/** * Large random number generator * * @param integer $powerOfTwo * @return string */ public function random($powerOfTwo) { $prefix = 'P'; if (extension_loaded('bcmath')) { OauthHelper::log($prefix . OauthHelper::bcrandom(1, bcpow(2, $powerOfTwo))); return $prefix . OauthHelper::bcrandom(1, bcpow(2, $powerOfTwo)); } if (extension_loaded('gmp')) { $limbOp = round($powerOfTwo / 32); OauthHelper::log($prefix . gmp_strval(gmp_random($limbOp))); return $prefix . gmp_strval(gmp_random($limbOp)); } return $prefix . rand(0, pow(2, $powerOfTwo)); }
/** * Creates a request and parses the result as url_encoded. This is used internally for the RequestToken and AccessToken requests. * * @param string $httpMethod * @param string $path * @param Token $token * @param array $requestOptions * @param array $params * @return array */ public function tokenRequest($httpMethod, $path, &$token = null, $requestOptions = array(), $params = array()) { $response = $this->request($httpMethod, $path, $token, $requestOptions, $params); $code = $response['status']['code']; if ($code >= 200 && $code <= 299) { //if ($response['status']['code'] == "200") {} if (substr($response['body'], 0, 4) == 'Fail') { throw new FailRequestException($response['body']); } $data = explode('&', $response['body']); OauthHelper::log($data); $result = array(); foreach ($data as $rec) { list($key, $value) = split('=', $rec); //$result[$key] = $value; $result[$key] = OauthHelper::unescape($value); } $response['status']['success'] = true; return $result; } elseif ($code >= 300 && $code <= 399) { $response['status']['success'] = false; } elseif ($code >= 400 && $code <= 499) { throw new UnauthorizedException($response); } else { $response['status']['success'] = false; } return false; }
/** * Get request parameter * * @return array */ public function parameters() { if (!empty($this->options['clobber_request'])) { if (isset($this->options['parameters'])) { $params = $this->options['parameters']; } else { $params = array(); } } else { $params = array_merge($this->__requestParams(), $this->__queryParams()); $params = array_merge($params, $this->headerParams()); if (isset($this->options['parameters'])) { $params = array_merge($params, $this->options['parameters']); } } ksort($params); OauthHelper::log($params); return $params; }
/** * Connect * * @return null */ public function actionConnect() { // OAuth Step 2 $error = false; $success = false; $token = false; $errorMsg = false; try { // handle $this->handle = craft()->httpSession->get('oauth.handle'); if (!$this->handle) { $this->handle = craft()->request->getParam('provider'); craft()->httpSession->add('oauth.handle', $this->handle); } // session vars $this->scope = craft()->httpSession->get('oauth.scope'); $this->authorizationOptions = craft()->httpSession->get('oauth.authorizationOptions'); $this->referer = craft()->httpSession->get('oauth.referer'); OauthHelper::log('OAuth Connect - Step 2A' . "\r\n" . print_r(['handle' => $this->handle, 'scope' => $this->scope, 'authorizationOptions' => $this->authorizationOptions, 'referer' => $this->referer], true), LogLevel::Info, true); // google cancel if (craft()->request->getParam('error')) { throw new Exception("An error occured: " . craft()->request->getParam('error')); } // twitter cancel if (craft()->request->getParam('denied')) { throw new Exception("An error occured: " . craft()->request->getParam('denied')); } // provider $provider = craft()->oauth->getProvider($this->handle); // source oauth provider $oauthProvider = $provider->getProvider(); // init service switch ($provider->getOauthVersion()) { case 2: $state = craft()->request->getParam('state'); $code = craft()->request->getParam('code'); $oauth2state = craft()->httpSession->get('oauth2state'); if (is_null($code)) { OauthHelper::log('OAuth 2 Connect - Step 1', LogLevel::Info); $oauthProvider->setScopes($this->scope); $options = $this->authorizationOptions; if (!empty($this->authorizationOptions['access_type']) && $this->authorizationOptions['access_type'] == 'offline') { unset($this->authorizationOptions['access_type']); $oauthProvider->setAccessType('offline'); } $authorizationUrl = $oauthProvider->getAuthorizationUrl($options); craft()->httpSession->add('oauth2state', $oauthProvider->state); OauthHelper::log('OAuth 2 Connect - Step 1 - Data' . "\r\n" . print_r(['authorizationUrl' => $authorizationUrl, 'oauth2state' => craft()->httpSession->get('oauth2state')], true), LogLevel::Info); craft()->request->redirect($authorizationUrl); } elseif (!$state || $state !== $oauth2state) { OauthHelper::log('OAuth 2 Connect - Step 1.5' . "\r\n" . print_r(['error' => "Invalid state", 'state' => $state, 'oauth2state' => $oauth2state], true), LogLevel::Info, true); craft()->httpSession->remove('oauth2state'); throw new Exception("Invalid state"); } else { OauthHelper::log('OAuth 2 Connect - Step 2', LogLevel::Info, true); $token = $oauthProvider->getAccessToken('authorization_code', ['code' => $code]); OauthHelper::log('OAuth 2 Connect - Step 2 - Data' . "\r\n" . print_r(['code' => $code, 'token' => $token], true), LogLevel::Info, true); } break; case 1: $user = craft()->request->getParam('user'); $oauth_token = craft()->request->getParam('oauth_token'); $oauth_verifier = craft()->request->getParam('oauth_verifier'); $denied = craft()->request->getParam('denied'); // if(isset($_GET['user'])) // { // echo "user exists !"; // } // if ($user) // { // OauthHelper::log('OAuth 1 Connect - Step 3', LogLevel::Info, true); // if (!craft()->httpSession->get('token_credentials')) // { // throw new Exception("Token credentials not provided"); // } // $token = unserialize(craft()->httpSession->get('oauth2state')); // } // else if ($oauth_token && $oauth_verifier) { OauthHelper::log('OAuth 1 Connect - Step 2', LogLevel::Info, true); $temporaryCredentials = unserialize(craft()->httpSession->get('temporary_credentials')); $token = $oauthProvider->getTokenCredentials($temporaryCredentials, $oauth_token, $oauth_verifier); craft()->httpSession->add('token_credentials', serialize($token)); OauthHelper::log('OAuth 1 Connect - Step 2 - Data' . "\r\n" . print_r(['temporaryCredentials' => $temporaryCredentials, 'oauth_token' => $oauth_token, 'oauth_verifier' => $oauth_verifier, 'token' => $token], true), LogLevel::Info, true); } elseif ($denied) { OauthHelper::log('OAuth 1 Connect - Step 1.5' . "\r\n" . print_r(["Client access denied by the user"], true), LogLevel::Info, true); throw new Exception("Client access denied by the user"); } else { OauthHelper::log('OAuth 1 Connect - Step 1', LogLevel::Info, true); $temporaryCredentials = $oauthProvider->getTemporaryCredentials(); craft()->httpSession->add('temporary_credentials', serialize($temporaryCredentials)); $authorizationUrl = $oauthProvider->getAuthorizationUrl($temporaryCredentials); craft()->request->redirect($authorizationUrl); OauthHelper::log('OAuth 1 Connect - Step 1 - Data' . "\r\n" . print_r(['temporaryCredentials' => $temporaryCredentials, 'authorizationUrl' => $authorizationUrl], true), LogLevel::Info, true); } break; default: throw new Exception("Couldn't handle connect for this provider"); } $success = true; } catch (\Exception $e) { $error = true; $errorMsg = $e->getMessage(); } // we now have $token, build up response $tokenArray = null; if ($token) { $tokenArray = OauthHelper::realTokenToArray($token); } if (!is_array($tokenArray)) { throw new Exception("Error with token"); } $response = array('error' => $error, 'errorMsg' => $errorMsg, 'success' => $success, 'token' => $tokenArray); OauthHelper::log('OAuth Connect - Step 2B' . "\r\n" . print_r(['response' => $response], true), LogLevel::Info, true); craft()->httpSession->add('oauth.response', $response); // redirect $this->redirect($this->referer); }
/** * Request wrapper to make local reference with real http server settings * * @param Object $request * @return HttpSocket response */ public function request($request = null) { $cfg = $this->sock->config; if (empty($request)) { $request = $this; } $this->sock->config['request']['uri']['host'] = $request->sockUri->config['host']; if (isset($request->sockUri->config['scheme'])) { $this->sock->config['request']['uri']['scheme'] = $request->sockUri->config['scheme']; } if ($this->sock->config['request']['uri']['scheme'] == 'https') { $this->sock->config['request']['uri']['port'] = 443; } $body = $this->body(); $query = array('uri' => $this->sock->config['request']['uri'], 'method' => $request->method, 'body' => $this->body(), 'header' => array('Connection' => 'close', 'User-Agent' => 'CakePHP', 'Authorization' => $request->authorization, 'HTTP_AUTHORIZATION' => $request->authorization, 'X-HTTP_AUTHORIZATION' => $request->authorization)); if (empty($body) && in_array($request->method, array('POST', 'PUT'))) { $query['header']['Content-Length'] = 0; } OauthHelper::log(array('socket::query' => $query)); $response = $this->sock->request($query); OauthHelper::log(array('socket::response' => $this->sock->response)); return $this->sock->response; }
/** * Secret key for request * * @return string */ protected function _secret() { OauthHelper::log($this->escape($this->consumerSecret) . '&' . $this->escape($this->tokenSecret)); return $this->consumerSecret . '&' . $this->escape($this->tokenSecret); }