Twitter OAuth server dance working
This commit is contained in:
parent
a49272d448
commit
6f4b2f0ac2
136
actions/twitterauthorization.php
Normal file
136
actions/twitterauthorization.php
Normal file
@ -0,0 +1,136 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* Laconica, the distributed open-source microblogging tool
|
||||||
|
*
|
||||||
|
* Class for doing OAuth authentication against Twitter
|
||||||
|
*
|
||||||
|
* PHP version 5
|
||||||
|
*
|
||||||
|
* LICENCE: This program is free software: you can redistribute it and/or modify
|
||||||
|
* it under the terms of the GNU Affero General Public License as published by
|
||||||
|
* the Free Software Foundation, either version 3 of the License, or
|
||||||
|
* (at your option) any later version.
|
||||||
|
*
|
||||||
|
* This program is distributed in the hope that it will be useful,
|
||||||
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||||
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||||
|
* GNU Affero General Public License for more details.
|
||||||
|
*
|
||||||
|
* You should have received a copy of the GNU Affero General Public License
|
||||||
|
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||||
|
*
|
||||||
|
* @category TwitterauthorizationAction
|
||||||
|
* @package Laconica
|
||||||
|
* @author Zach Copely <zach@controlyourself.ca>
|
||||||
|
* @copyright 2009 Control Yourself, Inc.
|
||||||
|
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
|
||||||
|
* @link http://laconi.ca/
|
||||||
|
*/
|
||||||
|
|
||||||
|
if (!defined('LACONICA')) {
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
class TwitterauthorizationAction extends Action
|
||||||
|
{
|
||||||
|
|
||||||
|
function prepare($args)
|
||||||
|
{
|
||||||
|
parent::prepare($args);
|
||||||
|
|
||||||
|
$this->oauth_token = $this->arg('oauth_token');
|
||||||
|
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
|
||||||
|
function handle($args)
|
||||||
|
{
|
||||||
|
parent::handle($args);
|
||||||
|
|
||||||
|
if (!common_logged_in()) {
|
||||||
|
$this->clientError(_('Not logged in.'), 403);
|
||||||
|
}
|
||||||
|
|
||||||
|
$user = common_current_user();
|
||||||
|
$flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE);
|
||||||
|
|
||||||
|
// If there's already a foreign link record, it means we already
|
||||||
|
// have an access token, and this is unecessary. So go back.
|
||||||
|
|
||||||
|
if (isset($flink)) {
|
||||||
|
common_redirect(common_local_url('twittersettings'));
|
||||||
|
}
|
||||||
|
|
||||||
|
// $this->oauth_token is only populated once Twitter authorizes our
|
||||||
|
// request token. If it's empty we're at the beginning of the auth
|
||||||
|
// process
|
||||||
|
|
||||||
|
if (empty($this->oauth_token)) {
|
||||||
|
|
||||||
|
// Get a new request token and authorize it
|
||||||
|
|
||||||
|
$client = new TwitterOAuthClient();
|
||||||
|
$req_tok = $client->getRequestToken();
|
||||||
|
|
||||||
|
// Sock the request token away in the session temporarily
|
||||||
|
|
||||||
|
$_SESSION['twitter_request_token'] = $req_tok->key;
|
||||||
|
$_SESSION['twitter_request_token_secret'] = $req_tok->key;
|
||||||
|
|
||||||
|
$auth_link = $client->getAuthorizeLink($req_tok);
|
||||||
|
common_redirect($auth_link);
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
|
// Check to make sure Twitter sent us the same request token we sent
|
||||||
|
|
||||||
|
if ($_SESSION['twitter_request_token'] != $this->oauth_token) {
|
||||||
|
$this->serverError(_('Couldn\'t link your Twitter account.'));
|
||||||
|
}
|
||||||
|
|
||||||
|
$client = new TwitterOAuthClient($_SESSION['twitter_request_token'],
|
||||||
|
$_SESSION['twitter_request_token_secret']);
|
||||||
|
|
||||||
|
// Exchange the request token for an access token
|
||||||
|
|
||||||
|
$atok = $client->getAccessToken();
|
||||||
|
|
||||||
|
// Save the access token and Twitter user info
|
||||||
|
|
||||||
|
$client = new TwitterOAuthClient($atok->key, $atok->secret);
|
||||||
|
|
||||||
|
$twitter_user = $client->verify_credentials();
|
||||||
|
|
||||||
|
$user = common_current_user();
|
||||||
|
|
||||||
|
$flink = new Foreign_link();
|
||||||
|
|
||||||
|
$flink->user_id = $user->id;
|
||||||
|
$flink->foreign_id = $twitter_user->id;
|
||||||
|
$flink->service = TWITTER_SERVICE;
|
||||||
|
$flink->token = $atok->key;
|
||||||
|
$flink->credentials = $atok->secret;
|
||||||
|
$flink->created = common_sql_now();
|
||||||
|
|
||||||
|
$flink->set_flags(true, false, false, false);
|
||||||
|
|
||||||
|
$flink_id = $flink->insert();
|
||||||
|
|
||||||
|
if (empty($flink_id)) {
|
||||||
|
common_log_db_error($flink, 'INSERT', __FILE__);
|
||||||
|
$this->serverError(_('Couldn\'t link your Twitter account.'));
|
||||||
|
}
|
||||||
|
|
||||||
|
save_twitter_user($twitter_user->id, $twitter_user->screen_name);
|
||||||
|
|
||||||
|
// clean up the the mess we made in the session
|
||||||
|
|
||||||
|
unset($_SESSION['twitter_request_token']);
|
||||||
|
unset($_SESSION['twitter_request_token_secret']);
|
||||||
|
|
||||||
|
common_redirect(common_local_url('twittersettings'));
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
@ -69,9 +69,8 @@ class TwittersettingsAction extends ConnectSettingsAction
|
|||||||
|
|
||||||
function getInstructions()
|
function getInstructions()
|
||||||
{
|
{
|
||||||
return _('Add your Twitter account to automatically send '.
|
return _('Connect your Twitter account to share your updates ' .
|
||||||
' your notices to Twitter, ' .
|
'with your Twitter friends and vice-versa.');
|
||||||
'and subscribe to Twitter friends already here.');
|
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -93,7 +92,7 @@ class TwittersettingsAction extends ConnectSettingsAction
|
|||||||
|
|
||||||
$flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE);
|
$flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE);
|
||||||
|
|
||||||
if ($flink) {
|
if (!empty($flink)) {
|
||||||
$fuser = $flink->getForeignUser();
|
$fuser = $flink->getForeignUser();
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -102,36 +101,23 @@ class TwittersettingsAction extends ConnectSettingsAction
|
|||||||
'class' => 'form_settings',
|
'class' => 'form_settings',
|
||||||
'action' =>
|
'action' =>
|
||||||
common_local_url('twittersettings')));
|
common_local_url('twittersettings')));
|
||||||
$this->elementStart('fieldset', array('id' => 'settings_twitter_account'));
|
|
||||||
$this->element('legend', null, _('Twitter Account'));
|
|
||||||
$this->hidden('token', common_session_token());
|
$this->hidden('token', common_session_token());
|
||||||
if ($fuser) {
|
|
||||||
|
|
||||||
|
if (empty($fuser)) {
|
||||||
|
|
||||||
|
$this->elementStart('fieldset', array('id' => 'settings_twitter_account'));
|
||||||
$this->elementStart('ul', 'form_data');
|
$this->elementStart('ul', 'form_data');
|
||||||
$this->elementStart('li', array('id' => 'settings_twitter_remove'));
|
$this->elementStart('li', array('id' => 'settings_twitter_login_button'));
|
||||||
$this->element('span', 'twitter_user', $fuser->nickname);
|
$this->element('a', array('href' => common_local_url('twitterauthorization')),
|
||||||
$this->element('a', array('href' => $fuser->uri), $fuser->uri);
|
'Connect my Twitter account');
|
||||||
$this->element('p', 'form_note',
|
|
||||||
_('Current verified Twitter account.'));
|
|
||||||
$this->hidden('flink_foreign_id', $flink->foreign_id);
|
|
||||||
$this->elementEnd('li');
|
$this->elementEnd('li');
|
||||||
$this->elementEnd('ul');
|
$this->elementEnd('ul');
|
||||||
$this->submit('remove', _('Remove'));
|
|
||||||
} else {
|
|
||||||
$this->elementStart('ul', 'form_data');
|
|
||||||
$this->elementStart('li', array('id' => 'settings_twitter_login'));
|
|
||||||
$this->input('twitter_username', _('Twitter user name'),
|
|
||||||
($this->arg('twitter_username')) ?
|
|
||||||
$this->arg('twitter_username') :
|
|
||||||
$profile->nickname,
|
|
||||||
_('No spaces, please.')); // hey, it's what Twitter says
|
|
||||||
$this->elementEnd('li');
|
|
||||||
$this->elementStart('li');
|
|
||||||
$this->password('twitter_password', _('Twitter password'));
|
|
||||||
$this->elementend('li');
|
|
||||||
$this->elementEnd('ul');
|
|
||||||
}
|
|
||||||
$this->elementEnd('fieldset');
|
$this->elementEnd('fieldset');
|
||||||
|
|
||||||
|
} else {
|
||||||
|
|
||||||
$this->elementStart('fieldset',
|
$this->elementStart('fieldset',
|
||||||
array('id' => 'settings_twitter_preferences'));
|
array('id' => 'settings_twitter_preferences'));
|
||||||
$this->element('legend', null, _('Preferences'));
|
$this->element('legend', null, _('Preferences'));
|
||||||
@ -167,8 +153,9 @@ class TwittersettingsAction extends ConnectSettingsAction
|
|||||||
($flink->noticesync & FOREIGN_NOTICE_RECV) :
|
($flink->noticesync & FOREIGN_NOTICE_RECV) :
|
||||||
false);
|
false);
|
||||||
$this->elementEnd('li');
|
$this->elementEnd('li');
|
||||||
} else {
|
|
||||||
// preserve setting even if bidrection bridge toggled off
|
// preserve setting even if bidrection bridge toggled off
|
||||||
|
|
||||||
if ($flink && ($flink->noticesync & FOREIGN_NOTICE_RECV)) {
|
if ($flink && ($flink->noticesync & FOREIGN_NOTICE_RECV)) {
|
||||||
$this->hidden('noticerecv', true, 'noticerecv');
|
$this->hidden('noticerecv', true, 'noticerecv');
|
||||||
}
|
}
|
||||||
@ -181,7 +168,9 @@ class TwittersettingsAction extends ConnectSettingsAction
|
|||||||
} else {
|
} else {
|
||||||
$this->submit('add', _('Add'));
|
$this->submit('add', _('Add'));
|
||||||
}
|
}
|
||||||
|
|
||||||
$this->elementEnd('fieldset');
|
$this->elementEnd('fieldset');
|
||||||
|
}
|
||||||
|
|
||||||
$this->showTwitterSubscriptions();
|
$this->showTwitterSubscriptions();
|
||||||
|
|
||||||
|
@ -196,6 +196,9 @@ $config =
|
|||||||
'integration' =>
|
'integration' =>
|
||||||
array('source' => 'Laconica', # source attribute for Twitter
|
array('source' => 'Laconica', # source attribute for Twitter
|
||||||
'taguri' => $_server.',2009'), # base for tag URIs
|
'taguri' => $_server.',2009'), # base for tag URIs
|
||||||
|
'twitter' =>
|
||||||
|
array('consumer_key' => null,
|
||||||
|
'consumer_secret' => null),
|
||||||
'memcached' =>
|
'memcached' =>
|
||||||
array('enabled' => false,
|
array('enabled' => false,
|
||||||
'server' => 'localhost',
|
'server' => 'localhost',
|
||||||
|
@ -88,6 +88,10 @@ class Router
|
|||||||
|
|
||||||
$m->connect('doc/:title', array('action' => 'doc'));
|
$m->connect('doc/:title', array('action' => 'doc'));
|
||||||
|
|
||||||
|
// Twitter
|
||||||
|
|
||||||
|
$m->connect('twitter/authorization', array('action' => 'twitterauthorization'));
|
||||||
|
|
||||||
// facebook
|
// facebook
|
||||||
|
|
||||||
$m->connect('facebook', array('action' => 'facebookhome'));
|
$m->connect('facebook', array('action' => 'facebookhome'));
|
||||||
|
109
lib/twitteroauthclient.php
Normal file
109
lib/twitteroauthclient.php
Normal file
@ -0,0 +1,109 @@
|
|||||||
|
<?php
|
||||||
|
|
||||||
|
require_once('OAuth.php');
|
||||||
|
|
||||||
|
class TwitterOAuthClient
|
||||||
|
{
|
||||||
|
public static $requestTokenURL = 'https://twitter.com/oauth/request_token';
|
||||||
|
public static $authorizeURL = 'https://twitter.com/oauth/authorize';
|
||||||
|
public static $accessTokenURL = 'https://twitter.com/oauth/access_token';
|
||||||
|
|
||||||
|
function __construct($oauth_token = null, $oauth_token_secret = null)
|
||||||
|
{
|
||||||
|
$this->sha1_method = new OAuthSignatureMethod_HMAC_SHA1();
|
||||||
|
$consumer_key = common_config('twitter', 'consumer_key');
|
||||||
|
$consumer_secret = common_config('twitter', 'consumer_secret');
|
||||||
|
$this->consumer = new OAuthConsumer($consumer_key, $consumer_secret);
|
||||||
|
$this->token = null;
|
||||||
|
|
||||||
|
if (isset($oauth_token) && isset($oauth_token_secret)) {
|
||||||
|
$this->token = new OAuthToken($oauth_token, $oauth_token_secret);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
function getRequestToken()
|
||||||
|
{
|
||||||
|
$response = $this->oAuthGet(TwitterOAuthClient::$requestTokenURL);
|
||||||
|
parse_str($response);
|
||||||
|
$token = new OAuthToken($oauth_token, $oauth_token_secret);
|
||||||
|
return $token;
|
||||||
|
}
|
||||||
|
|
||||||
|
function getAuthorizeLink($request_token)
|
||||||
|
{
|
||||||
|
// Not sure Twitter actually looks at oauth_callback
|
||||||
|
|
||||||
|
return TwitterOAuthClient::$authorizeURL .
|
||||||
|
'?oauth_token=' . $request_token->key . '&oauth_callback=' .
|
||||||
|
urlencode(common_local_url('twitterauthorization'));
|
||||||
|
}
|
||||||
|
|
||||||
|
function getAccessToken()
|
||||||
|
{
|
||||||
|
$response = $this->oAuthPost(TwitterOAuthClient::$accessTokenURL);
|
||||||
|
parse_str($response);
|
||||||
|
$token = new OAuthToken($oauth_token, $oauth_token_secret);
|
||||||
|
return $token;
|
||||||
|
}
|
||||||
|
|
||||||
|
function verify_credentials()
|
||||||
|
{
|
||||||
|
$url = 'https://twitter.com/account/verify_credentials.json';
|
||||||
|
$response = $this->oAuthGet($url);
|
||||||
|
$twitter_user = json_decode($response);
|
||||||
|
return $twitter_user;
|
||||||
|
}
|
||||||
|
|
||||||
|
function oAuthGet($url)
|
||||||
|
{
|
||||||
|
$request = OAuthRequest::from_consumer_and_token($this->consumer,
|
||||||
|
$this->token, 'GET', $url, null);
|
||||||
|
$request->sign_request($this->sha1_method,
|
||||||
|
$this->consumer, $this->token);
|
||||||
|
|
||||||
|
return $this->httpRequest($request->to_url());
|
||||||
|
}
|
||||||
|
|
||||||
|
function oAuthPost($url, $params = null)
|
||||||
|
{
|
||||||
|
$request = OAuthRequest::from_consumer_and_token($this->consumer,
|
||||||
|
$this->token, 'POST', $url, $params);
|
||||||
|
$request->sign_request($this->sha1_method,
|
||||||
|
$this->consumer, $this->token);
|
||||||
|
|
||||||
|
return $this->httpRequest($request->get_normalized_http_url(),
|
||||||
|
$request->to_postdata());
|
||||||
|
}
|
||||||
|
|
||||||
|
function httpRequest($url, $params = null)
|
||||||
|
{
|
||||||
|
$options = array(
|
||||||
|
CURLOPT_RETURNTRANSFER => true,
|
||||||
|
CURLOPT_FAILONERROR => true,
|
||||||
|
CURLOPT_HEADER => false,
|
||||||
|
CURLOPT_FOLLOWLOCATION => true,
|
||||||
|
CURLOPT_USERAGENT => 'Laconica',
|
||||||
|
CURLOPT_CONNECTTIMEOUT => 120,
|
||||||
|
CURLOPT_TIMEOUT => 120,
|
||||||
|
CURLOPT_HTTPAUTH => CURLAUTH_ANY,
|
||||||
|
CURLOPT_SSL_VERIFYPEER => false,
|
||||||
|
|
||||||
|
// Twitter is strict about accepting invalid "Expect" headers
|
||||||
|
|
||||||
|
CURLOPT_HTTPHEADER => array('Expect:')
|
||||||
|
);
|
||||||
|
|
||||||
|
if (isset($params)) {
|
||||||
|
$options[CURLOPT_POST] = true;
|
||||||
|
$options[CURLOPT_POSTFIELDS] = $params;
|
||||||
|
}
|
||||||
|
|
||||||
|
$ch = curl_init($url);
|
||||||
|
curl_setopt_array($ch, $options);
|
||||||
|
$response = curl_exec($ch);
|
||||||
|
curl_close($ch);
|
||||||
|
|
||||||
|
return $response;
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user