You are here

public function ServicesClientDrupalOAuthClient::getAccessToken in Services Client 7

Same name and namespace in other branches
  1. 7.2 services_client_connection/modules/services_client_oauth/plugins/ServicesClientDrupalOAuthClient.inc \ServicesClientDrupalOAuthClient::getAccessToken()

Fetches the access token using the request token.

Parameters

string $endpoint: Optional. The endpoint path for the provider.

  • If you provide the full URL (e.g. "http://example.com/oauth/access_token"), then it will be used.
  • If you provide only the path (e.g. "oauth/access_token"), it will be converted into a full URL by prepending the provider_url.
  • If you provide nothing it will default to '/oauth/access_token'.

array $options: An associative array of additional optional options, with the following keys:

  • 'params' An associative array of parameters that should be included in the request.
  • 'realm' A string to be used as the http authentication realm in the request.
  • 'get' (default FALSE) Whether to use GET as the HTTP-method instead of POST.
  • 'verifier' A string containing a verifier for he user from the provider. Only used by versions higher than OAUTH_COMMON_VERSION_1.
  • 'force_port' A port number that is forced when creating normalized URL for calculating signature.

Return value

DrupalOAuthToken The access token.

File

services_client_connection/modules/services_client_oauth/plugins/ServicesClientDrupalOAuthClient.inc, line 117
Custom DrupalOAuthRequest implementation

Class

ServicesClientDrupalOAuthClient
@file Custom DrupalOAuthRequest implementation

Code

public function getAccessToken($endpoint = NULL, $options = array()) {
  if ($this->accessToken) {
    return clone $this->accessToken;
  }
  $options += array(
    'params' => array(),
    'realm' => NULL,
    'get' => FALSE,
    'verifier' => NULL,
    'force_port' => NULL,
  );
  if (empty($endpoint)) {
    if (!empty($this->consumer->configuration['access_endpoint'])) {
      $endpoint = $this->consumer->configuration['access_endpoint'];
    }
    else {
      $endpoint = '/oauth/access_token';
    }
  }
  if ($this->version > OAUTH_COMMON_VERSION_1 && $options['verifier'] !== NULL) {
    $options['params']['oauth_verifier'] = $options['verifier'];
  }
  $response = $this
    ->get($endpoint, array(
    'token' => TRUE,
    'params' => $options['params'],
    'realm' => $options['realm'],
    'get' => $options['get'],
    'force_port' => $options['force_port'],
  ));
  $params = array();
  parse_str($response, $params);
  if (empty($params['oauth_token']) || empty($params['oauth_token_secret'])) {
    throw new Exception('No valid access token was returned');
  }

  // Check if we've has recieved this token previously and if so use the old one

  //TODO: Is this safe!? What if eg. multiple users are getting the same access token from the provider?
  $this->accessToken = DrupalOAuthToken::loadByKey($params['oauth_token'], $this->consumer);

  //TODO: Can a secret change even though the token doesn't? If so it needs to be changed.
  if (!$this->accessToken) {
    $this->accessToken = new DrupalOAuthToken($params['oauth_token'], $params['oauth_token_secret'], $this->consumer, array(
      'type' => OAUTH_COMMON_TOKEN_TYPE_ACCESS,
    ));
  }
  return clone $this->accessToken;
}