9 * @author Christian Weiske <cweiske@cweiske.de>
10 * @copyright 2014 Christian Weiske
11 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
12 * @link http://cweiske.de/grauphel.htm
14 namespace OCA\Grauphel\Lib;
17 * Storage base class that implements note updating
21 * @author Christian Weiske <cweiske@cweiske.de>
22 * @copyright 2014 Christian Weiske
23 * @license http://www.gnu.org/licenses/agpl.html GNU AGPL v3
24 * @version Release: @package_version@
25 * @link http://cweiske.de/grauphel.htm
36 public function setDeps(Dependencies $deps)
38 $this->tokens = $deps->tokens;
42 * Register callbacks for the oauth dance.
44 public function registerHandler(\OAuthProvider $provider)
46 $provider->consumerHandler(array($this, 'lookupConsumer'));
47 $provider->timestampNonceHandler(array($this, 'timestampNonceChecker'));
51 public function registerVerificationTokenHandler(\OAuthProvider $provider)
53 $provider->tokenHandler(array($this, 'verifyTokenHandler'));
57 public function registerAccessTokenHandler(\OAuthProvider $provider)
59 $provider->tokenHandler(array($this, 'accessTokenHandler'));
63 public function validateToken($tokenKey)
65 return (bool) preg_match('#^[a-z0-9]+$#', $tokenKey);
68 public function lookupConsumer(\OAuthProvider $provider)
70 //tomboy assumes secret==key=="anyone"
71 $provider->consumer_secret = $provider->consumer_key;//'anyone';
72 $provider->addRequiredParameter('oauth_callback');
77 public function timestampNonceChecker(\OAuthProvider $provider)
79 //var_dump($provider->nonce, $provider->timestamp);
85 public function verifyTokenHandler(\OAuthProvider $provider)
87 $token = $this->tokens->load('verify', $provider->token);
88 if ($provider->verifier == '') {
89 return OAUTH_VERIFIER_INVALID;
91 if ($provider->verifier != $token->verifier) {
92 return OAUTH_VERIFIER_INVALID;
95 $provider->token_secret = $token->secret;
99 public function accessTokenHandler(\OAuthProvider $provider)
101 $token = $this->tokens->load('access', $provider->token);
102 $provider->token_secret = $token->secret;
106 public function verifyOAuthUser($username, $url)
109 $provider = OAuth::getProvider();
110 $this->registerHandler($provider);
111 $this->registerAccessTokenHandler($provider);
112 //do not use "user" in signature
113 $provider->setParam('user', null);
115 $provider->checkOAuthRequest($url);
117 $token = $this->tokens->load('access', $provider->token);
118 if ($token->user != $username) {
119 errorOut('Invalid user');
121 } catch (\OAuthException $e) {
126 public function error(\OAuthException $e)
128 header('HTTP/1.0 400 Bad Request');
129 //header('Content-type: application/x-www-form-urlencoded');
130 echo \OAuthProvider::reportProblem($e);
136 * Get a new oauth provider instance.
137 * Used to work around the fastcgi bug in oauthprovider.
139 * @return \OAuthProvider
141 public static function getProvider()
143 //$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION'];
144 //unset($_SERVER['HTTP_AUTHORIZATION']);
147 if (!isset($_SERVER['HTTP_AUTHORIZATION'])
148 && isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION'])
150 //FastCgi puts the headers in REDIRECT_HTTP_AUTHORIZATION,
151 // but the oauth extension does not read that.
152 // we have to parse the parameters manually
153 $regex = "/(oauth_[a-z_-]*)=(?:\"([^\"]*)\"|([^,]*))/";
155 $regex, $_SERVER['REDIRECT_HTTP_AUTHORIZATION'], $matches
158 foreach ($matches[1] as $key => $paramName) {
159 $params[$paramName] = urldecode($matches[2][$key]);
163 return new \OAuthProvider($params);