/**
* @private
*/
function initSession($consumerKey, $consumerSecret, $applicationId, $redirect, $callback, $sessionStore, $verifier)
{
global $GLOBAL_YAHOO_SESSION;
if(!is_null($GLOBAL_YAHOO_SESSION)) {
return $GLOBAL_YAHOO_SESSION;
}
$consumer = new stdclass();
$consumer->key = $consumerKey;
$consumer->secret = $consumerSecret;
$checkSession = YahooSession::checkSession($type, $sessionStore);
if(!$checkSession) {
// There doesn't appear to be a session here.
if($redirect) {
$GLOBAL_YAHOO_SESSION = NULL;
YahooSession::redirectForAuthorization($consumerKey, $consumerSecret, $callback, $sessionStore);
}
else {
// Don't redirect the user, just inform the caller that
// no session is present.
// TODO: throw a YahooException
$GLOBAL_YAHOO_SESSION = NULL;
}
}
else if($type == YAHOO_OAUTH_AT_SESSION_TYPE) {
// Found an OAuth Access Token session.
$accessToken = $sessionStore->fetchAccessToken();
$now = time();
YahooLogger::debug("OAuth AT: " . $accessToken->key . " ATS: ". $accessToken->secret);
if($accessToken->consumer != $consumerKey)
{
YahooLogger::error("Consumer key for token does not match the defined Consumer Key. The Consumer Key has probably changed since the user last authorized the application.");
YahooSession::clearSession($sessionStore);
if($redirect) {
YahooSession::redirectForAuthorization($consumerKey, $consumerSecret, $callback, $sessionStore);
}
}
if($accessToken->tokenExpires >= 0) {
YahooLogger::debug('AT Expires in: ' . ($accessToken->tokenExpires - $now));
}
if(($accessToken->tokenExpires >= 0) && ($accessToken->tokenExpires - $now) < 30) {
// The access token will expire in less than 30 seconds or
// it may have expired already. Try to get a new one.
YahooSession::accessTokenExpired($accessToken, $consumer, $applicationId, $sessionStore);
}
else {
// The access token is still good for a little while, continue using it.
$GLOBAL_YAHOO_SESSION = new YahooSession($consumer, $accessToken, $applicationId);
}
}
else if($type == YAHOO_OAUTH_RT_SESSION_TYPE)
{
if(is_null($verifier)) {
// Can't proceed without the oauth_verifier, treat it as
// though there's no session present.
$sessionStore->clearRequestToken();
// TODO: throw a YahooException
$GLOBAL_YAHOO_SESSION = NULL;
}
// Found an OAuth Request Token session.
$requestToken = $sessionStore->fetchRequestToken();
$accessToken = YahooAuthorization::getAccessToken($consumerKey, $consumerSecret, $requestToken, $verifier);
if(!is_null($accessToken)) {
$sessionStore->storeAccessToken($accessToken);
$sessionStore->clearRequestToken();
$GLOBAL_YAHOO_SESSION = new YahooSession($consumer, $accessToken, $applicationId);
}
else if($redirect)
{
// TODO: Add redirect counter so this doesn't happen over and over and over when Yahoo! is completely busted.
// The fetch for the access token failed. Generate a new
// request token and try again.
$GLOBAL_YAHOO_SESSION = NULL;
YahooSession::redirectForAuthorization($consumerKey, $consumerSecret, $callback, $sessionStore);
}
else
{
// Don't redirect the user, just inform the caller that
// no session is present.
$sessionStore->clearRequestToken();
$GLOBAL_YAHOO_SESSION = NULL;
}
}
else if($type == YAHOO_YAP_SESSION_TYPE)
{
// Found a YAP session.
$GLOBAL_YAHOO_SESSION = YahooSession::initSessionFromYAP($consumerKey, $consumerSecret, $applicationId);
}
else
{
YahooLogger::error("Unknown session type found");
// TODO: throw a YahooException
$GLOBAL_YAHOO_SESSION = NULL;
}
return $GLOBAL_YAHOO_SESSION;
}