X-Git-Url: https://git.cweiske.de/grauphel.git/blobdiff_plain/381f04b7e408baccc64588a865bff33bcd87e152..9b69209d884a6d01e890ec3360cb88fe7cf64f6a:/lib/oauth.php diff --git a/lib/oauth.php b/lib/oauth.php index 6900c20..9fea742 100644 --- a/lib/oauth.php +++ b/lib/oauth.php @@ -103,7 +103,20 @@ class OAuth return OAUTH_PARAMETER_ABSENT; } - $token = $this->tokens->load('access', $provider->token); + try { + $token = $this->tokens->load('access', $provider->token); + } catch (OAuthException $e) { + if ($e->getCode() == OAUTH_TOKEN_REJECTED) { + return OAUTH_TOKEN_REJECTED; + } + throw $e; + } + + if (time() - $token->lastuse > 60) { + //time to update lastuse after at least a minute + $this->tokens->updateLastUse($token->tokenKey); + } + $provider->token_secret = $token->secret; return OAUTH_OK; } @@ -140,13 +153,26 @@ class OAuth /** * Get a new oauth provider instance. * Used to work around the fastcgi bug in oauthprovider. - * + * * @return \OAuthProvider */ public static function getProvider() { //$_SERVER['REDIRECT_HTTP_AUTHORIZATION'] = $_SERVER['HTTP_AUTHORIZATION']; //unset($_SERVER['HTTP_AUTHORIZATION']); + if ((isset($_SERVER['HTTP_AUTHORIZATION']) + && strlen($_SERVER['HTTP_AUTHORIZATION']) + && strtolower(substr($_SERVER['HTTP_AUTHORIZATION'], 0, 5)) != 'oauth') + || (isset($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) + && strlen($_SERVER['REDIRECT_HTTP_AUTHORIZATION']) + && strtolower(substr($_SERVER['REDIRECT_HTTP_AUTHORIZATION'], 0, 5)) != 'oauth') + ) { + //work around bug https://bugs.php.net/bug.php?id=68168 + //#68168: HTTP Basic auth reported as "signature_method_rejected" + throw new \OAuthException( + 'No oauth auth header', OAUTH_PARAMETER_ABSENT + ); + } $params = array(); if (!isset($_SERVER['HTTP_AUTHORIZATION'])