class OAuthServer in jQuery social stream 8
Same name and namespace in other branches
- 8.2 src/Twitter/OAuthServer.php \Drupal\jquery_social_stream\Twitter\OAuthServer
Hierarchy
- class \Drupal\jquery_social_stream\Twitter\OAuthServer
Expanded class hierarchy of OAuthServer
File
- src/
Twitter/ OAuthServer.php, line 5
Namespace
Drupal\jquery_social_stream\TwitterView source
class OAuthServer {
protected $timestamp_threshold = 300;
// in seconds, five minutes
protected $version = '1.0';
// hi blaine
protected $signature_methods = array();
protected $data_store;
function __construct($data_store) {
$this->data_store = $data_store;
}
public function add_signature_method($signature_method) {
$this->signature_methods[$signature_method
->get_name()] = $signature_method;
}
// high level functions
/**
* process a request_token request
* returns the request token on success
*/
public function fetch_request_token(&$request) {
$this
->get_version($request);
$consumer = $this
->get_consumer($request);
// no token required for the initial token request
$token = NULL;
$this
->check_signature($request, $consumer, $token);
// Rev A change
$callback = $request
->get_parameter('oauth_callback');
$new_token = $this->data_store
->new_request_token($consumer, $callback);
return $new_token;
}
/**
* process an access_token request
* returns the access token on success
*/
public function fetch_access_token(&$request) {
$this
->get_version($request);
$consumer = $this
->get_consumer($request);
// requires authorized request token
$token = $this
->get_token($request, $consumer, "request");
$this
->check_signature($request, $consumer, $token);
// Rev A change
$verifier = $request
->get_parameter('oauth_verifier');
$new_token = $this->data_store
->new_access_token($token, $consumer, $verifier);
return $new_token;
}
/**
* verify an api call, checks all the parameters
*/
public function verify_request(&$request) {
$this
->get_version($request);
$consumer = $this
->get_consumer($request);
$token = $this
->get_token($request, $consumer, "access");
$this
->check_signature($request, $consumer, $token);
return array(
$consumer,
$token,
);
}
// Internals from here
/**
* version 1
*/
private function get_version(&$request) {
$version = $request
->get_parameter("oauth_version");
if (!$version) {
// Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present.
// Chapter 7.0 ("Accessing Protected Ressources")
$version = '1.0';
}
if ($version !== $this->version) {
throw new OAuthException("OAuth version '{$version}' not supported");
}
return $version;
}
/**
* figure out the signature with some defaults
*/
private function get_signature_method(&$request) {
$signature_method = @$request
->get_parameter("oauth_signature_method");
if (!$signature_method) {
// According to chapter 7 ("Accessing Protected Ressources") the signature-method
// parameter is required, and we can't just fallback to PLAINTEXT
throw new OAuthException('No signature method parameter. This parameter is required');
}
if (!in_array($signature_method, array_keys($this->signature_methods))) {
throw new OAuthException("Signature method '{$signature_method}' not supported " . "try one of the following: " . implode(", ", array_keys($this->signature_methods)));
}
return $this->signature_methods[$signature_method];
}
/**
* try to find the consumer for the provided request's consumer key
*/
private function get_consumer(&$request) {
$consumer_key = @$request
->get_parameter("oauth_consumer_key");
if (!$consumer_key) {
throw new OAuthException("Invalid consumer key");
}
$consumer = $this->data_store
->lookup_consumer($consumer_key);
if (!$consumer) {
throw new OAuthException("Invalid consumer");
}
return $consumer;
}
/**
* try to find the token for the provided request's token key
*/
private function get_token(&$request, $consumer, $token_type = "access") {
$token_field = @$request
->get_parameter('oauth_token');
$token = $this->data_store
->lookup_token($consumer, $token_type, $token_field);
if (!$token) {
throw new OAuthException("Invalid {$token_type} token: {$token_field}");
}
return $token;
}
/**
* all-in-one function to check the signature on a request
* should guess the signature method appropriately
*/
private function check_signature(&$request, $consumer, $token) {
// this should probably be in a different method
$timestamp = @$request
->get_parameter('oauth_timestamp');
$nonce = @$request
->get_parameter('oauth_nonce');
$this
->check_timestamp($timestamp);
$this
->check_nonce($consumer, $token, $nonce, $timestamp);
$signature_method = $this
->get_signature_method($request);
$signature = $request
->get_parameter('oauth_signature');
$valid_sig = $signature_method
->check_signature($request, $consumer, $token, $signature);
if (!$valid_sig) {
throw new OAuthException("Invalid signature");
}
}
/**
* check that the timestamp is new enough
*/
private function check_timestamp($timestamp) {
if (!$timestamp) {
throw new OAuthException('Missing timestamp parameter. The parameter is required');
}
// verify that timestamp is recentish
$now = time();
if (abs($now - $timestamp) > $this->timestamp_threshold) {
throw new OAuthException("Expired timestamp, yours {$timestamp}, ours {$now}");
}
}
/**
* check that the nonce is not repeated
*/
private function check_nonce($consumer, $token, $nonce, $timestamp) {
if (!$nonce) {
throw new OAuthException('Missing nonce parameter. The parameter is required');
}
// verify that the nonce is uniqueish
$found = $this->data_store
->lookup_nonce($consumer, $token, $nonce, $timestamp);
if ($found) {
throw new OAuthException("Nonce already used: {$nonce}");
}
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
OAuthServer:: |
protected | property | ||
OAuthServer:: |
protected | property | ||
OAuthServer:: |
protected | property | ||
OAuthServer:: |
protected | property | ||
OAuthServer:: |
public | function | ||
OAuthServer:: |
private | function | check that the nonce is not repeated | |
OAuthServer:: |
private | function | all-in-one function to check the signature on a request should guess the signature method appropriately | |
OAuthServer:: |
private | function | check that the timestamp is new enough | |
OAuthServer:: |
public | function | process an access_token request returns the access token on success | |
OAuthServer:: |
public | function | process a request_token request returns the request token on success | |
OAuthServer:: |
private | function | try to find the consumer for the provided request's consumer key | |
OAuthServer:: |
private | function | figure out the signature with some defaults | |
OAuthServer:: |
private | function | try to find the token for the provided request's token key | |
OAuthServer:: |
private | function | version 1 | |
OAuthServer:: |
public | function | verify an api call, checks all the parameters | |
OAuthServer:: |
function |