Пример #1
0
 protected function getResponse(Provider\Consumer $consumer, Provider\Request $request)
 {
     if ($this->nonce == $request->getNonce()) {
         throw new Exception('Nonce hasnt changed');
     }
     if ($this->verifier != $request->getVerifier()) {
         throw new Exception('Invalid verifier');
     }
     // the access token can be used six month
     $expire = 'P6M';
     // generate a new access token
     $token = Security::generateToken();
     $tokenSecret = Security::generateToken();
     $date = new DateTime('NOW', $this->registry['core.default_timezone']);
     $con = new Condition(array('id', '=', $this->requestId));
     $this->sql->update($this->registry['table.oauth_request'], array('status' => Oauth\Record::ACCESS, 'token' => $token, 'tokenSecret' => $tokenSecret, 'expire' => $expire, 'date' => $date->format(DateTime::SQL)), $con);
     $response = new Provider\Response();
     $response->setToken($token);
     $response->setTokenSecret($tokenSecret);
     return $response;
 }
Пример #2
0
 protected function getResponse(Provider\Consumer $consumer, Provider\Request $request)
 {
     // we check how often this ip has requested an token ... because
     // of security reasons each consumer can have max 5 request tokens
     $maxCount = 5;
     $ip = $_SERVER['REMOTE_ADDR'];
     $con = new Condition(array('ip', '=', $ip), array('status', '=', Oauth\Record::TEMPORARY));
     $count = $this->sql->count($this->registry['table.oauth_request'], $con);
     if ($count >= $maxCount) {
         $conDelete = new Condition();
         $result = $this->sql->select($this->registry['table.oauth_request'], array('id', 'expire', 'date'), $con, Sql::SELECT_ALL);
         foreach ($result as $row) {
             $now = new DateTime('NOW', $this->registry['core.default_timezone']);
             $date = new DateTime($row['date'], $this->registry['core.default_timezone']);
             $date->add(new DateInterval($row['expire']));
             if ($now > $date) {
                 $conDelete->add('id', '=', $row['id'], 'OR');
             }
         }
         if ($conDelete->hasCondition()) {
             $this->sql->delete($this->registry['table.oauth_request'], $conDelete);
         }
         throw new Exception('You can only have max. ' . $maxCount . ' active request tokens');
     }
     // get nonce
     $nonce = $request->getNonce();
     // assign callback
     $callback = $request->getCallback();
     // generate tokens
     $token = Security::generateToken();
     $tokenSecret = Security::generateToken();
     // we save the timestamp in the request but because it comes from
     // the user we doesnt use them to check the expire date
     $timestamp = $request->getTimestamp();
     // you have 30 minutes to authorize the request token and to exchange
     // them for an access token
     $expire = 'PT30M';
     $date = new DateTime('NOW', $this->registry['core.default_timezone']);
     $this->sql->insert($this->registry['table.oauth_request'], array('apiId' => $this->apiId, 'status' => Oauth\Record::TEMPORARY, 'ip' => $ip, 'nonce' => $nonce, 'callback' => $callback, 'token' => $token, 'tokenSecret' => $tokenSecret, 'timestamp' => $timestamp, 'expire' => $expire, 'date' => $date->format(DateTime::SQL)));
     $response = new Provider\Response();
     $response->setToken($token);
     $response->setTokenSecret($tokenSecret);
     return $response;
 }