['wp_endpoint_2_access_token_url'];
$_POST['request_token_url'] = $config['wp_endpoint_2_request_token_url'];
$_POST['authentication_method'] = $config['wp_endpoint_2_authentication_method'];
$_POST['basic_auth_username'] = $config['wp_endpoint_2_basic_auth_username'];
$_POST['basic_auth_password'] = $config['wp_endpoint_2_basic_auth_password'];
$_POST['basic_auth_method'] = $config['wp_endpoint_2_basic_auth_method'];
$_POST['sdk_deploy_url'] = $config['sdk_deploy_url'];
$_POST['delete_endpoint'] = 'no';
$_POST['libraries_list'] = $config['js_library'];
// Update the endpoint
$update = new SBTEndpointUpdate();
// Load settings
if (!class_exists('SBTSettings')) {
require BASE_PATH . '/core/models/SBTSettings.php';
}
$settings = new SBTSettings();
// Check that settings have been saved
$this->assertEquals($config['wp_endpoint_2_name'], $settings->getName());
$this->assertEquals($config['wp_endpoint_2_url'], $settings->getURL());
$this->assertEquals($config['wp_endpoint_2_consumer_key'], $settings->getConsumerKey());
$this->assertEquals($config['wp_endpoint_2_consumer_secret'], $settings->getConsumerSecret());
$this->assertEquals($config['wp_endpoint_2_authorization_url'], $settings->getAuthorizationURL());
$this->assertEquals($config['wp_endpoint_2_access_token_url'], $settings->getAccessTokenURL());
$this->assertEquals($config['wp_endpoint_2_request_token_url'], $settings->getRequestTokenURL());
$this->assertEquals($config['wp_endpoint_2_authentication_method'], $settings->getAuthenticationMethod());
$this->assertEquals($config['wp_endpoint_2_basic_auth_username'], $settings->getBasicAuthUsername());
$this->assertEquals($config['wp_endpoint_2_basic_auth_password'], $settings->getBasicAuthPassword());
$this->assertEquals($config['wp_endpoint_2_basic_auth_method'], $settings->getBasicAuthMethod());
$this->assertEquals($config['sdk_deploy_url'], $settings->getSDKDeployURL());
$this->assertEquals($config['js_library'], $settings->getJSLibrary());
// Now delete the endpoint
$_POST['delete_endpoint'] = 'yes';
// Perform update
$update = new SBTEndpointUpdate();
// Make sure that the endpoint has been deleted
$settings = new SBTSettings();
$this->assertNotEquals($config['wp_endpoint_2_name'], $settings->getName());
}
/**
* Constructor.
*/
function __construct($endpointName = "connections")
{
$this->endpointName = $endpointName;
$this->loadModel('SBTSettings');
$settings = new SBTSettings();
$authMethod = $settings->getAuthenticationMethod($endpointName);
global $USER;
if (isset($USER->id)) {
setcookie('ibm-sbt-uid', $USER->id, time() + 604800);
}
if ($authMethod == 'oauth1') {
// Check if we have an access token. If not, re-direct user to authentication page
$this->loadModel('SBTCredentialStore');
$store = SBTCredentialStore::getInstance();
$token = $store->getRequestToken($endpointName);
if ($token == null) {
// Autoloader
if (file_exists('../../../autoload.php')) {
include_once '../../../autoload.php';
} else {
if (function_exists('plugin_dir_path')) {
$dir = plugin_dir_path(__FILE__);
include_once $dir . '../../autoload.php';
}
}
if (file_exists(BASE_PATH . '/core/controllers/endpoint/SBTOAuth1Endpoint.php')) {
include BASE_PATH . '/core/controllers/endpoint/SBTOAuth1Endpoint.php';
}
// Create endpoint
$oauth = new SBTOAuth1Endpoint();
// Send request to authenticate user (auth token is automatically being stored when callback method = authenticationCallback)
// find out the domain:
$domain = $_SERVER['HTTP_HOST'];
// find out the path to the current file:
$path = $_SERVER['SCRIPT_NAME'];
// find out the QueryString:
$queryString = $_SERVER['QUERY_STRING'];
// put it all together:
$protocol = !empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off' || $_SERVER['SERVER_PORT'] == 443 ? "https://" : "http://";
$url = $protocol . $domain . $path . "?" . $queryString;
$body = null;
if (strpos(BASE_LOCATION, 'core') !== FALSE) {
$body = $oauth->request($url, BASE_LOCATION . '/index.php?plugin=guzzle&class=SBTOAuth1Endpoint&method=authenticationCallback', 'POST', $endpointName);
} else {
$body = $oauth->request($url, BASE_LOCATION . '/core/index.php?plugin=guzzle&class=SBTOAuth1Endpoint&method=authenticationCallback', 'POST', $endpointName);
}
var_dump($body);
}
} else {
if ($authMethod == 'oauth2') {
// Check if we have an access token. If not, re-direct user to authentication page
$this->loadModel('SBTCredentialStore');
$store = SBTCredentialStore::getInstance();
$token = $store->getOAuthAccessToken($endpointName);
if ($token == null) {
// Autoloader
if (file_exists('../../../autoload.php')) {
include_once '../../../autoload.php';
} else {
if (function_exists('plugin_dir_path')) {
$dir = plugin_dir_path(__FILE__);
include_once $dir . '../../autoload.php';
}
}
$parameters = array('response_type' => 'code', 'client_id' => $settings->getClientId($endpointName), 'callback_uri' => $settings->getOAuth2CallbackURL($endpointName));
$authURL = $settings->getAuthorizationURL($endpointName) . '?' . http_build_query($parameters, null, '&');
if (!headers_sent()) {
header("Location: " . $authURL);
} else {
echo '<script type="text/javascript" language="javascript">window.location = "' . $authURL . '";</script>';
}
}
}
}
}
$plugin = null;
// See if the user is loading a plugin
if (!empty($_REQUEST['plugin'])) {
$plugin = $_REQUEST['plugin'];
}
// Load plugin dependencies
if ($plugin != null) {
switch ($plugin) {
case "guzzle":
// Load dependencies for Guzzle
require_once "controllers/endpoint/SBTOAuth1Endpoint.php";
// Load properties
require_once 'models/SBTSettings.php';
$settings = new SBTSettings();
// Init the OAuth options
$options = array('consumer_key' => $settings->getConsumerKey(), 'consumer_secret' => $settings->getConsumerSecret(), 'server_uri' => $settings->getURL(), 'request_token_uri' => $settings->getRequestTokenURL(), 'authorize_uri' => $settings->getAuthorizationURL(), 'access_token_uri' => $settings->getAccessTokenURL());
// Instantiate controller object
$obj = new $class($options);
// Call method on you controller object
call_user_func_array(array($obj, $method), array());
break;
}
} else {
// Make sure that the classpath isn't blacklisted
$blacklisted = false;
foreach ($blacklist as $blacklistedItem) {
if (startsWith($classpath, $blacklistedItem)) {
$blacklisted = true;
break;
}
}
