harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove the unqualified "OAuth" namespace from the project. We need to reference either OAuth1 or OAuth2.

Browse Source
This commit is contained in:
redmatrix 2015-12-13 15:35:45 -08:00
parent 395268da22
commit bb0e4044bf
8 changed files with 103 additions and 102 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
boot.php
View File

@ -704,11 +704,18 @@ class App {
'smarty3' => '}}' 'smarty3' => '}}'
); );
// These represent the URL which was used to access the page
private $scheme; private $scheme;
private $hostname; private $hostname;
private $baseurl;
private $path; private $path;
// This is our standardised URL - regardless of what was used
// to access the page
private $baseurl;
/** /**
* App constructor. * App constructor.
*/ */

8
include/api.php
View File

@ -2311,12 +2311,12 @@ require_once('include/api_auth.php');
function api_oauth_request_token(&$a, $type){ function api_oauth_request_token(&$a, $type){
try{ try{
$oauth = new ZotOAuth1(); $oauth = new ZotOAuth1();
$req = OAuthRequest::from_request(); $req = OAuth1Request::from_request();
logger('Req: ' . var_export($req,true),LOGGER_DATA); logger('Req: ' . var_export($req,true),LOGGER_DATA);
$r = $oauth->fetch_request_token($req); $r = $oauth->fetch_request_token($req);
}catch(Exception $e){ }catch(Exception $e){
logger('oauth_exception: ' . print_r($e->getMessage(),true)); logger('oauth_exception: ' . print_r($e->getMessage(),true));
echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage()); echo "error=". OAuth1Util::urlencode_rfc3986($e->getMessage());
killme(); killme();
} }
echo $r; echo $r;
@ -2326,10 +2326,10 @@ require_once('include/api_auth.php');
function api_oauth_access_token(&$a, $type){ function api_oauth_access_token(&$a, $type){
try{ try{
$oauth = new ZotOAuth1(); $oauth = new ZotOAuth1();
$req = OAuthRequest::from_request(); $req = OAuth1Request::from_request();
$r = $oauth->fetch_access_token($req); $r = $oauth->fetch_access_token($req);
}catch(Exception $e){ }catch(Exception $e){
echo "error=". OAuthUtil::urlencode_rfc3986($e->getMessage()); killme(); echo "error=". OAuth1Util::urlencode_rfc3986($e->getMessage()); killme();
} }
echo $r; echo $r;
killme(); killme();

2
include/api_auth.php
View File

@ -13,7 +13,7 @@ function api_login(&$a){
// login with oauth // login with oauth
try { try {
$oauth = new ZotOAuth1(); $oauth = new ZotOAuth1();
$req = OAuthRequest::from_request(); $req = OAuth1Request::from_request();
list($consumer,$token) = $oauth->verify_request($req); list($consumer,$token) = $oauth->verify_request($req);

20
include/oauth.php
View File

@ -13,7 +13,7 @@ require_once("library/OAuth1.php");
//require_once("library/oauth2-php/lib/OAuth2.inc"); //require_once("library/oauth2-php/lib/OAuth2.inc");
class ZotOAuthDataStore extends OAuthDataStore { class ZotOAuth1DataStore extends OAuth1DataStore {
function gen_token(){ function gen_token(){
return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid()))); return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
@ -28,7 +28,7 @@ class ZotOAuthDataStore extends OAuthDataStore {
if($r) { if($r) {
get_app()->set_oauth_key($consumer_key); get_app()->set_oauth_key($consumer_key);
return new OAuthConsumer($r[0]['client_id'],$r[0]['pw'],$r[0]['redirect_uri']); return new OAuth1Consumer($r[0]['client_id'],$r[0]['pw'],$r[0]['redirect_uri']);
} }
return null; return null;
} }
@ -44,7 +44,7 @@ class ZotOAuthDataStore extends OAuthDataStore {
); );
if (count($r)){ if (count($r)){
$ot=new OAuthToken($r[0]['id'],$r[0]['secret']); $ot=new OAuth1Token($r[0]['id'],$r[0]['secret']);
$ot->scope=$r[0]['scope']; $ot->scope=$r[0]['scope'];
$ot->expires = $r[0]['expires']; $ot->expires = $r[0]['expires'];
$ot->uid = $r[0]['uid']; $ot->uid = $r[0]['uid'];
@ -62,7 +62,7 @@ class ZotOAuthDataStore extends OAuthDataStore {
); );
if (count($r)) if (count($r))
return new OAuthToken($r[0]['id'],$r[0]['secret']); return new OAuth1Token($r[0]['id'],$r[0]['secret']);
return null; return null;
} }
@ -88,7 +88,7 @@ class ZotOAuthDataStore extends OAuthDataStore {
if(! $r) if(! $r)
return null; return null;
return new OAuthToken($key,$sec); return new OAuth1Token($key,$sec);
} }
function new_access_token($token, $consumer, $verifier = null) { function new_access_token($token, $consumer, $verifier = null) {
@ -119,7 +119,7 @@ class ZotOAuthDataStore extends OAuthDataStore {
intval($uverifier)); intval($uverifier));
if ($r) if ($r)
$ret = new OAuthToken($key,$sec); $ret = new OAuth1Token($key,$sec);
} }
@ -138,12 +138,12 @@ class ZotOAuthDataStore extends OAuthDataStore {
} }
} }
class ZotOAuth1 extends OAuthServer { class ZotOAuth1 extends OAuth1Server {
function __construct() { function __construct() {
parent::__construct(new ZotOAuthDataStore()); parent::__construct(new ZotOAuth1DataStore());
$this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT()); $this->add_signature_method(new OAuth1SignatureMethod_PLAINTEXT());
$this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1()); $this->add_signature_method(new OAuth1SignatureMethod_HMAC_SHA1());
} }
function loginUser($uid){ function loginUser($uid){

118
library/OAuth1.php
View File

@ -3,11 +3,11 @@
/* Generic exception class /* Generic exception class
*/ */
class OAuthException extends Exception { class OAuth1Exception extends Exception {
// pass // pass
} }
class OAuthConsumer { class OAuth1Consumer {
public $key; public $key;
public $secret; public $secret;
@ -18,11 +18,11 @@ class OAuthConsumer {
} }
function __toString() { function __toString() {
return "OAuthConsumer[key=$this->key,secret=$this->secret]"; return "OAuth1Consumer[key=$this->key,secret=$this->secret]";
} }
} }
class OAuthToken { class OAuth1Token {
// access tokens and request tokens // access tokens and request tokens
public $key; public $key;
public $secret; public $secret;
@ -46,9 +46,9 @@ class OAuthToken {
*/ */
function to_string() { function to_string() {
return "oauth_token=" . return "oauth_token=" .
OAuthUtil::urlencode_rfc3986($this->key) . OAuth1Util::urlencode_rfc3986($this->key) .
"&oauth_token_secret=" . "&oauth_token_secret=" .
OAuthUtil::urlencode_rfc3986($this->secret); OAuth1Util::urlencode_rfc3986($this->secret);
} }
function __toString() { function __toString() {
@ -60,7 +60,7 @@ class OAuthToken {
* A class for implementing a Signature Method * A class for implementing a Signature Method
* See section 9 ("Signing Requests") in the spec * See section 9 ("Signing Requests") in the spec
*/ */
abstract class OAuthSignatureMethod { abstract class OAuth1SignatureMethod {
/** /**
* Needs to return the name of the Signature Method (ie HMAC-SHA1) * Needs to return the name of the Signature Method (ie HMAC-SHA1)
* @return string * @return string
@ -70,20 +70,20 @@ abstract class OAuthSignatureMethod {
/** /**
* Build up the signature * Build up the signature
* NOTE: The output of this function MUST NOT be urlencoded. * NOTE: The output of this function MUST NOT be urlencoded.
* the encoding is handled in OAuthRequest when the final * the encoding is handled in OAuth1Request when the final
* request is serialized * request is serialized
* @param OAuthRequest $request * @param OAuth1Request $request
* @param OAuthConsumer $consumer * @param OAuth1Consumer $consumer
* @param OAuthToken $token * @param OAuth1Token $token
* @return string * @return string
*/ */
abstract public function build_signature($request, $consumer, $token); abstract public function build_signature($request, $consumer, $token);
/** /**
* Verifies that a given signature is correct * Verifies that a given signature is correct
* @param OAuthRequest $request * @param OAuth1Request $request
* @param OAuthConsumer $consumer * @param OAuth1Consumer $consumer
* @param OAuthToken $token * @param OAuth1Token $token
* @param string $signature * @param string $signature
* @return bool * @return bool
*/ */
@ -101,7 +101,7 @@ abstract class OAuthSignatureMethod {
* character (ASCII code 38) even if empty. * character (ASCII code 38) even if empty.
* - Chapter 9.2 ("HMAC-SHA1") * - Chapter 9.2 ("HMAC-SHA1")
*/ */
class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { class OAuth1SignatureMethod_HMAC_SHA1 extends OAuth1SignatureMethod {
function get_name() { function get_name() {
return "HMAC-SHA1"; return "HMAC-SHA1";
} }
@ -115,7 +115,7 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
($token) ? $token->secret : "" ($token) ? $token->secret : ""
); );
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts); $key_parts = OAuth1Util::urlencode_rfc3986($key_parts);
$key = implode('&', $key_parts); $key = implode('&', $key_parts);
@ -129,7 +129,7 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
* over a secure channel such as HTTPS. It does not use the Signature Base String. * over a secure channel such as HTTPS. It does not use the Signature Base String.
* - Chapter 9.4 ("PLAINTEXT") * - Chapter 9.4 ("PLAINTEXT")
*/ */
class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod { class OAuth1SignatureMethod_PLAINTEXT extends OAuth1SignatureMethod {
public function get_name() { public function get_name() {
return "PLAINTEXT"; return "PLAINTEXT";
} }
@ -141,7 +141,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
* - Chapter 9.4.1 ("Generating Signatures") * - Chapter 9.4.1 ("Generating Signatures")
* *
* Please note that the second encoding MUST NOT happen in the SignatureMethod, as * Please note that the second encoding MUST NOT happen in the SignatureMethod, as
* OAuthRequest handles this! * OAuth1Request handles this!
*/ */
public function build_signature($request, $consumer, $token) { public function build_signature($request, $consumer, $token) {
$key_parts = array( $key_parts = array(
@ -149,7 +149,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
($token) ? $token->secret : "" ($token) ? $token->secret : ""
); );
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts); $key_parts = OAuth1Util::urlencode_rfc3986($key_parts);
$key = implode('&', $key_parts); $key = implode('&', $key_parts);
$request->base_string = $key; $request->base_string = $key;
@ -165,7 +165,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
* specification. * specification.
* - Chapter 9.3 ("RSA-SHA1") * - Chapter 9.3 ("RSA-SHA1")
*/ */
abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod { abstract class OAuth1SignatureMethod_RSA_SHA1 extends OAuth1SignatureMethod {
public function get_name() { public function get_name() {
return "RSA-SHA1"; return "RSA-SHA1";
} }
@ -224,7 +224,7 @@ abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod {
} }
} }
class OAuthRequest { class OAuth1Request {
private $parameters; private $parameters;
private $http_method; private $http_method;
private $http_url; private $http_url;
@ -235,7 +235,7 @@ class OAuthRequest {
function __construct($http_method, $http_url, $parameters=NULL) { function __construct($http_method, $http_url, $parameters=NULL) {
@$parameters or $parameters = array(); @$parameters or $parameters = array();
$parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters); $parameters = array_merge( OAuth1Util::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
$this->parameters = $parameters; $this->parameters = $parameters;
$this->http_method = $http_method; $this->http_method = $http_method;
$this->http_url = $http_url; $this->http_url = $http_url;
@ -262,10 +262,10 @@ class OAuthRequest {
// parsed parameter-list // parsed parameter-list
if (!$parameters) { if (!$parameters) {
// Find request headers // Find request headers
$request_headers = OAuthUtil::get_headers(); $request_headers = OAuth1Util::get_headers();
// Parse the query-string to find GET parameters // Parse the query-string to find GET parameters
$parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']); $parameters = OAuth1Util::parse_parameters($_SERVER['QUERY_STRING']);
// It's a POST request of the proper content-type, so parse POST // It's a POST request of the proper content-type, so parse POST
// parameters and add those overriding any duplicates from GET // parameters and add those overriding any duplicates from GET
@ -274,7 +274,7 @@ class OAuthRequest {
"application/x-www-form-urlencoded") "application/x-www-form-urlencoded")
) { ) {
$post_data = OAuthUtil::parse_parameters( $post_data = OAuth1Util::parse_parameters(
file_get_contents(self::$POST_INPUT) file_get_contents(self::$POST_INPUT)
); );
$parameters = array_merge($parameters, $post_data); $parameters = array_merge($parameters, $post_data);
@ -283,7 +283,7 @@ class OAuthRequest {
// We have a Authorization-header with OAuth data. Parse the header // We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST // and add those overriding any duplicates from GET or POST
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") { if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header( $header_parameters = OAuth1Util::split_header(
$request_headers['Authorization'] $request_headers['Authorization']
); );
$parameters = array_merge($parameters, $header_parameters); $parameters = array_merge($parameters, $header_parameters);
@ -296,7 +296,7 @@ class OAuthRequest {
$http_url = substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q'])); $http_url = substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q']));
unset( $parameters['q'] ); unset( $parameters['q'] );
return new OAuthRequest($http_method, $http_url, $parameters); return new OAuth1Request($http_method, $http_url, $parameters);
} }
/** /**
@ -304,16 +304,16 @@ class OAuthRequest {
*/ */
public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) { public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
@$parameters or $parameters = array(); @$parameters or $parameters = array();
$defaults = array("oauth_version" => OAuthRequest::$version, $defaults = array("oauth_version" => OAuth1Request::$version,
"oauth_nonce" => OAuthRequest::generate_nonce(), "oauth_nonce" => OAuth1Request::generate_nonce(),
"oauth_timestamp" => OAuthRequest::generate_timestamp(), "oauth_timestamp" => OAuth1Request::generate_timestamp(),
"oauth_consumer_key" => $consumer->key); "oauth_consumer_key" => $consumer->key);
if ($token) if ($token)
$defaults['oauth_token'] = $token->key; $defaults['oauth_token'] = $token->key;
$parameters = array_merge($defaults, $parameters); $parameters = array_merge($defaults, $parameters);
return new OAuthRequest($http_method, $http_url, $parameters); return new OAuth1Request($http_method, $http_url, $parameters);
} }
public function set_parameter($name, $value, $allow_duplicates = true) { public function set_parameter($name, $value, $allow_duplicates = true) {
@ -357,7 +357,7 @@ class OAuthRequest {
unset($params['oauth_signature']); unset($params['oauth_signature']);
} }
return OAuthUtil::build_http_query($params); return OAuth1Util::build_http_query($params);
} }
/** /**
@ -374,7 +374,7 @@ class OAuthRequest {
$this->get_signable_parameters() $this->get_signable_parameters()
); );
$parts = OAuthUtil::urlencode_rfc3986($parts); $parts = OAuth1Util::urlencode_rfc3986($parts);
return implode('&', $parts); return implode('&', $parts);
} }
@ -423,7 +423,7 @@ class OAuthRequest {
* builds the data one would send in a POST request * builds the data one would send in a POST request
*/ */
public function to_postdata() { public function to_postdata() {
return OAuthUtil::build_http_query($this->parameters); return OAuth1Util::build_http_query($this->parameters);
} }
/** /**
@ -432,7 +432,7 @@ class OAuthRequest {
public function to_header($realm=null) { public function to_header($realm=null) {
$first = true; $first = true;
if($realm) { if($realm) {
$out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"'; $out = 'Authorization: OAuth realm="' . OAuth1Util::urlencode_rfc3986($realm) . '"';
$first = false; $first = false;
} else } else
$out = 'Authorization: OAuth'; $out = 'Authorization: OAuth';
@ -441,12 +441,12 @@ class OAuthRequest {
foreach ($this->parameters as $k => $v) { foreach ($this->parameters as $k => $v) {
if (substr($k, 0, 5) != "oauth") continue; if (substr($k, 0, 5) != "oauth") continue;
if (is_array($v)) { if (is_array($v)) {
throw new OAuthException('Arrays not supported in headers'); throw new OAuth1Exception('Arrays not supported in headers');
} }
$out .= ($first) ? ' ' : ','; $out .= ($first) ? ' ' : ',';
$out .= OAuthUtil::urlencode_rfc3986($k) . $out .= OAuth1Util::urlencode_rfc3986($k) .
'="' . '="' .
OAuthUtil::urlencode_rfc3986($v) . OAuth1Util::urlencode_rfc3986($v) .
'"'; '"';
$first = false; $first = false;
} }
@ -491,7 +491,7 @@ class OAuthRequest {
} }
} }
class OAuthServer { class OAuth1Server {
protected $timestamp_threshold = 300; // in seconds, five minutes protected $timestamp_threshold = 300; // in seconds, five minutes
protected $version = '1.0'; // hi blaine protected $version = '1.0'; // hi blaine
protected $signature_methods = array(); protected $signature_methods = array();
@ -572,7 +572,7 @@ class OAuthServer {
$version = '1.0'; $version = '1.0';
} }
if ($version !== $this->version) { if ($version !== $this->version) {
throw new OAuthException("OAuth version '$version' not supported"); throw new OAuth1Exception("OAuth1 version '$version' not supported");
} }
return $version; return $version;
} }
@ -587,12 +587,12 @@ class OAuthServer {
if (!$signature_method) { if (!$signature_method) {
// According to chapter 7 ("Accessing Protected Ressources") the signature-method // According to chapter 7 ("Accessing Protected Ressources") the signature-method
// parameter is required, and we can't just fallback to PLAINTEXT // parameter is required, and we can't just fallback to PLAINTEXT
throw new OAuthException('No signature method parameter. This parameter is required'); throw new OAuth1Exception('No signature method parameter. This parameter is required');
} }
if (!in_array($signature_method, if (!in_array($signature_method,
array_keys($this->signature_methods))) { array_keys($this->signature_methods))) {
throw new OAuthException( throw new OAuth1Exception(
"Signature method '$signature_method' not supported " . "Signature method '$signature_method' not supported " .
"try one of the following: " . "try one of the following: " .
implode(", ", array_keys($this->signature_methods)) implode(", ", array_keys($this->signature_methods))
@ -607,12 +607,12 @@ class OAuthServer {
private function get_consumer(&$request) { private function get_consumer(&$request) {
$consumer_key = @$request->get_parameter("oauth_consumer_key"); $consumer_key = @$request->get_parameter("oauth_consumer_key");
if (!$consumer_key) { if (!$consumer_key) {
throw new OAuthException("Invalid consumer key"); throw new OAuth1Exception("Invalid consumer key");
} }
$consumer = $this->data_store->lookup_consumer($consumer_key); $consumer = $this->data_store->lookup_consumer($consumer_key);
if (!$consumer) { if (!$consumer) {
throw new OAuthException("Invalid consumer"); throw new OAuth1Exception("Invalid consumer");
} }
return $consumer; return $consumer;
@ -627,7 +627,7 @@ class OAuthServer {
$consumer, $token_type, $token_field $consumer, $token_type, $token_field
); );
if (!$token) { if (!$token) {
throw new OAuthException("Invalid $token_type token: $token_field"); throw new OAuth1Exception("Invalid $token_type token: $token_field");
} }
return $token; return $token;
} }
@ -656,7 +656,7 @@ class OAuthServer {
if (!$valid_sig) { if (!$valid_sig) {
throw new OAuthException("Invalid signature"); throw new OAuth1Exception("Invalid signature");
} }
} }
@ -665,14 +665,14 @@ class OAuthServer {
*/ */
private function check_timestamp($timestamp) { private function check_timestamp($timestamp) {
if( ! $timestamp ) if( ! $timestamp )
throw new OAuthException( throw new OAuth1Exception(
'Missing timestamp parameter. The parameter is required' 'Missing timestamp parameter. The parameter is required'
); );
// verify that timestamp is recentish // verify that timestamp is recentish
$now = time(); $now = time();
if (abs($now - $timestamp) > $this->timestamp_threshold) { if (abs($now - $timestamp) > $this->timestamp_threshold) {
throw new OAuthException( throw new OAuth1Exception(
"Expired timestamp, yours $timestamp, ours $now" "Expired timestamp, yours $timestamp, ours $now"
); );
} }
@ -683,7 +683,7 @@ class OAuthServer {
*/ */
private function check_nonce($consumer, $token, $nonce, $timestamp) { private function check_nonce($consumer, $token, $nonce, $timestamp) {
if( ! $nonce ) if( ! $nonce )
throw new OAuthException( throw new OAuth1Exception(
'Missing nonce parameter. The parameter is required' 'Missing nonce parameter. The parameter is required'
); );
@ -695,13 +695,13 @@ class OAuthServer {
$timestamp $timestamp
); );
if ($found) { if ($found) {
throw new OAuthException("Nonce already used: $nonce"); throw new OAuth1Exception("Nonce already used: $nonce");
} }
} }
} }
class OAuthDataStore { class OAuth1DataStore {
function lookup_consumer($consumer_key) { function lookup_consumer($consumer_key) {
// implement me // implement me
} }
@ -727,10 +727,10 @@ class OAuthDataStore {
} }
class OAuthUtil { class OAuth1Util {
public static function urlencode_rfc3986($input) { public static function urlencode_rfc3986($input) {
if (is_array($input)) { if (is_array($input)) {
return array_map(array('OAuthUtil', 'urlencode_rfc3986'), $input); return array_map(array('OAuth1Util', 'urlencode_rfc3986'), $input);
} else if (is_scalar($input)) { } else if (is_scalar($input)) {
return str_replace( return str_replace(
'+', '+',
@ -762,7 +762,7 @@ class OAuthUtil {
$header_name = $matches[2][0]; $header_name = $matches[2][0];
$header_content = (isset($matches[5])) ? $matches[5][0] : $matches[4][0]; $header_content = (isset($matches[5])) ? $matches[5][0] : $matches[4][0];
if (preg_match('/^oauth_/', $header_name) || !$only_allow_oauth_parameters) { if (preg_match('/^oauth_/', $header_name) || !$only_allow_oauth_parameters) {
$params[$header_name] = OAuthUtil::urldecode_rfc3986($header_content); $params[$header_name] = OAuth1Util::urldecode_rfc3986($header_content);
} }
$offset = $match[1] + strlen($match[0]); $offset = $match[1] + strlen($match[0]);
} }
@ -834,8 +834,8 @@ class OAuthUtil {
$parsed_parameters = array(); $parsed_parameters = array();
foreach ($pairs as $pair) { foreach ($pairs as $pair) {
$split = explode('=', $pair, 2); $split = explode('=', $pair, 2);
$parameter = OAuthUtil::urldecode_rfc3986($split[0]); $parameter = OAuth1Util::urldecode_rfc3986($split[0]);
$value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : ''; $value = isset($split[1]) ? OAuth1Util::urldecode_rfc3986($split[1]) : '';
if (isset($parsed_parameters[$parameter])) { if (isset($parsed_parameters[$parameter])) {
// We have already recieved parameter(s) with this name, so add to the list // We have already recieved parameter(s) with this name, so add to the list
@ -859,8 +859,8 @@ class OAuthUtil {
if (!$params) return ''; if (!$params) return '';
// Urlencode both keys and values // Urlencode both keys and values
$keys = OAuthUtil::urlencode_rfc3986(array_keys($params)); $keys = OAuth1Util::urlencode_rfc3986(array_keys($params));
$values = OAuthUtil::urlencode_rfc3986(array_values($params)); $values = OAuth1Util::urlencode_rfc3986(array_values($params));
$params = array_combine($keys, $values); $params = array_combine($keys, $values);
// Parameters are sorted by name, using lexicographical byte value ordering. // Parameters are sorted by name, using lexicographical byte value ordering.
@ -885,5 +885,3 @@ class OAuthUtil {
return implode('&', $pairs); return implode('&', $pairs);
} }
} }
?>

24
library/twitteroauth.php
View File

@ -6,8 +6,8 @@
* The first PHP Library to support OAuth for Twitter's REST API. * The first PHP Library to support OAuth for Twitter's REST API.
*/ */
/* Load OAuth lib. You can find it at http://oauth.net */ /* Load OAuth1 lib. You can find it at http://oauth.net */
if(!class_exists('OAuthException')) if(!class_exists('OAuth1Exception'))
require_once('library/OAuth1.php'); require_once('library/OAuth1.php');
/** /**
@ -58,10 +58,10 @@ class TwitterOAuth {
* construct TwitterOAuth object * construct TwitterOAuth object
*/ */
function __construct($consumer_key, $consumer_secret, $oauth_token = NULL, $oauth_token_secret = NULL) { function __construct($consumer_key, $consumer_secret, $oauth_token = NULL, $oauth_token_secret = NULL) {
$this->sha1_method = new OAuthSignatureMethod_HMAC_SHA1(); $this->sha1_method = new OAuth1SignatureMethod_HMAC_SHA1();
$this->consumer = new OAuthConsumer($consumer_key, $consumer_secret); $this->consumer = new OAuth1Consumer($consumer_key, $consumer_secret);
if (!empty($oauth_token) && !empty($oauth_token_secret)) { if (!empty($oauth_token) && !empty($oauth_token_secret)) {
$this->token = new OAuthConsumer($oauth_token, $oauth_token_secret); $this->token = new OAuth1Consumer($oauth_token, $oauth_token_secret);
} else { } else {
$this->token = NULL; $this->token = NULL;
} }
@ -79,8 +79,8 @@ class TwitterOAuth {
$parameters['oauth_callback'] = $oauth_callback; $parameters['oauth_callback'] = $oauth_callback;
} }
$request = $this->oAuthRequest($this->requestTokenURL(), 'GET', $parameters); $request = $this->oAuthRequest($this->requestTokenURL(), 'GET', $parameters);
$token = OAuthUtil::parse_parameters($request); $token = OAuth1Util::parse_parameters($request);
$this->token = new OAuthConsumer($token['oauth_token'], $token['oauth_token_secret']); $this->token = new OAuth1Consumer($token['oauth_token'], $token['oauth_token_secret']);
return $token; return $token;
} }
@ -115,8 +115,8 @@ class TwitterOAuth {
$parameters['oauth_verifier'] = $oauth_verifier; $parameters['oauth_verifier'] = $oauth_verifier;
} }
$request = $this->oAuthRequest($this->accessTokenURL(), 'GET', $parameters); $request = $this->oAuthRequest($this->accessTokenURL(), 'GET', $parameters);
$token = OAuthUtil::parse_parameters($request); $token = OAuth1Util::parse_parameters($request);
$this->token = new OAuthConsumer($token['oauth_token'], $token['oauth_token_secret']); $this->token = new OAuth1Consumer($token['oauth_token'], $token['oauth_token_secret']);
return $token; return $token;
} }
@ -135,8 +135,8 @@ class TwitterOAuth {
$parameters['x_auth_password'] = $password; $parameters['x_auth_password'] = $password;
$parameters['x_auth_mode'] = 'client_auth'; $parameters['x_auth_mode'] = 'client_auth';
$request = $this->oAuthRequest($this->accessTokenURL(), 'POST', $parameters); $request = $this->oAuthRequest($this->accessTokenURL(), 'POST', $parameters);
$token = OAuthUtil::parse_parameters($request); $token = OAuth1Util::parse_parameters($request);
$this->token = new OAuthConsumer($token['oauth_token'], $token['oauth_token_secret']); $this->token = new OAuth1Consumer($token['oauth_token'], $token['oauth_token_secret']);
return $token; return $token;
} }
@ -180,7 +180,7 @@ class TwitterOAuth {
if (strrpos($url, 'https://') !== 0 && strrpos($url, 'http://') !== 0) { if (strrpos($url, 'https://') !== 0 && strrpos($url, 'http://') !== 0) {
$url = "{$this->host}{$url}.{$this->format}"; $url = "{$this->host}{$url}.{$this->format}";
} }
$request = OAuthRequest::from_consumer_and_token($this->consumer, $this->token, $method, $url, $parameters); $request = OAuth1Request::from_consumer_and_token($this->consumer, $this->token, $method, $url, $parameters);
$request->sign_request($this->sha1_method, $this->consumer, $this->token); $request->sign_request($this->sha1_method, $this->consumer, $this->token);
switch ($method) { switch ($method) {
case 'GET': case 'GET':

22
mod/api.php
View File

@ -35,42 +35,40 @@ function api_post(&$a) {
} }
function api_content(&$a) { function api_content(&$a) {
if ($a->cmd=='api/oauth/authorize'){ if($a->cmd=='api/oauth/authorize'){
/* /*
* api/oauth/authorize interact with the user. return a standard page * api/oauth/authorize interact with the user. return a standard page
*/ */
$a->page['template'] = "minimal"; $a->page['template'] = "minimal";
// get consumer/client from request token // get consumer/client from request token
try { try {
$request = OAuthRequest::from_request(); $request = OAuth1Request::from_request();
} catch(Exception $e) { } catch(Exception $e) {
echo "<pre>"; var_dump($e); killme(); echo "<pre>"; var_dump($e); killme();
} }
if (x($_POST,'oauth_yes')){ if(x($_POST,'oauth_yes')){
$app = oauth_get_client($request); $app = oauth_get_client($request);
if (is_null($app)) return "Invalid request. Unknown token."; if (is_null($app)) return "Invalid request. Unknown token.";
$consumer = new OAuthConsumer($app['client_id'], $app['pw'], $app['redirect_uri']); $consumer = new OAuth1Consumer($app['client_id'], $app['pw'], $app['redirect_uri']);
$verifier = md5($app['secret'].local_channel()); $verifier = md5($app['secret'].local_channel());
set_config("oauth", $verifier, local_channel()); set_config("oauth", $verifier, local_channel());
if ($consumer->callback_url!=null) { if($consumer->callback_url!=null) {
$params = $request->get_parameters(); $params = $request->get_parameters();
$glue="?"; $glue="?";
if (strstr($consumer->callback_url,$glue)) $glue="?"; if (strstr($consumer->callback_url,$glue)) $glue="?";
goaway($consumer->callback_url.$glue."oauth_token=".OAuthUtil::urlencode_rfc3986($params['oauth_token'])."&oauth_verifier=".OAuthUtil::urlencode_rfc3986($verifier)); goaway($consumer->callback_url . $glue . "oauth_token=" . OAuth1Util::urlencode_rfc3986($params['oauth_token']) . "&oauth_verifier=" . OAuth1Util::urlencode_rfc3986($verifier));
killme(); killme();
} }
$tpl = get_markup_template("oauth_authorize_done.tpl"); $tpl = get_markup_template("oauth_authorize_done.tpl");
$o = replace_macros($tpl, array( $o = replace_macros($tpl, array(
'$title' => t('Authorize application connection'), '$title' => t('Authorize application connection'),
@ -79,8 +77,6 @@ function api_content(&$a) {
)); ));
return $o; return $o;
} }

2
version.inc
View File

@ -1 +1 @@
2015-12-11.1243 2015-12-13.1245