gnu-social/lib/oauthclient.php

228 lines
6.7 KiB
PHP

<?php
/**
* Laconica, the distributed open-source microblogging tool
*
* Base class for doing OAuth calls as a consumer
*
* PHP version 5
*
* LICENCE: This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
* @category Action
* @package Laconica
* @author Zach Copley <zach@controlyourself.ca>
* @copyright 2008 Control Yourself, Inc.
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://laconi.ca/
*/
if (!defined('LACONICA')) {
exit(1);
}
require_once 'OAuth.php';
/**
* Exception wrapper for cURL errors
*
* @category Integration
* @package Laconica
* @author Zach Copley <zach@controlyourself.ca>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://laconi.ca/
*
*/
class OAuthClientCurlException extends Exception
{
}
/**
* Base class for doing OAuth calls as a consumer
*
* @category Integration
* @package Laconica
* @author Zach Copley <zach@controlyourself.ca>
* @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
* @link http://laconi.ca/
*
*/
class OAuthClient
{
var $consumer;
var $token;
/**
* Constructor
*
* Can be initialized with just consumer key and secret for requesting new
* tokens or with additional request token or access token
*
* @param string $consumer_key consumer key
* @param string $consumer_secret consumer secret
* @param string $oauth_token user's token
* @param string $oauth_token_secret user's secret
*
* @return nothing
*/
function __construct($consumer_key, $consumer_secret,
$oauth_token = null, $oauth_token_secret = null)
{
$this->sha1_method = new OAuthSignatureMethod_HMAC_SHA1();
$this->consumer = new OAuthConsumer($consumer_key, $consumer_secret);
$this->token = null;
if (isset($oauth_token) && isset($oauth_token_secret)) {
$this->token = new OAuthToken($oauth_token, $oauth_token_secret);
}
}
/**
* Gets a request token from the given url
*
* @param string $url OAuth endpoint for grabbing request tokens
*
* @return OAuthToken $token the request token
*/
function getRequestToken($url)
{
$response = $this->oAuthGet($url);
parse_str($response);
$token = new OAuthToken($oauth_token, $oauth_token_secret);
return $token;
}
/**
* Builds a link that can be redirected to in order to
* authorize a request token.
*
* @param string $url endpoint for authorizing request tokens
* @param OAuthToken $request_token the request token to be authorized
* @param string $oauth_callback optional callback url
*
* @return string $authorize_url the url to redirect to
*/
function getAuthorizeLink($url, $request_token, $oauth_callback = null)
{
$authorize_url = $url . '?oauth_token=' .
$request_token->key;
if (isset($oauth_callback)) {
$authorize_url .= '&oauth_callback=' . urlencode($oauth_callback);
}
common_debug("$authorize_url");
return $authorize_url;
}
/**
* Fetches an access token
*
* @param string $url OAuth endpoint for exchanging authorized request tokens
* for access tokens
*
* @return OAuthToken $token the access token
*/
function getAccessToken($url)
{
$response = $this->oAuthPost($url);
parse_str($response);
$token = new OAuthToken($oauth_token, $oauth_token_secret);
return $token;
}
/**
* Use HTTP GET to make a signed OAuth request
*
* @param string $url OAuth endpoint
*
* @return mixed the request
*/
function oAuthGet($url)
{
$request = OAuthRequest::from_consumer_and_token($this->consumer,
$this->token, 'GET', $url, null);
$request->sign_request($this->sha1_method,
$this->consumer, $this->token);
return $this->httpRequest($request->to_url());
}
/**
* Use HTTP POST to make a signed OAuth request
*
* @param string $url OAuth endpoint
* @param array $params additional post parameters
*
* @return mixed the request
*/
function oAuthPost($url, $params = null)
{
$request = OAuthRequest::from_consumer_and_token($this->consumer,
$this->token, 'POST', $url, $params);
$request->sign_request($this->sha1_method,
$this->consumer, $this->token);
return $this->httpRequest($request->get_normalized_http_url(),
$request->to_postdata());
}
/**
* Make a HTTP request using cURL.
*
* @param string $url Where to make the
* @param array $params post parameters
*
* @return mixed the request
*/
function httpRequest($url, $params = null)
{
$options = array(
CURLOPT_RETURNTRANSFER => true,
CURLOPT_FAILONERROR => true,
CURLOPT_HEADER => false,
CURLOPT_FOLLOWLOCATION => true,
CURLOPT_USERAGENT => 'Laconica',
CURLOPT_CONNECTTIMEOUT => 120,
CURLOPT_TIMEOUT => 120,
CURLOPT_HTTPAUTH => CURLAUTH_ANY,
CURLOPT_SSL_VERIFYPEER => false,
// Twitter is strict about accepting invalid "Expect" headers
CURLOPT_HTTPHEADER => array('Expect:')
);
if (isset($params)) {
$options[CURLOPT_POST] = true;
$options[CURLOPT_POSTFIELDS] = $params;
}
$ch = curl_init($url);
curl_setopt_array($ch, $options);
$response = curl_exec($ch);
if ($response === false) {
$msg = curl_error($ch);
$code = curl_errno($ch);
throw new OAuthClientCurlException($msg, $code);
}
curl_close($ch);
return $response;
}
}