require '../yosdk/yahoo-yos-social-php5-86eef28/lib/OAuth/OAuth.php';
require '../yosdk/yahoo-yos-social-php5-86eef28/lib/Yahoo/YahooOAuthApplication.class.php';
//http://gist.github.com/387056
require 'MysqlUtil.php';
require 'config.php';
// safely fetch input
$notice = filter_var($_GET['notice'], FILTER_SANITIZE_STRING);
$bbauth_token = filter_var($_COOKIE['bbauth_token'], FILTER_SANITIZE_STRING);
$local_user_id = filter_var($_COOKIE['local_user_id'], FILTER_SANITIZE_STRING);
// require bbauth session
if (!$local_user_id) {
header("Location: index.php?notice=session_required");
}
// check for oauth token in storage
$db = new MysqlUtil($db_host, $db_name, $db_user, $db_pass);
try {
$results = $db->query("SELECT * FROM `oauth_tokens` \n WHERE `local_user_id` = '%s' \n AND `service` = 'yahoo' \n LIMIT 0 , 1;", $local_user_id);
} catch (Exception $e) {
printf('<pre>%s</pre>', print_r($e, true));
die;
}
// there may be a record, but it may not have a valid token in it
if (count($results) > 0) {
$access_token = json_decode($results[0]['token_json']);
}
// if there's a stored token, check if it's expired, and refresh if it is
if ($access_token && $access_token->expire_time < time()) {
$oauth_app = new YahooOAuthApplication($oauth_consumer_key, $oauth_consumer_secret, $oauth_application_id);
$access_token = $oauth_app->refreshAccessToken($access_token);
$access_token->expire_time = time() + $access_token->expires_in;
$local_user_id = filter_var($_COOKIE['local_user_id'], FILTER_SANITIZE_STRING);
$request_token = filter_var($_COOKIE[$local_user_id . '_yahoo_rt'], FILTER_SANITIZE_STRING);
// if user's not logged in, redirect back to index
if (!$local_user_id) {
header("Location: index.php?notice=session_required");
}
// if verifier & stored token, we're in the redirect back from a successful auth
if ($oauth_verifier && $request_token) {
// fetch request token (decode html entities from filter), & delete it
$request_token = json_decode(stripslashes(html_entity_decode($request_token)));
setcookie($local_user_id . '_yahoo_rt', '', time() - 3600);
// exchange request token for access token
$access_token = $oauth_app->getAccessToken($request_token, $oauth_verifier);
// calc time token will expire & add it to token obj
$access_token->expire_time = time() + $access_token->expires_in;
// a convenience obj for mysql. any persistent storage could be used here
$db = new MysqlUtil($db_host, $db_name, $db_user, $db_pass);
try {
$results = $db->query("INSERT INTO `%s`.`oauth_tokens` (`local_user_id`, `service`, `token_json`) \n VALUES ( '%s', 'yahoo', '%s' );", $db_name, $local_user_id, json_encode($access_token));
} catch (Exception $e) {
printf('<pre>%s</pre>', print_r($e, true));
die;
}
// redirect back to index w/ success message
header("Location: home.php?notice=upgrade_success");
} else {
$request_token = $oauth_app->getRequestToken($oauth_callback_url);
setcookie($local_user_id . '_yahoo_rt', json_encode($request_token), time() + 600);
$redirect_url = $oauth_app->getAuthorizationUrl($request_token);
header("Location: {$redirect_url}");
}
