You are here

public function LingotekOAuthRequestVerifier::verifyExtended in Lingotek Translation 7.5

Same name and namespace in other branches
  1. 7.7 lib/oauth-php/library/LingotekOAuthRequestVerifier.php \LingotekOAuthRequestVerifier::verifyExtended()
  2. 7.4 lib/oauth-php/library/LingotekOAuthRequestVerifier.php \LingotekOAuthRequestVerifier::verifyExtended()
  3. 7.6 lib/oauth-php/library/LingotekOAuthRequestVerifier.php \LingotekOAuthRequestVerifier::verifyExtended()

* Verify the request * *

Parameters

string token_type the kind of token needed, defaults to 'access' (false, 'access', 'request'): * @exception OAuthException2 thrown when the request did not verify * @return array ('user_id' => associated with token (false when no user associated), * 'consumer_key' => the associated consumer_key) *

1 call to LingotekOAuthRequestVerifier::verifyExtended()
LingotekOAuthRequestVerifier::verify in lib/oauth-php/library/LingotekOAuthRequestVerifier.php
* Verify the request * *

File

lib/oauth-php/library/LingotekOAuthRequestVerifier.php, line 147

Class

LingotekOAuthRequestVerifier

Code

public function verifyExtended($token_type = 'access') {
  $consumer_key = $this
    ->getParam('oauth_consumer_key');
  $token = $this
    ->getParam('oauth_token');
  $user_id = false;
  $secrets = array();
  if ($consumer_key && ($token_type === false || $token)) {
    $secrets = $this->store
      ->getSecretsForVerify($this
      ->urldecode($consumer_key), $this
      ->urldecode($token), $token_type);
    $this->store
      ->checkServerNonce($this
      ->urldecode($consumer_key), $this
      ->urldecode($token), $this
      ->getParam('oauth_timestamp', true), $this
      ->getParam('oauth_nonce', true));
    $oauth_sig = $this
      ->getParam('oauth_signature');
    if (empty($oauth_sig)) {
      throw new OAuthException2('Verification of signature failed (no oauth_signature in request).');
    }
    try {
      $this
        ->verifySignature($secrets['consumer_secret'], $secrets['token_secret'], $token_type);
    } catch (OAuthException2 $e) {
      throw new OAuthException2('Verification of signature failed (signature base string was "' . $this
        ->signatureBaseString() . '").' . " with  " . print_r(array(
        $secrets['consumer_secret'],
        $secrets['token_secret'],
        $token_type,
      ), true));
    }

    // Check the optional body signature
    if ($this
      ->getParam('xoauth_body_signature')) {
      $method = $this
        ->getParam('xoauth_body_signature_method');
      if (empty($method)) {
        $method = $this
          ->getParam('oauth_signature_method');
      }
      try {
        $this
          ->verifyDataSignature($this
          ->getBody(), $secrets['consumer_secret'], $secrets['token_secret'], $method, $this
          ->getParam('xoauth_body_signature'));
      } catch (OAuthException2 $e) {
        throw new OAuthException2('Verification of body signature failed.');
      }
    }

    // All ok - fetch the user associated with this request
    if (isset($secrets['user_id'])) {
      $user_id = $secrets['user_id'];
    }

    // Check if the consumer wants us to reset the ttl of this token
    $ttl = $this
      ->getParam('xoauth_token_ttl', true);
    if (is_numeric($ttl)) {
      $this->store
        ->setConsumerAccessTokenTtl($this
        ->urldecode($token), $ttl);
    }
  }
  else {
    throw new OAuthException2('Can\'t verify request, missing oauth_consumer_key or oauth_token');
  }
  return array(
    'user_id' => $user_id,
    'consumer_key' => $consumer_key,
    'osr_id' => $secrets['osr_id'],
  );
}