/**
* Verify the request if it seemed to be signed.
*
* @param string token_type the kind of token needed, defaults to 'access'
* @exception OAuthException thrown when the request did not verify
* @return boolean true when signed, false when not signed
*/
public function verifyIfSigned($token_type = 'access')
{
if ($this->getParam('oauth_consumer_key')) {
OAuthRequestLogger::start($this);
$this->verify($token_type);
$signed = true;
OAuthRequestLogger::flush();
} else {
$signed = false;
}
return $signed;
}
public function xauthAccessToken($user_id)
{
OAuthRequestLogger::start($this);
try {
$options = array();
$ttl = $this->getParam('xoauth_token_ttl', false);
if ($ttl) {
$options['token_ttl'] = $ttl;
}
// Create a request token
$store = OAuthStore::instance();
$token = $store->addConsumerRequestToken($this->getParam('oauth_consumer_key', true), $options);
$verifier = $store->authorizeConsumerRequestToken($token['token'], $user_id, $referrer_host);
if ($verifier) {
$options['verifier'] = $verifier;
}
$token = $store->exchangeConsumerRequestForAccessToken($token['token'], $options);
$result = 'oauth_token=' . $this->urlencode($token['token']) . '&oauth_token_secret=' . $this->urlencode($token['token_secret']);
if (!empty($token['token_ttl'])) {
$result .= '&xoauth_token_ttl=' . $this->urlencode($token['token_ttl']);
}
header('HTTP/1.1 200 OK');
header('Content-Length: ' . strlen($result));
header('Content-Type: application/x-www-form-urlencoded');
echo $result;
} catch (OAuthException2 $e) {
header('HTTP/1.1 401 Access Denied');
header('Content-Type: text/plain');
echo "OAuth Verification Failed: " . $e->getMessage();
}
OAuthRequestLogger::flush();
exit;
}
/**
* Request an access token from the site belonging to consumer_key.
* Before this we got an request token, now we want to exchange it for
* an access token.
*
* @param string consumer_key
* @param string token
* @param int usr_id user requesting the access token
* @param string method (optional) change the method of the request, defaults to POST (as it should be)
* @param array options (optional) extra options for request, eg token_ttl
* @param array curl_options optional extra options for curl request
*
* @exception OAuthException2 when no key could be fetched
* @exception OAuthException2 when no server with consumer_key registered
*/
static function requestAccessToken($consumer_key, $token, $usr_id, $method = 'POST', $options = array(), $curl_options = array())
{
OAuthRequestLogger::start();
$store = OAuthStore::instance();
$r = $store->getServerTokenSecrets($consumer_key, $token, 'request', $usr_id);
$uri = $r['access_token_uri'];
$token_name = $r['token_name'];
// Delete the server request token, this one was for one use only
$store->deleteServerToken($consumer_key, $r['token'], 0, true);
// Try to exchange our request token for an access token
$oauth = new OAuthRequester($uri, $method);
if (isset($options['oauth_verifier'])) {
$oauth->setParam('oauth_verifier', $options['oauth_verifier']);
}
if (isset($options['token_ttl']) && is_numeric($options['token_ttl'])) {
$oauth->setParam('xoauth_token_ttl', intval($options['token_ttl']));
}
OAuthRequestLogger::setRequestObject($oauth);
$oauth->sign($usr_id, $r);
$text = $oauth->curl_raw($curl_options);
if (empty($text)) {
throw new OAuthException2('No answer from the server "' . $uri . '" while requesting a request token');
}
$data = $oauth->curl_parse($text);
if ($data['code'] != 200) {
throw new OAuthException2('Unexpected result from the server "' . $uri . '" (' . $data['code'] . ') while requesting a request token');
}
$token = array();
$params = explode('&', $data['body']);
foreach ($params as $p) {
@(list($name, $value) = explode('=', $p, 2));
$token[$oauth->urldecode($name)] = $oauth->urldecode($value);
}
if (!empty($token['oauth_token']) && !empty($token['oauth_token_secret'])) {
$opts = array();
$opts['name'] = $token_name;
if (isset($token['xoauth_token_ttl'])) {
$opts['token_ttl'] = $token['xoauth_token_ttl'];
}
$store->addServerToken($consumer_key, 'access', $token['oauth_token'], $token['oauth_token_secret'], $usr_id, $opts);
} else {
throw new OAuthException2('The server "' . $uri . '" did not return the oauth_token or the oauth_token_secret');
}
OAuthRequestLogger::flush();
}
/**
* Exchange a request token for an access token.
* The exchange is only succesful iff the request token has been authorized.
*
* Never returns, calls exit() when token is exchanged or when error is returned.
*/
public function accessToken()
{
OAuthRequestLogger::start($this);
try {
$this->verify('request');
$options = array();
$ttl = $this->getParam('xoauth_token_ttl', false);
if ($ttl) {
$options['token_ttl'] = $ttl;
}
$store = OAuthStore::instance();
$token = $store->exchangeConsumerRequestForAccessToken($this->getParam('oauth_token', true), $options);
$result = 'oauth_token=' . $this->urlencode($token['token']) . '&oauth_token_secret=' . $this->urlencode($token['token_secret']);
if (!empty($token['token_ttl'])) {
$result .= '&xoauth_token_ttl=' . $this->urlencode($token['token_ttl']);
}
header('HTTP/1.1 200 OK');
header('Content-Length: ' . strlen($result));
header('Content-Type: application/x-www-form-urlencoded');
echo $result;
} catch (OAuthException $e) {
header('HTTP/1.1 401 Access Denied');
header('Content-Type: text/plain');
echo "OAuth Verification Failed: " . $e->getMessage();
}
OAuthRequestLogger::flush();
exit;
}
public function access_protected_resource()
{
global $CONFIG, $THEME_DIR, $USER, $CAT_LIST;
global $cpg_udb;
// Needed for "lastcomby" meta album in picture list
try {
$result = $this->verify('access');
if ($result != null) {
define('API_CALL', true);
$superCage = Inspekt::makeSuperCage();
$matches = $superCage->post->getMatched('function', '/^[a-z]+$/');
switch ($matches[0]) {
case 'upload':
require 'db_input.php';
break;
case 'alblist':
define('IN_COPPERMINE', true);
require 'include/init.inc.php';
pub_user_albums();
upload_form_alb_list('', '');
break;
case 'piclist':
define('IN_COPPERMINE', true);
require 'include/init.inc.php';
if ($superCage->post->getInt('album')) {
pub_user_albums();
upload_form_alb_list('', '');
} else {
if ($album = $superCage->post->getAlpha('album')) {
$allowed = array('lastcom', 'lastcomby', 'lastup', 'lastupby', 'topn', 'toprated', 'lasthits');
if (!in_array($album, $allowed)) {
new OAuthException("Valid meta album names for this function are: 'lastcom', 'lastcomby', 'lastup', 'lastupby', 'topn', 'toprated', and 'lasthits'");
}
$USER['uid'] = USER_ID;
require 'thumbnails.php';
} else {
// No album provided
new OAuthException('No album provided via HTTP POST');
}
}
break;
case 'search':
define('IN_COPPERMINE', true);
require 'include/init.inc.php';
require 'thumbnails.php';
break;
case 'catlist':
define('IN_COPPERMINE', true);
require 'include/init.inc.php';
api_cat_list();
break;
default:
throw new OAuthException('No function specified via HTTP POST');
}
}
} catch (OAuthException $e) {
header('HTTP/1.1 401 Access Denied');
header('Content-Type: text/xml');
throw new OAuthException($e->getMessage());
}
OAuthRequestLogger::flush();
exit;
}
/**
* Exchange a request token for an access token.
* The exchange is only succesful if the request token has been authorized.
*/
public function accessToken()
{
OAuthRequestLogger::start($this);
try {
$this->verify('request');
$store = OAuthStore::instance();
$token = $store->exchangeConsumerRequestForAccessToken($this->getParam('oauth_token', true));
$result = "<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n" . '<access_token>oauth_token=' . $this->urlencode($token['token']) . '&oauth_token_secret=' . $this->urlencode($token['token_secret']) . '</access_token>';
header('HTTP/1.1 200 OK');
header('Content-Length: ' . strlen($result));
//header('Content-Type: application/x-www-form-urlencoded');
echo $result;
} catch (OAuthException $e) {
header('HTTP/1.1 401 Access Denied');
header('Content-Type: text/xml');
throw new OAuthException($e->getMessage());
}
OAuthRequestLogger::flush();
exit;
}
