OAuthRequest

The All In One SEO Pack OAuthRequest class.

Defined (1)

The class is defined in the following location(s).

/inc/extlib/OAuth.php  
  1. class OAuthRequest { 
  2. protected $parameters; 
  3. protected $http_method; 
  4. protected $http_url; 
  5. // for debug purposes 
  6. public $base_string; 
  7. public static $version = '1.0'; 
  8. public static $POST_INPUT = 'php://input'; 
  9.  
  10. function __construct($http_method, $http_url, $parameters=NULL) { 
  11. $parameters = ($parameters) ? $parameters : array(); 
  12. $parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters); 
  13. $this->parameters = $parameters; 
  14. $this->http_method = $http_method; 
  15. $this->http_url = $http_url; 
  16.  
  17.  
  18. /** 
  19. * attempt to build up a request from what was passed to the server 
  20. */ 
  21. public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) { 
  22. $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") 
  23. ? 'http' 
  24. : 'https'; 
  25. $http_url = ($http_url) ? $http_url : $scheme . 
  26. '://' . $_SERVER['SERVER_NAME'] . 
  27. ':' . 
  28. $_SERVER['SERVER_PORT'] . 
  29. $_SERVER['REQUEST_URI']; 
  30. $http_method = ($http_method) ? $http_method : $_SERVER['REQUEST_METHOD']; 
  31.  
  32. // We weren't handed any parameters, so let's find the ones relevant to 
  33. // this request. 
  34. // If you run XML-RPC or similar you should use this to provide your own 
  35. // parsed parameter-list 
  36. if (!$parameters) { 
  37. // Find request headers 
  38. $request_headers = OAuthUtil::get_headers(); 
  39.  
  40. // Parse the query-string to find GET parameters 
  41. $parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']); 
  42.  
  43. // It's a POST request of the proper content-type, so parse POST 
  44. // parameters and add those overriding any duplicates from GET 
  45. if ($http_method == "POST" 
  46. && isset($request_headers['Content-Type']) 
  47. && strstr($request_headers['Content-Type'],  
  48. 'application/x-www-form-urlencoded') 
  49. ) { 
  50. $post_data = OAuthUtil::parse_parameters( 
  51. file_get_contents(self::$POST_INPUT) 
  52. ); 
  53. $parameters = array_merge($parameters, $post_data); 
  54.  
  55. // We have a Authorization-header with OAuth data. Parse the header 
  56. // and add those overriding any duplicates from GET or POST 
  57. if (isset($request_headers['Authorization']) && substr($request_headers['Authorization'], 0, 6) == 'OAuth ') { 
  58. $header_parameters = OAuthUtil::split_header( 
  59. $request_headers['Authorization'] 
  60. ); 
  61. $parameters = array_merge($parameters, $header_parameters); 
  62.  
  63.  
  64. return new OAuthRequest($http_method, $http_url, $parameters); 
  65.  
  66. /** 
  67. * pretty much a helper function to set up the request 
  68. */ 
  69. public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) { 
  70. $parameters = ($parameters) ? $parameters : array(); 
  71. $defaults = array("oauth_version" => OAuthRequest::$version,  
  72. "oauth_nonce" => OAuthRequest::generate_nonce(),  
  73. "oauth_timestamp" => OAuthRequest::generate_timestamp(),  
  74. "oauth_consumer_key" => $consumer->key); 
  75. if ($token) 
  76. $defaults['oauth_token'] = $token->key; 
  77.  
  78. $parameters = array_merge($defaults, $parameters); 
  79.  
  80. return new OAuthRequest($http_method, $http_url, $parameters); 
  81.  
  82. public function set_parameter($name, $value, $allow_duplicates = true) { 
  83. if ($allow_duplicates && isset($this->parameters[$name])) { 
  84. // We have already added parameter(s) with this name, so add to the list 
  85. if (is_scalar($this->parameters[$name])) { 
  86. // This is the first duplicate, so transform scalar (string) 
  87. // into an array so we can add the duplicates 
  88. $this->parameters[$name] = array($this->parameters[$name]); 
  89.  
  90. $this->parameters[$name][] = $value; 
  91. } else { 
  92. $this->parameters[$name] = $value; 
  93.  
  94. public function get_parameter($name) { 
  95. return isset($this->parameters[$name]) ? $this->parameters[$name] : null; 
  96.  
  97. public function get_parameters() { 
  98. return $this->parameters; 
  99.  
  100. public function unset_parameter($name) { 
  101. unset($this->parameters[$name]); 
  102.  
  103. /** 
  104. * The request parameters, sorted and concatenated into a normalized string. 
  105. * @return string 
  106. */ 
  107. public function get_signable_parameters() { 
  108. // Grab all parameters 
  109. $params = $this->parameters; 
  110.  
  111. // Remove oauth_signature if present 
  112. // Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.") 
  113. if (isset($params['oauth_signature'])) { 
  114. unset($params['oauth_signature']); 
  115.  
  116. return OAuthUtil::build_http_query($params); 
  117.  
  118. /** 
  119. * Returns the base string of this request 
  120. * The base string defined as the method, the url 
  121. * and the parameters (normalized), each urlencoded 
  122. * and the concated with &. 
  123. */ 
  124. public function get_signature_base_string() { 
  125. $parts = array( 
  126. $this->get_normalized_http_method(),  
  127. $this->get_normalized_http_url(),  
  128. $this->get_signable_parameters() 
  129. ); 
  130.  
  131. $parts = OAuthUtil::urlencode_rfc3986($parts); 
  132.  
  133. return implode('&', $parts); 
  134.  
  135. /** 
  136. * just uppercases the http method 
  137. */ 
  138. public function get_normalized_http_method() { 
  139. return strtoupper($this->http_method); 
  140.  
  141. /** 
  142. * parses the url and rebuilds it to be 
  143. * scheme://host/path 
  144. */ 
  145. public function get_normalized_http_url() { 
  146. $parts = parse_url($this->http_url); 
  147.  
  148. $scheme = (isset($parts['scheme'])) ? $parts['scheme'] : 'http'; 
  149. $port = (isset($parts['port'])) ? $parts['port'] : (($scheme == 'https') ? '443' : '80'); 
  150. $host = (isset($parts['host'])) ? strtolower($parts['host']) : ''; 
  151. $path = (isset($parts['path'])) ? $parts['path'] : ''; 
  152.  
  153. if (($scheme == 'https' && $port != '443') 
  154. || ($scheme == 'http' && $port != '80')) { 
  155. $host = "$host:$port"; 
  156. return "$scheme://$host$path"; 
  157.  
  158. /** 
  159. * builds a url usable for a GET request 
  160. */ 
  161. public function to_url() { 
  162. $post_data = $this->to_postdata(); 
  163. $out = $this->get_normalized_http_url(); 
  164. if ($post_data) { 
  165. $out .= '?'.$post_data; 
  166. return $out; 
  167.  
  168. /** 
  169. * builds the data one would send in a POST request 
  170. */ 
  171. public function to_postdata() { 
  172. return OAuthUtil::build_http_query($this->parameters); 
  173.  
  174. /** 
  175. * builds the Authorization: header 
  176. */ 
  177. public function to_header($realm=null) { 
  178. $first = true; 
  179. if($realm) { 
  180. $out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"'; 
  181. $first = false; 
  182. } else 
  183. $out = 'Authorization: OAuth'; 
  184.  
  185. $total = array(); 
  186. foreach ($this->parameters as $k => $v) { 
  187. if (substr($k, 0, 5) != "oauth") continue; 
  188. if (is_array($v)) { 
  189. throw new OAuthException('Arrays not supported in headers'); 
  190. $out .= ($first) ? ' ' : ', '; 
  191. $out .= OAuthUtil::urlencode_rfc3986($k) . 
  192. '="' . 
  193. OAuthUtil::urlencode_rfc3986($v) . 
  194. '"'; 
  195. $first = false; 
  196. return $out; 
  197.  
  198. public function __toString() { 
  199. return $this->to_url(); 
  200.  
  201.  
  202. public function sign_request($signature_method, $consumer, $token) { 
  203. $this->set_parameter( 
  204. "oauth_signature_method",  
  205. $signature_method->get_name(),  
  206. false 
  207. ); 
  208. $signature = $this->build_signature($signature_method, $consumer, $token); 
  209. $this->set_parameter("oauth_signature", $signature, false); 
  210.  
  211. public function build_signature($signature_method, $consumer, $token) { 
  212. $signature = $signature_method->build_signature($this, $consumer, $token); 
  213. return $signature; 
  214.  
  215. /** 
  216. * util function: current timestamp 
  217. */ 
  218. private static function generate_timestamp() { 
  219. return time(); 
  220.  
  221. /** 
  222. * util function: current nonce 
  223. */ 
  224. private static function generate_nonce() { 
  225. $mt = microtime(); 
  226. $rand = mt_rand(); 
  227.  
  228. return md5($mt . $rand); // md5s look nicer than numbers