/**
* Refresh an access token using an expired request token
* @param string $consumer_key obtained when you registered your app
* @param string $consumer_secret obtained when you registered your app
* @param string $old_access_token obtained previously
* @param string $old_token_secret obtained previously
* @param string $oauth_session_handle obtained previously
* @param bool $usePost use HTTP POST instead of GET (default false)
* @param bool $useHmacSha1Sig use HMAC-SHA1 signature (default false)
* @return response string with token or empty array on error
*/
function refresh_access_token($consumer_key, $consumer_secret, $old_access_token, $old_token_secret, $oauth_session_handle, $usePost = false, $useHmacSha1Sig = true, $passOAuthInHeader = true)
{
$retarr = array();
// return value
$response = array();
$url = 'https://api.login.yahoo.com/oauth/v2/get_token';
$params['oauth_version'] = '1.0';
$params['oauth_nonce'] = mt_rand();
$params['oauth_timestamp'] = time();
$params['oauth_consumer_key'] = $consumer_key;
$params['oauth_token'] = $old_access_token;
$params['oauth_session_handle'] = $oauth_session_handle;
// compute signature and add it to the params list
if ($useHmacSha1Sig) {
$params['oauth_signature_method'] = 'HMAC-SHA1';
$params['oauth_signature'] = oauth_compute_hmac_sig($usePost ? 'POST' : 'GET', $url, $params, $consumer_secret, $old_token_secret);
} else {
$params['oauth_signature_method'] = 'PLAINTEXT';
$params['oauth_signature'] = oauth_compute_plaintext_sig($consumer_secret, $old_token_secret);
}
// Pass OAuth credentials in a separate header or in the query string
if ($passOAuthInHeader) {
$query_parameter_string = oauth_http_build_query($params, true);
$header = build_oauth_header($params, "yahooapis.com");
$headers[] = $header;
} else {
$query_parameter_string = oauth_http_build_query($params);
}
// POST or GET the request
if ($usePost) {
$request_url = $url;
logit("refacctok:INFO:request_url:{$request_url}");
logit("refacctok:INFO:post_body:{$query_parameter_string}");
$headers[] = 'Content-Type: application/x-www-form-urlencoded';
$response = do_post($request_url, $query_parameter_string, 443, $headers);
} else {
$request_url = $url . ($query_parameter_string ? '?' . $query_parameter_string : '');
logit("refacctok:INFO:request_url:{$request_url}");
$response = do_get($request_url, 443, $headers);
}
// extract successful response
if (!empty($response)) {
list($info, $header, $body) = $response;
$body_parsed = oauth_parse_str($body);
if (!empty($body_parsed)) {
logit("getacctok:INFO:response_body_parsed:");
print_r($body_parsed);
}
$retarr = $response;
$retarr[] = $body_parsed;
}
return $retarr;
}
function get_request_token($callback = 'oob', $usePost = false, $useHmacSha1Sig = true, $passOAuthInHeader = false)
{
$retarr = array();
// return value
$response = array();
$params['oauth_version'] = '1.0';
$params['oauth_nonce'] = mt_rand();
$params['oauth_timestamp'] = time();
$params['oauth_consumer_key'] = $this->consumer_key;
$params['oauth_callback'] = $callback;
$headers = array();
// compute signature and add it to the params list
if ($useHmacSha1Sig) {
$params['oauth_signature_method'] = 'HMAC-SHA1';
$params['oauth_signature'] = oauth_compute_hmac_sig($usePost ? 'POST' : 'GET', $this->reqUrl, $params, $this->consumer_secret, null);
} else {
$params['oauth_signature_method'] = 'PLAINTEXT';
$params['oauth_signature'] = oauth_compute_plaintext_sig($this->consumer_secret, null);
}
// Pass OAuth credentials in a separate header or in the query string
if ($passOAuthInHeader) {
$query_parameter_string = oauth_http_build_query($params, true);
$header = build_oauth_header($params, "Twitter API");
$headers[] = $header;
} else {
$query_parameter_string = oauth_http_build_query($params);
}
// POST or GET the request
if ($usePost) {
$request_url = $this->reqUrl;
logit("getreqtok:INFO:request_url:{$request_url}");
logit("getreqtok:INFO:post_body:{$query_parameter_string}");
$headers[] = 'Content-Type: application/x-www-form-urlencoded';
$response = do_post($request_url, $query_parameter_string, 80, $headers);
} else {
$request_url = $this->reqUrl . ($query_parameter_string ? '?' . $query_parameter_string : '');
logit("getreqtok:INFO:request_url:{$request_url}");
$response = do_get($request_url, 80, $headers);
}
// extract successful response
if (!empty($response)) {
list($info, $header, $body) = $response;
$body_parsed = oauth_parse_str($body);
if (!empty($body_parsed)) {
logit("getreqtok:INFO:response_body_parsed:");
}
$retarr = $response;
$retarr[] = $body_parsed;
}
return $retarr;
}
function yim_auth_get_access_token($request_token, $oauth_session_handle = NULL, $oauth_token_secret = NULL)
{
$url = 'https://api.login.yahoo.com/oauth/v2/get_token';
$params = yim_get_basic_oauth_params();
$params['oauth_signature'] = oauth_compute_plaintext_sig(OAUTH_CONSUMER_SECRET, $oauth_token_secret);
$params['oauth_token'] = $request_token;
if ($oauth_session_handle != NULL) {
$params['oauth_session_handle'] = $oauth_session_handle;
}
$query_param_string = oauth_http_build_query($params);
$url = $url . '?' . $query_param_string;
$response = do_get($url, 443);
yim_fail_if_not_ok($response, 'Could not get access token');
$access_token_response = $response[2];
$access_tokens = split("&", $access_token_response);
$oauth_data = array();
foreach ($access_tokens as $param) {
$d = split("=", $param);
$oauth_data[$d[0]] = $d[1];
}
$oauth_data['oauth_token'] = rfc3986_decode($oauth_data['oauth_token']);
return $oauth_data;
}
