diff options
-rw-r--r-- | actions/twitterauthorization.php | 174 |
1 files changed, 120 insertions, 54 deletions
diff --git a/actions/twitterauthorization.php b/actions/twitterauthorization.php index 2390034cd..cf27d69cf 100644 --- a/actions/twitterauthorization.php +++ b/actions/twitterauthorization.php @@ -19,7 +19,7 @@ * You should have received a copy of the GNU Affero General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. * - * @category TwitterauthorizationAction + * @category Twitter * @package Laconica * @author Zach Copely <zach@controlyourself.ca> * @copyright 2009 Control Yourself, Inc. @@ -31,9 +31,31 @@ if (!defined('LACONICA')) { exit(1); } +/** + * Class for doing OAuth authentication against Twitter + * + * Peforms the OAuth "dance" between Laconica and Twitter -- requests a token, + * authorizes it, and exchanges it for an access token. It also creates a link + * (Foreign_link) between the Laconica user and Twitter user and stores the + * access token and secret in the link. + * + * @category Twitter + * @package Laconica + * @author Zach Copley <zach@controlyourself.ca> + * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0 + * @link http://laconi.ca/ + * + */ class TwitterauthorizationAction extends Action { + /** + * Initialize class members. Looks for 'oauth_token' parameter. + * + * @param array $args misc. arguments + * + * @return boolean true + */ function prepare($args) { parent::prepare($args); @@ -43,6 +65,13 @@ class TwitterauthorizationAction extends Action return true; } + /** + * Handler method + * + * @param array $args is ignored since it's now passed in in prepare() + * + * @return nothing + */ function handle($args) { parent::handle($args); @@ -51,7 +80,7 @@ class TwitterauthorizationAction extends Action $this->clientError(_('Not logged in.'), 403); } - $user = common_current_user(); + $user = common_current_user(); $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE); // If there's already a foreign link record, it means we already @@ -66,88 +95,125 @@ class TwitterauthorizationAction extends Action // process if (empty($this->oauth_token)) { + $this->authorizeRequestToken(); + } else { + $this->saveAccessToken(); + } + } - try { + /** + * Asks Twitter for a request token, and then redirects to Twitter + * to authorize it. + * + * @return nothing + */ + function authorizeRequestToken() + { + try { - // Get a new request token and authorize it + // Get a new request token and authorize it - $client = new TwitterOAuthClient(); - $req_tok = $client->getRequestToken(); + $client = new TwitterOAuthClient(); + $req_tok = $client->getRequestToken(); - // Sock the request token away in the session temporarily + // Sock the request token away in the session temporarily - $_SESSION['twitter_request_token'] = $req_tok->key; - $_SESSION['twitter_request_token_secret'] = $req_tok->key; + $_SESSION['twitter_request_token'] = $req_tok->key; + $_SESSION['twitter_request_token_secret'] = $req_tok->key; - $auth_link = $client->getAuthorizeLink($req_tok); - - } catch (TwitterOAuthClientException $e) { - $msg = sprintf('OAuth client cURL error - code: %1s, msg: %2s', - $e->getCode(), $e->getMessage()); - $this->serverError(_('Couldn\'t link your Twitter account.')); - } + $auth_link = $client->getAuthorizeLink($req_tok); - common_redirect($auth_link); + } catch (TwitterOAuthClientException $e) { + $msg = sprintf('OAuth client cURL error - code: %1s, msg: %2s', + $e->getCode(), $e->getMessage()); + $this->serverError(_('Couldn\'t link your Twitter account.')); + } - } else { + common_redirect($auth_link); + } - // Check to make sure Twitter returned the same request - // token we sent them + /** + * Called when Twitter returns an authorized request token. Exchanges + * it for an access token and stores it. + * + * @return nothing + */ + function saveAccessToken() + { - if ($_SESSION['twitter_request_token'] != $this->oauth_token) { - $this->serverError(_('Couldn\'t link your Twitter account.')); - } + // Check to make sure Twitter returned the same request + // token we sent them - try { + if ($_SESSION['twitter_request_token'] != $this->oauth_token) { + $this->serverError(_('Couldn\'t link your Twitter account.')); + } - $client = new TwitterOAuthClient($_SESSION['twitter_request_token'], - $_SESSION['twitter_request_token_secret']); + try { - // Exchange the request token for an access token + $client = new TwitterOAuthClient($_SESSION['twitter_request_token'], + $_SESSION['twitter_request_token_secret']); - $atok = $client->getAccessToken(); + // Exchange the request token for an access token - // Save the access token and Twitter user info + $atok = $client->getAccessToken(); - $client = new TwitterOAuthClient($atok->key, $atok->secret); + // Test the access token and get the user's Twitter info - $twitter_user = $client->verify_credentials(); + $client = new TwitterOAuthClient($atok->key, $atok->secret); + $twitter_user = $client->verify_credentials(); - } catch (OAuthClientException $e) { - $msg = sprintf('OAuth client cURL error - code: %1s, msg: %2s', + } catch (OAuthClientException $e) { + $msg = sprintf('OAuth client cURL error - code: %1$s, msg: %2$s', $e->getCode(), $e->getMessage()); - $this->serverError(_('Couldn\'t link your Twitter account.')); - } + $this->serverError(_('Couldn\'t link your Twitter account.')); + } - $user = common_current_user(); + // Save the access token and Twitter user info - $flink = new Foreign_link(); + $this->saveForeignLink($atok, $twitter_user); - $flink->user_id = $user->id; - $flink->foreign_id = $twitter_user->id; - $flink->service = TWITTER_SERVICE; - $flink->token = $atok->key; - $flink->credentials = $atok->secret; - $flink->created = common_sql_now(); + // Clean up the the mess we made in the session - $flink->set_flags(true, false, false, false); + unset($_SESSION['twitter_request_token']); + unset($_SESSION['twitter_request_token_secret']); - $flink_id = $flink->insert(); + common_redirect(common_local_url('twittersettings')); + } - if (empty($flink_id)) { - common_log_db_error($flink, 'INSERT', __FILE__); - $this->serverError(_('Couldn\'t link your Twitter account.')); - } + /** + * Saves a Foreign_link between Twitter user and local user, + * which includes the access token and secret. + * + * @param OAuthToken $access_token the access token to save + * @param mixed $twitter_user twitter API user object + * + * @return nothing + */ + function saveForeignLink($access_token, $twitter_user) + { + $user = common_current_user(); - save_twitter_user($twitter_user->id, $twitter_user->screen_name); + $flink = new Foreign_link(); - // clean up the the mess we made in the session + $flink->user_id = $user->id; + $flink->foreign_id = $twitter_user->id; + $flink->service = TWITTER_SERVICE; + $flink->token = $access_token->key; + $flink->credentials = $access_token->secret; + $flink->created = common_sql_now(); - unset($_SESSION['twitter_request_token']); - unset($_SESSION['twitter_request_token_secret']); + // Defaults: noticesync on, everything else off - common_redirect(common_local_url('twittersettings')); + $flink->set_flags(true, false, false, false); + + $flink_id = $flink->insert(); + + if (empty($flink_id)) { + common_log_db_error($flink, 'INSERT', __FILE__); + $this->serverError(_('Couldn\'t link your Twitter account.')); } + + save_twitter_user($twitter_user->id, $twitter_user->screen_name); } } |