1 <?php

     2 /**

     3  * Zend Framework

     4  *

     5  * LICENSE

     6  *

     7  * This source file is subject to the new BSD license that is bundled

     8  * with this package in the file LICENSE.txt.

     9  * It is also available through the world-wide-web at this URL:

    10  * http://framework.zend.com/license/new-bsd

    11  * If you did not receive a copy of the license and are unable to

    12  * obtain it through the world-wide-web, please send an email

    13  * to license@zend.com so we can send you a copy immediately.

    14  *

    15  * @category   Zend

    16  * @package    Zend_Oauth

    17  * @copyright  Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)

    18  * @license    http://framework.zend.com/license/new-bsd     New BSD License

    19  * @version    $Id: AccessToken.php 20217 2010-01-12 16:01:57Z matthew $

    20  */

    21 

    22 /** Zend_Oauth_Http */

    23 require_once 'Zend/Oauth/Http.php';

    24 

    25 /** Zend_Oauth_Token_Access */

    26 require_once 'Zend/Oauth/Token/Access.php';

    27 

    28 /**

    29  * @category   Zend

    30  * @package    Zend_Oauth

    31  * @copyright  Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)

    32  * @license    http://framework.zend.com/license/new-bsd     New BSD License

    33  */

    34 class Zend_Oauth_Http_AccessToken extends Zend_Oauth_Http

    35 {

    36     /**

    37      * Singleton instance if required of the HTTP client

    38      *

    39      * @var Zend_Http_Client

    40      */

    41     protected $_httpClient = null;

    42 

    43     /**

    44      * Initiate a HTTP request to retrieve an Access Token.

    45      *

    46      * @return Zend_Oauth_Token_Access

    47      */

    48     public function execute()

    49     {

    50         $params   = $this->assembleParams();

    51         $response = $this->startRequestCycle($params);

    52         $return   = new Zend_Oauth_Token_Access($response);

    53         return $return;

    54     }

    55 

    56     /**

    57      * Assemble all parameters for an OAuth Access Token request.

    58      *

    59      * @return array

    60      */

    61     public function assembleParams()

    62     {

    63         $params = array(

    64             'oauth_consumer_key'     => $this->_consumer->getConsumerKey(),

    65             'oauth_nonce'            => $this->_httpUtility->generateNonce(),

    66             'oauth_signature_method' => $this->_consumer->getSignatureMethod(),

    67             'oauth_timestamp'        => $this->_httpUtility->generateTimestamp(),

    68             'oauth_token'            => $this->_consumer->getLastRequestToken()->getToken(),

    69             'oauth_version'          => $this->_consumer->getVersion(),

    70         );

    71 

    72         if (!empty($this->_parameters)) {

    73             $params = array_merge($params, $this->_parameters);

    74         }

    75 

    76         $params['oauth_signature'] = $this->_httpUtility->sign(

    77             $params,

    78             $this->_consumer->getSignatureMethod(),

    79             $this->_consumer->getConsumerSecret(),

    80             $this->_consumer->getLastRequestToken()->getTokenSecret(),

    81             $this->_preferredRequestMethod,

    82             $this->_consumer->getAccessTokenUrl()

    83         );

    84 

    85         return $params;

    86     }

    87 

    88     /**

    89      * Generate and return a HTTP Client configured for the Header Request Scheme

    90      * specified by OAuth, for use in requesting an Access Token.

    91      *

    92      * @param  array $params

    93      * @return Zend_Http_Client

    94      */

    95     public function getRequestSchemeHeaderClient(array $params)

    96     {

    97         $params      = $this->_cleanParamsOfIllegalCustomParameters($params);

    98         $headerValue = $this->_toAuthorizationHeader($params);

    99         $client      = Zend_Oauth::getHttpClient();

   100 

   101         $client->setUri($this->_consumer->getAccessTokenUrl());

   102         $client->setHeaders('Authorization', $headerValue);

   103         $client->setMethod($this->_preferredRequestMethod);

   104 

   105         return $client;

   106     }

   107 

   108     /**

   109      * Generate and return a HTTP Client configured for the POST Body Request

   110      * Scheme specified by OAuth, for use in requesting an Access Token.

   111      *

   112      * @param  array $params

   113      * @return Zend_Http_Client

   114      */

   115     public function getRequestSchemePostBodyClient(array $params)

   116     {

   117         $params = $this->_cleanParamsOfIllegalCustomParameters($params);

   118         $client = Zend_Oauth::getHttpClient();

   119         $client->setUri($this->_consumer->getAccessTokenUrl());

   120         $client->setMethod($this->_preferredRequestMethod);

   121         $client->setRawData(

   122             $this->_httpUtility->toEncodedQueryString($params)

   123         );

   124         $client->setHeaders(

   125             Zend_Http_Client::CONTENT_TYPE,

   126             Zend_Http_Client::ENC_URLENCODED

   127         );

   128         return $client;

   129     }

   130 

   131     /**

   132      * Generate and return a HTTP Client configured for the Query String Request

   133      * Scheme specified by OAuth, for use in requesting an Access Token.

   134      *

   135      * @param  array $params

   136      * @param  string $url

   137      * @return Zend_Http_Client

   138      */

   139     public function getRequestSchemeQueryStringClient(array $params, $url)

   140     {

   141         $params = $this->_cleanParamsOfIllegalCustomParameters($params);

   142         return parent::getRequestSchemeQueryStringClient($params, $url);

   143     }

   144 

   145     /**

   146      * Attempt a request based on the current configured OAuth Request Scheme and

   147      * return the resulting HTTP Response.

   148      *

   149      * @param  array $params

   150      * @return Zend_Http_Response

   151      */

   152     protected function _attemptRequest(array $params)

   153     {

   154         switch ($this->_preferredRequestScheme) {

   155             case Zend_Oauth::REQUEST_SCHEME_HEADER:

   156                 $httpClient = $this->getRequestSchemeHeaderClient($params);

   157                 break;

   158             case Zend_Oauth::REQUEST_SCHEME_POSTBODY:

   159                 $httpClient = $this->getRequestSchemePostBodyClient($params);

   160                 break;

   161             case Zend_Oauth::REQUEST_SCHEME_QUERYSTRING:

   162                 $httpClient = $this->getRequestSchemeQueryStringClient($params,

   163                     $this->_consumer->getAccessTokenUrl());

   164                 break;

   165         }

   166         return $httpClient->request();

   167     }

   168 

   169     /**

   170      * Access Token requests specifically may not contain non-OAuth parameters.

   171      * So these should be striped out and excluded. Detection is easy since

   172      * specified OAuth parameters start with "oauth_", Extension params start

   173      * with "xouth_", and no other parameters should use these prefixes.

   174      *

   175      * xouth params are not currently allowable.

   176      *

   177      * @param  array $params

   178      * @return array

   179      */

   180     protected function _cleanParamsOfIllegalCustomParameters(array $params)

   181     {

   182         foreach ($params as $key=>$value) {

   183             if (!preg_match("/^oauth_/", $key)) {

   184                 unset($params[$key]);

   185             }

   186         }

   187         return $params;

   188     }

   189 }