From aa52786bad33ca8b66fbf4dc9d4efd7b3ac8a03f Mon Sep 17 00:00:00 2001 From: Chris Chabot Date: Sun, 10 May 2009 19:38:47 +0000 Subject: [PATCH] SHINDIG-1041 by Pan Jie - Adds support for OAuth params to the OAuthFetcher git-svn-id: https://svn.apache.org/repos/asf/incubator/shindig/trunk@773391 13f79535-47bb-0310-9956-ffa450edef68 --- php/src/common/RemoteContentRequest.php | 16 +++++++++++++ php/src/common/sample/BasicRemoteContent.php | 2 +- php/src/gadgets/ProxyBase.php | 1 + php/src/gadgets/oauth/OAuthFetcher.php | 31 ++++++++++++------------ php/src/gadgets/oauth/OAuthFetcherFactory.php | 2 +- php/src/gadgets/oauth/OAuthRequestParams.php | 34 ++++++++++----------------- 6 files changed, 47 insertions(+), 39 deletions(-) diff --git a/php/src/common/RemoteContentRequest.php b/php/src/common/RemoteContentRequest.php index 08a07846..f8bea9d6 100644 --- a/php/src/common/RemoteContentRequest.php +++ b/php/src/common/RemoteContentRequest.php @@ -62,6 +62,11 @@ class RemoteContentRequest { * @var string */ private $authType; + + /** + * @var OAuthRequestParams + */ + private $oauthParams = null; public function __construct($uri, $headers = false, $postBody = false) { $this->uri = $uri; @@ -285,6 +290,17 @@ class RemoteContentRequest { public function getToken() { return $this->token; } + + public function setOAuthRequestParams(OAuthRequestParams $params) { + $this->oauthParams = $params; + } + + /** + * @return OAuthRequestParams + */ + public function getOAuthRequestParams() { + return $this->oauthParams; + } /** * Sets the authorization type for this request, can be one of diff --git a/php/src/common/sample/BasicRemoteContent.php b/php/src/common/sample/BasicRemoteContent.php index 2c86b218..6d2e51e0 100644 --- a/php/src/common/sample/BasicRemoteContent.php +++ b/php/src/common/sample/BasicRemoteContent.php @@ -189,7 +189,7 @@ class BasicRemoteContent extends RemoteContent { $fetcher = $this->signingFetcherFactory->getSigningFetcher($this->basicFetcher); return $fetcher->fetchRequest($request); case RemoteContentRequest::$AUTH_OAUTH: - $params = new OAuthRequestParams(); + $params = $request->getOAuthRequestParams(); $token = $request->getToken(); $fetcher = $this->signingFetcherFactory->getSigningFetcher($this->basicFetcher); $oAuthFetcherFactory = new OAuthFetcherFactory($fetcher); diff --git a/php/src/gadgets/ProxyBase.php b/php/src/gadgets/ProxyBase.php index 42aaa2f3..5895eae5 100644 --- a/php/src/gadgets/ProxyBase.php +++ b/php/src/gadgets/ProxyBase.php @@ -89,6 +89,7 @@ class ProxyBase { break; case 'OAUTH': $request->setAuthType(RemoteContentRequest::$AUTH_OAUTH); + $request->setOAuthRequestParams(new OAuthRequestParams($_POST)); break; } $token = $this->context->extractAndValidateToken($signer); diff --git a/php/src/gadgets/oauth/OAuthFetcher.php b/php/src/gadgets/oauth/OAuthFetcher.php index 8ecbb136..079107c3 100644 --- a/php/src/gadgets/oauth/OAuthFetcher.php +++ b/php/src/gadgets/oauth/OAuthFetcher.php @@ -62,7 +62,8 @@ class OAuthFetcher extends RemoteContentFetcher { protected $authToken; /** - * Parameters from makeRequest + * Parameters from makeRequest + * @var OAuthRequestParams */ protected $requestParams; @@ -146,7 +147,7 @@ class OAuthFetcher extends RemoteContentFetcher { try { $this->origClientState = $this->oauthCrypter->unwrap($origClientState, self::$CLIENT_STATE_MAX_AGE_SECS); } catch (BlobCrypterException $e) {// Probably too old, pretend we never saw it at all. - } +} } if ($this->origClientState == null) { $this->origClientState = array(); @@ -198,9 +199,9 @@ class OAuthFetcher extends RemoteContentFetcher { $accessor->tokenSecret = $this->origClientState[self::$ACCESS_TOKEN_SECRET_KEY]; } else if ($accessor->accessToken == null && $this->requestParams->getRequestToken() != null) { // We don't have an access token yet, but the client sent us a - // (hopefully) preapproved request token. - $accessor->requestToken = $requestParams->getRequestToken(); - $accessor->tokenSecret = $requestParams->getRequestTokenSecret(); + // (hopefully) preapproved request token. + $accessor->requestToken = $this->requestParams->getRequestToken(); + $accessor->tokenSecret = $this->requestParams->getRequestTokenSecret(); } } @@ -279,13 +280,13 @@ class OAuthFetcher extends RemoteContentFetcher { $pageOwner = $this->authToken->getOwnerId(); $pageViewer = $this->authToken->getViewerId(); $stateOwner = @$this->origClientState[self::$OWNER_KEY]; - if (!$pageOwner) { + if (! $pageOwner) { throw new GadgetException('Unauthenticated'); } if ($pageOwner != $pageViewer) { throw new GadgetException("Only page owners can grant OAuth approval"); } - if ($stateOwner != null && !$stateOwner == $pageOwner) { + if ($stateOwner != null && ! $stateOwner == $pageOwner) { throw new GadgetException("Client state belongs to a different person."); } } @@ -454,7 +455,7 @@ class OAuthFetcher extends RemoteContentFetcher { $accessor = $this->accessorInfo->getAccessor(); $azn = $accessor->consumer->callback_url->userAuthorizationURL; $authUrl = $azn->url; - if (strstr($authUrl, "?") == FALSE ) { + if (strstr($authUrl, "?") == FALSE) { $authUrl .= "?"; } else { $authUrl .= "&"; @@ -534,7 +535,7 @@ class OAuthFetcher extends RemoteContentFetcher { $rcr = $this->createRemoteContentRequest($this->filterOAuthParams($oauthRequest), $this->realRequest->getMethod(), $this->realRequest->getUrl(), $this->realRequest->getHeaders(), $this->realRequest->getContentType(), $this->realRequest->getPostBody(), $this->realRequest->getOptions()); //TODO is there a better way to detect an SP error? $fetcher = new BasicRemoteContentFetcher(); - $content = $fetcher->fetchRequest($rcr); + $content = $fetcher->fetchRequest($rcr); $statusCode = $content->getHttpCode(); if ($statusCode >= 400 && $statusCode < 500) { $message = $this->parseAuthHeader(null, $content); @@ -543,7 +544,7 @@ class OAuthFetcher extends RemoteContentFetcher { } } // Track metadata on the response - $this->addResponseMetadata($content); + $this->addResponseMetadata($content); return $content; } catch (Exception $e) { throw new GadgetException("INTERNAL SERVER ERROR: " . $e); @@ -623,16 +624,16 @@ class OAuthFetcher extends RemoteContentFetcher { } } - public function multiFetchRequest(Array $requests) { // Do nothing - } - - private static function addIdentityParams(array& $params, SecurityToken $token) { + public function multiFetchRequest(Array $requests) {// Do nothing +} + + private static function addIdentityParams(array & $params, SecurityToken $token) { $params['opensocial_owner_id'] = $token->getOwnerId(); $params['opensocial_viewer_id'] = $token->getViewerId(); $params['opensocial_app_id'] = $token->getAppId(); $params['opensocial_app_url'] = $token->getAppUrl(); } - + private static function setStrictNoCache(RemoteContentRequest $response) { $response->setResponseHeader('Pragma', 'no-cache'); $response->setResponseHeader('Cache-Control', 'no-cache'); diff --git a/php/src/gadgets/oauth/OAuthFetcherFactory.php b/php/src/gadgets/oauth/OAuthFetcherFactory.php index a475da14..0ff03499 100644 --- a/php/src/gadgets/oauth/OAuthFetcherFactory.php +++ b/php/src/gadgets/oauth/OAuthFetcherFactory.php @@ -75,7 +75,7 @@ class OAuthFetcherFactory { * @return The oauth fetcher. * @throws GadgetException */ - public function getOAuthFetcher($fetcher, $token, $params) { + public function getOAuthFetcher(RemoteContentFetcher $fetcher, SecurityToken $token, OAuthRequestParams $params) { return new OAuthFetcher($this->tokenStore, $this->oauthCrypter, $fetcher, $token, $params); } } diff --git a/php/src/gadgets/oauth/OAuthRequestParams.php b/php/src/gadgets/oauth/OAuthRequestParams.php index c83eea96..6f5b5b2e 100644 --- a/php/src/gadgets/oauth/OAuthRequestParams.php +++ b/php/src/gadgets/oauth/OAuthRequestParams.php @@ -35,24 +35,21 @@ class OAuthRequestParams { protected $origClientState; protected $bypassSpecCache; - public function __construct() { - $this->serviceName = $this->getParam(self::$SERVICE_PARAM, ""); - $this->tokenName = $this->getParam(self::$TOKEN_PARAM, ""); - $this->requestToken = $this->getParam(self::$REQUEST_TOKEN_PARAM, null); - $this->requestTokenSecret = $this->getParam(self::$REQUEST_TOKEN_SECRET_PARAM, null); - $this->origClientState = $this->getParam(self::$CLIENT_STATE_PARAM, null); - $this->bypassSpecCache = $this->parseBypassSpecCacheParam(); + public function __construct(array $arguments) { + $this->serviceName = self::getParam($arguments, self::$SERVICE_PARAM, ""); + $this->tokenName = self::getParam($arguments, self::$TOKEN_PARAM, ""); + $this->requestToken = self::getParam($arguments, self::$REQUEST_TOKEN_PARAM, null); + $this->requestTokenSecret = self::getParam($arguments, self::$REQUEST_TOKEN_SECRET_PARAM, null); + $this->origClientState = self::getParam($arguments, self::$CLIENT_STATE_PARAM, null); + $this->bypassSpecCache = '1' == self::getParam($arguments, self::$BYPASS_SPEC_CACHE_PARAM, null); } - private function getParam($name, $def) { - $val = null; - if (isset($_REQUEST[$name])) { - $val = $_REQUEST[$name]; + private static function getParam(array $arguments, $name, $defaultValue) { + if (isset($arguments[$name])) { + return $arguments[$name]; + } else { + return $defaultValue; } - if ($val == null) { - $val = $def; - } - return $val; } public function getBypassSpecCache() { @@ -67,13 +64,6 @@ class OAuthRequestParams { return $this->requestTokenSecret; } - public static function parseBypassSpecCacheParam() { - if (isset($_REQUEST[self::$BYPASS_SPEC_CACHE_PARAM])) { - return "1" == $_REQUEST[self::$BYPASS_SPEC_CACHE_PARAM]; - } - return false; - } - public function getServiceName() { return $this->serviceName; } -- 2.11.4.GIT