diff options
Diffstat (limited to 'lib/apioauthstore.php')
-rw-r--r-- | lib/apioauthstore.php | 70 |
1 files changed, 56 insertions, 14 deletions
diff --git a/lib/apioauthstore.php b/lib/apioauthstore.php index eca93866f..f3bf0b857 100644 --- a/lib/apioauthstore.php +++ b/lib/apioauthstore.php @@ -71,33 +71,37 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore } } - function new_access_token($token, $consumer) + function new_access_token($token, $consumer, $verifier) { - common_debug('new_access_token("'.$token->key.'","'.$consumer->key.'")', __FILE__); + common_debug( + 'new_access_token("' . $token->key . '","' . $consumer->key. '","' . $verifier . '")', + __FILE__ + ); $rt = new Token(); + $rt->consumer_key = $consumer->key; - $rt->tok = $token->key; - $rt->type = 0; // request + $rt->tok = $token->key; + $rt->type = 0; // request $app = Oauth_application::getByConsumerKey($consumer->key); + assert(!empty($app)); - if (empty($app)) { - common_debug("empty app!"); - } + if ($rt->find(true) && $rt->state == 1 && $rt->verifier == $verifier) { // authorized - if ($rt->find(true) && $rt->state == 1) { // authorized common_debug('request token found.', __FILE__); // find the associated user of the app $appUser = new Oauth_application_user(); + $appUser->application_id = $app->id; - $appUser->token = $rt->tok; + $appUser->token = $rt->tok; + $result = $appUser->find(true); if (!empty($result)) { - common_debug("Oath app user found."); + common_debug("Ouath app user found."); } else { common_debug("Oauth app user not found. app id $app->id token $rt->tok"); return null; @@ -106,10 +110,12 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore // go ahead and make the access token $at = new Token(); - $at->consumer_key = $consumer->key; - $at->tok = common_good_rand(16); - $at->secret = common_good_rand(16); - $at->type = 1; // access + $at->consumer_key = $consumer->key; + $at->tok = common_good_rand(16); + $at->secret = common_good_rand(16); + $at->type = 1; // access + $at->verifier = $verifier; + $at->verified_callback = $rt->verified_callback; // 1.0a $at->created = DB_DataObject_Cast::dateTime(); if (!$at->insert()) { @@ -183,4 +189,40 @@ class ApiStatusNetOAuthDataStore extends StatusNetOAuthDataStore throw new Exception(_('Failed to delete revoked token.')); } } + + /* + * Create a new request token. Overrided to support OAuth 1.0a callback + * + * @param OAuthConsumer $consumer the OAuth Consumer for this token + * @param string $callback the verified OAuth callback URL + * + * @return OAuthToken $token a new unauthorized OAuth request token + */ + + function new_request_token($consumer, $callback) + { + $t = new Token(); + $t->consumer_key = $consumer->key; + $t->tok = common_good_rand(16); + $t->secret = common_good_rand(16); + $t->type = 0; // request + $t->state = 0; // unauthorized + $t->verified_callback = $callback; + + if ($callback === 'oob') { + // six digit pin + $t->verifier = mt_rand(0, 9999999); + } else { + $t->verifier = common_good_rand(8); + } + + $t->created = DB_DataObject_Cast::dateTime(); + if (!$t->insert()) { + return null; + } else { + return new OAuthToken($t->tok, $t->secret); + } + } + + } |