175 lines
5.7 KiB
PHP
175 lines
5.7 KiB
PHP
<?php
|
|
|
|
/**
|
|
* HybridAuth
|
|
* http://hybridauth.sourceforge.net | http://github.com/hybridauth/hybridauth
|
|
* (c) 2009-2015, HybridAuth authors | http://hybridauth.sourceforge.net/licenses.html
|
|
*/
|
|
|
|
/**
|
|
* To implement an OAuth 1 based service provider, Hybrid_Provider_Model_OAuth1
|
|
* can be used to save the hassle of the authentication flow.
|
|
*
|
|
* Each class that inherit from Hybrid_Provider_Model_OAuth1 have to implement
|
|
* at least 2 methods:
|
|
* Hybrid_Providers_{provider_name}::initialize() to setup the provider api end-points urls
|
|
* Hybrid_Providers_{provider_name}::getUserProfile() to grab the user profile
|
|
*
|
|
* Hybrid_Provider_Model_OAuth1 use OAuth1Client v0.1 which can be found on
|
|
* Hybrid/thirdparty/OAuth/OAuth1Client.php
|
|
*/
|
|
class Hybrid_Provider_Model_OAuth1 extends Hybrid_Provider_Model {
|
|
|
|
/**
|
|
* Provider API client
|
|
* @var OAuth1Client
|
|
*/
|
|
public $api = null;
|
|
|
|
/**
|
|
* Request_tokens as received from provider
|
|
* @var stdClas
|
|
*/
|
|
public $request_tokens_raw = null;
|
|
|
|
/**
|
|
* Access_tokens as received from provider
|
|
* @var stdClass
|
|
*/
|
|
public $access_tokens_raw = null;
|
|
|
|
/**
|
|
* Try to get the error message from provider api
|
|
*
|
|
* @param int $code Error code
|
|
* @return string
|
|
*/
|
|
function errorMessageByStatus($code = null) {
|
|
$http_status_codes = array(
|
|
200 => "OK: Success!",
|
|
304 => "Not Modified: There was no new data to return.",
|
|
400 => "Bad Request: The request was invalid.",
|
|
401 => "Unauthorized.",
|
|
403 => "Forbidden: The request is understood, but it has been refused.",
|
|
404 => "Not Found: The URI requested is invalid or the resource requested does not exists.",
|
|
406 => "Not Acceptable.",
|
|
500 => "Internal Server Error: Something is broken.",
|
|
502 => "Bad Gateway.",
|
|
503 => "Service Unavailable."
|
|
);
|
|
|
|
if (!$code && $this->api) {
|
|
$code = $this->api->http_code;
|
|
}
|
|
|
|
if (isset($http_status_codes[$code])) {
|
|
return $code . " " . $http_status_codes[$code];
|
|
}
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
function initialize() {
|
|
// 1 - check application credentials
|
|
if (!$this->config["keys"]["key"] || !$this->config["keys"]["secret"]) {
|
|
throw new Exception("Your application key and secret are required in order to connect to {$this->providerId}.", 4);
|
|
}
|
|
|
|
// 2 - include OAuth lib and client
|
|
if (! class_exists('OAuthConsumer') ) {
|
|
require_once Hybrid_Auth::$config["path_libraries"] . "OAuth/OAuth.php";
|
|
}
|
|
require_once Hybrid_Auth::$config["path_libraries"] . "OAuth/OAuth1Client.php";
|
|
|
|
// 3.1 - setup access_token if any stored
|
|
if ($this->token("access_token")) {
|
|
$this->api = new OAuth1Client(
|
|
$this->config["keys"]["key"], $this->config["keys"]["secret"], $this->token("access_token"), $this->token("access_token_secret")
|
|
);
|
|
}
|
|
|
|
// 3.2 - setup request_token if any stored, in order to exchange with an access token
|
|
elseif ($this->token("request_token")) {
|
|
$this->api = new OAuth1Client(
|
|
$this->config["keys"]["key"], $this->config["keys"]["secret"], $this->token("request_token"), $this->token("request_token_secret")
|
|
);
|
|
}
|
|
|
|
// 3.3 - instanciate OAuth client with client credentials
|
|
else {
|
|
$this->api = new OAuth1Client($this->config["keys"]["key"], $this->config["keys"]["secret"]);
|
|
}
|
|
|
|
// Set curl proxy if exist
|
|
if (isset(Hybrid_Auth::$config["proxy"])) {
|
|
$this->api->curl_proxy = Hybrid_Auth::$config["proxy"];
|
|
}
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
function loginBegin() {
|
|
$tokens = $this->api->requestToken($this->endpoint);
|
|
|
|
// request tokens as received from provider
|
|
$this->request_tokens_raw = $tokens;
|
|
|
|
// check the last HTTP status code returned
|
|
if ($this->api->http_code != 200) {
|
|
throw new Exception("Authentication failed! {$this->providerId} returned an error. " . $this->errorMessageByStatus($this->api->http_code), 5);
|
|
}
|
|
|
|
if (!isset($tokens["oauth_token"])) {
|
|
throw new Exception("Authentication failed! {$this->providerId} returned an invalid oauth token.", 5);
|
|
}
|
|
|
|
$this->token("request_token", $tokens["oauth_token"]);
|
|
$this->token("request_token_secret", $tokens["oauth_token_secret"]);
|
|
|
|
# redirect the user to the provider authentication url
|
|
Hybrid_Auth::redirect($this->api->authorizeUrl($tokens));
|
|
}
|
|
|
|
/**
|
|
* {@inheritdoc}
|
|
*/
|
|
function loginFinish() {
|
|
$oauth_token = (array_key_exists('oauth_token', $_REQUEST)) ? $_REQUEST['oauth_token'] : "";
|
|
$oauth_verifier = (array_key_exists('oauth_verifier', $_REQUEST)) ? $_REQUEST['oauth_verifier'] : "";
|
|
|
|
if (!$oauth_token || !$oauth_verifier) {
|
|
throw new Exception("Authentication failed! {$this->providerId} returned an invalid oauth verifier.", 5);
|
|
}
|
|
|
|
// request an access token
|
|
$tokens = $this->api->accessToken($oauth_verifier);
|
|
|
|
// access tokens as received from provider
|
|
$this->access_tokens_raw = $tokens;
|
|
|
|
// check the last HTTP status code returned
|
|
if ($this->api->http_code != 200) {
|
|
throw new Exception("Authentication failed! {$this->providerId} returned an error. " . $this->errorMessageByStatus($this->api->http_code), 5);
|
|
}
|
|
|
|
// we should have an access_token, or else, something has gone wrong
|
|
if (!isset($tokens["oauth_token"])) {
|
|
throw new Exception("Authentication failed! {$this->providerId} returned an invalid access token.", 5);
|
|
}
|
|
|
|
// we no more need to store request tokens
|
|
$this->deleteToken("request_token");
|
|
$this->deleteToken("request_token_secret");
|
|
|
|
// store access_token for later user
|
|
$this->token("access_token", $tokens['oauth_token']);
|
|
$this->token("access_token_secret", $tokens['oauth_token_secret']);
|
|
|
|
// set user as logged in to the current provider
|
|
$this->setUserConnected();
|
|
}
|
|
|
|
}
|