View source
<?php
require_once dirname(__FILE__) . '/OAuthStoreAbstract.class.php';
abstract class OAuthStoreOracle extends OAuthStoreAbstract {
protected $max_timestamp_skew = MAX_TIMESTAMP_SKEW;
protected $max_request_token_ttl = MAX_REQUEST_TOKEN_TIME;
function __construct($options = array()) {
if (isset($options['conn'])) {
$this->conn = $options['conn'];
}
else {
$this->conn = oci_connect(DBUSER, DBPASSWORD, DBHOST);
if ($this->conn === false) {
throw new OAuthException2('Could not connect to database');
}
}
}
public function getSecretsForVerify($consumer_key, $token, $token_type = 'access') {
$sql = "BEGIN SP_GET_SECRETS_FOR_VERIFY(:P_CONSUMER_KEY, :P_TOKEN, :P_TOKEN_TYPE, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_TOKEN_TYPE', $token_type, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $getSecretsForVerifyList, null, null, OCI_FETCHSTATEMENT_BY_ROW);
$rs = $getSecretsForVerifyList;
if (empty($rs)) {
throw new OAuthException2('The consumer_key "' . $consumer_key . '" token "' . $token . '" combination does not exist or is not enabled.');
}
return $rs[0];
}
public function getSecretsForSignature($uri, $user_id, $name = '') {
$ps = parse_url($uri);
$host = isset($ps['host']) ? $ps['host'] : 'localhost';
$path = isset($ps['path']) ? $ps['path'] : '';
if (empty($path) || substr($path, -1) != '/') {
$path .= '/';
}
$sql = "BEGIN SP_GET_SECRETS_FOR_SIGNATURE(:P_HOST, :P_PATH, :P_USER_ID, :P_NAME, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_HOST', $host, 255);
oci_bind_by_name($stmt, ':P_PATH', $path, 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 20);
oci_bind_by_name($stmt, ':P_NAME', $name, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $getSecretsForSignatureList, null, null, OCI_FETCHSTATEMENT_BY_ROW);
$secrets = $getSecretsForSignatureList[0];
if (empty($secrets)) {
throw new OAuthException2('No server tokens available for ' . $uri);
}
$secrets['signature_methods'] = explode(',', $secrets['signature_methods']);
return $secrets;
}
public function getServerTokenSecrets($consumer_key, $token, $token_type, $user_id, $name = '') {
if ($token_type != 'request' && $token_type != 'access') {
throw new OAuthException2('Unkown token type "' . $token_type . '", must be either "request" or "access"');
}
$sql = "BEGIN SP_GET_SERVER_TOKEN_SECRETS(:P_CONSUMER_KEY, :P_TOKEN, :P_TOKEN_TYPE, :P_USER_ID, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_TOKEN_TYPE', $token_type, 20);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $getServerTokenSecretsList, null, null, OCI_FETCHSTATEMENT_BY_ROW);
$r = $getServerTokenSecretsList[0];
if (empty($r)) {
throw new OAuthException2('Could not find a "' . $token_type . '" token for consumer "' . $consumer_key . '" and user ' . $user_id);
}
if (isset($r['signature_methods']) && !empty($r['signature_methods'])) {
$r['signature_methods'] = explode(',', $r['signature_methods']);
}
else {
$r['signature_methods'] = array();
}
return $r;
}
public function addServerToken($consumer_key, $token_type, $token, $token_secret, $user_id, $options = array()) {
if ($token_type != 'request' && $token_type != 'access') {
throw new OAuthException2('Unknown token type "' . $token_type . '", must be either "request" or "access"');
}
if (isset($options['token_ttl']) && is_numeric($options['token_ttl'])) {
$ttl = intval($options['token_ttl']);
}
else {
if ($token_type == 'request') {
$ttl = intval($this->max_request_token_ttl);
}
else {
$ttl = NULL;
}
}
if (isset($options['name']) && $options['name'] != '') {
$name = $options['name'];
}
else {
$name = '';
}
$sql = "BEGIN SP_ADD_SERVER_TOKEN(:P_CONSUMER_KEY, :P_USER_ID, :P_NAME, :P_TOKEN_TYPE, :P_TOKEN, :P_TOKEN_SECRET, :P_TOKEN_INTERVAL_IN_SEC, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_NAME', $name, 255);
oci_bind_by_name($stmt, ':P_TOKEN_TYPE', $token_type, 20);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_TOKEN_SECRET', $token_secret, 255);
oci_bind_by_name($stmt, ':P_TOKEN_INTERVAL_IN_SEC', $ttl, 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
if (!$result) {
throw new OAuthException2('Received duplicate token "' . $token . '" for the same consumer_key "' . $consumer_key . '"');
}
}
public function deleteServer($consumer_key, $user_id, $user_is_admin = false) {
$sql = "BEGIN SP_DELETE_SERVER(:P_CONSUMER_KEY, :P_USER_ID, :P_USER_IS_ADMIN, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_USER_IS_ADMIN', $user_is_admin, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
}
public function getServer($consumer_key, $user_id, $user_is_admin = false) {
$sql = "BEGIN SP_GET_SERVER(:P_CONSUMER_KEY, :P_USER_ID, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $getServerList, null, null, OCI_FETCHSTATEMENT_BY_ROW);
$r = $getServerList;
if (empty($r)) {
throw new OAuthException2('No server with consumer_key "' . $consumer_key . '" has been registered (for this user)');
}
if (isset($r['signature_methods']) && !empty($r['signature_methods'])) {
$r['signature_methods'] = explode(',', $r['signature_methods']);
}
else {
$r['signature_methods'] = array();
}
return $r;
}
public function getServerForUri($uri, $user_id) {
$ps = parse_url($uri);
$host = isset($ps['host']) ? $ps['host'] : 'localhost';
$path = isset($ps['path']) ? $ps['path'] : '';
if (empty($path) || substr($path, -1) != '/') {
$path .= '/';
}
$sql = "BEGIN SP_GET_SERVER_FOR_URI(:P_HOST, :P_PATH,:P_USER_ID, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_HOST', $host, 255);
oci_bind_by_name($stmt, ':P_PATH', $path, 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $getServerForUriList, null, null, OCI_FETCHSTATEMENT_BY_ROW);
$server = $getServerForUriList;
if (empty($server)) {
throw new OAuthException2('No server available for ' . $uri);
}
$server['signature_methods'] = explode(',', $server['signature_methods']);
return $server;
}
public function listServerTokens($user_id) {
$sql = "BEGIN SP_LIST_SERVER_TOKENS(:P_USER_ID, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $listServerTokensList, null, null, OCI_FETCHSTATEMENT_BY_ROW);
$ts = $listServerTokensList;
return $ts;
}
public function countServerTokens($consumer_key) {
$count = 0;
$sql = "BEGIN SP_COUNT_SERVICE_TOKENS(:P_CONSUMER_KEY, :P_COUNT, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_COUNT', $count, 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
return $count;
}
public function getServerToken($consumer_key, $token, $user_id) {
$sql = "BEGIN SP_GET_SERVER_TOKEN(:P_CONSUMER_KEY, :P_USER_ID,:P_TOKEN, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $getServerTokenList, null, null, OCI_FETCHSTATEMENT_BY_ROW);
$ts = $getServerTokenList;
if (empty($ts)) {
throw new OAuthException2('No such consumer key (' . $consumer_key . ') and token (' . $token . ') combination for user "' . $user_id . '"');
}
return $ts;
}
public function deleteServerToken($consumer_key, $token, $user_id, $user_is_admin = false) {
$sql = "BEGIN SP_DELETE_SERVER_TOKEN(:P_CONSUMER_KEY, :P_USER_ID,:P_TOKEN, :P_USER_IS_ADMIN, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_USER_IS_ADMIN', $user_is_admin, 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
}
public function setServerTokenTtl($consumer_key, $token, $token_ttl) {
if ($token_ttl <= 0) {
$this
->deleteServerToken($consumer_key, $token, 0, true);
}
else {
$sql = "BEGIN SP_SET_SERVER_TOKEN_TTL(:P_TOKEN_TTL, :P_CONSUMER_KEY, :P_TOKEN, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_TOKEN_TTL', $token_ttl, 40);
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
}
}
public function listServers($q = '', $user_id) {
$q = trim(str_replace('%', '', $q));
$args = array();
$sql = "BEGIN SP_LIST_SERVERS(:P_Q, :P_USER_ID, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_Q', $q, 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $listServersList, null, null, OCI_FETCHSTATEMENT_BY_ROW);
$servers = $listServersList;
return $servers;
}
public function updateServer($server, $user_id, $user_is_admin = false) {
foreach (array(
'consumer_key',
'server_uri',
) as $f) {
if (empty($server[$f])) {
throw new OAuthException2('The field "' . $f . '" must be set and non empty');
}
}
$parts = parse_url($server['server_uri']);
$host = isset($parts['host']) ? $parts['host'] : 'localhost';
$path = isset($parts['path']) ? $parts['path'] : '/';
if (isset($server['signature_methods'])) {
if (is_array($server['signature_methods'])) {
$server['signature_methods'] = strtoupper(implode(',', $server['signature_methods']));
}
}
else {
$server['signature_methods'] = '';
}
if ($user_is_admin && array_key_exists('user_id', $server)) {
$flag = 1;
}
if ($flag) {
if (is_null($server['user_id'])) {
$ocr_usa_id_ref = NULL;
}
else {
$ocr_usa_id_ref = $server['user_id'];
}
}
else {
$flag = 0;
$ocr_usa_id_ref = $user_id;
}
$sql = "BEGIN SP_UPDATE_SERVER(:P_CONSUMER_KEY, :P_USER_ID, :P_OCR_ID, :P_USER_IS_ADMIN,\n :P_OCR_CONSUMER_SECRET, :P_OCR_SERVER_URI, :P_OCR_SERVER_URI_HOST, :P_OCR_SERVER_URI_PATH,\n :P_OCR_REQUEST_TOKEN_URI, :P_OCR_AUTHORIZE_URI, :P_OCR_ACCESS_TOKEN_URI, :P_OCR_SIGNATURE_METHODS,\n :P_OCR_USA_ID_REF, :P_UPDATE_P_OCR_USA_ID_REF_FLAG, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
$server['request_token_uri'] = isset($server['request_token_uri']) ? $server['request_token_uri'] : '';
$server['authorize_uri'] = isset($server['authorize_uri']) ? $server['authorize_uri'] : '';
$server['access_token_uri'] = isset($server['access_token_uri']) ? $server['access_token_uri'] : '';
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $server['consumer_key'], 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_OCR_ID', $server['id'], 40);
oci_bind_by_name($stmt, ':P_USER_IS_ADMIN', $user_is_admin, 40);
oci_bind_by_name($stmt, ':P_OCR_CONSUMER_SECRET', $server['consumer_secret'], 255);
oci_bind_by_name($stmt, ':P_OCR_SERVER_URI', $server['server_uri'], 255);
oci_bind_by_name($stmt, ':P_OCR_SERVER_URI_HOST', strtolower($host), 255);
oci_bind_by_name($stmt, ':P_OCR_SERVER_URI_PATH', $path, 255);
oci_bind_by_name($stmt, ':P_OCR_REQUEST_TOKEN_URI', $server['request_token_uri'], 255);
oci_bind_by_name($stmt, ':P_OCR_AUTHORIZE_URI', $server['authorize_uri'], 255);
oci_bind_by_name($stmt, ':P_OCR_ACCESS_TOKEN_URI', $server['access_token_uri'], 255);
oci_bind_by_name($stmt, ':P_OCR_SIGNATURE_METHODS', $server['signature_methods'], 255);
oci_bind_by_name($stmt, ':P_OCR_USA_ID_REF', $ocr_usa_id_ref, 40);
oci_bind_by_name($stmt, ':P_UPDATE_P_OCR_USA_ID_REF_FLAG', $flag, 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
return $server['consumer_key'];
}
public function updateConsumer($consumer, $user_id, $user_is_admin = false) {
$consumer_key = $this
->generateKey(true);
$consumer_secret = $this
->generateKey();
$consumer['callback_uri'] = isset($consumer['callback_uri']) ? $consumer['callback_uri'] : '';
$consumer['application_uri'] = isset($consumer['application_uri']) ? $consumer['application_uri'] : '';
$consumer['application_title'] = isset($consumer['application_title']) ? $consumer['application_title'] : '';
$consumer['application_descr'] = isset($consumer['application_descr']) ? $consumer['application_descr'] : '';
$consumer['application_notes'] = isset($consumer['application_notes']) ? $consumer['application_notes'] : '';
$consumer['application_type'] = isset($consumer['application_type']) ? $consumer['application_type'] : '';
$consumer['application_commercial'] = isset($consumer['application_commercial']) ? $consumer['application_commercial'] : 0;
$sql = "BEGIN SP_UPDATE_CONSUMER(:P_OSR_USA_ID_REF, :P_OSR_CONSUMER_KEY, :P_OSR_CONSUMER_SECRET, :P_OSR_REQUESTER_NAME, :P_OSR_REQUESTER_EMAIL, :P_OSR_CALLBACK_URI, :P_OSR_APPLICATION_URI, :P_OSR_APPLICATION_TITLE , :P_OSR_APPLICATION_DESCR, :P_OSR_APPLICATION_NOTES, :P_OSR_APPLICATION_TYPE, :P_OSR_APPLICATION_COMMERCIAL, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_OSR_USA_ID_REF', $user_id, 40);
oci_bind_by_name($stmt, ':P_OSR_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_OSR_CONSUMER_SECRET', $consumer_secret, 255);
oci_bind_by_name($stmt, ':P_OSR_REQUESTER_NAME', $consumer['requester_name'], 255);
oci_bind_by_name($stmt, ':P_OSR_REQUESTER_EMAIL', $consumer['requester_email'], 255);
oci_bind_by_name($stmt, ':P_OSR_CALLBACK_URI', $consumer['callback_uri'], 255);
oci_bind_by_name($stmt, ':P_OSR_APPLICATION_URI', $consumer['application_uri'], 255);
oci_bind_by_name($stmt, ':P_OSR_APPLICATION_TITLE', $consumer['application_title'], 255);
oci_bind_by_name($stmt, ':P_OSR_APPLICATION_DESCR', $consumer['application_descr'], 255);
oci_bind_by_name($stmt, ':P_OSR_APPLICATION_NOTES', $consumer['application_notes'], 255);
oci_bind_by_name($stmt, ':P_OSR_APPLICATION_TYPE', $consumer['application_type'], 255);
oci_bind_by_name($stmt, ':P_OSR_APPLICATION_COMMERCIAL', $consumer['application_commercial'], 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
echo $result;
return $consumer_key;
}
public function deleteConsumer($consumer_key, $user_id, $user_is_admin = false) {
$sql = "BEGIN SP_DELETE_CONSUMER(:P_CONSUMER_KEY, :P_USER_ID, :P_USER_IS_ADMIN, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_USER_IS_ADMIN', $user_is_admin, 40);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
}
public function getConsumer($consumer_key, $user_id, $user_is_admin = false) {
$sql = "BEGIN SP_GET_CONSUMER(:P_CONSUMER_KEY, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $getConsumerList, null, null, OCI_FETCHSTATEMENT_BY_ROW);
$consumer = $getConsumerList;
if (!is_array($consumer)) {
throw new OAuthException2('No consumer with consumer_key "' . $consumer_key . '"');
}
$c = array();
foreach ($consumer as $key => $value) {
$c[substr($key, 4)] = $value;
}
$c['user_id'] = $c['usa_id_ref'];
if (!$user_is_admin && !empty($c['user_id']) && $c['user_id'] != $user_id) {
throw new OAuthException2('No access to the consumer information for consumer_key "' . $consumer_key . '"');
}
return $c;
}
public function getConsumerStatic() {
$sql = "BEGIN SP_GET_CONSUMER_STATIC_SELECT(:P_OSR_CONSUMER_KEY, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_OSR_CONSUMER_KEY', $consumer, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
if (empty($consumer)) {
$consumer_key = 'sc-' . $this
->generateKey(true);
$sql = "BEGIN SP_CONSUMER_STATIC_SAVE(:P_OSR_CONSUMER_KEY, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_OSR_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
$consumer = $consumer_key;
}
return $consumer;
}
public function addConsumerRequestToken($consumer_key, $options = array()) {
$token = $this
->generateKey(true);
$secret = $this
->generateKey();
if (isset($options['token_ttl']) && is_numeric($options['token_ttl'])) {
$ttl = intval($options['token_ttl']);
}
else {
$ttl = $this->max_request_token_ttl;
}
if (!isset($options['oauth_callback'])) {
$options['oauth_callback'] = 'oob';
}
$options_oauth_callback = $options['oauth_callback'];
$sql = "BEGIN SP_ADD_CONSUMER_REQUEST_TOKEN(:P_TOKEN_TTL, :P_CONSUMER_KEY, :P_TOKEN, :P_TOKEN_SECRET, :P_CALLBACK_URL, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_TOKEN_TTL', $ttl, 20);
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_TOKEN_SECRET', $secret, 255);
oci_bind_by_name($stmt, ':P_CALLBACK_URL', $options_oauth_callback, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
$returnArray = array(
'token' => $token,
'token_secret' => $secret,
'token_ttl' => $ttl,
);
return $returnArray;
}
public function getConsumerRequestToken($token) {
$sql = "BEGIN SP_GET_CONSUMER_REQUEST_TOKEN(:P_TOKEN, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $rs, null, null, OCI_FETCHSTATEMENT_BY_ROW);
return $rs[0];
}
public function deleteConsumerRequestToken($token) {
$sql = "BEGIN SP_DEL_CONSUMER_REQUEST_TOKEN(:P_TOKEN, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
}
public function authorizeConsumerRequestToken($token, $user_id, $referrer_host = '') {
$verifier = substr(md5(rand()), 0, 10);
$sql = "BEGIN SP_AUTH_CONSUMER_REQ_TOKEN(:P_USER_ID, :P_REFERRER_HOST, :P_VERIFIER, :P_TOKEN, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 255);
oci_bind_by_name($stmt, ':P_REFERRER_HOST', $referrer_host, 255);
oci_bind_by_name($stmt, ':P_VERIFIER', $verifier, 255);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
return $verifier;
}
public function countConsumerAccessTokens($consumer_key) {
$sql = "BEGIN SP_COUNT_CONSUMER_ACCESS_TOKEN(:P_CONSUMER_KEY, :P_COUNT, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_COUNT', $count, 20);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
return $count;
}
public function exchangeConsumerRequestForAccessToken($token, $options = array()) {
$new_token = $this
->generateKey(true);
$new_secret = $this
->generateKey();
$sql = "BEGIN SP_EXCH_CONS_REQ_FOR_ACC_TOKEN(:P_TOKEN_TTL, :P_NEW_TOKEN, :P_TOKEN, :P_TOKEN_SECRET, :P_VERIFIER, :P_OUT_TOKEN_TTL, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_TOKEN_TTL', $options['token_ttl'], 255);
oci_bind_by_name($stmt, ':P_NEW_TOKEN', $new_token, 255);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_TOKEN_SECRET', $new_secret, 255);
oci_bind_by_name($stmt, ':P_VERIFIER', $options['verifier'], 255);
oci_bind_by_name($stmt, ':P_OUT_TOKEN_TTL', $ttl, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
$ret = array(
'token' => $new_token,
'token_secret' => $new_secret,
);
if (is_numeric($ttl)) {
$ret['token_ttl'] = intval($ttl);
}
return $ret;
}
public function getConsumerAccessToken($token, $user_id) {
$sql = "BEGIN SP_GET_CONSUMER_ACCESS_TOKEN(:P_USER_ID, :P_TOKEN, :P_ROWS :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 255);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $rs, null, null, OCI_FETCHSTATEMENT_BY_ROW);
if (empty($rs)) {
throw new OAuthException2('No server_token "' . $token . '" for user "' . $user_id . '"');
}
return $rs;
}
public function deleteConsumerAccessToken($token, $user_id, $user_is_admin = false) {
$sql = "BEGIN SP_DEL_CONSUMER_ACCESS_TOKEN(:P_USER_ID, :P_TOKEN, :P_USER_IS_ADMIN, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 255);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_USER_IS_ADMIN', $user_is_admin, 20);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
}
public function setConsumerAccessTokenTtl($token, $token_ttl) {
if ($token_ttl <= 0) {
$this
->deleteConsumerAccessToken($token, 0, true);
}
else {
$sql = "BEGIN SP_SET_CONSUMER_ACC_TOKEN_TTL(:P_TOKEN, :P_TOKEN_TTL, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_TOKEN_TTL', $token_ttl, 20);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
}
}
public function listConsumers($user_id) {
$sql = "BEGIN SP_LIST_CONSUMERS(:P_USER_ID, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $rs, null, null, OCI_FETCHSTATEMENT_BY_ROW);
return $rs;
}
public function listConsumerApplications($begin = 0, $total = 25) {
return array();
}
public function listConsumerTokens($user_id) {
$sql = "BEGIN SP_LIST_CONSUMER_TOKENS(:P_USER_ID, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_USER_ID', $user_id, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $rs, null, null, OCI_FETCHSTATEMENT_BY_ROW);
return $rs;
}
public function checkServerNonce($consumer_key, $token, $timestamp, $nonce) {
$sql = "BEGIN SP_CHECK_SERVER_NONCE(:P_CONSUMER_KEY, :P_TOKEN, :P_TIMESTAMP, :P_MAX_TIMESTAMP_SKEW, :P_NONCE, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_CONSUMER_KEY', $consumer_key, 255);
oci_bind_by_name($stmt, ':P_TOKEN', $token, 255);
oci_bind_by_name($stmt, ':P_TIMESTAMP', $timestamp, 255);
oci_bind_by_name($stmt, ':P_MAX_TIMESTAMP_SKEW', $this->max_timestamp_skew, 20);
oci_bind_by_name($stmt, ':P_NONCE', $nonce, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
}
public function addLog($keys, $received, $sent, $base_string, $notes, $user_id = null) {
$args = array();
$ps = array();
foreach ($keys as $key => $value) {
$args[] = $value;
$ps[] = "olg_{$key} = '%s'";
}
if (!empty($_SERVER['REMOTE_ADDR'])) {
$remote_ip = $_SERVER['REMOTE_ADDR'];
}
else {
if (!empty($_SERVER['REMOTE_IP'])) {
$remote_ip = $_SERVER['REMOTE_IP'];
}
else {
$remote_ip = '0.0.0.0';
}
}
$olg_received = $this
->makeUTF8($received);
$olg_sent = $this
->makeUTF8($sent);
$olg_base_string = $base_string;
$olg_notes = $this
->makeUTF8($notes);
$olg_usa_id_ref = $user_id;
$olg_remote_ip = $remote_ip;
$sql = "BEGIN SP_ADD_LOG(:P_RECEIVED, :P_SENT, :P_BASE_STRING, :P_NOTES, :P_USA_ID_REF, :P_REMOTE_IP, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_RECEIVED', $olg_received, 255);
oci_bind_by_name($stmt, ':P_SENT', $olg_sent, 255);
oci_bind_by_name($stmt, ':P_BASE_STRING', $olg_base_string, 255);
oci_bind_by_name($stmt, ':P_NOTES', $olg_notes, 255);
oci_bind_by_name($stmt, ':P_USA_ID_REF', $olg_usa_id_ref, 255);
oci_bind_by_name($stmt, ':P_REMOTE_IP', $olg_remote_ip, 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
oci_execute($stmt);
}
public function listLog($options, $user_id) {
if (empty($options)) {
$optionsFlag = NULL;
}
else {
$optionsFlag = 1;
}
$sql = "BEGIN SP_LIST_LOG(:P_OPTION_FLAG, :P_USA_ID, :P_OSR_CONSUMER_KEY, :P_OCR_CONSUMER_KEY, :P_OST_TOKEN, :P_OCT_TOKEN, :P_ROWS, :P_RESULT); END;";
$stmt = oci_parse($this->conn, $sql) or die('Can not parse query');
oci_bind_by_name($stmt, ':P_OPTION_FLAG', $optionsFlag, 255);
oci_bind_by_name($stmt, ':P_USA_ID', $user_id, 40);
oci_bind_by_name($stmt, ':P_OSR_CONSUMER_KEY', $options['osr_consumer_key'], 255);
oci_bind_by_name($stmt, ':P_OCR_CONSUMER_KEY', $options['ocr_consumer_key'], 255);
oci_bind_by_name($stmt, ':P_OST_TOKEN', $options['ost_token'], 255);
oci_bind_by_name($stmt, ':P_OCT_TOKEN', $options['oct_token'], 255);
oci_bind_by_name($stmt, ':P_RESULT', $result, 20);
$p_row = oci_new_cursor($this->conn);
oci_bind_by_name($stmt, ':P_ROWS', $p_row, -1, OCI_B_CURSOR);
oci_execute($stmt);
oci_execute($p_row, OCI_DEFAULT);
oci_fetch_all($p_row, $rs, null, null, OCI_FETCHSTATEMENT_BY_ROW);
return $rs;
}
public function install() {
require_once dirname(__FILE__) . '/oracle/install.php';
}
}