123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507 |
- <?php
- if (!defined('GNUSOCIAL')) { exit(1); }
- require_once 'OAuth.php';
- class ApiGNUsocialOAuthDataStore extends OAuthDataStore
- {
- function lookup_consumer($consumer_key)
- {
- $con = Consumer::getKV('consumer_key', $consumer_key);
- if (!$con instanceof Consumer) {
-
-
- if ($consumer_key == 'anonymous') {
- common_debug("API OAuth - creating anonymous consumer");
- $con = new Consumer();
- $con->consumer_key = $consumer_key;
- $con->consumer_secret = $consumer_key;
- $con->created = common_sql_now();
- $result = $con->insert();
- if (!$result) {
-
- $this->serverError(_('Could not create anonymous consumer.'));
- }
- $app = Oauth_application::getByConsumerKey('anonymous');
- if (!$app) {
- common_debug("API OAuth - creating anonymous application");
- $app = new OAuth_application();
- $app->owner = 1;
- $app->consumer_key = $con->consumer_key;
- $app->name = 'anonymous';
- $app->icon = 'default-avatar-stream.png';
- $app->description = "An anonymous application";
-
-
-
- $app->access_type = 3;
- $app->type = 2;
- $app->created = common_sql_now();
- $id = $app->insert();
- if (!$id) {
-
- $this->serverError(_("Could not create anonymous OAuth application."));
- }
- }
- } else {
- return null;
- }
- }
- return new OAuthConsumer(
- $con->consumer_key,
- $con->consumer_secret
- );
- }
- function getAppByRequestToken($token_key)
- {
-
- $req_token = $this->lookup_token(
- null,
- 'request',
- $token_key
- );
- if (empty($req_token)) {
- common_debug("Couldn't get request token from oauth datastore");
- return null;
- }
-
- $token = new Token();
- $token->tok = $req_token->key;
- $result = $token->find(true);
- if (empty($result)) {
- common_debug('Couldn\'t find req token in the token table.');
- return null;
- }
-
- $app = new Oauth_application();
- $app->consumer_key = $token->consumer_key;
- $result = $app->find(true);
- if (!empty($result)) {
- return $app;
- } else {
- common_debug("Couldn't find the app!");
- return null;
- }
- }
- function new_access_token($token, $consumer, $verifier = null)
- {
- common_debug(
- sprintf(
- "New access token from request token %s, consumer %s and verifier %s ",
- $token,
- $consumer,
- $verifier
- ),
- __FILE__
- );
- $rt = new Token();
- $rt->consumer_key = $consumer->key;
- $rt->tok = $token->key;
- $rt->type = 0;
- $app = Oauth_application::getByConsumerKey($consumer->key);
- assert(!empty($app));
- if ($rt->find(true) && $rt->state == 1 && $rt->verifier == $verifier) {
- common_debug('Request token found.', __FILE__);
-
- $tokenAssoc = Oauth_token_association::getKV('token', $rt->tok);
- if (!$tokenAssoc) {
- throw new Exception(
-
- _('Could not find a profile and application associated with the request token.')
- );
- }
-
-
-
-
-
- $appUser = new Oauth_application_user();
- $appUser->application_id = $app->id;
- $appUser->profile_id = $tokenAssoc->profile_id;
- $result = $appUser->find(true);
- if (!empty($result)) {
- common_log(LOG_INFO,
- sprintf(
- "Existing access token found for application %s, profile %s.",
- $app->id,
- $tokenAssoc->profile_id
- )
- );
- $at = null;
-
-
-
-
-
-
-
-
-
-
- if ($appUser->access_type == 0) {
- $at = $this->generateNewAccessToken($consumer, $rt, $verifier);
- $this->updateAppUser($appUser, $app, $at);
- } else {
- $at = new Token();
-
- $at->consumer_key = $consumer->key;
- $at->tok = $appUser->token;
- $result = $at->find(true);
- if (!$result) {
- throw new Exception(
-
- _('Could not issue access token.')
- );
- }
- }
-
- return new OAuthToken($at->tok, $at->secret);
- } else {
- common_log(LOG_INFO,
- sprintf(
- "Creating new access token for application %s, profile %s.",
- $app->id,
- $tokenAssoc->profile_id
- )
- );
- $at = $this->generateNewAccessToken($consumer, $rt, $verifier);
- $this->newAppUser($tokenAssoc, $app, $at);
-
- return new OAuthToken($at->tok, $at->secret);
- }
- } else {
-
- common_log(
- LOG_INFO,
- sprintf(
- "API OAuth - Attempt to exchange unauthorized or unverified request token %s for an access token.",
- $rt->tok
- )
- );
- return null;
- }
- }
-
- private function generateNewAccessToken($consumer, $rt, $verifier)
- {
- $at = new Token();
- $at->consumer_key = $consumer->key;
- $at->tok = common_random_hexstr(16);
- $at->secret = common_random_hexstr(16);
- $at->type = 1;
- $at->verifier = $verifier;
- $at->verified_callback = $rt->verified_callback;
- $at->created = common_sql_now();
- if (!$at->insert()) {
- $e = $at->_lastError;
- common_debug('access token "' . $at->tok . '" not inserted: "' . $e->message . '"', __FILE__);
- return null;
- } else {
- common_debug('access token "' . $at->tok . '" inserted', __FILE__);
-
- $orig_rt = clone($rt);
- $rt->state = 2;
- if (!$rt->update($orig_rt)) {
- return null;
- }
- common_debug('request token "' . $rt->tok . '" updated', __FILE__);
- }
- return $at;
- }
-
- private function newAppUser($tokenAssoc, $app, $at)
- {
- $appUser = new Oauth_application_user();
- $appUser->profile_id = $tokenAssoc->profile_id;
- $appUser->application_id = $app->id;
- $appUser->access_type = $app->access_type;
- $appUser->token = $at->tok;
- $appUser->created = common_sql_now();
- $result = $appUser->insert();
- if (!$result) {
- common_log_db_error($appUser, 'INSERT', __FILE__);
- throw new Exception(
-
- _('Database error inserting OAuth application user.')
- );
- }
- }
-
- private function updateAppUser($appUser, $app, $at)
- {
- $original = clone($appUser);
- $appUser->access_type = $app->access_type;
- $appUser->token = $at->tok;
- $result = $appUser->update($original);
- if (!$result) {
- common_log_db_error($appUser, 'UPDATE', __FILE__);
- throw new Exception(
-
- _('Database error updating OAuth application user.')
- );
- }
- }
-
- public function revoke_token($token_key, $type = 0) {
- $rt = new Token();
- $rt->tok = $token_key;
- $rt->type = $type;
- $rt->state = 0;
- if (!$rt->find(true)) {
-
- throw new Exception(_('Tried to revoke unknown token.'));
- }
- if (!$rt->delete()) {
-
- throw new Exception(_('Failed to delete revoked token.'));
- }
- }
-
- function new_request_token($consumer, $callback = null)
- {
- $t = new Token();
- $t->consumer_key = $consumer->key;
- $t->tok = common_random_hexstr(16);
- $t->secret = common_random_hexstr(16);
- $t->type = 0;
- $t->state = 0;
- $t->verified_callback = $callback;
- if ($callback === 'oob') {
-
- $t->verifier = mt_rand(0, 9999999);
- } else {
- $t->verifier = common_random_hexstr(8);
- }
- $t->created = common_sql_now();
- if (!$t->insert()) {
- return null;
- } else {
- return new OAuthToken($t->tok, $t->secret);
- }
- }
-
- public function authorize_token($token_key) {
- $rt = new Token();
- $rt->tok = $token_key;
- $rt->type = 0;
- $rt->state = 0;
- if (!$rt->find(true)) {
- throw new Exception('Tried to authorize unknown token');
- }
- $orig_rt = clone($rt);
- $rt->state = 1;
- if (!$rt->update($orig_rt)) {
- throw new Exception('Failed to authorize token');
- }
- }
-
- function lookup_nonce($consumer, $token, $nonce, $timestamp)
- {
- $n = new Nonce();
- $n->consumer_key = $consumer->key;
- $n->ts = common_sql_date($timestamp);
- $n->nonce = $nonce;
- if ($n->find(true)) {
- return true;
- } else {
- $n->created = common_sql_now();
- $n->insert();
- return false;
- }
- }
-
- function lookup_token($consumer, $token_type, $token)
- {
- $t = new Token();
- if (!is_null($consumer)) {
- $t->consumer_key = $consumer->key;
- }
- $t->tok = $token;
- $t->type = ($token_type == 'access') ? 1 : 0;
- if ($t->find(true)) {
- return new OAuthToken($t->tok, $t->secret);
- } else {
- return null;
- }
- }
-
- function getTokenByKey($token_key)
- {
- $t = new Token();
- $t->tok = $token_key;
- if ($t->find(true)) {
- return $t;
- } else {
- return null;
- }
- }
- }
|