You are here

public function DrupalOAuthClient::getAccessToken in OAuth 1.0 7.4

Same name and namespace in other branches
  1. 6.3 includes/DrupalOAuthClient.inc \DrupalOAuthClient::getAccessToken()
  2. 7.3 includes/DrupalOAuthClient.inc \DrupalOAuthClient::getAccessToken()

Fetches the access token using the request token.

Parameters

string $endpoint: Optional. The endpoint path for the provider.

  • If you provide the full URL (e.g. "http://example.com/oauth/access_token"), then it will be used.
  • If you provide only the path (e.g. "oauth/access_token"), it will be converted into a full URL by prepending the provider_url.
  • If you provide nothing it will default to '/oauth/access_token'.

array $options: An associative array of additional optional options, with the following keys:

  • 'params' An associative array of parameters that should be included in the request.
  • 'realm' A string to be used as the http authentication realm in the request.
  • 'get' (default FALSE) Whether to use GET as the HTTP-method instead of POST.
  • 'verifier' A string containing a verifier for he user from the provider. Only used by versions higher than OAUTH_COMMON_VERSION_1.

Return value

DrupalOAuthToken The access token.

File

includes/DrupalOAuthClient.inc, line 216

Class

DrupalOAuthClient

Code

public function getAccessToken($endpoint = NULL, $options = array()) {
  if ($this->accessToken) {
    return clone $this->accessToken;
  }
  $options += array(
    'params' => array(),
    'realm' => NULL,
    'get' => FALSE,
    'verifier' => NULL,
  );
  if (empty($endpoint)) {
    if (!empty($this->consumer->configuration['access_endpoint'])) {
      $endpoint = $this->consumer->configuration['access_endpoint'];
    }
    else {
      $endpoint = '/oauth/access_token';
    }
  }
  if ($this->version > OAUTH_COMMON_VERSION_1 && $options['verifier'] !== NULL) {
    $options['params']['oauth_verifier'] = $options['verifier'];
  }
  $response = $this
    ->get($endpoint, array(
    'token' => TRUE,
    'params' => $options['params'],
    'realm' => $options['realm'],
    'get' => $options['get'],
  ));
  $params = array();
  parse_str($response, $params);
  if (empty($params['oauth_token']) || empty($params['oauth_token_secret'])) {
    throw new Exception('No valid access token was returned');
  }

  // Check if we've has recieved this token previously and if so use the old one

  //TODO: Is this safe!? What if eg. multiple users are getting the same access token from the provider?
  $this->accessToken = DrupalOAuthToken::loadByKey($params['oauth_token'], $this->consumer);

  //TODO: Can a secret change even though the token doesn't? If so it needs to be changed.
  if (!$this->accessToken) {
    $this->accessToken = new DrupalOAuthToken($params['oauth_token'], $params['oauth_token_secret'], $this->consumer, array(
      'type' => OAUTH_COMMON_TOKEN_TYPE_ACCESS,
    ));
  }
  return clone $this->accessToken;
}