diff options
author | Zach Copley <zach@status.net> | 2010-02-16 06:12:08 +0000 |
---|---|---|
committer | Zach Copley <zach@status.net> | 2010-02-16 06:12:08 +0000 |
commit | f414544d0d289df2c103d9b16400e1ed91d35e91 (patch) | |
tree | 9ad75a2b90c3a56932d05bc04b98468471f97678 /plugins | |
parent | 0ba375917129eaee2608203ed532efb3b9db879c (diff) |
Upgrade Twitter bridge to use OAuth 1.0a. It's more secure, and allows
us to automatically send in a callback url instead of having to manually
configure one for each StatusNet instance.
Diffstat (limited to 'plugins')
-rw-r--r-- | plugins/TwitterBridge/twitterauthorization.php | 10 | ||||
-rw-r--r-- | plugins/TwitterBridge/twitteroauthclient.php | 28 |
2 files changed, 33 insertions, 5 deletions
diff --git a/plugins/TwitterBridge/twitterauthorization.php b/plugins/TwitterBridge/twitterauthorization.php index 6822d33dd..c154932bb 100644 --- a/plugins/TwitterBridge/twitterauthorization.php +++ b/plugins/TwitterBridge/twitterauthorization.php @@ -56,6 +56,7 @@ class TwitterauthorizationAction extends Action var $tw_fields = null; var $access_token = null; var $signin = null; + var $verifier = null; /** * Initialize class members. Looks for 'oauth_token' parameter. @@ -70,6 +71,7 @@ class TwitterauthorizationAction extends Action $this->signin = $this->boolean('signin'); $this->oauth_token = $this->arg('oauth_token'); + $this->verifier = $this->arg('oauth_verifier'); return true; } @@ -160,8 +162,7 @@ class TwitterauthorizationAction extends Action // Get a new request token and authorize it $client = new TwitterOAuthClient(); - $req_tok = - $client->getRequestToken(TwitterOAuthClient::$requestTokenURL); + $req_tok = $client->getRequestToken(); // Sock the request token away in the session temporarily @@ -171,7 +172,7 @@ class TwitterauthorizationAction extends Action $auth_link = $client->getAuthorizeLink($req_tok, $this->signin); } catch (OAuthClientException $e) { - $msg = sprintf('OAuth client cURL error - code: %1s, msg: %2s', + $msg = sprintf('OAuth client error - code: %1s, msg: %2s', $e->getCode(), $e->getMessage()); $this->serverError(_m('Couldn\'t link your Twitter account.')); } @@ -187,7 +188,6 @@ class TwitterauthorizationAction extends Action */ function saveAccessToken() { - // Check to make sure Twitter returned the same request // token we sent them @@ -204,7 +204,7 @@ class TwitterauthorizationAction extends Action // Exchange the request token for an access token - $atok = $client->getAccessToken(TwitterOAuthClient::$accessTokenURL); + $atok = $client->getAccessToken($this->verifier); // Test the access token and get the user's Twitter info diff --git a/plugins/TwitterBridge/twitteroauthclient.php b/plugins/TwitterBridge/twitteroauthclient.php index 277e7ab40..ba45b533d 100644 --- a/plugins/TwitterBridge/twitteroauthclient.php +++ b/plugins/TwitterBridge/twitteroauthclient.php @@ -92,6 +92,19 @@ class TwitterOAuthClient extends OAuthClient } /** + * Gets a request token from Twitter + * + * @return OAuthToken $token the request token + */ + function getRequestToken() + { + return parent::getRequestToken( + self::$requestTokenURL, + common_local_url('twitterauthorization') + ); + } + + /** * Builds a link to Twitter's endpoint for authorizing a request token * * @param OAuthToken $request_token token to authorize @@ -108,6 +121,21 @@ class TwitterOAuthClient extends OAuthClient } /** + * Fetches an access token from Twitter + * + * @param string $verifier 1.0a verifier + * + * @return OAuthToken $token the access token + */ + function getAccessToken($verifier = null) + { + return parent::getAccessToken( + self::$accessTokenURL, + $verifier + ); + } + + /** * Calls Twitter's /account/verify_credentials API method * * @return mixed the Twitter user |