/**
* Lookup nonce value for the tool consumer.
*
* @param OAuthConsumer $consumer OAuthConsumer object
* @param string $token Token value
* @param string $value Nonce value
* @param string $timestamp Date/time of request
*
* @return boolean True if the nonce value already exists
*/
function lookup_nonce($consumer, $token, $value, $timestamp)
{
$nonce = new ConsumerNonce($this->toolProvider->consumer, $value);
$ok = !$nonce->load();
if ($ok) {
$ok = $nonce->save();
}
if (!$ok) {
$this->toolProvider->reason = 'Invalid nonce.';
}
return !$ok;
}
/**
* Save nonce object.
*
* @param ConsumerNonce $nonce Nonce object
*
* @return boolean True if the nonce object was successfully saved
*/
public function saveConsumerNonce($nonce)
{
$expires = date("{$this->dateFormat} {$this->timeFormat}", $nonce->expires);
$sql = sprintf("INSERT INTO {$this->dbTableNamePrefix}" . DataConnector::NONCE_TABLE_NAME . " (consumer_pk, value, expires) VALUES (%d, %s, %s)", $nonce->getConsumer()->getRecordId(), DataConnector::quoted($nonce->getValue()), DataConnector::quoted($expires));
$ok = mysql_query($sql);
return $ok;
}
/**
* Save nonce object.
*
* @param ConsumerNonce $nonce Nonce object
* @return boolean True if the nonce object was successfully saved
*/
public function saveConsumerNonce($nonce)
{
global $DB;
$data = ['consumerid' => $nonce->getConsumer()->getRecordId(), 'value' => $nonce->getValue(), 'expires' => $nonce->expires];
return $DB->insert_record($this->noncetable, (object) $data, false);
}
/**
* Test for data_connector::loadConsumerNonce() for a nonce that has expired.
*/
public function test_load_consumer_nonce_expired()
{
$dc = new data_connector();
$consumer = new ToolConsumer(null, $dc);
$consumer->name = 'TestName';
$consumer->setKey('TestKey');
$consumer->secret = 'TestSecret';
$consumer->save();
$nonce = new ConsumerNonce($consumer, 'testnonce');
$nonce->expires = time() - 100;
// Save the nonce.
$nonce->save();
// Expired nonce should have been deleted.
$this->assertFalse($dc->loadConsumerNonce($nonce));
}
/**
* Save nonce object.
*
* @param ConsumerNonce $nonce Nonce object
*
* @return boolean True if the nonce object was successfully saved
*/
public function saveConsumerNonce($nonce)
{
$id = $nonce->getConsumer()->getRecordId();
$value = $nonce->getValue();
$expires = date("{$this->dateFormat} {$this->timeFormat}", $nonce->expires);
$sql = "INSERT INTO {$this->dbTableNamePrefix}" . DataConnector::NONCE_TABLE_NAME . ' (consumer_pk, value, expires) VALUES (:id, :value, :expires)';
$query = $this->db->prepare($sql);
$query->bindValue('id', $id, PDO::PARAM_INT);
$query->bindValue('value', $value, PDO::PARAM_STR);
$query->bindValue('expires', $expires, PDO::PARAM_STR);
$ok = $query->execute();
return $ok;
}
