/**
* Fetch the private CERT key for the signature
*
* @param IOauthSignable request
* @return string private key
*/
protected function fetch_private_cert(IOauthSignable $response, Secrets $secrets)
{
if ($this->store) {
return $this->store->getPrivateCertificate($secrets);
} else {
throw new \Foundation\Oauth\OauthException("RSA key store is missing");
}
}
/**
* Verify the start of an authorization request. Verifies if the request token is valid.
* Next step is the method authorizeFinish()
*
* Nota bene: this stores the current token, consumer key and callback in the _SESSION
*
* @exception OAuthException2 thrown when not a valid request
* @return IOauthToken
*/
public function authorizeVerify($manualToken = null)
{
$token = $manualToken ? $manualToken : $this->request->getParam('oauth_token', true);
if (\is_array($token)) {
$token = isset($token[0]) ? $token[0] : null;
}
$rs = $this->store->getConsumerRequestToken($token);
if (!$rs) {
throw new OauthException('Unknown token "' . $token . '"');
}
// We need to remember the callback
$verify_oauth_token = $this->session->get('verify_oauth_token');
if (empty($verify_oauth_token) && !$manualToken || strcmp($verify_oauth_token, $rs->token)) {
$this->session->set('verify_oauth_token', $rs->token);
$this->session->set('verify_oauth_consumer_key', $rs->getOauthServerRegistry()->consumer_key);
$cb = $this->request->getParam('oauth_callback', true);
/*if ($cb)
$this->session->set('verify_oauth_callback', $cb);
else*/
$this->session->set('verify_oauth_callback', $rs->callback_url);
}
return $rs;
}