You are here

Home » API reference » Lingotek Translation 7.7 » OAuthStoreSQL.php » OAuthStoreSQL

public function OAuthStoreSQL::checkServerNonce in Lingotek Translation 7.7

Same name and namespace in other branches
  1. 7.2 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::checkServerNonce()
  2. 7.3 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::checkServerNonce()
  3. 7.4 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::checkServerNonce()
  4. 7.5 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::checkServerNonce()
  5. 7.6 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::checkServerNonce()

* Check an nonce/timestamp combination. Clears any nonce combinations * that are older than the one received. * *

Parameters

string consumer_key: * @param string token * @param int timestamp * @param string nonce * @exception OAuthException2 thrown when the timestamp is not in sequence or nonce is not unique

Overrides OAuthStoreAbstract::checkServerNonce

File

lib/oauth-php/library/store/OAuthStoreSQL.php, line 1599

Class

OAuthStoreSQL

Code

public function checkServerNonce($consumer_key, $token, $timestamp, $nonce) {
  $r = $this
    ->query_row('
							SELECT MAX(osn_timestamp), MAX(osn_timestamp) > %d + %d
							FROM oauth_server_nonce
							WHERE osn_consumer_key = \'%s\'
							  AND osn_token        = \'%s\'
							', $timestamp, $this->max_timestamp_skew, $consumer_key, $token);
  if (!empty($r) && $r[1]) {
    throw new OAuthException2('Timestamp is out of sequence. Request rejected. Got ' . $timestamp . ' last max is ' . $r[0] . ' allowed skew is ' . $this->max_timestamp_skew);
  }

  // Insert the new combination
  $this
    ->query('
				INSERT IGNORE INTO oauth_server_nonce
				SET osn_consumer_key	= \'%s\',
					osn_token			= \'%s\',
					osn_timestamp		= %d,
					osn_nonce			= \'%s\'
				', $consumer_key, $token, $timestamp, $nonce);
  if ($this
    ->query_affected_rows() == 0) {
    throw new OAuthException2('Duplicate timestamp/nonce combination, possible replay attack.  Request rejected.');
  }

  // Clean up all timestamps older than the one we just received
  $this
    ->query('
				DELETE FROM oauth_server_nonce
				WHERE osn_consumer_key	= \'%s\'
				  AND osn_token			= \'%s\'
				  AND osn_timestamp     < %d - %d
				', $consumer_key, $token, $timestamp, $this->max_timestamp_skew);
}