|
1 <?php |
|
2 /** |
|
3 * Zend Framework |
|
4 * |
|
5 * LICENSE |
|
6 * |
|
7 * This source file is subject to the new BSD license that is bundled |
|
8 * with this package in the file LICENSE.txt. |
|
9 * It is also available through the world-wide-web at this URL: |
|
10 * http://framework.zend.com/license/new-bsd |
|
11 * If you did not receive a copy of the license and are unable to |
|
12 * obtain it through the world-wide-web, please send an email |
|
13 * to license@zend.com so we can send you a copy immediately. |
|
14 * |
|
15 * @category Zend |
|
16 * @package Zend_Oauth |
|
17 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
18 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
19 * @version $Id: Consumer.php 23170 2010-10-19 18:29:24Z mabe $ |
|
20 */ |
|
21 |
|
22 /** Zend_Oauth */ |
|
23 require_once 'Zend/Oauth.php'; |
|
24 |
|
25 /** Zend_Uri */ |
|
26 require_once 'Zend/Uri.php'; |
|
27 |
|
28 /** Zend_Oauth_Http_RequestToken */ |
|
29 require_once 'Zend/Oauth/Http/RequestToken.php'; |
|
30 |
|
31 /** Zend_Oauth_Http_UserAuthorization */ |
|
32 require_once 'Zend/Oauth/Http/UserAuthorization.php'; |
|
33 |
|
34 /** Zend_Oauth_Http_AccessToken */ |
|
35 require_once 'Zend/Oauth/Http/AccessToken.php'; |
|
36 |
|
37 /** Zend_Oauth_Token_AuthorizedRequest */ |
|
38 require_once 'Zend/Oauth/Token/AuthorizedRequest.php'; |
|
39 |
|
40 /** Zend_Oauth_Config */ |
|
41 require_once 'Zend/Oauth/Config.php'; |
|
42 |
|
43 /** |
|
44 * @category Zend |
|
45 * @package Zend_Oauth |
|
46 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
47 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
48 */ |
|
49 class Zend_Oauth_Consumer extends Zend_Oauth |
|
50 { |
|
51 public $switcheroo = false; // replace later when this works |
|
52 |
|
53 /** |
|
54 * Request Token retrieved from OAuth Provider |
|
55 * |
|
56 * @var Zend_Oauth_Token_Request |
|
57 */ |
|
58 protected $_requestToken = null; |
|
59 |
|
60 /** |
|
61 * Access token retrieved from OAuth Provider |
|
62 * |
|
63 * @var Zend_Oauth_Token_Access |
|
64 */ |
|
65 protected $_accessToken = null; |
|
66 |
|
67 /** |
|
68 * @var Zend_Oauth_Config |
|
69 */ |
|
70 protected $_config = null; |
|
71 |
|
72 /** |
|
73 * Constructor; create a new object with an optional array|Zend_Config |
|
74 * instance containing initialising options. |
|
75 * |
|
76 * @param array|Zend_Config $options |
|
77 * @return void |
|
78 */ |
|
79 public function __construct($options = null) |
|
80 { |
|
81 $this->_config = new Zend_Oauth_Config; |
|
82 if ($options !== null) { |
|
83 if ($options instanceof Zend_Config) { |
|
84 $options = $options->toArray(); |
|
85 } |
|
86 $this->_config->setOptions($options); |
|
87 } |
|
88 } |
|
89 |
|
90 /** |
|
91 * Attempts to retrieve a Request Token from an OAuth Provider which is |
|
92 * later exchanged for an authorized Access Token used to access the |
|
93 * protected resources exposed by a web service API. |
|
94 * |
|
95 * @param null|array $customServiceParameters Non-OAuth Provider-specified parameters |
|
96 * @param null|string $httpMethod |
|
97 * @param null|Zend_Oauth_Http_RequestToken $request |
|
98 * @return Zend_Oauth_Token_Request |
|
99 */ |
|
100 public function getRequestToken( |
|
101 array $customServiceParameters = null, |
|
102 $httpMethod = null, |
|
103 Zend_Oauth_Http_RequestToken $request = null |
|
104 ) { |
|
105 if ($request === null) { |
|
106 $request = new Zend_Oauth_Http_RequestToken($this, $customServiceParameters); |
|
107 } elseif($customServiceParameters !== null) { |
|
108 $request->setParameters($customServiceParameters); |
|
109 } |
|
110 if ($httpMethod !== null) { |
|
111 $request->setMethod($httpMethod); |
|
112 } else { |
|
113 $request->setMethod($this->getRequestMethod()); |
|
114 } |
|
115 $this->_requestToken = $request->execute(); |
|
116 return $this->_requestToken; |
|
117 } |
|
118 |
|
119 /** |
|
120 * After a Request Token is retrieved, the user may be redirected to the |
|
121 * OAuth Provider to authorize the application's access to their |
|
122 * protected resources - the redirect URL being provided by this method. |
|
123 * Once the user has authorized the application for access, they are |
|
124 * redirected back to the application which can now exchange the previous |
|
125 * Request Token for a fully authorized Access Token. |
|
126 * |
|
127 * @param null|array $customServiceParameters |
|
128 * @param null|Zend_Oauth_Token_Request $token |
|
129 * @param null|Zend_OAuth_Http_UserAuthorization $redirect |
|
130 * @return string |
|
131 */ |
|
132 public function getRedirectUrl( |
|
133 array $customServiceParameters = null, |
|
134 Zend_Oauth_Token_Request $token = null, |
|
135 Zend_Oauth_Http_UserAuthorization $redirect = null |
|
136 ) { |
|
137 if ($redirect === null) { |
|
138 $redirect = new Zend_Oauth_Http_UserAuthorization($this, $customServiceParameters); |
|
139 } elseif($customServiceParameters !== null) { |
|
140 $redirect->setParameters($customServiceParameters); |
|
141 } |
|
142 if ($token !== null) { |
|
143 $this->_requestToken = $token; |
|
144 } |
|
145 return $redirect->getUrl(); |
|
146 } |
|
147 |
|
148 /** |
|
149 * Rather than retrieve a redirect URL for use, e.g. from a controller, |
|
150 * one may perform an immediate redirect. |
|
151 * |
|
152 * Sends headers and exit()s on completion. |
|
153 * |
|
154 * @param null|array $customServiceParameters |
|
155 * @param null|Zend_Oauth_Token_Request $token |
|
156 * @param null|Zend_Oauth_Http_UserAuthorization $request |
|
157 * @return void |
|
158 */ |
|
159 public function redirect( |
|
160 array $customServiceParameters = null, |
|
161 Zend_Oauth_Token_Request $token = null, |
|
162 Zend_Oauth_Http_UserAuthorization $request = null |
|
163 ) { |
|
164 if ($token instanceof Zend_Oauth_Http_UserAuthorization) { |
|
165 $request = $token; |
|
166 $token = null; |
|
167 } |
|
168 $redirectUrl = $this->getRedirectUrl($customServiceParameters, $token, $request); |
|
169 header('Location: ' . $redirectUrl); |
|
170 exit(1); |
|
171 } |
|
172 |
|
173 /** |
|
174 * Retrieve an Access Token in exchange for a previously received/authorized |
|
175 * Request Token. |
|
176 * |
|
177 * @param array $queryData GET data returned in user's redirect from Provider |
|
178 * @param Zend_Oauth_Token_Request Request Token information |
|
179 * @param string $httpMethod |
|
180 * @param Zend_Oauth_Http_AccessToken $request |
|
181 * @return Zend_Oauth_Token_Access |
|
182 * @throws Zend_Oauth_Exception on invalid authorization token, non-matching response authorization token, or unprovided authorization token |
|
183 */ |
|
184 public function getAccessToken( |
|
185 $queryData, |
|
186 Zend_Oauth_Token_Request $token, |
|
187 $httpMethod = null, |
|
188 Zend_Oauth_Http_AccessToken $request = null |
|
189 ) { |
|
190 $authorizedToken = new Zend_Oauth_Token_AuthorizedRequest($queryData); |
|
191 if (!$authorizedToken->isValid()) { |
|
192 require_once 'Zend/Oauth/Exception.php'; |
|
193 throw new Zend_Oauth_Exception( |
|
194 'Response from Service Provider is not a valid authorized request token'); |
|
195 } |
|
196 if ($request === null) { |
|
197 $request = new Zend_Oauth_Http_AccessToken($this); |
|
198 } |
|
199 |
|
200 // OAuth 1.0a Verifier |
|
201 if ($authorizedToken->getParam('oauth_verifier') !== null) { |
|
202 $params = array_merge($request->getParameters(), array( |
|
203 'oauth_verifier' => $authorizedToken->getParam('oauth_verifier') |
|
204 )); |
|
205 $request->setParameters($params); |
|
206 } |
|
207 if ($httpMethod !== null) { |
|
208 $request->setMethod($httpMethod); |
|
209 } else { |
|
210 $request->setMethod($this->getRequestMethod()); |
|
211 } |
|
212 if (isset($token)) { |
|
213 if ($authorizedToken->getToken() !== $token->getToken()) { |
|
214 require_once 'Zend/Oauth/Exception.php'; |
|
215 throw new Zend_Oauth_Exception( |
|
216 'Authorized token from Service Provider does not match' |
|
217 . ' supplied Request Token details' |
|
218 ); |
|
219 } |
|
220 } else { |
|
221 require_once 'Zend/Oauth/Exception.php'; |
|
222 throw new Zend_Oauth_Exception('Request token must be passed to method'); |
|
223 } |
|
224 $this->_requestToken = $token; |
|
225 $this->_accessToken = $request->execute(); |
|
226 return $this->_accessToken; |
|
227 } |
|
228 |
|
229 /** |
|
230 * Return whatever the last Request Token retrieved was while using the |
|
231 * current Consumer instance. |
|
232 * |
|
233 * @return Zend_Oauth_Token_Request |
|
234 */ |
|
235 public function getLastRequestToken() |
|
236 { |
|
237 return $this->_requestToken; |
|
238 } |
|
239 |
|
240 /** |
|
241 * Return whatever the last Access Token retrieved was while using the |
|
242 * current Consumer instance. |
|
243 * |
|
244 * @return Zend_Oauth_Token_Access |
|
245 */ |
|
246 public function getLastAccessToken() |
|
247 { |
|
248 return $this->_accessToken; |
|
249 } |
|
250 |
|
251 /** |
|
252 * Alias to self::getLastAccessToken() |
|
253 * |
|
254 * @return Zend_Oauth_Token_Access |
|
255 */ |
|
256 public function getToken() |
|
257 { |
|
258 return $this->_accessToken; |
|
259 } |
|
260 |
|
261 /** |
|
262 * Simple Proxy to the current Zend_Oauth_Config method. It's that instance |
|
263 * which holds all configuration methods and values this object also presents |
|
264 * as it's API. |
|
265 * |
|
266 * @param string $method |
|
267 * @param array $args |
|
268 * @return mixed |
|
269 * @throws Zend_Oauth_Exception if method does not exist in config object |
|
270 */ |
|
271 public function __call($method, array $args) |
|
272 { |
|
273 if (!method_exists($this->_config, $method)) { |
|
274 require_once 'Zend/Oauth/Exception.php'; |
|
275 throw new Zend_Oauth_Exception('Method does not exist: '.$method); |
|
276 } |
|
277 return call_user_func_array(array($this->_config,$method), $args); |
|
278 } |
|
279 } |