27 $this->signature_methods[$signature_method->get_name()] = $signature_method;
38 $this->get_version($request);
40 $consumer = $this->get_consumer($request);
45 $this->check_signature($request, $consumer, $token);
48 $callback = $request->get_parameter(
'oauth_callback');
49 $new_token = $this->data_store->new_request_token($consumer, $callback);
60 $this->get_version($request);
62 $consumer = $this->get_consumer($request);
65 $token = $this->get_token($request, $consumer,
"request");
67 $this->check_signature($request, $consumer, $token);
70 $verifier = $request->get_parameter(
'oauth_verifier');
71 $new_token = $this->data_store->new_access_token($token, $consumer, $verifier);
81 $this->get_version($request);
82 $consumer = $this->get_consumer($request);
83 $token = $this->get_token($request, $consumer,
"access");
84 $this->check_signature($request, $consumer, $token);
86 return array($consumer, $token);
94 private function get_version(&$request)
96 $version = $request->get_parameter(
"oauth_version");
103 throw new OAuthException(
"OAuth version '$version' not supported");
112 private function get_signature_method($request)
114 $signature_method = $request instanceof OAuthRequest ? $request->get_parameter(
'oauth_signature_method') : NULL;
116 if (!$signature_method) {
119 throw new OAuthException(
'No signature method parameter. This parameter is required');
122 if (!in_array($signature_method, array_keys($this->signature_methods))) {
123 throw new OAuthException(
124 "Signature method '$signature_method' not supported " .
125 'try one of the following: ' .
126 implode(
', ', array_keys($this->signature_methods))
130 return $this->signature_methods[$signature_method];
136 private function get_consumer($request)
138 $consumer_key = $request instanceof OAuthRequest ? $request->get_parameter(
'oauth_consumer_key') : NULL;
140 if (is_null($consumer_key) || (strlen($consumer_key) <= 0)) {
141 throw new OAuthException(
'Invalid consumer key');
144 $consumer = $this->data_store->lookup_consumer($consumer_key);
146 throw new OAuthException(
'Invalid consumer');
155 private function get_token($request, $consumer, $token_type =
"access")
157 $token_field = $request instanceof OAuthRequest ? $request->get_parameter(
'oauth_token') : NULL;
159 $token = $this->data_store->lookup_token($consumer, $token_type, $token_field);
161 throw new OAuthException(
"Invalid $token_type token: $token_field");
171 private function check_signature($request, $consumer, $token)
174 $timestamp = $request instanceof OAuthRequest ? $request->get_parameter(
'oauth_timestamp') : NULL;
175 $nonce = $request instanceof OAuthRequest ? $request->get_parameter(
'oauth_nonce') : NULL;
177 $this->check_timestamp($timestamp);
178 $this->check_nonce($consumer, $token, $nonce, $timestamp);
180 $signature_method = $this->get_signature_method($request);
182 $signature = $request->get_parameter(
'oauth_signature');
183 $valid_sig = $signature_method->check_signature($request, $consumer, $token, $signature);
186 throw new OAuthException(
'Invalid signature');
193 private function check_timestamp($timestamp)
196 throw new OAuthException(
'Missing timestamp parameter. The parameter is required');
200 if (abs($now - $timestamp) > $this->timestamp_threshold) {
201 throw new OAuthException(
"Expired timestamp, yours $timestamp, ours $now");
208 private function check_nonce($consumer, $token, $nonce, $timestamp)
211 throw new OAuthException(
'Missing nonce parameter. The parameter is required');
214 $found = $this->data_store->lookup_nonce($consumer, $token, $nonce, $timestamp);
216 throw new OAuthException(
"Nonce already used: $nonce");
add_signature_method($signature_method)
Class to represent an OAuth Exception.
fetch_request_token(&$request)
process a request_token request returns the request token on success
verify_request(&$request)
verify an api call, checks all the parameters
fetch_access_token(&$request)
process an access_token request returns the access token on success
Class to represent an OAuth Server.
