You are here

public function OAuthStorePostgreSQL::getSecretsForSignature in Lingotek Translation 7.3

Same name and namespace in other branches
  1. 7.7 lib/oauth-php/library/store/OAuthStorePostgreSQL.php \OAuthStorePostgreSQL::getSecretsForSignature()
  2. 7.2 lib/oauth-php/library/store/OAuthStorePostgreSQL.php \OAuthStorePostgreSQL::getSecretsForSignature()
  3. 7.4 lib/oauth-php/library/store/OAuthStorePostgreSQL.php \OAuthStorePostgreSQL::getSecretsForSignature()
  4. 7.5 lib/oauth-php/library/store/OAuthStorePostgreSQL.php \OAuthStorePostgreSQL::getSecretsForSignature()
  5. 7.6 lib/oauth-php/library/store/OAuthStorePostgreSQL.php \OAuthStorePostgreSQL::getSecretsForSignature()

Find the server details for signing a request, always looks for an access token. The returned credentials depend on which local user is making the request.

The consumer_key must belong to the user or be public (user id is null)

For signing we need all of the following:

consumer_key consumer key associated with the server consumer_secret consumer secret associated with this server token access token associated with this server token_secret secret for the access token signature_methods signing methods supported by the server (array)

@todo filter on token type (we should know how and with what to sign this request, and there might be old access tokens)

@exception OAuthException2 when no credentials found

Parameters

string uri uri of the server:

int user_id id of the logged on user:

string name (optional) name of the token (case sensitive):

Return value

array

Overrides OAuthStoreAbstract::getSecretsForSignature

File

lib/oauth-php/library/store/OAuthStorePostgreSQL.php, line 194

Class

OAuthStorePostgreSQL

Code

public function getSecretsForSignature($uri, $user_id, $name = '') {

  // Find a consumer key and token for the given uri
  $ps = parse_url($uri);
  $host = isset($ps['host']) ? $ps['host'] : 'localhost';
  $path = isset($ps['path']) ? $ps['path'] : '';
  if (empty($path) || substr($path, -1) != '/') {
    $path .= '/';
  }

  // The owner of the consumer_key is either the user or nobody (public consumer key)
  $secrets = $this
    ->query_row_assoc('
                    SELECT    ocr_consumer_key        as consumer_key,
                            ocr_consumer_secret        as consumer_secret,
                            oct_token                as token,
                            oct_token_secret        as token_secret,
                            ocr_signature_methods    as signature_methods
                    FROM oauth_consumer_registry
                        JOIN oauth_consumer_token ON oct_ocr_id_ref = ocr_id
                    WHERE ocr_server_uri_host = \'%s\'
                      AND ocr_server_uri_path = SUBSTR(\'%s\', 1, LENGTH(ocr_server_uri_path))
                      AND (ocr_usa_id_ref = \'%s\' OR ocr_usa_id_ref IS NULL)
                      AND oct_usa_id_ref      = \'%d\'
                      AND oct_token_type      = \'access\'
                      AND oct_name              = \'%s\'
                      AND oct_token_ttl       >= NOW()
                    ORDER BY ocr_usa_id_ref DESC, ocr_consumer_secret DESC, LENGTH(ocr_server_uri_path) DESC
                    LIMIT 1
                    ', $host, $path, $user_id, $user_id, $name);
  if (empty($secrets)) {
    throw new OAuthException2('No server tokens available for ' . $uri);
  }
  $secrets['signature_methods'] = explode(',', $secrets['signature_methods']);
  return $secrets;
}