mz/crm.twinpol.com
1
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Add php files

Browse Source
This commit is contained in:
Michał Zieliński
2025-05-12 15:44:39 +00:00
parent c951760058
commit 82d5804ac4
9534 changed files with 2638137 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

336
Zend/Oauth/Client.php Executable file
View File

@@ -0,0 +1,336 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth */
require_once 'Zend/Oauth.php';
/** Zend_Http_Client */
require_once 'Zend/Http/Client.php';
/** Zend_Oauth_Http_Utility */
require_once 'Zend/Oauth/Http/Utility.php';
/** Zend_Oauth_Config */
require_once 'Zend/Oauth/Config.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Client extends Zend_Http_Client
{
/**
* Flag to indicate that the client has detected the server as supporting
* OAuth 1.0a
*/
public static $supportsRevisionA = false;
/**
* Holds the current OAuth Configuration set encapsulated in an instance
* of Zend_Oauth_Config; it's not a Zend_Config instance since that level
* of abstraction is unnecessary and doesn't let me escape the accessors
* and mutators anyway!
*
* @var Zend_Oauth_Config
*/
protected $_config = null;
/**
* True if this request is being made with data supplied by
* a stream object instead of a raw encoded string.
*
* @var bool
*/
protected $_streamingRequest = null;
/**
* Constructor; creates a new HTTP Client instance which itself is
* just a typical Zend_Http_Client subclass with some OAuth icing to
* assist in automating OAuth parameter generation, addition and
* cryptographioc signing of requests.
*
* @param array $oauthOptions
* @param string $uri
* @param array|Zend_Config $config
* @return void
*/
public function __construct($oauthOptions, $uri = null, $config = null)
{
parent::__construct($uri, $config);
$this->_config = new Zend_Oauth_Config;
if ($oauthOptions !== null) {
if ($oauthOptions instanceof Zend_Config) {
$oauthOptions = $oauthOptions->toArray();
}
$this->_config->setOptions($oauthOptions);
}
}
/**
* Return the current connection adapter
*
* @return Zend_Http_Client_Adapter_Interface|string $adapter
*/
public function getAdapter()
{
return $this->adapter;
}
/**
* Load the connection adapter
*
* @param Zend_Http_Client_Adapter_Interface $adapter
* @return void
*/
public function setAdapter($adapter)
{
if ($adapter == null) {
$this->adapter = $adapter;
} else {
parent::setAdapter($adapter);
}
}
/**
* Set the streamingRequest variable which controls whether we are
* sending the raw (already encoded) POST data from a stream source.
*
* @param boolean $value The value to set.
* @return void
*/
public function setStreamingRequest($value)
{
$this->_streamingRequest = $value;
}
/**
* Check whether the client is set to perform streaming requests.
*
* @return boolean True if yes, false otherwise.
*/
public function getStreamingRequest()
{
if ($this->_streamingRequest) {
return true;
} else {
return false;
}
}
/**
* Prepare the request body (for POST and PUT requests)
*
* @return string
* @throws Zend_Http_Client_Exception
*/
protected function _prepareBody()
{
if($this->_streamingRequest) {
$this->setHeaders(self::CONTENT_LENGTH,
$this->raw_post_data->getTotalSize());
return $this->raw_post_data;
}
else {
return parent::_prepareBody();
}
}
/**
* Clear all custom parameters we set.
*
* @return Zend_Http_Client
*/
public function resetParameters($clearAll = false)
{
$this->_streamingRequest = false;
return parent::resetParameters($clearAll);
}
/**
* Set the raw (already encoded) POST data from a stream source.
*
* This is used to support POSTing from open file handles without
* caching the entire body into memory. It is a wrapper around
* Zend_Http_Client::setRawData().
*
* @param string $data The request data
* @param string $enctype The encoding type
* @return Zend_Http_Client
*/
public function setRawDataStream($data, $enctype = null)
{
$this->_streamingRequest = true;
return $this->setRawData($data, $enctype);
}
/**
* Same as Zend_Http_Client::setMethod() except it also creates an
* Oauth specific reference to the method type.
* Might be defunct and removed in a later iteration.
*
* @param string $method
* @return Zend_Http_Client
*/
public function setMethod($method = self::GET)
{
if ($method == self::GET) {
$this->setRequestMethod(self::GET);
} elseif($method == self::POST) {
$this->setRequestMethod(self::POST);
} elseif($method == self::PUT) {
$this->setRequestMethod(self::PUT);
} elseif($method == self::DELETE) {
$this->setRequestMethod(self::DELETE);
} elseif($method == self::HEAD) {
$this->setRequestMethod(self::HEAD);
}
return parent::setMethod($method);
}
/**
* Same as Zend_Http_Client::request() except just before the request is
* executed, we automatically append any necessary OAuth parameters and
* sign the request using the relevant signature method.
*
* @param string $method
* @return Zend_Http_Response
*/
public function request($method = null)
{
if ($method !== null) {
$this->setMethod($method);
}
$this->prepareOauth();
return parent::request();
}
/**
* Performs OAuth preparation on the request before sending.
*
* This primarily means taking a request, correctly encoding and signing
* all parameters, and applying the correct OAuth scheme to the method
* being used.
*
* @return void
* @throws Zend_Oauth_Exception If POSTBODY scheme requested, but GET request method used; or if invalid request scheme provided
*/
public function prepareOauth()
{
$requestScheme = $this->getRequestScheme();
$requestMethod = $this->getRequestMethod();
$query = null;
if ($requestScheme == Zend_Oauth::REQUEST_SCHEME_HEADER) {
$oauthHeaderValue = $this->getToken()->toHeader(
$this->getUri(true),
$this->_config,
$this->_getSignableParametersAsQueryString()
);
$this->setHeaders('Authorization', $oauthHeaderValue);
} elseif ($requestScheme == Zend_Oauth::REQUEST_SCHEME_POSTBODY) {
if ($requestMethod == self::GET) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'The client is configured to'
. ' pass OAuth parameters through a POST body but request method'
. ' is set to GET'
);
}
$raw = $this->getToken()->toQueryString(
$this->getUri(true),
$this->_config,
$this->_getSignableParametersAsQueryString()
);
$this->setRawData($raw);
$this->paramsPost = array();
} elseif ($requestScheme == Zend_Oauth::REQUEST_SCHEME_QUERYSTRING) {
$params = array();
$query = $this->getUri()->getQuery();
if ($query) {
$queryParts = explode('&', $this->getUri()->getQuery());
foreach ($queryParts as $queryPart) {
$kvTuple = explode('=', $queryPart);
$params[$kvTuple[0]] =
(array_key_exists(1, $kvTuple) ? $kvTuple[1] : NULL);
}
}
if (!empty($this->paramsPost)) {
$params = array_merge($params, $this->paramsPost);
$query = $this->getToken()->toQueryString(
$this->getUri(true), $this->_config, $params
);
}
$query = $this->getToken()->toQueryString(
$this->getUri(true), $this->_config, $params
);
$this->getUri()->setQuery($query);
$this->paramsGet = array();
} else {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception('Invalid request scheme: ' . $requestScheme);
}
}
/**
* Collect all signable parameters into a single array across query string
* and POST body. These are returned as a properly formatted single
* query string.
*
* @return string
*/
protected function _getSignableParametersAsQueryString()
{
$params = array();
if (!empty($this->paramsGet)) {
$params = array_merge($params, $this->paramsGet);
$query = $this->getToken()->toQueryString(
$this->getUri(true), $this->_config, $params
);
}
if (!empty($this->paramsPost)) {
$params = array_merge($params, $this->paramsPost);
$query = $this->getToken()->toQueryString(
$this->getUri(true), $this->_config, $params
);
}
return $params;
}
/**
* Simple Proxy to the current Zend_Oauth_Config method. It's that instance
* which holds all configuration methods and values this object also presents
* as it's API.
*
* @param string $method
* @param array $args
* @return mixed
* @throws Zend_Oauth_Exception if method does not exist in config object
*/
public function __call($method, array $args)
{
if (!method_exists($this->_config, $method)) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception('Method does not exist: ' . $method);
}
return call_user_func_array(array($this->_config,$method), $args);
}
}

658
Zend/Oauth/Config.php Executable file
View File

@@ -0,0 +1,658 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth */
require_once 'Zend/Oauth.php';
/** Zend_Uri */
require_once 'Zend/Uri.php';
/** Zend_Oauth_Config_Interface */
require_once 'Zend/Oauth/Config/ConfigInterface.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Config implements Zend_Oauth_Config_ConfigInterface
{
/**
* Signature method used when signing all parameters for an HTTP request
*
* @var string
*/
protected $_signatureMethod = 'HMAC-SHA1';
/**
* Three request schemes are defined by OAuth, of which passing
* all OAuth parameters by Header is preferred. The other two are
* POST Body and Query String.
*
* @var string
*/
protected $_requestScheme = Zend_Oauth::REQUEST_SCHEME_HEADER;
/**
* Preferred request Method - one of GET or POST - which Zend_Oauth
* will enforce as standard throughout the library. Generally a default
* of POST works fine unless a Provider specifically requires otherwise.
*
* @var string
*/
protected $_requestMethod = Zend_Oauth::POST;
/**
* OAuth Version; This defaults to 1.0 - Must not be changed!
*
* @var string
*/
protected $_version = '1.0';
/**
* This optional value is used to define where the user is redirected to
* after authorizing a Request Token from an OAuth Providers website.
* It's optional since a Provider may ask for this to be defined in advance
* when registering a new application for a Consumer Key.
*
* @var string
*/
protected $_callbackUrl = null;
/**
* The URL root to append default OAuth endpoint paths.
*
* @var string
*/
protected $_siteUrl = null;
/**
* The URL to which requests for a Request Token should be directed.
* When absent, assumed siteUrl+'/request_token'
*
* @var string
*/
protected $_requestTokenUrl = null;
/**
* The URL to which requests for an Access Token should be directed.
* When absent, assumed siteUrl+'/access_token'
*
* @var string
*/
protected $_accessTokenUrl = null;
/**
* The URL to which users should be redirected to authorize a Request Token.
* When absent, assumed siteUrl+'/authorize'
*
* @var string
*/
protected $_authorizeUrl = null;
/**
* An OAuth application's Consumer Key.
*
* @var string
*/
protected $_consumerKey = null;
/**
* Every Consumer Key has a Consumer Secret unless you're in RSA-land.
*
* @var string
*/
protected $_consumerSecret = null;
/**
* If relevant, a PEM encoded RSA private key encapsulated as a
* Zend_Crypt_Rsa Key
*
* @var Zend_Crypt_Rsa_Key_Private
*/
protected $_rsaPrivateKey = null;
/**
* If relevant, a PEM encoded RSA public key encapsulated as a
* Zend_Crypt_Rsa Key
*
* @var Zend_Crypt_Rsa_Key_Public
*/
protected $_rsaPublicKey = null;
/**
* Generally this will nearly always be an Access Token represented as a
* Zend_Oauth_Token_Access object.
*
* @var Zend_Oauth_Token
*/
protected $_token = null;
/**
* Constructor; create a new object with an optional array|Zend_Config
* instance containing initialising options.
*
* @param array|Zend_Config $options
* @return void
*/
public function __construct($options = null)
{
if ($options !== null) {
if ($options instanceof Zend_Config) {
$options = $options->toArray();
}
$this->setOptions($options);
}
}
/**
* Parse option array or Zend_Config instance and setup options using their
* relevant mutators.
*
* @param array|Zend_Config $options
* @return Zend_Oauth_Config
*/
public function setOptions(array $options)
{
foreach ($options as $key => $value) {
switch ($key) {
case 'consumerKey':
$this->setConsumerKey($value);
break;
case 'consumerSecret':
$this->setConsumerSecret($value);
break;
case 'signatureMethod':
$this->setSignatureMethod($value);
break;
case 'version':
$this->setVersion($value);
break;
case 'callbackUrl':
$this->setCallbackUrl($value);
break;
case 'siteUrl':
$this->setSiteUrl($value);
break;
case 'requestTokenUrl':
$this->setRequestTokenUrl($value);
break;
case 'accessTokenUrl':
$this->setAccessTokenUrl($value);
break;
case 'userAuthorizationUrl':
$this->setUserAuthorizationUrl($value);
break;
case 'authorizeUrl':
$this->setAuthorizeUrl($value);
break;
case 'requestMethod':
$this->setRequestMethod($value);
break;
case 'rsaPrivateKey':
$this->setRsaPrivateKey($value);
break;
case 'rsaPublicKey':
$this->setRsaPublicKey($value);
break;
}
}
if (isset($options['requestScheme'])) {
$this->setRequestScheme($options['requestScheme']);
}
return $this;
}
/**
* Set consumer key
*
* @param string $key
* @return Zend_Oauth_Config
*/
public function setConsumerKey($key)
{
$this->_consumerKey = $key;
return $this;
}
/**
* Get consumer key
*
* @return string
*/
public function getConsumerKey()
{
return $this->_consumerKey;
}
/**
* Set consumer secret
*
* @param string $secret
* @return Zend_Oauth_Config
*/
public function setConsumerSecret($secret)
{
$this->_consumerSecret = $secret;
return $this;
}
/**
* Get consumer secret
*
* Returns RSA private key if set; otherwise, returns any previously set
* consumer secret.
*
* @return string
*/
public function getConsumerSecret()
{
if ($this->_rsaPrivateKey !== null) {
return $this->_rsaPrivateKey;
}
return $this->_consumerSecret;
}
/**
* Set signature method
*
* @param string $method
* @return Zend_Oauth_Config
* @throws Zend_Oauth_Exception if unsupported signature method specified
*/
public function setSignatureMethod($method)
{
$method = strtoupper($method);
if (!in_array($method, array(
'HMAC-SHA1', 'HMAC-SHA256', 'RSA-SHA1', 'PLAINTEXT'
))
) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception('Unsupported signature method: '
. $method
. '. Supported are HMAC-SHA1, RSA-SHA1, PLAINTEXT and HMAC-SHA256');
}
$this->_signatureMethod = $method;;
return $this;
}
/**
* Get signature method
*
* @return string
*/
public function getSignatureMethod()
{
return $this->_signatureMethod;
}
/**
* Set request scheme
*
* @param string $scheme
* @return Zend_Oauth_Config
* @throws Zend_Oauth_Exception if invalid scheme specified, or if POSTBODY set when request method of GET is specified
*/
public function setRequestScheme($scheme)
{
$scheme = strtolower($scheme);
if (!in_array($scheme, array(
Zend_Oauth::REQUEST_SCHEME_HEADER,
Zend_Oauth::REQUEST_SCHEME_POSTBODY,
Zend_Oauth::REQUEST_SCHEME_QUERYSTRING,
))
) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'\'' . $scheme . '\' is an unsupported request scheme'
);
}
if ($scheme == Zend_Oauth::REQUEST_SCHEME_POSTBODY
&& $this->getRequestMethod() == Zend_Oauth::GET
) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'Cannot set POSTBODY request method if HTTP method set to GET'
);
}
$this->_requestScheme = $scheme;
return $this;
}
/**
* Get request scheme
*
* @return string
*/
public function getRequestScheme()
{
return $this->_requestScheme;
}
/**
* Set version
*
* @param string $version
* @return Zend_Oauth_Config
*/
public function setVersion($version)
{
$this->_version = $version;
return $this;
}
/**
* Get version
*
* @return string
*/
public function getVersion()
{
return $this->_version;
}
/**
* Set callback URL
*
* @param string $url
* @return Zend_Oauth_Config
* @throws Zend_Oauth_Exception for invalid URLs
*/
public function setCallbackUrl($url)
{
if (!Zend_Uri::check($url)) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'\'' . $url . '\' is not a valid URI'
);
}
$this->_callbackUrl = $url;
return $this;
}
/**
* Get callback URL
*
* @return string
*/
public function getCallbackUrl()
{
return $this->_callbackUrl;
}
/**
* Set site URL
*
* @param string $url
* @return Zend_Oauth_Config
* @throws Zend_Oauth_Exception for invalid URLs
*/
public function setSiteUrl($url)
{
if (!Zend_Uri::check($url)) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'\'' . $url . '\' is not a valid URI'
);
}
$this->_siteUrl = $url;
return $this;
}
/**
* Get site URL
*
* @return string
*/
public function getSiteUrl()
{
return $this->_siteUrl;
}
/**
* Set request token URL
*
* @param string $url
* @return Zend_Oauth_Config
* @throws Zend_Oauth_Exception for invalid URLs
*/
public function setRequestTokenUrl($url)
{
if (!Zend_Uri::check($url)) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'\'' . $url . '\' is not a valid URI'
);
}
$this->_requestTokenUrl = rtrim($url, '/');
return $this;
}
/**
* Get request token URL
*
* If no request token URL has been set, but a site URL has, returns the
* site URL with the string "/request_token" appended.
*
* @return string
*/
public function getRequestTokenUrl()
{
if (!$this->_requestTokenUrl && $this->_siteUrl) {
return $this->_siteUrl . '/request_token';
}
return $this->_requestTokenUrl;
}
/**
* Set access token URL
*
* @param string $url
* @return Zend_Oauth_Config
* @throws Zend_Oauth_Exception for invalid URLs
*/
public function setAccessTokenUrl($url)
{
if (!Zend_Uri::check($url)) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'\'' . $url . '\' is not a valid URI'
);
}
$this->_accessTokenUrl = rtrim($url, '/');
return $this;
}
/**
* Get access token URL
*
* If no access token URL has been set, but a site URL has, returns the
* site URL with the string "/access_token" appended.
*
* @return string
*/
public function getAccessTokenUrl()
{
if (!$this->_accessTokenUrl && $this->_siteUrl) {
return $this->_siteUrl . '/access_token';
}
return $this->_accessTokenUrl;
}
/**
* Set user authorization URL
*
* @param string $url
* @return Zend_Oauth_Config
* @throws Zend_Oauth_Exception for invalid URLs
*/
public function setUserAuthorizationUrl($url)
{
return $this->setAuthorizeUrl($url);
}
/**
* Set authorization URL
*
* @param string $url
* @return Zend_Oauth_Config
* @throws Zend_Oauth_Exception for invalid URLs
*/
public function setAuthorizeUrl($url)
{
if (!Zend_Uri::check($url)) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'\'' . $url . '\' is not a valid URI'
);
}
$this->_authorizeUrl = rtrim($url, '/');
return $this;
}
/**
* Get user authorization URL
*
* @return string
*/
public function getUserAuthorizationUrl()
{
return $this->getAuthorizeUrl();
}
/**
* Get authorization URL
*
* If no authorization URL has been set, but a site URL has, returns the
* site URL with the string "/authorize" appended.
*
* @return string
*/
public function getAuthorizeUrl()
{
if (!$this->_authorizeUrl && $this->_siteUrl) {
return $this->_siteUrl . '/authorize';
}
return $this->_authorizeUrl;
}
/**
* Set request method
*
* @param string $method
* @return Zend_Oauth_Config
* @throws Zend_Oauth_Exception for invalid request methods
*/
public function setRequestMethod($method)
{
$method = strtoupper($method);
if (!in_array($method, array(
Zend_Oauth::GET,
Zend_Oauth::POST,
Zend_Oauth::PUT,
Zend_Oauth::DELETE,
))
) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception('Invalid method: ' . $method);
}
$this->_requestMethod = $method;
return $this;
}
/**
* Get request method
*
* @return string
*/
public function getRequestMethod()
{
return $this->_requestMethod;
}
/**
* Set RSA public key
*
* @param Zend_Crypt_Rsa_Key_Public $key
* @return Zend_Oauth_Config
*/
public function setRsaPublicKey(Zend_Crypt_Rsa_Key_Public $key)
{
$this->_rsaPublicKey = $key;
return $this;
}
/**
* Get RSA public key
*
* @return Zend_Crypt_Rsa_Key_Public
*/
public function getRsaPublicKey()
{
return $this->_rsaPublicKey;
}
/**
* Set RSA private key
*
* @param Zend_Crypt_Rsa_Key_Private $key
* @return Zend_Oauth_Config
*/
public function setRsaPrivateKey(Zend_Crypt_Rsa_Key_Private $key)
{
$this->_rsaPrivateKey = $key;
return $this;
}
/**
* Get RSA private key
*
* @return Zend_Crypt_Rsa_Key_Private
*/
public function getRsaPrivateKey()
{
return $this->_rsaPrivateKey;
}
/**
* Set OAuth token
*
* @param Zend_Oauth_Token $token
* @return Zend_Oauth_Config
*/
public function setToken(Zend_Oauth_Token $token)
{
$this->_token = $token;
return $this;
}
/**
* Get OAuth token
*
* @return Zend_Oauth_Token
*/
public function getToken()
{
return $this->_token;
}
}

75
Zend/Oauth/Config/ConfigInterface.php Executable file
View File

@@ -0,0 +1,75 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
interface Zend_Oauth_Config_ConfigInterface
{
public function setOptions(array $options);
public function setConsumerKey($key);
public function getConsumerKey();
public function setConsumerSecret($secret);
public function getConsumerSecret();
public function setSignatureMethod($method);
public function getSignatureMethod();
public function setRequestScheme($scheme);
public function getRequestScheme();
public function setVersion($version);
public function getVersion();
public function setCallbackUrl($url);
public function getCallbackUrl();
public function setRequestTokenUrl($url);
public function getRequestTokenUrl();
public function setRequestMethod($method);
public function getRequestMethod();
public function setAccessTokenUrl($url);
public function getAccessTokenUrl();
public function setUserAuthorizationUrl($url);
public function getUserAuthorizationUrl();
public function setToken(Zend_Oauth_Token $token);
public function getToken();
}

273
Zend/Oauth/Consumer.php Executable file
View File

@@ -0,0 +1,273 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth */
require_once 'Zend/Oauth.php';
/** Zend_Uri */
require_once 'Zend/Uri.php';
/** Zend_Oauth_Http_RequestToken */
require_once 'Zend/Oauth/Http/RequestToken.php';
/** Zend_Oauth_Http_UserAuthorization */
require_once 'Zend/Oauth/Http/UserAuthorization.php';
/** Zend_Oauth_Http_AccessToken */
require_once 'Zend/Oauth/Http/AccessToken.php';
/** Zend_Oauth_Token_AuthorizedRequest */
require_once 'Zend/Oauth/Token/AuthorizedRequest.php';
/** Zend_Oauth_Config */
require_once 'Zend/Oauth/Config.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Consumer extends Zend_Oauth
{
public $switcheroo = false; // replace later when this works
/**
* Request Token retrieved from OAuth Provider
*
* @var Zend_Oauth_Token_Request
*/
protected $_requestToken = null;
/**
* Access token retrieved from OAuth Provider
*
* @var Zend_Oauth_Token_Access
*/
protected $_accessToken = null;
/**
* @var Zend_Oauth_Config
*/
protected $_config = null;
/**
* Constructor; create a new object with an optional array|Zend_Config
* instance containing initialising options.
*
* @param array|Zend_Config $options
* @return void
*/
public function __construct($options = null)
{
$this->_config = new Zend_Oauth_Config;
if ($options !== null) {
if ($options instanceof Zend_Config) {
$options = $options->toArray();
}
$this->_config->setOptions($options);
}
}
/**
* Attempts to retrieve a Request Token from an OAuth Provider which is
* later exchanged for an authorized Access Token used to access the
* protected resources exposed by a web service API.
*
* @param null|array $customServiceParameters Non-OAuth Provider-specified parameters
* @param null|string $httpMethod
* @param null|Zend_Oauth_Http_RequestToken $request
* @return Zend_Oauth_Token_Request
*/
public function getRequestToken(
array $customServiceParameters = null,
$httpMethod = null,
Zend_Oauth_Http_RequestToken $request = null
) {
if ($request === null) {
$request = new Zend_Oauth_Http_RequestToken($this, $customServiceParameters);
} elseif($customServiceParameters !== null) {
$request->setParameters($customServiceParameters);
}
if ($httpMethod !== null) {
$request->setMethod($httpMethod);
} else {
$request->setMethod($this->getRequestMethod());
}
$this->_requestToken = $request->execute();
return $this->_requestToken;
}
/**
* After a Request Token is retrieved, the user may be redirected to the
* OAuth Provider to authorize the application's access to their
* protected resources - the redirect URL being provided by this method.
* Once the user has authorized the application for access, they are
* redirected back to the application which can now exchange the previous
* Request Token for a fully authorized Access Token.
*
* @param null|array $customServiceParameters
* @param null|Zend_Oauth_Token_Request $token
* @param null|Zend_OAuth_Http_UserAuthorization $redirect
* @return string
*/
public function getRedirectUrl(
array $customServiceParameters = null,
Zend_Oauth_Token_Request $token = null,
Zend_Oauth_Http_UserAuthorization $redirect = null
) {
if ($redirect === null) {
$redirect = new Zend_Oauth_Http_UserAuthorization($this, $customServiceParameters);
} elseif($customServiceParameters !== null) {
$redirect->setParameters($customServiceParameters);
}
if ($token !== null) {
$this->_requestToken = $token;
}
return $redirect->getUrl();
}
/**
* Rather than retrieve a redirect URL for use, e.g. from a controller,
* one may perform an immediate redirect.
*
* Sends headers and exit()s on completion.
*
* @param null|array $customServiceParameters
* @param null|Zend_Oauth_Http_UserAuthorization $request
* @return void
*/
public function redirect(
array $customServiceParameters = null,
Zend_Oauth_Http_UserAuthorization $request = null
) {
$redirectUrl = $this->getRedirectUrl($customServiceParameters, $request);
header('Location: ' . $redirectUrl);
exit(1);
}
/**
* Retrieve an Access Token in exchange for a previously received/authorized
* Request Token.
*
* @param array $queryData GET data returned in user's redirect from Provider
* @param Zend_Oauth_Token_Request Request Token information
* @param string $httpMethod
* @param Zend_Oauth_Http_AccessToken $request
* @return Zend_Oauth_Token_Access
* @throws Zend_Oauth_Exception on invalid authorization token, non-matching response authorization token, or unprovided authorization token
*/
public function getAccessToken(
$queryData,
Zend_Oauth_Token_Request $token,
$httpMethod = null,
Zend_Oauth_Http_AccessToken $request = null
) {
$authorizedToken = new Zend_Oauth_Token_AuthorizedRequest($queryData);
if (!$authorizedToken->isValid()) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'Response from Service Provider is not a valid authorized request token');
}
if ($request === null) {
$request = new Zend_Oauth_Http_AccessToken($this);
}
// OAuth 1.0a Verifier
if (!is_null($authorizedToken->getParam('oauth_verifier'))) {
$params = array_merge($request->getParameters(), array(
'oauth_verifier' => $authorizedToken->getParam('oauth_verifier')
));
$request->setParameters($params);
}
if ($httpMethod !== null) {
$request->setMethod($httpMethod);
} else {
$request->setMethod($this->getRequestMethod());
}
if (isset($token)) {
if ($authorizedToken->getToken() !== $token->getToken()) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'Authorized token from Service Provider does not match'
. ' supplied Request Token details'
);
}
} else {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception('Request token must be passed to method');
}
$this->_requestToken = $token;
$this->_accessToken = $request->execute();
return $this->_accessToken;
}
/**
* Return whatever the last Request Token retrieved was while using the
* current Consumer instance.
*
* @return Zend_Oauth_Token_Request
*/
public function getLastRequestToken()
{
return $this->_requestToken;
}
/**
* Return whatever the last Access Token retrieved was while using the
* current Consumer instance.
*
* @return Zend_Oauth_Token_Access
*/
public function getLastAccessToken()
{
return $this->_accessToken;
}
/**
* Alias to self::getLastAccessToken()
*
* @return Zend_Oauth_Token_Access
*/
public function getToken()
{
return $this->_accessToken;
}
/**
* Simple Proxy to the current Zend_Oauth_Config method. It's that instance
* which holds all configuration methods and values this object also presents
* as it's API.
*
* @param string $method
* @param array $args
* @return mixed
* @throws Zend_Oauth_Exception if method does not exist in config object
*/
public function __call($method, array $args)
{
if (!method_exists($this->_config, $method)) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception('Method does not exist: '.$method);
}
return call_user_func_array(array($this->_config,$method), $args);
}
}

33
Zend/Oauth/Exception.php Executable file
View File

@@ -0,0 +1,33 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/**
* Zend_Exception
*/
require_once 'Zend/Exception.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Exception extends Zend_Exception {}

266
Zend/Oauth/Http.php Executable file
View File

@@ -0,0 +1,266 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Http_Utility */
require_once 'Zend/Oauth/Http/Utility.php';
/** Zend_Uri_Http */
require_once 'Zend/Uri/Http.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Http
{
/**
* Array of all custom service parameters to be sent in the HTTP request
* in addition to the usual OAuth parameters.
*
* @var array
*/
protected $_parameters = array();
/**
* Reference to the Zend_Oauth_Consumer instance in use.
*
* @var string
*/
protected $_consumer = null;
/**
* OAuth specifies three request methods, this holds the current preferred
* one which by default uses the Authorization Header approach for passing
* OAuth parameters, and a POST body for non-OAuth custom parameters.
*
* @var string
*/
protected $_preferredRequestScheme = null;
/**
* Request Method for the HTTP Request.
*
* @var string
*/
protected $_preferredRequestMethod = Zend_Oauth::POST;
/**
* Instance of the general Zend_Oauth_Http_Utility class.
*
* @var Zend_Oauth_Http_Utility
*/
protected $_httpUtility = null;
/**
* Constructor
*
* @param Zend_Oauth_Consumer $consumer
* @param null|array $parameters
* @param null|Zend_Oauth_Http_Utility $utility
* @return void
*/
public function __construct(
Zend_Oauth_Consumer $consumer,
array $parameters = null,
Zend_Oauth_Http_Utility $utility = null
) {
$this->_consumer = $consumer;
$this->_preferredRequestScheme = $this->_consumer->getRequestScheme();
if ($parameters !== null) {
$this->setParameters($parameters);
}
if ($utility !== null) {
$this->_httpUtility = $utility;
} else {
$this->_httpUtility = new Zend_Oauth_Http_Utility;
}
}
/**
* Set a preferred HTTP request method.
*
* @param string $method
* @return Zend_Oauth_Http
*/
public function setMethod($method)
{
if (!in_array($method, array(Zend_Oauth::POST, Zend_Oauth::GET))) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception('invalid HTTP method: ' . $method);
}
$this->_preferredRequestMethod = $method;
return $this;
}
/**
* Preferred HTTP request method accessor.
*
* @return string
*/
public function getMethod()
{
return $this->_preferredRequestMethod;
}
/**
* Mutator to set an array of custom parameters for the HTTP request.
*
* @param array $customServiceParameters
* @return Zend_Oauth_Http
*/
public function setParameters(array $customServiceParameters)
{
$this->_parameters = $customServiceParameters;
return $this;
}
/**
* Accessor for an array of custom parameters.
*
* @return array
*/
public function getParameters()
{
return $this->_parameters;
}
/**
* Return the Consumer instance in use.
*
* @return Zend_Oauth_Consumer
*/
public function getConsumer()
{
return $this->_consumer;
}
/**
* Commence a request cycle where the current HTTP method and OAuth
* request scheme set an upper preferred HTTP request style and where
* failures generate a new HTTP request style further down the OAuth
* preference list for OAuth Request Schemes.
* On success, return the Request object that results for processing.
*
* @param array $params
* @return Zend_Http_Response
* @throws Zend_Oauth_Exception on HTTP request errors
* @todo Remove cycling?; Replace with upfront do-or-die configuration
*/
public function startRequestCycle(array $params)
{
$response = null;
$body = null;
$status = null;
try {
$response = $this->_attemptRequest($params);
} catch (Zend_Http_Client_Exception $e) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception('Error in HTTP request', null, $e);
}
if ($response !== null) {
$body = $response->getBody();
$status = $response->getStatus();
}
if ($response === null // Request failure/exception
|| $status == 500 // Internal Server Error
|| $status == 400 // Bad Request
|| $status == 401 // Unauthorized
|| empty($body) // Missing token
) {
$this->_assessRequestAttempt($response);
$response = $this->startRequestCycle($params);
}
return $response;
}
/**
* Return an instance of Zend_Http_Client configured to use the Query
* String scheme for an OAuth driven HTTP request.
*
* @param array $params
* @param string $url
* @return Zend_Http_Client
*/
public function getRequestSchemeQueryStringClient(array $params, $url)
{
$client = Zend_Oauth::getHttpClient();
$client->setUri($url);
$client->getUri()->setQuery(
$this->_httpUtility->toEncodedQueryString($params)
);
$client->setMethod($this->_preferredRequestMethod);
return $client;
}
/**
* Manages the switch from OAuth request scheme to another lower preference
* scheme during a request cycle.
*
* @param Zend_Http_Response
* @return void
* @throws Zend_Oauth_Exception if unable to retrieve valid token response
*/
protected function _assessRequestAttempt(Zend_Http_Response $response = null)
{
switch ($this->_preferredRequestScheme) {
case Zend_Oauth::REQUEST_SCHEME_HEADER:
$this->_preferredRequestScheme = Zend_Oauth::REQUEST_SCHEME_POSTBODY;
break;
case Zend_Oauth::REQUEST_SCHEME_POSTBODY:
$this->_preferredRequestScheme = Zend_Oauth::REQUEST_SCHEME_QUERYSTRING;
break;
default:
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'Could not retrieve a valid Token response from Token URL:'
. ($response !== null
? PHP_EOL . $response->getBody()
: ' No body - check for headers')
);
}
}
/**
* Generates a valid OAuth Authorization header based on the provided
* parameters and realm.
*
* @param array $params
* @param string $realm
* @return string
*/
protected function _toAuthorizationHeader(array $params, $realm = null)
{
$headerValue = array();
$headerValue[] = 'OAuth realm="' . $realm . '"';
foreach ($params as $key => $value) {
if (!preg_match("/^oauth_/", $key)) {
continue;
}
$headerValue[] = Zend_Oauth_Http_Utility::urlEncode($key)
. '="'
. Zend_Oauth_Http_Utility::urlEncode($value)
. '"';
}
return implode(",", $headerValue);
}
}

189
Zend/Oauth/Http/AccessToken.php Executable file
View File

@@ -0,0 +1,189 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Http */
require_once 'Zend/Oauth/Http.php';
/** Zend_Oauth_Token_Access */
require_once 'Zend/Oauth/Token/Access.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Http_AccessToken extends Zend_Oauth_Http
{
/**
* Singleton instance if required of the HTTP client
*
* @var Zend_Http_Client
*/
protected $_httpClient = null;
/**
* Initiate a HTTP request to retrieve an Access Token.
*
* @return Zend_Oauth_Token_Access
*/
public function execute()
{
$params = $this->assembleParams();
$response = $this->startRequestCycle($params);
$return = new Zend_Oauth_Token_Access($response);
return $return;
}
/**
* Assemble all parameters for an OAuth Access Token request.
*
* @return array
*/
public function assembleParams()
{
$params = array(
'oauth_consumer_key' => $this->_consumer->getConsumerKey(),
'oauth_nonce' => $this->_httpUtility->generateNonce(),
'oauth_signature_method' => $this->_consumer->getSignatureMethod(),
'oauth_timestamp' => $this->_httpUtility->generateTimestamp(),
'oauth_token' => $this->_consumer->getLastRequestToken()->getToken(),
'oauth_version' => $this->_consumer->getVersion(),
);
if (!empty($this->_parameters)) {
$params = array_merge($params, $this->_parameters);
}
$params['oauth_signature'] = $this->_httpUtility->sign(
$params,
$this->_consumer->getSignatureMethod(),
$this->_consumer->getConsumerSecret(),
$this->_consumer->getLastRequestToken()->getTokenSecret(),
$this->_preferredRequestMethod,
$this->_consumer->getAccessTokenUrl()
);
return $params;
}
/**
* Generate and return a HTTP Client configured for the Header Request Scheme
* specified by OAuth, for use in requesting an Access Token.
*
* @param array $params
* @return Zend_Http_Client
*/
public function getRequestSchemeHeaderClient(array $params)
{
$params = $this->_cleanParamsOfIllegalCustomParameters($params);
$headerValue = $this->_toAuthorizationHeader($params);
$client = Zend_Oauth::getHttpClient();
$client->setUri($this->_consumer->getAccessTokenUrl());
$client->setHeaders('Authorization', $headerValue);
$client->setMethod($this->_preferredRequestMethod);
return $client;
}
/**
* Generate and return a HTTP Client configured for the POST Body Request
* Scheme specified by OAuth, for use in requesting an Access Token.
*
* @param array $params
* @return Zend_Http_Client
*/
public function getRequestSchemePostBodyClient(array $params)
{
$params = $this->_cleanParamsOfIllegalCustomParameters($params);
$client = Zend_Oauth::getHttpClient();
$client->setUri($this->_consumer->getAccessTokenUrl());
$client->setMethod($this->_preferredRequestMethod);
$client->setRawData(
$this->_httpUtility->toEncodedQueryString($params)
);
$client->setHeaders(
Zend_Http_Client::CONTENT_TYPE,
Zend_Http_Client::ENC_URLENCODED
);
return $client;
}
/**
* Generate and return a HTTP Client configured for the Query String Request
* Scheme specified by OAuth, for use in requesting an Access Token.
*
* @param array $params
* @param string $url
* @return Zend_Http_Client
*/
public function getRequestSchemeQueryStringClient(array $params, $url)
{
$params = $this->_cleanParamsOfIllegalCustomParameters($params);
return parent::getRequestSchemeQueryStringClient($params, $url);
}
/**
* Attempt a request based on the current configured OAuth Request Scheme and
* return the resulting HTTP Response.
*
* @param array $params
* @return Zend_Http_Response
*/
protected function _attemptRequest(array $params)
{
switch ($this->_preferredRequestScheme) {
case Zend_Oauth::REQUEST_SCHEME_HEADER:
$httpClient = $this->getRequestSchemeHeaderClient($params);
break;
case Zend_Oauth::REQUEST_SCHEME_POSTBODY:
$httpClient = $this->getRequestSchemePostBodyClient($params);
break;
case Zend_Oauth::REQUEST_SCHEME_QUERYSTRING:
$httpClient = $this->getRequestSchemeQueryStringClient($params,
$this->_consumer->getAccessTokenUrl());
break;
}
return $httpClient->request();
}
/**
* Access Token requests specifically may not contain non-OAuth parameters.
* So these should be striped out and excluded. Detection is easy since
* specified OAuth parameters start with "oauth_", Extension params start
* with "xouth_", and no other parameters should use these prefixes.
*
* xouth params are not currently allowable.
*
* @param array $params
* @return array
*/
protected function _cleanParamsOfIllegalCustomParameters(array $params)
{
foreach ($params as $key=>$value) {
if (!preg_match("/^oauth_/", $key)) {
unset($params[$key]);
}
}
return $params;
}
}

162
Zend/Oauth/Http/RequestToken.php Executable file
View File

@@ -0,0 +1,162 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Http */
require_once 'Zend/Oauth/Http.php';
/** Zend_Oauth_Token_Request */
require_once 'Zend/Oauth/Token/Request.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Http_RequestToken extends Zend_Oauth_Http
{
/**
* Singleton instance if required of the HTTP client
*
* @var Zend_Http_Client
*/
protected $_httpClient = null;
/**
* Initiate a HTTP request to retrieve a Request Token.
*
* @return Zend_Oauth_Token_Request
*/
public function execute()
{
$params = $this->assembleParams();
$response = $this->startRequestCycle($params);
$return = new Zend_Oauth_Token_Request($response);
return $return;
}
/**
* Assemble all parameters for an OAuth Request Token request.
*
* @return array
*/
public function assembleParams()
{
$params = array(
'oauth_consumer_key' => $this->_consumer->getConsumerKey(),
'oauth_nonce' => $this->_httpUtility->generateNonce(),
'oauth_timestamp' => $this->_httpUtility->generateTimestamp(),
'oauth_signature_method' => $this->_consumer->getSignatureMethod(),
'oauth_version' => $this->_consumer->getVersion(),
);
// indicates we support 1.0a
if ($this->_consumer->getCallbackUrl()) {
$params['oauth_callback'] = $this->_consumer->getCallbackUrl();
} else {
$params['oauth_callback'] = 'oob';
}
if (!empty($this->_parameters)) {
$params = array_merge($params, $this->_parameters);
}
$params['oauth_signature'] = $this->_httpUtility->sign(
$params,
$this->_consumer->getSignatureMethod(),
$this->_consumer->getConsumerSecret(),
null,
$this->_preferredRequestMethod,
$this->_consumer->getRequestTokenUrl()
);
return $params;
}
/**
* Generate and return a HTTP Client configured for the Header Request Scheme
* specified by OAuth, for use in requesting a Request Token.
*
* @param array $params
* @return Zend_Http_Client
*/
public function getRequestSchemeHeaderClient(array $params)
{
$headerValue = $this->_httpUtility->toAuthorizationHeader(
$params
);
$client = Zend_Oauth::getHttpClient();
$client->setUri($this->_consumer->getRequestTokenUrl());
$client->setHeaders('Authorization', $headerValue);
$rawdata = $this->_httpUtility->toEncodedQueryString($params, true);
if (!empty($rawdata)) {
$client->setRawData($rawdata);
}
$client->setMethod($this->_preferredRequestMethod);
return $client;
}
/**
* Generate and return a HTTP Client configured for the POST Body Request
* Scheme specified by OAuth, for use in requesting a Request Token.
*
* @param array $params
* @return Zend_Http_Client
*/
public function getRequestSchemePostBodyClient(array $params)
{
$client = Zend_Oauth::getHttpClient();
$client->setUri($this->_consumer->getRequestTokenUrl());
$client->setMethod($this->_preferredRequestMethod);
$client->setRawData(
$this->_httpUtility->toEncodedQueryString($params)
);
$client->setHeaders(
Zend_Http_Client::CONTENT_TYPE,
Zend_Http_Client::ENC_URLENCODED
);
return $client;
}
/**
* Attempt a request based on the current configured OAuth Request Scheme and
* return the resulting HTTP Response.
*
* @param array $params
* @return Zend_Http_Response
*/
protected function _attemptRequest(array $params)
{
switch ($this->_preferredRequestScheme) {
case Zend_Oauth::REQUEST_SCHEME_HEADER:
$httpClient = $this->getRequestSchemeHeaderClient($params);
break;
case Zend_Oauth::REQUEST_SCHEME_POSTBODY:
$httpClient = $this->getRequestSchemePostBodyClient($params);
break;
case Zend_Oauth::REQUEST_SCHEME_QUERYSTRING:
$httpClient = $this->getRequestSchemeQueryStringClient($params,
$this->_consumer->getRequestTokenUrl());
break;
}
return $httpClient->request();
}
}

78
Zend/Oauth/Http/UserAuthorization.php Executable file
View File

@@ -0,0 +1,78 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Http */
require_once 'Zend/Oauth/Http.php';
/** Zend_Uri_Http */
require_once 'Zend/Uri/Http.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Http_UserAuthorization extends Zend_Oauth_Http
{
/**
* Generate a redirect URL from the allowable parameters and configured
* values.
*
* @return string
*/
public function getUrl()
{
$params = $this->assembleParams();
$uri = Zend_Uri_Http::fromString($this->_consumer->getUserAuthorizationUrl());
$uri->setQuery(
$this->_httpUtility->toEncodedQueryString($params)
);
return $uri->getUri();
}
/**
* Assemble all parameters for inclusion in a redirect URL.
*
* @return array
*/
public function assembleParams()
{
$params = array(
'oauth_token' => $this->_consumer->getLastRequestToken()->getToken(),
);
if (!Zend_Oauth_Client::$supportsRevisionA) {
$callback = $this->_consumer->getCallbackUrl();
if (!empty($callback)) {
$params['oauth_callback'] = $callback;
}
}
if (!empty($this->_parameters)) {
$params = array_merge($params, $this->_parameters);
}
return $params;
}
}

217
Zend/Oauth/Http/Utility.php Executable file
View File

@@ -0,0 +1,217 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth */
require_once 'Zend/Oauth.php';
/** Zend_Oauth_Http */
require_once 'Zend/Oauth/Http.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Http_Utility
{
/**
* Assemble all parameters for a generic OAuth request - i.e. no special
* params other than the defaults expected for any OAuth query.
*
* @param string $url
* @param Zend_Oauth_Config_ConfigInterface $config
* @param null|array $serviceProviderParams
* @return array
*/
public function assembleParams(
$url,
Zend_Oauth_Config_ConfigInterface $config,
array $serviceProviderParams = null
) {
$params = array(
'oauth_consumer_key' => $config->getConsumerKey(),
'oauth_nonce' => $this->generateNonce(),
'oauth_signature_method' => $config->getSignatureMethod(),
'oauth_timestamp' => $this->generateTimestamp(),
'oauth_version' => $config->getVersion(),
);
if ($config->getToken()->getToken() != null) {
$params['oauth_token'] = $config->getToken()->getToken();
}
if ($serviceProviderParams !== null) {
$params = array_merge($params, $serviceProviderParams);
}
$params['oauth_signature'] = $this->sign(
$params,
$config->getSignatureMethod(),
$config->getConsumerSecret(),
$config->getToken()->getTokenSecret(),
$config->getRequestMethod(),
$url
);
return $params;
}
/**
* Given both OAuth parameters and any custom parametere, generate an
* encoded query string. This method expects parameters to have been
* assembled and signed beforehand.
*
* @param array $params
* @param bool $customParamsOnly Ignores OAuth params e.g. for requests using OAuth Header
* @return string
*/
public function toEncodedQueryString(array $params, $customParamsOnly = false)
{
if ($customParamsOnly) {
foreach ($params as $key=>$value) {
if (preg_match("/^oauth_/", $key)) {
unset($params[$key]);
}
}
}
$encodedParams = array();
foreach ($params as $key => $value) {
$encodedParams[] = self::urlEncode($key)
. '='
. self::urlEncode($value);
}
return implode('&', $encodedParams);
}
/**
* Cast to authorization header
*
* @param array $params
* @param null|string $realm
* @param bool $excludeCustomParams
* @return void
*/
public function toAuthorizationHeader(array $params, $realm = null, $excludeCustomParams = true)
{
$headerValue = array(
'OAuth realm="' . $realm . '"',
);
foreach ($params as $key => $value) {
if ($excludeCustomParams) {
if (!preg_match("/^oauth_/", $key)) {
continue;
}
}
$headerValue[] = self::urlEncode($key)
. '="'
. self::urlEncode($value) . '"';
}
return implode(",", $headerValue);
}
/**
* Sign request
*
* @param array $params
* @param string $signatureMethod
* @param string $consumerSecret
* @param null|string $tokenSecret
* @param null|string $method
* @param null|string $url
* @return string
*/
public function sign(
array $params, $signatureMethod, $consumerSecret, $tokenSecret = null, $method = null, $url = null
) {
$className = '';
$hashAlgo = null;
$parts = explode('-', $signatureMethod);
if (count($parts) > 1) {
$className = 'Zend_Oauth_Signature_' . ucfirst(strtolower($parts[0]));
$hashAlgo = $parts[1];
} else {
$className = 'Zend_Oauth_Signature_' . ucfirst(strtolower($signatureMethod));
}
require_once str_replace('_', '/', $className) . '.php';
$signatureObject = new $className($consumerSecret, $tokenSecret, $hashAlgo);
return $signatureObject->sign($params, $method, $url);
}
/**
* Parse query string
*
* @param mixed $query
* @return array
*/
public function parseQueryString($query)
{
$params = array();
if (empty($query)) {
return array();
}
// Not remotely perfect but beats parse_str() which converts
// periods and uses urldecode, not rawurldecode.
$parts = explode('&', $query);
foreach ($parts as $pair) {
$kv = explode('=', $pair);
$params[rawurldecode($kv[0])] = rawurldecode($kv[1]);
}
return $params;
}
/**
* Generate nonce
*
* @return string
*/
public function generateNonce()
{
return md5(uniqid(rand(), true));
}
/**
* Generate timestamp
*
* @return int
*/
public function generateTimestamp()
{
return time();
}
/**
* urlencode a value
*
* @param string $value
* @return string
*/
public static function urlEncode($value)
{
$encoded = rawurlencode($value);
$encoded = str_replace('%7E', '~', $encoded);
return $encoded;
}
}

354
Zend/Oauth/Provider.php Executable file
View File

@@ -0,0 +1,354 @@
<?php
require_once 'Zend/Oauth/Exception.php';
require_once 'Zend/Oauth/Http/Utility.php';
require_once 'Zend/Uri/Http.php';
/**
*
* Basic OAuth provider class
*/
class Zend_Oauth_Provider
{
/**
* OAuth result statuses
*/
const OK = 0;
const BAD_NONCE = 1;
const BAD_TIMESTAMP = 2;
const CONSUMER_KEY_UNKNOWN = 3;
const CONSUMER_KEY_REFUSED = 4;
const INVALID_SIGNATURE = 5;
const TOKEN_USED = 6;
const TOKEN_EXPIRED = 7;
const TOKEN_REVOKED = 8;
const TOKEN_REJECTED = 9;
const PARAMETER_ABSENT = 10;
const SIGNATURE_METHOD_REJECTED = 11;
const OAUTH_VERIFIER_INVALID = 12;
/**
* Error names for error reporting
* @var array
*/
protected $errnames = array(
self::BAD_NONCE => "nonce_used",
self::BAD_TIMESTAMP => "timestamp_refused",
self::CONSUMER_KEY_UNKNOWN => "consumer_key_unknown",
self::CONSUMER_KEY_REFUSED => "consumer_key_refused",
self::INVALID_SIGNATURE => "signature_invalid",
self::TOKEN_USED => "token_used",
self::TOKEN_EXPIRED => "token_expired",
self::TOKEN_REVOKED => "token_revoked",
self::TOKEN_REJECTED => "token_rejected",
self::PARAMETER_ABSENT => "parameter_absent",
self::SIGNATURE_METHOD_REJECTED => "signature_method_rejected",
self::OAUTH_VERIFIER_INVALID => "verifier_invalid",
);
public $token;
public $token_secret;
public $consumer_key;
public $consumer_secret;
public $verifier;
protected $problem;
protected $tokenHandler;
protected $consumerHandler;
protected $nonceHandler;
protected $requestPath;
/**
* Current URL
* @var Zend_Uri_Http
*/
protected $url;
/**
*
* Required OAuth parameters
* @var array
*/
protected $required = array("oauth_consumer_key", "oauth_signature", "oauth_signature_method", "oauth_nonce", "oauth_timestamp");
/**
* Set consumer key handler
* @param string $callback
* @return Zend_Oauth_Provider
*/
public function setConsumerHandler($callback)
{
$this->consumerHandler = $callback;
return $this;
}
/**
* Set nonce/ts handler
* @param string $callback
* @return Zend_Oauth_Provider
*/
public function setTimestampNonceHandler($callback)
{
$this->nonceHandler = $callback;
return $this;
}
/**
* Set token handler
* @param string $callback
* @return Zend_Oauth_Provider
*/
public function setTokenHandler($callback)
{
$this->tokenHandler = $callback;
return $this;
}
/**
* Set URL for requesting token (doesn't need token)
* @param string $req_path
* @return Zend_Oauth_Provider
*/
public function setRequestTokenPath($req_path)
{
$this->requestPath = $req_path;
return $this;
}
/**
* Set this request as token endpoint
* @param string $request
* @return Zend_Oauth_Provider
*/
public function isRequestTokenEndpoint($request)
{
$this->is_request = $request;
return $this;
}
/**
* Report problem in OAuth as string
* @param Zend_Oauth_Exception $e
* @return string
*/
public function reportProblem(Zend_Oauth_Exception $e)
{
$code = $e->getCode();
if($code == self::PARAMETER_ABSENT) {
return "oauth_problem=parameter_absent&oauth_parameters_absent={$this->problem}";
}
if($code == self::INVALID_SIGNATURE) {
return "oauth_problem=signature_invalid&debug_sbs={$this->problem}";
}
if(isset($this->errnames[$code])) {
return "oauth_problem=".$this->errnames[$code];
}
return "oauth_problem=unknown_problem&code=$code";
}
/**
* Check if this request needs token
* @return bool
*/
protected function needsToken()
{
if(!empty($this->is_request)) {
return false;
}
if(empty($this->requestPath)) {
return true;
}
$GLOBALS['log']->debug("URLs: now: ".$this->url->getUri(). " req: {$this->requestPath}");
if($this->requestPath[0] == '/') {
return $this->url->getPath() != $this->requestPath;
}
return $this->url->getUri() != $this->requestPath;
}
/**
* Check if all required parameters are there
* @param array $params
* @throws Zend_Oauth_Exception
*/
protected function checkRequiredParams($params)
{
foreach($this->required as $param) {
if(!isset($params[$param])) {
$this->problem = $param;
throw new Zend_Oauth_Exception("Missing parameter: $param", self::PARAMETER_ABSENT);
}
}
if($this->needsToken() && !isset($params["oauth_token"])) {
$this->problem = "oauth_token";
throw new Zend_Oauth_Exception("Missing parameter: oauth_token", self::PARAMETER_ABSENT);
}
return true;
}
/**
* Check if signature method is supported
* @param string $signatureMethod
* @throws Zend_Oauth_Exception
*/
protected function checkSignatureMethod($signatureMethod)
{
$className = '';
$hashAlgo = null;
$parts = explode('-', $signatureMethod);
if (count($parts) > 1) {
$className = 'Zend_Oauth_Signature_' . ucfirst(strtolower($parts[0]));
} else {
$className = 'Zend_Oauth_Signature_' . ucfirst(strtolower($signatureMethod));
}
$filename = str_replace('_', '/', $className) . '.php';
if(file_exists($filename)) {
require_once $filename;
}
if(!class_exists($className)) {
throw new Zend_Oauth_Exception("Invalid signature method", self::SIGNATURE_METHOD_REJECTED);
}
}
/**
* Collect request parameters from the environment
* @param string $method HTTP method being used
* @param string $params Extra parameters
*/
protected function assembleParams($method, $params = array())
{
$params = array_merge($_GET, $params);
if($method == 'POST') {
$params = array_merge($_POST, $params);
}
$auth = null;
if(function_exists('apache_request_headers')) {
$headers = apache_request_headers();
if(isset($headers['Authorization'])) {
$auth = $headers['Authorization'];
} elseif(isset($headers['authorization'])) {
$auth = $headers['authorization'];
}
}
if(empty($auth) && !empty($_SERVER['HTTP_AUTHORIZATION'])) {
$auth = $_SERVER['HTTP_AUTHORIZATION'];
}
if(!empty($auth) && substr($auth, 0, 6) == 'OAuth ') {
// import header data
if (preg_match_all('/(oauth_[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $_SERVER['HTTP_AUTHORIZATION'], $matches)) {
foreach ($matches[1] as $num => $header) {
if($header == 'realm') {
continue;
}
$params[$header] = urldecode(empty($matches[3][$num])? $matches[4][$num] : $matches[3][$num]);
}
}
}
return $params;
}
/**
* Get current request URL
*/
protected function getRequestUrl()
{
$proto = "http";
if(empty($_SERVER['SERVER_PORT']) || empty($_SERVER['HTTP_HOST']) || empty($_SERVER['REQUEST_URI'])) {
return Zend_Uri_Http::fromString("http://localhost/");
}
if($_SERVER['SERVER_PORT'] == 443 || (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on')) {
$proto = 'https';
}
return Zend_Uri_Http::fromString("$proto://{$_SERVER['HTTP_HOST']}{$_SERVER['REQUEST_URI']}");
}
/**
* Validate OAuth request
* @param Zend_Uri_Http $url Request URL, will use current if null
* @param array $params Additional parameters
* @return bool
* @throws Zend_Oauth_Exception
*/
public function checkOAuthRequest(Zend_Uri_Http $url = null, $params = array())
{
if(empty($url)) {
$this->url = $this->getRequestUrl();
} else {
$this->url = clone $url;
}
// We'll ignore query for the pruposes of URL matching
$this->url->setQuery('');
if(isset($_SERVER['REQUEST_METHOD'])) {
$method = $_SERVER['REQUEST_METHOD'];
} elseif(isset($_SERVER['HTTP_METHOD'])) {
$method = $_SERVER['HTTP_METHOD'];
} else {
$method = 'GET';
}
$params = $this->assembleParams($method, $params);
$this->checkSignatureMethod($params['oauth_signature_method']);
$this->checkRequiredParams($params);
$this->timestamp = $params['oauth_timestamp'];
$this->nonce = $params['oauth_nonce'];
$this->consumer_key = $params['oauth_consumer_key'];
if(!is_callable($this->nonceHandler)) {
throw new Zend_Oauth_Exception("Nonce handler not callable", self::BAD_NONCE);
}
$res = call_user_func($this->nonceHandler, $this);
if($res != self::OK) {
throw new Zend_Oauth_Exception("Invalid request", $res);
}
if(!is_callable($this->consumerHandler)) {
throw new Zend_Oauth_Exception("Consumer handler not callable", self::CONSUMER_KEY_UNKNOWN);
}
$res = call_user_func($this->consumerHandler, $this);
// this will set $this->consumer_secret if OK
if($res != self::OK) {
throw new Zend_Oauth_Exception("Consumer key invalid", $res);
}
if($this->needsToken()) {
$this->token = $params['oauth_token'];
$this->verifier = $params['oauth_verifier'];
if(!is_callable($this->tokenHandler)) {
throw new Zend_Oauth_Exception("Token handler not callable", self::TOKEN_REJECTED);
}
$res = call_user_func($this->tokenHandler, $this);
// this will set $this->token_secret if OK
if($res != self::OK) {
throw new Zend_Oauth_Exception("Token invalid", $res);
}
}
$util = new Zend_Oauth_Http_Utility();
$req_sign = $params['oauth_signature'];
unset($params['oauth_signature']);
$our_sign = $util->sign($params, $params['oauth_signature_method'], $this->consumer_secret,
$this->token_secret, $method, $this->url->getUri());
if($req_sign != $our_sign) {
// TODO: think how to extract signature base string
$this->problem = $our_sign;
throw new Zend_Oauth_Exception("Invalid signature", self::INVALID_SIGNATURE);
}
return true;
}
/**
* Generate new token
* @param int $size How many characters?
*/
public function generateToken($size)
{
$str = '';
while(strlen($str) < $size) {
$str .= md5(uniqid(mt_rand(), true), true);
}
return substr($str, 0, $size);
}
}

54
Zend/Oauth/Signature/Hmac.php Executable file
View File

@@ -0,0 +1,54 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Signature_SignatureAbstract */
require_once 'Zend/Oauth/Signature/SignatureAbstract.php';
/** Zend_Crypt_Hmac */
require_once 'Zend/Crypt/Hmac.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Signature_Hmac extends Zend_Oauth_Signature_SignatureAbstract
{
/**
* Sign a request
*
* @param array $params
* @param mixed $method
* @param mixed $url
* @return string
*/
public function sign(array $params, $method = null, $url = null)
{
$binaryHash = Zend_Crypt_Hmac::compute(
$this->_key,
$this->_hashAlgorithm,
$this->_getBaseSignatureString($params, $method, $url),
Zend_Crypt_Hmac::BINARY
);
return base64_encode($binaryHash);
}
}

49
Zend/Oauth/Signature/Plaintext.php Executable file
View File

@@ -0,0 +1,49 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Signature_SignatureAbstract */
require_once 'Zend/Oauth/Signature/SignatureAbstract.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Signature_Plaintext extends Zend_Oauth_Signature_SignatureAbstract
{
/**
* Sign a request
*
* @param array $params
* @param null|string $method
* @param null|string $url
* @return string
*/
public function sign(array $params, $method = null, $url = null)
{
if ($this->_tokenSecret === null) {
return $this->_consumerSecret . '&';
}
$return = implode('&', array($this->_consumerSecret, $this->_tokenSecret));
return $return;
}
}

65
Zend/Oauth/Signature/Rsa.php Executable file
View File

@@ -0,0 +1,65 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Signature_SignatureAbstract */
require_once 'Zend/Oauth/Signature/SignatureAbstract.php';
/** Zend_Crypt_Rsa */
require_once 'Zend/Crypt/Rsa.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Signature_Rsa extends Zend_Oauth_Signature_SignatureAbstract
{
/**
* Sign a request
*
* @param array $params
* @param null|string $method
* @param null|string $url
* @return string
*/
public function sign(array $params, $method = null, $url = null)
{
$rsa = new Zend_Crypt_Rsa;
$rsa->setHashAlgorithm($this->_hashAlgorithm);
$sign = $rsa->sign(
$this->_getBaseSignatureString($params, $method, $url),
$this->_key,
Zend_Crypt_Rsa::BASE64
);
return $sign;
}
/**
* Assemble encryption key
*
* @return string
*/
protected function _assembleKey()
{
return $this->_consumerSecret;
}
}

183
Zend/Oauth/Signature/SignatureAbstract.php Executable file
View File

@@ -0,0 +1,183 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Http_Utility */
require_once 'Zend/Oauth/Http/Utility.php';
/** Zend_Uri_Http */
require_once 'Zend/Uri/Http.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
abstract class Zend_Oauth_Signature_SignatureAbstract
{
/**
* Hash algorithm to use when generating signature
* @var string
*/
protected $_hashAlgorithm = null;
/**
* Key to use when signing
* @var string
*/
protected $_key = null;
/**
* Consumer secret
* @var string
*/
protected $_consumerSecret = null;
/**
* Token secret
* @var string
*/
protected $_tokenSecret = '';
/**
* Constructor
*
* @param string $consumerSecret
* @param null|string $tokenSecret
* @param null|string $hashAlgo
* @return void
*/
public function __construct($consumerSecret, $tokenSecret = null, $hashAlgo = null)
{
$this->_consumerSecret = $consumerSecret;
if (isset($tokenSecret)) {
$this->_tokenSecret = $tokenSecret;
}
$this->_key = $this->_assembleKey();
if (isset($hashAlgo)) {
$this->_hashAlgorithm = $hashAlgo;
}
}
/**
* Sign a request
*
* @param array $params
* @param null|string $method
* @param null|string $url
* @return string
*/
public abstract function sign(array $params, $method = null, $url = null);
/**
* Normalize the base signature URL
*
* @param string $url
* @return string
*/
public function normaliseBaseSignatureUrl($url)
{
$uri = Zend_Uri_Http::fromString($url);
if ($uri->getScheme() == 'http' && $uri->getPort() == '80') {
$uri->setPort('');
} elseif ($uri->getScheme() == 'https' && $uri->getPort() == '443') {
$uri->setPort('');
}
$uri->setQuery('');
$uri->setFragment('');
$uri->setHost(strtolower($uri->getHost()));
return $uri->getUri(true);
}
/**
* Assemble key from consumer and token secrets
*
* @return string
*/
protected function _assembleKey()
{
$parts = array($this->_consumerSecret);
if ($this->_tokenSecret !== null) {
$parts[] = $this->_tokenSecret;
}
foreach ($parts as $key => $secret) {
$parts[$key] = Zend_Oauth_Http_Utility::urlEncode($secret);
}
return implode('&', $parts);
}
/**
* Get base signature string
*
* @param array $params
* @param null|string $method
* @param null|string $url
* @return string
*/
protected function _getBaseSignatureString(array $params, $method = null, $url = null)
{
$encodedParams = array();
foreach ($params as $key => $value) {
$encodedParams[Zend_Oauth_Http_Utility::urlEncode($key)] =
Zend_Oauth_Http_Utility::urlEncode($value);
}
$baseStrings = array();
if (isset($method)) {
$baseStrings[] = strtoupper($method);
}
if (isset($url)) {
// should normalise later
$baseStrings[] = Zend_Oauth_Http_Utility::urlEncode(
$this->normaliseBaseSignatureUrl($url)
);
}
if (isset($encodedParams['oauth_signature'])) {
unset($encodedParams['oauth_signature']);
}
$baseStrings[] = Zend_Oauth_Http_Utility::urlEncode(
$this->_toByteValueOrderedQueryString($encodedParams)
);
return implode('&', $baseStrings);
}
/**
* Transform an array to a byte value ordered query string
*
* @param array $params
* @return string
*/
protected function _toByteValueOrderedQueryString(array $params)
{
$return = array();
uksort($params, 'strnatcmp');
foreach ($params as $key => $value) {
if (is_array($value)) {
natsort($value);
foreach ($value as $keyduplicate) {
$return[] = $key . '=' . $keyduplicate;
}
} else {
$return[] = $key . '=' . $value;
}
}
return implode('&', $return);
}
}

285
Zend/Oauth/Token.php Executable file
View File

@@ -0,0 +1,285 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Http_Utility */
require_once 'Zend/Oauth/Http/Utility.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
abstract class Zend_Oauth_Token
{
/**@+
* Token constants
*/
const TOKEN_PARAM_KEY = 'oauth_token';
const TOKEN_SECRET_PARAM_KEY = 'oauth_token_secret';
const TOKEN_PARAM_CALLBACK_CONFIRMED = 'oauth_callback_confirmed';
/**@-*/
/**
* Token parameters
*
* @var array
*/
protected $_params = array();
/**
* OAuth response object
*
* @var Zend_Http_Response
*/
protected $_response = null;
/**
* @var Zend_Oauth_Http_Utility
*/
protected $_httpUtility = null;
/**
* Constructor; basic setup for any Token subclass.
*
* @param null|Zend_Http_Response $response
* @param null|Zend_Oauth_Http_Utility $utility
* @return void
*/
public function __construct(
Zend_Http_Response $response = null,
Zend_Oauth_Http_Utility $utility = null
) {
if ($response !== null) {
$this->_response = $response;
$params = $this->_parseParameters($response);
if (count($params) > 0) {
$this->setParams($params);
}
}
if ($utility !== null) {
$this->_httpUtility = $utility;
} else {
$this->_httpUtility = new Zend_Oauth_Http_Utility;
}
}
/**
* Attempts to validate the Token parsed from the HTTP response - really
* it's just very basic existence checks which are minimal.
*
* @return bool
*/
public function isValid()
{
if (isset($this->_params[self::TOKEN_PARAM_KEY])
&& !empty($this->_params[self::TOKEN_PARAM_KEY])
&& isset($this->_params[self::TOKEN_SECRET_PARAM_KEY])
) {
return true;
}
return false;
}
/**
* Return the HTTP response object used to initialise this instance.
*
* @return Zend_Http_Response
*/
public function getResponse()
{
return $this->_response;
}
/**
* Sets the value for the this Token's secret which may be used when signing
* requests with this Token.
*
* @param string $secret
* @return Zend_Oauth_Token
*/
public function setTokenSecret($secret)
{
$this->setParam(self::TOKEN_SECRET_PARAM_KEY, $secret);
return $this;
}
/**
* Retrieve this Token's secret which may be used when signing
* requests with this Token.
*
* @return string
*/
public function getTokenSecret()
{
return $this->getParam(self::TOKEN_SECRET_PARAM_KEY);
}
/**
* Sets the value for a parameter (e.g. token secret or other) and run
* a simple filter to remove any trailing newlines.
*
* @param string $key
* @param string $value
* @return Zend_Oauth_Token
*/
public function setParam($key, $value)
{
$this->_params[$key] = trim($value, "\n");
return $this;
}
/**
* Sets the value for some parameters (e.g. token secret or other) and run
* a simple filter to remove any trailing newlines.
*
* @param array $params
* @return Zend_Oauth_Token
*/
public function setParams(array $params)
{
foreach ($params as $key=>$value) {
$this->setParam($key, $value);
}
return $this;
}
/**
* Get the value for a parameter (e.g. token secret or other).
*
* @param string $key
* @return mixed
*/
public function getParam($key)
{
if (isset($this->_params[$key])) {
return $this->_params[$key];
}
return null;
}
/**
* Sets the value for a Token.
*
* @param string $token
* @return Zend_Oauth_Token
*/
public function setToken($token)
{
$this->setParam(self::TOKEN_PARAM_KEY, $token);
return $this;
}
/**
* Gets the value for a Token.
*
* @return string
*/
public function getToken()
{
return $this->getParam(self::TOKEN_PARAM_KEY);
}
/**
* Generic accessor to enable access as public properties.
*
* @return string
*/
public function __get($key)
{
return $this->getParam($key);
}
/**
* Generic mutator to enable access as public properties.
*
* @param string $key
* @param string $value
* @return void
*/
public function __set($key, $value)
{
$this->setParam($key, $value);
}
/**
* Convert Token to a string, specifically a raw encoded query string.
*
* @return string
*/
public function toString()
{
return $this->_httpUtility->toEncodedQueryString($this->_params);
}
/**
* Convert Token to a string, specifically a raw encoded query string.
* Aliases to self::toString()
*
* @return string
*/
public function __toString()
{
return $this->toString();
}
/**
* Parse a HTTP response body and collect returned parameters
* as raw url decoded key-value pairs in an associative array.
*
* @param Zend_Http_Response $response
* @return array
*/
protected function _parseParameters(Zend_Http_Response $response)
{
$params = array();
$body = $response->getBody();
if (empty($body)) {
return;
}
// validate body based on acceptable characters...todo
$parts = explode('&', $body);
foreach ($parts as $kvpair) {
$pair = explode('=', $kvpair);
$params[rawurldecode($pair[0])] = rawurldecode($pair[1]);
}
return $params;
}
/**
* Limit serialisation stored data to the parameters
*/
public function __sleep()
{
return array('_params');
}
/**
* After serialisation, re-instantiate a HTTP utility class for use
*/
public function __wakeup()
{
if ($this->_httpUtility === null) {
$this->_httpUtility = new Zend_Oauth_Http_Utility;
}
}
}

99
Zend/Oauth/Token/Access.php Executable file
View File

@@ -0,0 +1,99 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Token */
require_once 'Zend/Oauth/Token.php';
/** Zend_Oauth_Http */
require_once 'Zend/Oauth/Http.php';
/** Zend_Uri_Http */
require_once 'Zend/Uri/Http.php';
/** Zend_Oauth_Client */
require_once 'Zend/Oauth/Client.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Token_Access extends Zend_Oauth_Token
{
/**
* Cast to HTTP header
*
* @param string $url
* @param Zend_Oauth_Config_ConfigInterface $config
* @param null|array $customParams
* @param null|string $realm
* @return string
*/
public function toHeader(
$url, Zend_Oauth_Config_ConfigInterface $config, array $customParams = null, $realm = null
) {
if (!Zend_Uri::check($url)) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'\'' . $url . '\' is not a valid URI'
);
}
$params = $this->_httpUtility->assembleParams($url, $config, $customParams);
return $this->_httpUtility->toAuthorizationHeader($params, $realm);
}
/**
* Cast to HTTP query string
*
* @param mixed $url
* @param Zend_Oauth_Config_ConfigInterface $config
* @param null|array $params
* @return string
*/
public function toQueryString($url, Zend_Oauth_Config_ConfigInterface $config, array $params = null)
{
if (!Zend_Uri::check($url)) {
require_once 'Zend/Oauth/Exception.php';
throw new Zend_Oauth_Exception(
'\'' . $url . '\' is not a valid URI'
);
}
$params = $this->_httpUtility->assembleParams($url, $config, $params);
return $this->_httpUtility->toEncodedQueryString($params);
}
/**
* Get OAuth client
*
* @param array $oauthOptions
* @param null|string $uri
* @param null|array|Zend_Config $config
* @param bool $excludeCustomParamsFromHeader
* @return Zend_Oauth_Client
*/
public function getHttpClient(array $oauthOptions, $uri = null, $config = null, $excludeCustomParamsFromHeader = true)
{
$client = new Zend_Oauth_Client($oauthOptions, $uri, $config, $excludeCustomParamsFromHeader);
$client->setToken($this);
return $client;
}
}

102
Zend/Oauth/Token/AuthorizedRequest.php Executable file
View File

@@ -0,0 +1,102 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Token */
require_once 'Zend/Oauth/Token.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Token_AuthorizedRequest extends Zend_Oauth_Token
{
/**
* @var array
*/
protected $_data = array();
/**
* Constructor
*
* @param null|array $data
* @param null|Zend_Oauth_Http_Utility $utility
* @return void
*/
public function __construct(array $data = null, Zend_Oauth_Http_Utility $utility = null)
{
if ($data !== null) {
$this->_data = $data;
$params = $this->_parseData();
if (count($params) > 0) {
$this->setParams($params);
}
}
if ($utility !== null) {
$this->_httpUtility = $utility;
} else {
$this->_httpUtility = new Zend_Oauth_Http_Utility;
}
}
/**
* Retrieve token data
*
* @return array
*/
public function getData()
{
return $this->_data;
}
/**
* Indicate if token is valid
*
* @return bool
*/
public function isValid()
{
if (isset($this->_params[self::TOKEN_PARAM_KEY])
&& !empty($this->_params[self::TOKEN_PARAM_KEY])
) {
return true;
}
return false;
}
/**
* Parse string data into array
*
* @return array
*/
protected function _parseData()
{
$params = array();
if (empty($this->_data)) {
return;
}
foreach ($this->_data as $key => $value) {
$params[rawurldecode($key)] = rawurldecode($value);
}
return $params;
}
}

50
Zend/Oauth/Token/Request.php Executable file
View File

@@ -0,0 +1,50 @@
<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
/** Zend_Oauth_Token */
require_once 'Zend/Oauth/Token.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Token_Request extends Zend_Oauth_Token
{
/**
* Constructor
*
* @param null|Zend_Http_Response $response
* @param null|Zend_Oauth_Http_Utility $utility
*/
public function __construct(
Zend_Http_Response $response = null,
Zend_Oauth_Http_Utility $utility = null
) {
parent::__construct($response, $utility);
// detect if server supports OAuth 1.0a
if (isset($this->_params[Zend_Oauth_Token::TOKEN_PARAM_CALLBACK_CONFIRMED])) {
Zend_Oauth_Client::$supportsRevisionA = true;
}
}
}