269 lines
8.7 KiB
PHP
269 lines
8.7 KiB
PHP
|
<?php
|
||
|
/**
|
||
|
* Zend Framework
|
||
|
*
|
||
|
* LICENSE
|
||
|
*
|
||
|
* This source file is subject to the new BSD license that is bundled
|
||
|
* with this package in the file LICENSE.txt.
|
||
|
* It is also available through the world-wide-web at this URL:
|
||
|
* http://framework.zend.com/license/new-bsd
|
||
|
* If you did not receive a copy of the license and are unable to
|
||
|
* obtain it through the world-wide-web, please send an email
|
||
|
* to license@zend.com so we can send you a copy immediately.
|
||
|
*
|
||
|
* @category Zend
|
||
|
* @package Zend_Oauth
|
||
|
* @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
|
||
|
* @license http://framework.zend.com/license/new-bsd New BSD License
|
||
|
* @version $Id$
|
||
|
*/
|
||
|
|
||
|
/** Zend_Oauth */
|
||
|
|
||
|
/** Zend_Uri */
|
||
|
|
||
|
/** Zend_Oauth_Http_RequestToken */
|
||
|
|
||
|
/** Zend_Oauth_Http_UserAuthorization */
|
||
|
|
||
|
/** Zend_Oauth_Http_AccessToken */
|
||
|
|
||
|
/** Zend_Oauth_Token_AuthorizedRequest */
|
||
|
|
||
|
/** Zend_Oauth_Config */
|
||
|
|
||
|
/**
|
||
|
* @category Zend
|
||
|
* @package Zend_Oauth
|
||
|
* @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
|
||
|
* @license http://framework.zend.com/license/new-bsd New BSD License
|
||
|
*/
|
||
|
class Zend_Oauth_Consumer extends Zend_Oauth
|
||
|
{
|
||
|
public $switcheroo = false; // replace later when this works
|
||
|
|
||
|
/**
|
||
|
* Request Token retrieved from OAuth Provider
|
||
|
*
|
||
|
* @var Zend_Oauth_Token_Request
|
||
|
*/
|
||
|
protected $_requestToken = null;
|
||
|
|
||
|
/**
|
||
|
* Access token retrieved from OAuth Provider
|
||
|
*
|
||
|
* @var Zend_Oauth_Token_Access
|
||
|
*/
|
||
|
protected $_accessToken = null;
|
||
|
|
||
|
/**
|
||
|
* @var Zend_Oauth_Config
|
||
|
*/
|
||
|
protected $_config = null;
|
||
|
|
||
|
/**
|
||
|
* Constructor; create a new object with an optional array|Zend_Config
|
||
|
* instance containing initialising options.
|
||
|
*
|
||
|
* @param array|Zend_Config $options
|
||
|
* @return void
|
||
|
*/
|
||
|
public function __construct($options = null)
|
||
|
{
|
||
|
$this->_config = new Zend_Oauth_Config;
|
||
|
if ($options !== null) {
|
||
|
if ($options instanceof Zend_Config) {
|
||
|
$options = $options->toArray();
|
||
|
}
|
||
|
$this->_config->setOptions($options);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Attempts to retrieve a Request Token from an OAuth Provider which is
|
||
|
* later exchanged for an authorized Access Token used to access the
|
||
|
* protected resources exposed by a web service API.
|
||
|
*
|
||
|
* @param null|array $customServiceParameters Non-OAuth Provider-specified parameters
|
||
|
* @param null|string $httpMethod
|
||
|
* @param null|Zend_Oauth_Http_RequestToken $request
|
||
|
* @return Zend_Oauth_Token_Request
|
||
|
*/
|
||
|
public function getRequestToken(
|
||
|
array $customServiceParameters = null,
|
||
|
$httpMethod = null,
|
||
|
Zend_Oauth_Http_RequestToken $request = null
|
||
|
) {
|
||
|
if ($request === null) {
|
||
|
$request = new Zend_Oauth_Http_RequestToken($this, $customServiceParameters);
|
||
|
} elseif($customServiceParameters !== null) {
|
||
|
$request->setParameters($customServiceParameters);
|
||
|
}
|
||
|
if ($httpMethod !== null) {
|
||
|
$request->setMethod($httpMethod);
|
||
|
} else {
|
||
|
$request->setMethod($this->getRequestMethod());
|
||
|
}
|
||
|
$this->_requestToken = $request->execute();
|
||
|
return $this->_requestToken;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* After a Request Token is retrieved, the user may be redirected to the
|
||
|
* OAuth Provider to authorize the application's access to their
|
||
|
* protected resources - the redirect URL being provided by this method.
|
||
|
* Once the user has authorized the application for access, they are
|
||
|
* redirected back to the application which can now exchange the previous
|
||
|
* Request Token for a fully authorized Access Token.
|
||
|
*
|
||
|
* @param null|array $customServiceParameters
|
||
|
* @param null|Zend_Oauth_Token_Request $token
|
||
|
* @param null|Zend_OAuth_Http_UserAuthorization $redirect
|
||
|
* @return string
|
||
|
*/
|
||
|
public function getRedirectUrl(
|
||
|
array $customServiceParameters = null,
|
||
|
Zend_Oauth_Token_Request $token = null,
|
||
|
Zend_Oauth_Http_UserAuthorization $redirect = null
|
||
|
) {
|
||
|
if ($redirect === null) {
|
||
|
$redirect = new Zend_Oauth_Http_UserAuthorization($this, $customServiceParameters);
|
||
|
} elseif($customServiceParameters !== null) {
|
||
|
$redirect->setParameters($customServiceParameters);
|
||
|
}
|
||
|
if ($token !== null) {
|
||
|
$this->_requestToken = $token;
|
||
|
}
|
||
|
return $redirect->getUrl();
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Rather than retrieve a redirect URL for use, e.g. from a controller,
|
||
|
* one may perform an immediate redirect.
|
||
|
*
|
||
|
* Sends headers and exit()s on completion.
|
||
|
*
|
||
|
* @param null|array $customServiceParameters
|
||
|
* @param null|Zend_Oauth_Token_Request $token
|
||
|
* @param null|Zend_Oauth_Http_UserAuthorization $request
|
||
|
* @return void
|
||
|
*/
|
||
|
public function redirect(
|
||
|
array $customServiceParameters = null,
|
||
|
Zend_Oauth_Token_Request $token = null,
|
||
|
Zend_Oauth_Http_UserAuthorization $request = null
|
||
|
) {
|
||
|
if ($token instanceof Zend_Oauth_Http_UserAuthorization) {
|
||
|
$request = $token;
|
||
|
$token = null;
|
||
|
}
|
||
|
$redirectUrl = $this->getRedirectUrl($customServiceParameters, $token, $request);
|
||
|
header('Location: ' . $redirectUrl);
|
||
|
exit(1);
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Retrieve an Access Token in exchange for a previously received/authorized
|
||
|
* Request Token.
|
||
|
*
|
||
|
* @param array $queryData GET data returned in user's redirect from Provider
|
||
|
* @param Zend_Oauth_Token_Request Request Token information
|
||
|
* @param string $httpMethod
|
||
|
* @param Zend_Oauth_Http_AccessToken $request
|
||
|
* @return Zend_Oauth_Token_Access
|
||
|
* @throws Zend_Oauth_Exception on invalid authorization token, non-matching response authorization token, or unprovided authorization token
|
||
|
*/
|
||
|
public function getAccessToken(
|
||
|
$queryData,
|
||
|
Zend_Oauth_Token_Request $token,
|
||
|
$httpMethod = null,
|
||
|
Zend_Oauth_Http_AccessToken $request = null
|
||
|
) {
|
||
|
$authorizedToken = new Zend_Oauth_Token_AuthorizedRequest($queryData);
|
||
|
if (!$authorizedToken->isValid()) {
|
||
|
throw new Zend_Oauth_Exception(
|
||
|
'Response from Service Provider is not a valid authorized request token');
|
||
|
}
|
||
|
if ($request === null) {
|
||
|
$request = new Zend_Oauth_Http_AccessToken($this);
|
||
|
}
|
||
|
|
||
|
// OAuth 1.0a Verifier
|
||
|
if ($authorizedToken->getParam('oauth_verifier') !== null) {
|
||
|
$params = array_merge($request->getParameters(), array(
|
||
|
'oauth_verifier' => $authorizedToken->getParam('oauth_verifier')
|
||
|
));
|
||
|
$request->setParameters($params);
|
||
|
}
|
||
|
if ($httpMethod !== null) {
|
||
|
$request->setMethod($httpMethod);
|
||
|
} else {
|
||
|
$request->setMethod($this->getRequestMethod());
|
||
|
}
|
||
|
if (isset($token)) {
|
||
|
if ($authorizedToken->getToken() !== $token->getToken()) {
|
||
|
throw new Zend_Oauth_Exception(
|
||
|
'Authorized token from Service Provider does not match'
|
||
|
. ' supplied Request Token details'
|
||
|
);
|
||
|
}
|
||
|
} else {
|
||
|
throw new Zend_Oauth_Exception('Request token must be passed to method');
|
||
|
}
|
||
|
$this->_requestToken = $token;
|
||
|
$this->_accessToken = $request->execute();
|
||
|
return $this->_accessToken;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Return whatever the last Request Token retrieved was while using the
|
||
|
* current Consumer instance.
|
||
|
*
|
||
|
* @return Zend_Oauth_Token_Request
|
||
|
*/
|
||
|
public function getLastRequestToken()
|
||
|
{
|
||
|
return $this->_requestToken;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Return whatever the last Access Token retrieved was while using the
|
||
|
* current Consumer instance.
|
||
|
*
|
||
|
* @return Zend_Oauth_Token_Access
|
||
|
*/
|
||
|
public function getLastAccessToken()
|
||
|
{
|
||
|
return $this->_accessToken;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Alias to self::getLastAccessToken()
|
||
|
*
|
||
|
* @return Zend_Oauth_Token_Access
|
||
|
*/
|
||
|
public function getToken()
|
||
|
{
|
||
|
return $this->_accessToken;
|
||
|
}
|
||
|
|
||
|
/**
|
||
|
* Simple Proxy to the current Zend_Oauth_Config method. It's that instance
|
||
|
* which holds all configuration methods and values this object also presents
|
||
|
* as it's API.
|
||
|
*
|
||
|
* @param string $method
|
||
|
* @param array $args
|
||
|
* @return mixed
|
||
|
* @throws Zend_Oauth_Exception if method does not exist in config object
|
||
|
*/
|
||
|
public function __call($method, array $args)
|
||
|
{
|
||
|
if (!method_exists($this->_config, $method)) {
|
||
|
throw new Zend_Oauth_Exception('Method does not exist: '.$method);
|
||
|
}
|
||
|
return call_user_func_array(array($this->_config,$method), $args);
|
||
|
}
|
||
|
}
|