/**
* Request an access token from the site belonging to consumer_key.
* Before this we got an request token, now we want to exchange it for
* an access token.
*
* @param string consumer_key
* @param string token
* @param int usr_id user requesting the access token
* @param string method (optional) change the method of the request, defaults to POST (as it should be)
* @param array options (optional) extra options for request, eg token_ttl
* @param array curl_options optional extra options for curl request
*
* @exception OAuthException2 when no key could be fetched
* @exception OAuthException2 when no server with consumer_key registered
*/
static function requestAccessToken($consumer_key, $token, $usr_id, $method = 'POST', $options = array(), $curl_options = array())
{
LingotekOAuthRequestLogger::start();
$store = OAuthStore::instance();
$r = $store->getServerTokenSecrets($consumer_key, $token, 'request', $usr_id);
$uri = $r['access_token_uri'];
$token_name = $r['token_name'];
// Delete the server request token, this one was for one use only
$store->deleteServerToken($consumer_key, $r['token'], 0, true);
// Try to exchange our request token for an access token
$oauth = new LingotekOAuthRequester($uri, $method);
if (isset($options['oauth_verifier'])) {
$oauth->setParam('oauth_verifier', $options['oauth_verifier']);
}
if (isset($options['token_ttl']) && is_numeric($options['token_ttl'])) {
$oauth->setParam('xoauth_token_ttl', intval($options['token_ttl']));
}
LingotekOAuthRequestLogger::setRequestObject($oauth);
$oauth->sign($usr_id, $r, '', 'accessToken');
$text = $oauth->curl_raw($curl_options);
if (empty($text)) {
throw new OAuthException2('No answer from the server "' . $uri . '" while requesting an access token');
}
$data = $oauth->curl_parse($text);
if ($data['code'] != 200) {
throw new OAuthException2('Unexpected result from the server "' . $uri . '" (' . $data['code'] . ') while requesting an access token');
}
$token = array();
$params = explode('&', $data['body']);
foreach ($params as $p) {
@(list($name, $value) = explode('=', $p, 2));
$token[$oauth->urldecode($name)] = $oauth->urldecode($value);
}
if (!empty($token['oauth_token']) && !empty($token['oauth_token_secret'])) {
$opts = array();
$opts['name'] = $token_name;
if (isset($token['xoauth_token_ttl'])) {
$opts['token_ttl'] = $token['xoauth_token_ttl'];
}
$store->addServerToken($consumer_key, 'access', $token['oauth_token'], $token['oauth_token_secret'], $usr_id, $opts);
} else {
throw new OAuthException2('The server "' . $uri . '" did not return the oauth_token or the oauth_token_secret');
}
LingotekOAuthRequestLogger::flush();
}
/**
* Verify the request if it seemed to be signed.
*
* @param string token_type the kind of token needed, defaults to 'access'
* @exception OAuthException2 thrown when the request did not verify
* @return boolean true when signed, false when not signed
*/
public function verifyIfSigned($token_type = 'access')
{
if ($this->getParam('oauth_consumer_key')) {
LingotekOAuthRequestLogger::start($this);
$this->verify($token_type);
$signed = true;
LingotekOAuthRequestLogger::flush();
} else {
$signed = false;
}
return $signed;
}
/**
* Exchange a request token for an access token.
* The exchange is only succesful iff the request token has been authorized.
*
* Never returns, calls exit() when token is exchanged or when error is returned.
*/
public function accessToken()
{
LingotekOAuthRequestLogger::start($this);
try {
$this->verify('request');
$options = array();
$ttl = $this->getParam('xoauth_token_ttl', false);
if ($ttl) {
$options['token_ttl'] = $ttl;
}
$verifier = $this->getParam('oauth_verifier', false);
if ($verifier) {
$options['verifier'] = $verifier;
}
$store = OAuthStore::instance();
$token = $store->exchangeConsumerRequestForAccessToken($this->getParam('oauth_token', true), $options);
$result = 'oauth_token=' . $this->urlencode($token['token']) . '&oauth_token_secret=' . $this->urlencode($token['token_secret']);
if (!empty($token['token_ttl'])) {
$result .= '&xoauth_token_ttl=' . $this->urlencode($token['token_ttl']);
}
header('HTTP/1.1 200 OK');
header('Content-Length: ' . strlen($result));
header('Content-Type: application/x-www-form-urlencoded');
echo $result;
} catch (OAuthException2 $e) {
header('HTTP/1.1 401 Access Denied');
header('Content-Type: text/plain');
echo "OAuth Verification Failed: " . $e->getMessage();
}
LingotekOAuthRequestLogger::flush();
exit;
}