You are here

public function OAuthStoreSQL::getSecretsForSignature in Lingotek Translation 7.2

Same name and namespace in other branches
  1. 7.7 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::getSecretsForSignature()
  2. 7.3 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::getSecretsForSignature()
  3. 7.4 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::getSecretsForSignature()
  4. 7.5 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::getSecretsForSignature()
  5. 7.6 lib/oauth-php/library/store/OAuthStoreSQL.php \OAuthStoreSQL::getSecretsForSignature()

* Find the server details for signing a request, always looks for an access token. * The returned credentials depend on which local user is making the request. * * The consumer_key must belong to the user or be public (user id is null) * * For signing we need all of the following: * * consumer_key consumer key associated with the server * consumer_secret consumer secret associated with this server * token access token associated with this server * token_secret secret for the access token * signature_methods signing methods supported by the server (array) * * @todo filter on token type (we should know how and with what to sign this request, and there might be old access tokens) *

Parameters

string uri uri of the server: * @param int user_id id of the logged on user * @param string name (optional) name of the token (case sensitive) * @exception OAuthException2 when no credentials found * @return array

Overrides OAuthStoreAbstract::getSecretsForSignature

File

lib/oauth-php/library/store/OAuthStoreSQL.php, line 190

Class

OAuthStoreSQL

Code

public function getSecretsForSignature($uri, $user_id, $name = '') {

  // Find a consumer key and token for the given uri
  $ps = parse_url($uri);
  $host = isset($ps['host']) ? $ps['host'] : 'localhost';
  $path = isset($ps['path']) ? $ps['path'] : '';
  if (empty($path) || substr($path, -1) != '/') {
    $path .= '/';
  }

  // The owner of the consumer_key is either the user or nobody (public consumer key)
  $secrets = $this
    ->query_row_assoc('
					SELECT	ocr_consumer_key		as consumer_key,
							ocr_consumer_secret		as consumer_secret,
							oct_token				as token,
							oct_token_secret		as token_secret,
							ocr_signature_methods	as signature_methods
					FROM oauth_consumer_registry
						JOIN oauth_consumer_token ON oct_ocr_id_ref = ocr_id
					WHERE ocr_server_uri_host = \'%s\'
					  AND ocr_server_uri_path = LEFT(\'%s\', LENGTH(ocr_server_uri_path))
					  AND (ocr_usa_id_ref = \'%d\' OR ocr_usa_id_ref IS NULL)
					  AND oct_token_type      = \'access\'
					  AND oct_name			  = \'%s\'
					  AND oct_token_ttl       >= NOW()
					ORDER BY ocr_usa_id_ref DESC, ocr_consumer_secret DESC, LENGTH(ocr_server_uri_path) DESC
					LIMIT 0,1
					', $host, $path, $user_id, $name);
  if (empty($secrets)) {
    throw new OAuthException2('No server tokens available for ' . $uri);
  }
  $secrets['signature_methods'] = explode(',', $secrets['signature_methods']);
  return $secrets;
}