nsx_trOAuthServer

The NextScripts: Social Networks Auto-Poster nsx trOAuthServer class.

Defined (1)

The class is defined in the following location(s).

/inc-cl/apis/OAuth.php  
  1. class nsx_trOAuthServer { 
  2. protected $timestamp_threshold = 300; // in seconds, five minutes 
  3. protected $version = '1.0'; // hi blaine 
  4. protected $signature_methods = array(); 
  5.  
  6. protected $data_store; 
  7.  
  8. function __construct($data_store) { 
  9. $this->data_store = $data_store; 
  10.  
  11. public function add_signature_method($signature_method) { 
  12. $this->signature_methods[$signature_method->get_name()] = 
  13. $signature_method; 
  14.  
  15. // high level functions 
  16.  
  17. /** 
  18. * process a request_token request 
  19. * returns the request token on success 
  20. */ 
  21. public function fetch_request_token(&$request) { 
  22. $this->get_version($request); 
  23.  
  24. $consumer = $this->get_consumer($request); 
  25.  
  26. // no token required for the initial token request 
  27. $token = NULL; 
  28.  
  29. $this->check_signature($request, $consumer, $token); 
  30.  
  31. // Rev A change 
  32. $callback = $request->get_parameter('oauth_callback'); 
  33. $new_token = $this->data_store->new_request_token($consumer, $callback); 
  34.  
  35. return $new_token; 
  36.  
  37. /** 
  38. * process an access_token request 
  39. * returns the access token on success 
  40. */ 
  41. public function fetch_access_token(&$request) { 
  42. $this->get_version($request); 
  43.  
  44. $consumer = $this->get_consumer($request); 
  45.  
  46. // requires authorized request token 
  47. $token = $this->get_token($request, $consumer, "request"); 
  48.  
  49. $this->check_signature($request, $consumer, $token); 
  50.  
  51. // Rev A change 
  52. $verifier = $request->get_parameter('oauth_verifier'); 
  53. $new_token = $this->data_store->new_access_token($token, $consumer, $verifier); 
  54.  
  55. return $new_token; 
  56.  
  57. /** 
  58. * verify an api call, checks all the parameters 
  59. */ 
  60. public function verify_request(&$request) { 
  61. $this->get_version($request); 
  62. $consumer = $this->get_consumer($request); 
  63. $token = $this->get_token($request, $consumer, "access"); 
  64. $this->check_signature($request, $consumer, $token); 
  65. return array($consumer, $token); 
  66.  
  67. // Internals from here 
  68. /** 
  69. * version 1 
  70. */ 
  71. private function get_version(&$request) { 
  72. $version = $request->get_parameter("oauth_version"); 
  73. if (!$version) { 
  74. // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present.  
  75. // Chapter 7.0 ("Accessing Protected Ressources") 
  76. $version = '1.0'; 
  77. if ($version !== $this->version) { 
  78. throw new nsx_trOAuthException("OAuth version '$version' not supported"); 
  79. return $version; 
  80.  
  81. /** 
  82. * figure out the signature with some defaults 
  83. */ 
  84. private function get_signature_method(&$request) { 
  85. $signature_method = 
  86. @$request->get_parameter("oauth_signature_method"); 
  87.  
  88. if (!$signature_method) { 
  89. // According to chapter 7 ("Accessing Protected Ressources") the signature-method 
  90. // parameter is required, and we can't just fallback to PLAINTEXT 
  91. throw new nsx_trOAuthException('No signature method parameter. This parameter is required'); 
  92.  
  93. if (!in_array($signature_method,  
  94. array_keys($this->signature_methods))) { 
  95. throw new nsx_trOAuthException( 
  96. "Signature method '$signature_method' not supported " . 
  97. "try one of the following: " . 
  98. implode(", ", array_keys($this->signature_methods)) 
  99. ); 
  100. return $this->signature_methods[$signature_method]; 
  101.  
  102. /** 
  103. * try to find the consumer for the provided request's consumer key 
  104. */ 
  105. private function get_consumer(&$request) { 
  106. $consumer_key = @$request->get_parameter("oauth_consumer_key"); 
  107. if (!$consumer_key) { 
  108. throw new nsx_trOAuthException("Invalid consumer key"); 
  109.  
  110. $consumer = $this->data_store->lookup_consumer($consumer_key); 
  111. if (!$consumer) { 
  112. throw new nsx_trOAuthException("Invalid consumer"); 
  113.  
  114. return $consumer; 
  115.  
  116. /** 
  117. * try to find the token for the provided request's token key 
  118. */ 
  119. private function get_token(&$request, $consumer, $token_type="access") { 
  120. $token_field = @$request->get_parameter('oauth_token'); 
  121. $token = $this->data_store->lookup_token( 
  122. $consumer, $token_type, $token_field 
  123. ); 
  124. if (!$token) { 
  125. throw new nsx_trOAuthException("Invalid $token_type token: $token_field"); 
  126. return $token; 
  127.  
  128. /** 
  129. * all-in-one function to check the signature on a request 
  130. * should guess the signature method appropriately 
  131. */ 
  132. private function check_signature(&$request, $consumer, $token) { 
  133. // this should probably be in a different method 
  134. $timestamp = @$request->get_parameter('oauth_timestamp'); 
  135. $nonce = @$request->get_parameter('oauth_nonce'); 
  136.  
  137. $this->check_timestamp($timestamp); 
  138. $this->check_nonce($consumer, $token, $nonce, $timestamp); 
  139.  
  140. $signature_method = $this->get_signature_method($request); 
  141.  
  142. $signature = $request->get_parameter('oauth_signature'); 
  143. $valid_sig = $signature_method->check_signature( 
  144. $request,  
  145. $consumer,  
  146. $token,  
  147. $signature 
  148. ); 
  149.  
  150. if (!$valid_sig) { 
  151. throw new nsx_trOAuthException("Invalid signature"); 
  152.  
  153. /** 
  154. * check that the timestamp is new enough 
  155. */ 
  156. private function check_timestamp($timestamp) { 
  157. if( ! $timestamp ) 
  158. throw new nsx_trOAuthException( 
  159. 'Missing timestamp parameter. The parameter is required' 
  160. ); 
  161.  
  162. // verify that timestamp is recentish 
  163. $now = time(); 
  164. if (abs($now - $timestamp) > $this->timestamp_threshold) { 
  165. throw new nsx_trOAuthException( 
  166. "Expired timestamp, yours $timestamp, ours $now" 
  167. ); 
  168.  
  169. /** 
  170. * check that the nonce is not repeated 
  171. */ 
  172. private function check_nonce($consumer, $token, $nonce, $timestamp) { 
  173. if( ! $nonce ) 
  174. throw new nsx_trOAuthException( 
  175. 'Missing nonce parameter. The parameter is required' 
  176. ); 
  177.  
  178. // verify that the nonce is uniqueish 
  179. $found = $this->data_store->lookup_nonce( 
  180. $consumer,  
  181. $token,  
  182. $nonce,  
  183. $timestamp 
  184. ); 
  185. if ($found) { 
  186. throw new nsx_trOAuthException("Nonce already used: $nonce"); 
  187.