/**
* @param AccessTokenInterface $token
* @param array $options
*/
public function __construct(AccessTokenInterface $token, array $options = [])
{
$options = array_merge($options, ['emitter' => EventsManager::getEmitter()]);
parent::__construct($options);
if ($token instanceof OAuth2AccessTokenInterface) {
$this->getEmitter()->on('before', function (BeforeEvent $event) use($token) {
/** @var \Eva\EvaOAuth\OAuth2\Token\AccessToken $token */
$event->getRequest()->setHeader('Authorization', $token->getTokenType() . ' ' . $token->getTokenValue());
});
} else {
$signatureMethod = isset($options['signature_method']) ? $options['signature_method'] : SignatureInterface::METHOD_HMAC_SHA1;
$signatureClasses = [SignatureInterface::METHOD_PLAINTEXT => 'Eva\\EvaOAuth\\OAuth1\\Signature\\PlainText', SignatureInterface::METHOD_HMAC_SHA1 => 'Eva\\EvaOAuth\\OAuth1\\Signature\\Hmac', SignatureInterface::METHOD_RSA_SHA1 => 'Eva\\EvaOAuth\\OAuth1\\Signature\\Rsa'];
if (false === isset($signatureClasses[$signatureMethod])) {
throw new InvalidArgumentException(sprintf('Signature method %s not able to process', $signatureMethod));
}
$signatureClass = $signatureClasses[$signatureMethod];
$this->getEmitter()->on('before', function (BeforeEvent $event) use($token, $signatureClass) {
/** @var Request $request */
$request = $event->getRequest();
/** @var \Eva\EvaOAuth\OAuth1\Token\AccessToken $token */
$httpMethod = strtoupper($request->getMethod());
$url = Url::fromString($request->getUrl());
$parameters = ['oauth_consumer_key' => $token->getConsumerKey(), 'oauth_signature_method' => SignatureInterface::METHOD_HMAC_SHA1, 'oauth_timestamp' => (string) time(), 'oauth_nonce' => strtolower(Text::generateRandomString(32)), 'oauth_token' => $token->getTokenValue(), 'oauth_version' => '1.0'];
$signature = (string) new $signatureClass($token->getConsumerSecret(), Text::buildBaseString($httpMethod, $url, $parameters), $token->getTokenSecret());
$parameters['oauth_signature'] = $signature;
$event->getRequest()->setHeader('Authorization', Text::buildHeaderString($parameters));
});
}
}
/**
* @param ServiceProviderInterface $serviceProvider
* @param array $urlQuery
* @param RequestToken $requestToken
* @return AccessToken
*/
public function getAccessToken(ServiceProviderInterface $serviceProvider, array $urlQuery = [], RequestToken $requestToken = null)
{
$urlQuery = $urlQuery ?: $_GET;
$tokenValue = empty($urlQuery['oauth_token']) ? '' : $urlQuery['oauth_token'];
$tokenVerify = empty($urlQuery['oauth_verifier']) ? '' : $urlQuery['oauth_verifier'];
if (!$tokenValue || !$tokenVerify) {
throw new InvalidArgumentException(sprintf('No oauth_token or oauth_verifier input'));
}
/** @var RequestToken $requestToken */
$requestToken = $requestToken ?: $this->getStorage()->fetch(md5($tokenValue));
if (!$requestToken) {
throw new InvalidArgumentException(sprintf('No request token found in storage'));
}
if ($tokenValue != $requestToken->getTokenValue()) {
throw new VerifyException(sprintf('Request token not match'));
}
$options = $this->options;
$httpMethod = $serviceProvider->getAccessTokenMethod();
$url = $serviceProvider->getAccessTokenUrl();
$parameters = ['oauth_consumer_key' => $options['consumer_key'], 'oauth_signature_method' => $this->signatureMethod, 'oauth_timestamp' => (string) time(), 'oauth_nonce' => Text::generateRandomString(32), 'oauth_token' => $tokenValue, 'oauth_version' => '1.0', 'oauth_verifier' => $tokenVerify, 'oauth_callback' => $options['callback']];
$baseString = Text::buildBaseString($httpMethod, $url, $parameters);
$signatureClass = $this->getSignatureClass();
$signature = (string) new $signatureClass($baseString, $options['consumer_secret'], $requestToken->getTokenSecret());
$parameters['oauth_signature'] = $signature;
$httpClient = self::getHttpClient();
$httpClientOptions = ['headers' => ['X-EvaOAuth-Debug-BaseString' => $baseString, 'Authorization' => Text::buildHeaderString($parameters)], 'body' => ['oauth_verifier' => $tokenVerify]];
$request = $httpClient->createRequest($httpMethod, $url, $httpClientOptions);
try {
$this->getEmitter()->emit('beforeGetAccessToken', new BeforeGetAccessToken($request, $serviceProvider, $this));
/** @var Response $response */
$response = $httpClient->send($request);
return AccessToken::factory($response, $serviceProvider, $options);
} catch (RequestException $e) {
throw new \Eva\EvaOAuth\Exception\RequestException('Get access token failed', $e->getRequest(), $e->getResponse());
}
}
public function testHeaderString()
{
$this->assertEquals('OAuth foo="bar"', Text::buildHeaderString(['foo' => 'bar']));
$this->assertEquals('OAuth foo="bar", tfoo="tbar"', Text::buildHeaderString(['tfoo' => 'tbar', 'foo' => 'bar']));
}
