summaryrefslogtreecommitdiff
path: root/plugins/TwitterBridge
diff options
context:
space:
mode:
authorZach Copley <zach@status.net>2010-02-16 06:12:08 +0000
committerZach Copley <zach@status.net>2010-02-16 06:12:08 +0000
commitf414544d0d289df2c103d9b16400e1ed91d35e91 (patch)
tree9ad75a2b90c3a56932d05bc04b98468471f97678 /plugins/TwitterBridge
parent0ba375917129eaee2608203ed532efb3b9db879c (diff)
Upgrade Twitter bridge to use OAuth 1.0a. It's more secure, and allows
us to automatically send in a callback url instead of having to manually configure one for each StatusNet instance.
Diffstat (limited to 'plugins/TwitterBridge')
-rw-r--r--plugins/TwitterBridge/twitterauthorization.php10
-rw-r--r--plugins/TwitterBridge/twitteroauthclient.php28
2 files changed, 33 insertions, 5 deletions
diff --git a/plugins/TwitterBridge/twitterauthorization.php b/plugins/TwitterBridge/twitterauthorization.php
index 6822d33dd..c154932bb 100644
--- a/plugins/TwitterBridge/twitterauthorization.php
+++ b/plugins/TwitterBridge/twitterauthorization.php
@@ -56,6 +56,7 @@ class TwitterauthorizationAction extends Action
var $tw_fields = null;
var $access_token = null;
var $signin = null;
+ var $verifier = null;
/**
* Initialize class members. Looks for 'oauth_token' parameter.
@@ -70,6 +71,7 @@ class TwitterauthorizationAction extends Action
$this->signin = $this->boolean('signin');
$this->oauth_token = $this->arg('oauth_token');
+ $this->verifier = $this->arg('oauth_verifier');
return true;
}
@@ -160,8 +162,7 @@ class TwitterauthorizationAction extends Action
// Get a new request token and authorize it
$client = new TwitterOAuthClient();
- $req_tok =
- $client->getRequestToken(TwitterOAuthClient::$requestTokenURL);
+ $req_tok = $client->getRequestToken();
// Sock the request token away in the session temporarily
@@ -171,7 +172,7 @@ class TwitterauthorizationAction extends Action
$auth_link = $client->getAuthorizeLink($req_tok, $this->signin);
} catch (OAuthClientException $e) {
- $msg = sprintf('OAuth client cURL error - code: %1s, msg: %2s',
+ $msg = sprintf('OAuth client error - code: %1s, msg: %2s',
$e->getCode(), $e->getMessage());
$this->serverError(_m('Couldn\'t link your Twitter account.'));
}
@@ -187,7 +188,6 @@ class TwitterauthorizationAction extends Action
*/
function saveAccessToken()
{
-
// Check to make sure Twitter returned the same request
// token we sent them
@@ -204,7 +204,7 @@ class TwitterauthorizationAction extends Action
// Exchange the request token for an access token
- $atok = $client->getAccessToken(TwitterOAuthClient::$accessTokenURL);
+ $atok = $client->getAccessToken($this->verifier);
// Test the access token and get the user's Twitter info
diff --git a/plugins/TwitterBridge/twitteroauthclient.php b/plugins/TwitterBridge/twitteroauthclient.php
index 277e7ab40..ba45b533d 100644
--- a/plugins/TwitterBridge/twitteroauthclient.php
+++ b/plugins/TwitterBridge/twitteroauthclient.php
@@ -92,6 +92,19 @@ class TwitterOAuthClient extends OAuthClient
}
/**
+ * Gets a request token from Twitter
+ *
+ * @return OAuthToken $token the request token
+ */
+ function getRequestToken()
+ {
+ return parent::getRequestToken(
+ self::$requestTokenURL,
+ common_local_url('twitterauthorization')
+ );
+ }
+
+ /**
* Builds a link to Twitter's endpoint for authorizing a request token
*
* @param OAuthToken $request_token token to authorize
@@ -108,6 +121,21 @@ class TwitterOAuthClient extends OAuthClient
}
/**
+ * Fetches an access token from Twitter
+ *
+ * @param string $verifier 1.0a verifier
+ *
+ * @return OAuthToken $token the access token
+ */
+ function getAccessToken($verifier = null)
+ {
+ return parent::getAccessToken(
+ self::$accessTokenURL,
+ $verifier
+ );
+ }
+
+ /**
* Calls Twitter's /account/verify_credentials API method
*
* @return mixed the Twitter user