View source
<?php
function oauth_common_user_consumers($uid) {
$result = db_query('SELECT c.secret, c.configuration, pc.*
FROM {oauth_common_consumer} c
INNER JOIN {oauth_common_provider_consumer} pc ON pc.csid = c.csid
WHERE pc.uid = :uid', array(
':uid' => $uid,
));
$consumers = array();
while ($consumer = DrupalOAuthConsumer::fromResult($result)) {
$consumers[] = $consumer;
}
return $consumers;
}
function oauth_common_user_access_tokens($uid) {
$result = db_query("SELECT * FROM {oauth_common_token} WHERE uid = :uid AND type = :type", array(
':uid' => $uid,
':type' => OAUTH_COMMON_TOKEN_TYPE_ACCESS,
));
$tokens = array();
while ($token = DrupalOAuthToken::fromResult($result)) {
$tokens[] = $token;
}
return $tokens;
}
function oauth_common_verify_request() {
$req = DrupalOAuthRequest::from_request();
$consumer_key = $req
->get_parameter('oauth_consumer_key');
if (!empty($consumer_key)) {
$consumer = DrupalOAuthConsumer::loadProviderByKey($consumer_key);
if ($consumer) {
$context = oauth_common_context_load($consumer->context);
if (!$context) {
throw new Exception('No OAuth context found');
}
_oauth_common_verify_body_hash($req);
$signature = $req
->get_parameter('oauth_signature');
if (!empty($signature)) {
$server = new DrupalOAuthServer($context);
return array_merge(array(
TRUE,
), $server
->verify_request($req));
}
else {
$token_key = $req
->get_parameter('oauth_token');
if (empty($token_key) || !($token = DrupalOAuthToken::loadbyKey($token_key, $consumer))) {
$token = NULL;
}
return array(
FALSE,
$consumer,
$token,
);
}
}
}
return array(
FALSE,
NULL,
NULL,
);
}
function _oauth_common_verify_body_hash($req) {
$body_hash = $req
->get_parameter('oauth_body_hash');
if ($body_hash && module_exists('inputstream')) {
$hres = hash_init('sha1');
$stream = fopen('drupal://input', 'r');
hash_update_stream($hres, $stream);
fclose($stream);
$sha1 = hash_final($hres, TRUE);
if ($sha1 !== base64_decode($body_hash)) {
throw new OAuthException("Invalid body hash");
}
}
}
