milfs/librerias/hybridauth/Hybrid/Provider_Model_OAuth1.php

175 lines
5.7 KiB
PHP
Raw Permalink Normal View History

<?php
/**
* HybridAuth
* http://hybridauth.sourceforge.net | http://github.com/hybridauth/hybridauth
* (c) 2009-2015, HybridAuth authors | http://hybridauth.sourceforge.net/licenses.html
*/
/**
* To implement an OAuth 1 based service provider, Hybrid_Provider_Model_OAuth1
* can be used to save the hassle of the authentication flow.
*
* Each class that inherit from Hybrid_Provider_Model_OAuth1 have to implement
* at least 2 methods:
* Hybrid_Providers_{provider_name}::initialize() to setup the provider api end-points urls
* Hybrid_Providers_{provider_name}::getUserProfile() to grab the user profile
*
* Hybrid_Provider_Model_OAuth1 use OAuth1Client v0.1 which can be found on
* Hybrid/thirdparty/OAuth/OAuth1Client.php
*/
class Hybrid_Provider_Model_OAuth1 extends Hybrid_Provider_Model {
/**
* Provider API client
* @var OAuth1Client
*/
public $api = null;
/**
* Request_tokens as received from provider
* @var stdClas
*/
public $request_tokens_raw = null;
/**
* Access_tokens as received from provider
* @var stdClass
*/
public $access_tokens_raw = null;
/**
* Try to get the error message from provider api
*
* @param int $code Error code
* @return string
*/
function errorMessageByStatus($code = null) {
$http_status_codes = array(
200 => "OK: Success!",
304 => "Not Modified: There was no new data to return.",
400 => "Bad Request: The request was invalid.",
401 => "Unauthorized.",
403 => "Forbidden: The request is understood, but it has been refused.",
404 => "Not Found: The URI requested is invalid or the resource requested does not exists.",
406 => "Not Acceptable.",
500 => "Internal Server Error: Something is broken.",
502 => "Bad Gateway.",
503 => "Service Unavailable."
);
if (!$code && $this->api) {
$code = $this->api->http_code;
}
if (isset($http_status_codes[$code])) {
return $code . " " . $http_status_codes[$code];
}
}
/**
* {@inheritdoc}
*/
function initialize() {
// 1 - check application credentials
if (!$this->config["keys"]["key"] || !$this->config["keys"]["secret"]) {
throw new Exception("Your application key and secret are required in order to connect to {$this->providerId}.", 4);
}
// 2 - include OAuth lib and client
if (! class_exists('OAuthConsumer') ) {
require_once Hybrid_Auth::$config["path_libraries"] . "OAuth/OAuth.php";
}
require_once Hybrid_Auth::$config["path_libraries"] . "OAuth/OAuth1Client.php";
// 3.1 - setup access_token if any stored
if ($this->token("access_token")) {
$this->api = new OAuth1Client(
$this->config["keys"]["key"], $this->config["keys"]["secret"], $this->token("access_token"), $this->token("access_token_secret")
);
}
// 3.2 - setup request_token if any stored, in order to exchange with an access token
elseif ($this->token("request_token")) {
$this->api = new OAuth1Client(
$this->config["keys"]["key"], $this->config["keys"]["secret"], $this->token("request_token"), $this->token("request_token_secret")
);
}
// 3.3 - instanciate OAuth client with client credentials
else {
$this->api = new OAuth1Client($this->config["keys"]["key"], $this->config["keys"]["secret"]);
}
// Set curl proxy if exist
if (isset(Hybrid_Auth::$config["proxy"])) {
$this->api->curl_proxy = Hybrid_Auth::$config["proxy"];
}
}
/**
* {@inheritdoc}
*/
function loginBegin() {
$tokens = $this->api->requestToken($this->endpoint);
// request tokens as received from provider
$this->request_tokens_raw = $tokens;
// check the last HTTP status code returned
if ($this->api->http_code != 200) {
throw new Exception("Authentication failed! {$this->providerId} returned an error. " . $this->errorMessageByStatus($this->api->http_code), 5);
}
if (!isset($tokens["oauth_token"])) {
throw new Exception("Authentication failed! {$this->providerId} returned an invalid oauth token.", 5);
}
$this->token("request_token", $tokens["oauth_token"]);
$this->token("request_token_secret", $tokens["oauth_token_secret"]);
# redirect the user to the provider authentication url
Hybrid_Auth::redirect($this->api->authorizeUrl($tokens));
}
/**
* {@inheritdoc}
*/
function loginFinish() {
$oauth_token = (array_key_exists('oauth_token', $_REQUEST)) ? $_REQUEST['oauth_token'] : "";
$oauth_verifier = (array_key_exists('oauth_verifier', $_REQUEST)) ? $_REQUEST['oauth_verifier'] : "";
if (!$oauth_token || !$oauth_verifier) {
throw new Exception("Authentication failed! {$this->providerId} returned an invalid oauth verifier.", 5);
}
// request an access token
$tokens = $this->api->accessToken($oauth_verifier);
// access tokens as received from provider
$this->access_tokens_raw = $tokens;
// check the last HTTP status code returned
if ($this->api->http_code != 200) {
throw new Exception("Authentication failed! {$this->providerId} returned an error. " . $this->errorMessageByStatus($this->api->http_code), 5);
}
// we should have an access_token, or else, something has gone wrong
if (!isset($tokens["oauth_token"])) {
throw new Exception("Authentication failed! {$this->providerId} returned an invalid access token.", 5);
}
// we no more need to store request tokens
$this->deleteToken("request_token");
$this->deleteToken("request_token_secret");
// store access_token for later user
$this->token("access_token", $tokens['oauth_token']);
$this->token("access_token_secret", $tokens['oauth_token_secret']);
// set user as logged in to the current provider
$this->setUserConnected();
}
}