You are here

class OAuthDiscovery in Lingotek Translation 7.6

Same name and namespace in other branches
  1. 7.7 lib/oauth-php/library/OAuthDiscovery.php \OAuthDiscovery
  2. 7.2 lib/oauth-php/library/OAuthDiscovery.php \OAuthDiscovery
  3. 7.3 lib/oauth-php/library/OAuthDiscovery.php \OAuthDiscovery
  4. 7.4 lib/oauth-php/library/OAuthDiscovery.php \OAuthDiscovery
  5. 7.5 lib/oauth-php/library/OAuthDiscovery.php \OAuthDiscovery

Hierarchy

Expanded class hierarchy of OAuthDiscovery

File

lib/oauth-php/library/OAuthDiscovery.php, line 39

View source
class OAuthDiscovery {

  /**
   * Return a description how we can do a consumer allocation.  Prefers static allocation if
   * possible.  If static allocation is possible
   *
   * See also: http://oauth.net/discovery/#consumer_identity_types
   *
   * @param string uri
   * @return array		provider description
   */
  static function discover($uri) {

    // See what kind of consumer allocations are available
    $xrds_file = self::discoverXRDS($uri);
    if (!empty($xrds_file)) {
      $xrds = xrds_parse($xrds_file);
      if (empty($xrds)) {
        throw new OAuthException2('Could not discover OAuth information for ' . $uri);
      }
    }
    else {
      throw new OAuthException2('Could not discover XRDS file at ' . $uri);
    }

    // Fill an LingotekOAuthServer record for the uri found
    $ps = parse_url($uri);
    $host = isset($ps['host']) ? $ps['host'] : 'localhost';
    $server_uri = $ps['scheme'] . '://' . $host . '/';
    $p = array(
      'user_id' => null,
      'consumer_key' => '',
      'consumer_secret' => '',
      'signature_methods' => '',
      'server_uri' => $server_uri,
      'request_token_uri' => '',
      'authorize_uri' => '',
      'access_token_uri' => '',
    );

    // Consumer identity (out of bounds or static)
    if (isset($xrds['consumer_identity'])) {

      // Try to find a static consumer allocation, we like those :)
      foreach ($xrds['consumer_identity'] as $ci) {
        if ($ci['method'] == 'static' && !empty($ci['consumer_key'])) {
          $p['consumer_key'] = $ci['consumer_key'];
          $p['consumer_secret'] = '';
        }
        else {
          if ($ci['method'] == 'oob' && !empty($ci['uri'])) {

            // TODO: Keep this uri somewhere for the user?
            $p['consumer_oob_uri'] = $ci['uri'];
          }
        }
      }
    }

    // The token uris
    if (isset($xrds['request'][0]['uri'])) {
      $p['request_token_uri'] = $xrds['request'][0]['uri'];
      if (!empty($xrds['request'][0]['signature_method'])) {
        $p['signature_methods'] = $xrds['request'][0]['signature_method'];
      }
    }
    if (isset($xrds['authorize'][0]['uri'])) {
      $p['authorize_uri'] = $xrds['authorize'][0]['uri'];
      if (!empty($xrds['authorize'][0]['signature_method'])) {
        $p['signature_methods'] = $xrds['authorize'][0]['signature_method'];
      }
    }
    if (isset($xrds['access'][0]['uri'])) {
      $p['access_token_uri'] = $xrds['access'][0]['uri'];
      if (!empty($xrds['access'][0]['signature_method'])) {
        $p['signature_methods'] = $xrds['access'][0]['signature_method'];
      }
    }
    return $p;
  }

  /**
   * Discover the XRDS file at the uri.  This is a bit primitive, you should overrule
   * this function so that the XRDS file can be cached for later referral.
   *
   * @param string uri
   * @return string		false when no XRDS file found
   */
  protected static function discoverXRDS($uri, $recur = 0) {

    // Bail out when we are following redirects
    if ($recur > 10) {
      return false;
    }
    $data = self::curl($uri);

    // Check what we got back, could be:
    // 1. The XRDS discovery file itself (check content-type)
    // 2. The X-XRDS-Location header
    if (is_string($data) && !empty($data)) {
      list($head, $body) = explode("\r\n\r\n", $data);
      $body = trim($body);
      $m = false;

      // See if we got the XRDS file itself or we have to follow a location header
      if (preg_match('/^Content-Type:\\s*application\\/xrds+xml/im', $head) || preg_match('/^<\\?xml[^>]*\\?>\\s*<xrds\\s/i', $body) || preg_match('/^<xrds\\s/i', $body)) {
        $xrds = $body;
      }
      else {
        if (preg_match('/^X-XRDS-Location:\\s*([^\\r\\n]*)/im', $head, $m) || preg_match('/^Location:\\s*([^\\r\\n]*)/im', $head, $m)) {

          // Recurse to the given location
          if ($uri != $m[1]) {
            $xrds = self::discoverXRDS($m[1], $recur + 1);
          }
          else {

            // Referring to the same uri, bail out
            $xrds = false;
          }
        }
        else {

          // Not an XRDS file an nowhere else to check
          $xrds = false;
        }
      }
    }
    else {
      $xrds = false;
    }
    return $xrds;
  }

  /**
   * Try to fetch an XRDS file at the given location.  Sends an accept header preferring the xrds file.
   *
   * @param string uri
   * @return array	(head,body), false on an error
   */
  protected static function curl($uri) {
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_HTTPHEADER, array(
      'Accept: application/xrds+xml, */*;q=0.1',
    ));
    curl_setopt($ch, CURLOPT_USERAGENT, 'anyMeta/OAuth 1.0 - (OAuth Discovery $LastChangedRevision: 45 $)');
    curl_setopt($ch, CURLOPT_URL, $uri);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    curl_setopt($ch, CURLOPT_HEADER, true);
    curl_setopt($ch, CURLOPT_TIMEOUT, 30);
    $txt = curl_exec($ch);
    curl_close($ch);

    // Tell the logger what we requested and what we received back
    $data = "GET {$uri}";
    LingotekOAuthRequestLogger::setSent($data, "");
    LingotekOAuthRequestLogger::setReceived($txt);
    return $txt;
  }

}

Members

Namesort descending Modifiers Type Description Overrides
OAuthDiscovery::curl protected static function * Try to fetch an XRDS file at the given location. Sends an accept header preferring the xrds file. * *
OAuthDiscovery::discover static function * Return a description how we can do a consumer allocation. Prefers static allocation if * possible. If static allocation is possible * * See also: http://oauth.net/discovery/#consumer_identity_types * *
OAuthDiscovery::discoverXRDS protected static function * Discover the XRDS file at the uri. This is a bit primitive, you should overrule * this function so that the XRDS file can be cached for later referral. * *