/** * Get honest-to-goodness user data. */ private function fetchData() { try { // TODO: it'd be better using $this->realRequest->getContentType(), but not set before hand. Temporary hack. $postBody = $this->realRequest->getPostBody(); $url = $this->realRequest->getUrl(); $msgParams = array(); if (ShindigOAuthUtil::isFormEncoded($this->realRequest->getHeader("Content-Type")) && strlen($postBody) > 0) { $entries = explode('&', $postBody); foreach ($entries as $entry) { $parts = explode('=', $entry); if (count($parts) == 2) { $msgParams[ShindigOAuthUtil::urldecode_rfc3986($parts[0])] = ShindigOAuthUtil::urldecode_rfc3986($parts[1]); } } } $method = $this->realRequest->getMethod(); $msgParams[self::$XOAUTH_APP_URL] = $this->authToken->getAppUrl(); // Build and sign the message. $oauthRequest = $this->newRequestMessageMethod($method, $url, $msgParams); $oauthParams = $this->filterOAuthParams($oauthRequest); $newHeaders = array(); switch ($method) { case 'POST': if (empty($postBody) || count($postBody) == 0) { $postBody = ShindigOAuthUtil::getPostBodyString($oauthParams); } else { $postBody = $postBody . "&" . ShindigOAuthUtil::getPostBodyString($oauthParams); } // To avoid 417 Response from server, adding empty "Expect" header $newHeaders['Expect'] = ''; break; case 'GET': $url = ShindigOAuthUtil::addParameters($url, $oauthParams); break; } // To choose HTTP method client requested, we don't use $this->createRemoteContentRequest() here. $rcr = new RemoteContentRequest($url); $rcr->createRemoteContentRequest($method, $url, $newHeaders, null, $this->realRequest->getOptions()); $rcr->setPostBody($postBody); $remoteFetcherClass = Config::get('remote_content_fetcher'); $fetcher = new $remoteFetcherClass(); $content = $fetcher->fetchRequest($rcr); $statusCode = $content->getHttpCode(); //TODO is there a better way to detect an SP error? For example: http://wiki.oauth.net/ProblemReporting if ($statusCode == 401) { $tokenKey = $this->buildTokenKey(); $this->tokenStore->removeTokenAndSecret($tokenKey); } else { if ($statusCode >= 400 && $statusCode < 500) { $message = $this->parseAuthHeader(null, $content); if ($message->get_parameter(ShindigOAuth::$OAUTH_PROBLEM) != null) { throw new ShindigOAuthProtocolException($message); } } } // Track metadata on the response $this->addResponseMetadata($content); return $content; } catch (Exception $e) { throw new GadgetException("INTERNAL SERVER ERROR: " . $e); } }
private function createRemoteContentRequest($oauthParams, $method, $url, $headers, $contentType, $postBody, $options) { $paramLocation = $this->accessorInfo->getParamLocation(); $newHeaders = array(); // paramLocation could be overriden by a run-time parameter to fetchRequest switch ($paramLocation) { case OAuthStoreVars::$OAuthParamLocation['AUTH_HEADER']: if ($headers != null) { $newHeaders = $headers; } $authHeader = array(); $authHeader = $this->getAuthorizationHeader($oauthParams); $newHeaders["Authorization"] = $authHeader; break; case OAuthStoreVars::$OAuthParamLocation['POST_BODY']: if (!OAuthUtil::isFormEncoded($contentType)) { throw new GadgetException("Invalid param: OAuth param location can only " . "be post_body if post body if of type x-www-form-urlencoded"); } if (!isset($postBody) || count($postBody) == 0) { $postBody = OAuthUtil::getPostBodyString($oauthParams); } else { $postBody = $postBody . "&" . OAuthUtil::getPostBodyString($oauthParams); } break; case OAuthStoreVars::$OAuthParamLocation['URI_QUERY']: $url = OAuthUtil::addParameters($url, $oauthParams); break; } $postBodyBytes = $postBody == null ? null : null; //$postBody->getBytes("UTF-8"); //See what can we do with this? $rcr = new RemoteContentRequest($url); $rcr->createRemoteContentRequest($method, $url, $newHeaders, $postBodyBytes, $options); return $rcr; }