Change to use OAuth for authentication

This commit is contained in:
Evan Prodromou 2012-03-17 01:02:41 -04:00
parent 441ac3faf6
commit 89d72852d5
2 changed files with 78 additions and 61 deletions

View File

@ -47,8 +47,6 @@ if (!defined('STATUSNET')) {
class ActivitySpamPlugin extends Plugin
{
public $server = null;
public $username = null;
public $password = null;
const REVIEWSPAM = 'ActivitySpamPlugin::REVIEWSPAM';
const TRAINSPAM = 'ActivitySpamPlugin::TRAINSPAM';
@ -60,13 +58,9 @@ class ActivitySpamPlugin extends Plugin
*/
function initialize()
{
foreach (array('username', 'password', 'server') as $attr) {
if (!$this->$attr) {
$this->$attr = common_config('activityspam', $attr);
}
}
$this->filter = new SpamFilter($this->server, $this->username, $this->password);
$this->filter = new SpamFilter(common_config('activityspam', 'server'),
common_config('activityspam', 'consumerkey'),
common_config('activityspam', 'secret'));
return true;
}

View File

@ -1,32 +1,32 @@
<?php
/**
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2012, StatusNet, Inc.
*
* Spam filter class
*
* PHP version 5
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category Spam
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
* @copyright 2012 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
* @link http://status.net/
*/
/**
* StatusNet - the distributed open-source microblogging tool
* Copyright (C) 2012, StatusNet, Inc.
*
* Spam filter class
*
* PHP version 5
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category Spam
* @package StatusNet
* @author Evan Prodromou <evan@status.net>
* @copyright 2012 StatusNet, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html AGPL 3.0
* @link http://status.net/
*/
if (!defined('STATUSNET')) {
// This check helps protect against security problems;
@ -47,20 +47,16 @@ if (!defined('STATUSNET')) {
* @link http://status.net/
*/
class SpamFilter {
class SpamFilter extends OAuthClient {
const HAM = 'ham';
const SPAM = 'spam';
public $server;
public $username;
public $password;
function __construct($server, $username, $password) {
$this->server = $server;
$this->username = $username;
$this->password = $password;
function __construct($server, $consumerKey, $secret) {
parent::__construct($consumerKey, $secret);
$this->server = $server;
}
protected function toActivity($notice) {
@ -80,14 +76,7 @@ class SpamFilter {
public function testActivity($activity) {
$client = new HTTPClient($this->server . "/is-this-spam");
$client->setMethod('POST');
$client->setAuth($this->username, $this->password);
$client->setHeader('Content-Type', 'application/json');
$client->setBody(json_encode($activity->asArray()));
$response = $client->send();
$response = $this->postJSON($this->server . "/is-this-spam", $activity->asArray());
if (!$response->isOK()) {
throw new Exception("Error " . $response->getStatus() . " checking spam score: " . $response->getBody());
@ -118,14 +107,7 @@ class SpamFilter {
throw new Exception("Unknown category: " + $category);
}
$client = new HTTPClient($this->server . $endpoint);
$client->setMethod('POST');
$client->setAuth($this->username, $this->password);
$client->setHeader('Content-Type', 'application/json');
$client->setBody(json_encode($activity->asArray()));
$response = $client->send();
$response = $this->postJSON($this->server . $endpoint, $activity->asArray());
if (!$response->isOK()) {
throw new Exception("Error " . $response->getStatus() . " checking spam score: " . $response->getBody());
@ -153,4 +135,45 @@ class SpamFilter {
return $this->trainActivity($activity, $category);
}
}
function postJSON($url, $body)
{
$request = OAuthRequest::from_consumer_and_token($this->consumer,
$this->token,
'POST',
$url);
$request->sign_request($this->sha1_method,
$this->consumer,
$this->token);
$hclient = new HTTPClient($url);
$hclient->setConfig(array('connect_timeout' => 120,
'timeout' => 120,
'follow_redirects' => true,
'ssl_verify_peer' => false,
'ssl_verify_host' => false));
$hclient->setMethod(HTTP_Request2::METHOD_POST);
$hclient->setBody(json_encode($body));
$hclient->setHeader('Content-Type', 'application/json');
$hclient->setHeader($request->to_header());
// Twitter is strict about accepting invalid "Expect" headers
// No reason not to clear it still here -ESP
$hclient->setHeader('Expect', '');
try {
$response = $hclient->send();
$code = $response->getStatus();
if ($code < 200 || $code >= 400) {
throw new OAuthClientException($response->getBody(), $code);
}
return $response->getBody();
} catch (Exception $e) {
throw new OAuthClientException($e->getMessage(), $e->getCode());
}
}
}