9 * @author Christian Weiske <cweiske@cweiske.de>
10 * @copyright 2014 Christian Weiske
11 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
12 * @link http://cweiske.de/grauphel.htm
14 namespace OCA\Grauphel\Lib;
17 * Storage base class that implements note updating
21 * @author Christian Weiske <cweiske@cweiske.de>
22 * @copyright 2014 Christian Weiske
23 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
24 * @version Release: @package_version@
25 * @link http://cweiske.de/grauphel.htm
36 public function setDeps(Dependencies $deps)
38 $this->tokens = $deps->tokens;
42 * Register callbacks for the oauth dance.
44 public function registerHandler(\OAuthProvider $provider)
46 $provider->consumerHandler(array($this, 'lookupConsumer'));
47 $provider->timestampNonceHandler(array($this, 'timestampNonceChecker'));
51 public function registerVerificationTokenHandler(\OAuthProvider $provider)
53 $provider->tokenHandler(array($this, 'verifyTokenHandler'));
57 public function registerAccessTokenHandler(\OAuthProvider $provider)
59 $provider->tokenHandler(array($this, 'accessTokenHandler'));
63 public function validateToken($tokenKey)
65 return (bool) preg_match('#^[a-z0-9]+$#', $tokenKey);
68 public function lookupConsumer(\OAuthProvider $provider)
70 //tomboy assumes secret==key=="anyone"
71 $provider->consumer_secret = $provider->consumer_key;//'anyone';
72 $provider->addRequiredParameter('oauth_callback');
77 public function timestampNonceChecker(\OAuthProvider $provider)
79 //var_dump($provider->nonce, $provider->timestamp);
85 public function verifyTokenHandler(\OAuthProvider $provider)
87 $token = $this->tokens->load('verify', $provider->token);
88 if ($provider->verifier == '') {
89 return OAUTH_VERIFIER_INVALID;
91 if ($provider->verifier != $token->verifier) {
92 return OAUTH_VERIFIER_INVALID;
95 $provider->token_secret = $token->secret;
99 public function accessTokenHandler(\OAuthProvider $provider)
101 if ($provider->token == '') {
102 //conboy sends empty token when not authed yet
103 return OAUTH_PARAMETER_ABSENT;
107 $token = $this->tokens->load('access', $provider->token);
108 } catch (OAuthException $e) {
109 if ($e->getCode() == OAUTH_TOKEN_REJECTED) {
110 return OAUTH_TOKEN_REJECTED;
115 if (time() - $token->lastuse > 60) {
116 //time to update lastuse after at least a minute
117 $this->tokens->updateLastUse($token->tokenKey);
120 $provider->token_secret = $token->secret;
124 public function verifyOAuthUser($username, $url)
127 $provider = OAuth::getProvider();
128 $this->registerHandler($provider);
129 $this->registerAccessTokenHandler($provider);
130 //do not use "user" in signature
131 $provider->setParam('user', null);
133 $provider->checkOAuthRequest($url);
135 $token = $this->tokens->load('access', $provider->token);
136 if ($token->user != $username) {
137 errorOut('Invalid user');
139 } catch (\OAuthException $e) {
144 public function error(\OAuthException $e)
146 header('HTTP/1.0 400 Bad Request');
147 //header('Content-type: application/x-www-form-urlencoded');
148 echo \OAuthProvider::reportProblem($e);
154 * Get a new oauth provider instance.
155 * Used to work around the fastcgi bug in oauthprovider.
157 * @return \OAuthProvider
159 public static function getProvider()
162 //$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION'];
164 if (isset($_SERVER['HTTP_AUTHORIZATION'])
165 && $_SERVER['HTTP_AUTHORIZATION'] == ''
167 //work around bug https://bugs.php.net/bug.php?id=68168
168 //#68168: HTTP Basic auth and empty auth header reported
169 // as "signature_method_rejected"
170 $params['oauth_signature_method'] = OAUTH_SIG_METHOD_PLAINTEXT;
173 if (!isset($_SERVER['HTTP_AUTHORIZATION'])
174 && isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
176 //FastCgi puts the headers in REDIRECT_HTTP_AUTHORIZATION,
177 // but the oauth extension does not read that.
178 // we have to parse the parameters manually
179 $params = static::parseOAuthHeader(
180 $_SERVER['REDIRECT_HTTP_AUTHORIZATION']
184 //work around https://github.com/tomboy-notes/tomboy.osx/issues/39
185 //,oauth_signature="anyone%2526",oauth_signature_method="PLAINTEXT",
186 if (isset($_SERVER['HTTP_AUTHORIZATION'])
187 && strpos($_SERVER['HTTP_AUTHORIZATION'], '"anyone%2526"') !== false
189 $params = static::parseOAuthHeader($_SERVER['HTTP_AUTHORIZATION']);
191 if (isset($params['oauth_signature'])
192 && $params['oauth_signature'] == 'anyone%26'
194 //second if to catch the REDIRECT values
195 $params['oauth_signature'] ='anyone&';
198 return new \OAuthProvider($params);
202 * Parse an OAuth HTTP header into an array
204 * @param string $headerValue HTTP header value (after "Authorization:")
206 * @return array Array of parameters
208 protected static function parseOAuthHeader($headerValue)
210 $regex = "/(oauth_[a-z_-]*)=(?:\"([^\"]*)\"|([^,]*))/";
211 preg_match_all($regex, $headerValue, $matches);
214 foreach ($matches[1] as $key => $paramName) {
215 $params[$paramName] = urldecode($matches[2][$key]);