search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
New Extension: tweet-posts-0.01-beta.zip
[vanilla-miry.git] / extensions / TweetPosts / TwitterLib / EpiOAuth.php
blobff2c61832835fa48da5010653f5b982c462ffdac
1 <?php
2 class EpiOAuth
3 {
4 public $version = '1.0';
5
6 protected $requestTokenUrl;
7 protected $accessTokenUrl;
8 protected $authenticateUrl;
9 protected $authorizeUrl;
10 protected $consumerKey;
11 protected $consumerSecret;
12 protected $token;
13 protected $tokenSecret;
14 protected $signatureMethod;
15 protected $useSSL = false;
16 protected $headers = array();
17 protected $userAgent = 'EpiOAuth (http://github.com/jmathai/twitter-async/tree/)';
18 protected $timeout = 30;
19
20 public function addHeader($header)
21 {
22 if(is_array($header) && !empty($header))
23 $this->headers = array_merge($this->headers, $header);
24 elseif(!empty($header))
25 $this->headers[] = $header;
26 }
27
28 public function getAccessToken($params = null)
29 {
30 $resp = $this->httpRequest('GET', $this->getUrl($this->accessTokenUrl), $params);
31 return new EpiOAuthResponse($resp);
32 }
33
34 public function getAuthenticateUrl($token = null, $params = null)
35 {
36 $token = $token ? $token : $this->getRequestToken();
37 $addlParams = empty($params) ? '' : '&'.http_build_query($params);
38 return $this->getUrl($this->authenticateUrl) . '?oauth_token=' . $token->oauth_token . $addlParams;
39 }
40
41 public function getAuthorizeUrl($token = null)
42 {
43 return $this->getAuthorizationUrl($token);
44 }
45
46 // DEPRECATED in favor of getAuthorizeUrl()
47 public function getAuthorizationUrl($token = null)
48 {
49 $token = $token ? $token : $this->getRequestToken();
50 return $this->getUrl($this->authorizeUrl) . '?oauth_token=' . $token->oauth_token;
51 }
52
53 public function getRequestToken($params = null)
54 {
55 $resp = $this->httpRequest('GET', $this->getUrl($this->requestTokenUrl), $params);
56 return new EpiOAuthResponse($resp);
57 }
58
59 public function getUrl($url)
60 {
61 if($this->useSSL === true)
62 return preg_replace('/^http:/', 'https:', $url);
63
64 return $url;
65 }
66
67 public function httpRequest($method = null, $url = null, $params = null, $isMultipart = false)
68 {
69 if(empty($method) || empty($url))
70 return false;
71
72 if(empty($params['oauth_signature']))
73 $params = $this->prepareParameters($method, $url, $params);
74
75 switch($method)
76 {
77 case 'GET':
78 return $this->httpGet($url, $params);
79 break;
80 case 'POST':
81 return $this->httpPost($url, $params, $isMultipart);
82 break;
83 }
84 }
85
86 public function setTimeout($timeout)
87 {
88 $this->timeout = floatval($timeout);
89 }
90
91 public function setToken($token = null, $secret = null)
92 {
93 $this->token = $token;
94 $this->tokenSecret = $secret;
95 }
96
97 public function useSSL($use = false)
98 {
99 $this->useSSL = (bool)$use;
100 }
101
102 protected function addDefaultHeaders($url, $oauthHeaders)
103 {
104 $_h = array('Expect:');
105 $urlParts = parse_url($url);
106 $oauth = 'Authorization: OAuth realm="' . $urlParts['scheme'] . '://' . $urlParts['host'] . $urlParts['path'] . '",';
107 foreach($oauthHeaders as $name => $value)
108 {
109 $oauth .= "{$name}=\"{$value}\",";
110 }
111 $_h[] = substr($oauth, 0, -1);
112 $_h[] = "User-Agent: {$this->userAgent}";
113 $this->addHeader($_h);
114 }
115
116 protected function buildHttpQueryRaw($params)
117 {
118 $retval = '';
119 foreach((array)$params as $key => $value)
120 $retval .= "{$key}={$value}&";
121 $retval = substr($retval, 0, -1);
122 return $retval;
123 }
124
125 protected function curlInit($url)
126 {
127 $ch = curl_init($url);
128 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
129 curl_setopt($ch, CURLOPT_HTTPHEADER, $this->headers);
130 curl_setopt($ch, CURLOPT_TIMEOUT, $this->timeout);
131 if($this->useSSL === true)
132 {
133 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
134 curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
135 }
136 return $ch;
137 }
138
139 protected function encode_rfc3986($string)
140 {
141 return str_replace('+', ' ', str_replace('%7E', '~', rawurlencode(($string))));
142 }
143
144 protected function generateNonce()
145 {
146 if(isset($this->nonce)) // for unit testing
147 return $this->nonce;
148
149 return md5(uniqid(rand(), true));
150 }
151
152 // parameters should already have been passed through prepareParameters
153 // no need to double encode
154 protected function generateSignature($method = null, $url = null, $params = null)
155 {
156 if(empty($method) || empty($url))
157 return false;
158
159 // concatenating and encode
160 $concatenatedParams = $this->encode_rfc3986($this->buildHttpQueryRaw($params));
161
162 // normalize url
163 $normalizedUrl = $this->encode_rfc3986($this->normalizeUrl($url));
164 $method = $this->encode_rfc3986($method); // don't need this but why not?
165
166 $signatureBaseString = "{$method}&{$normalizedUrl}&{$concatenatedParams}";
167 return $this->signString($signatureBaseString);
168 }
169
170 protected function httpGet($url, $params = null)
171 {
172 if(count($params['request']) > 0)
173 {
174 $url .= '?';
175 foreach($params['request'] as $k => $v)
176 {
177 $url .= "{$k}={$v}&";
178 }
179 $url = substr($url, 0, -1);
180 }
181 $this->addDefaultHeaders($url, $params['oauth']);
182 $ch = $this->curlInit($url);
183 $resp = $this->curl->addCurl($ch);
184
185 return $resp;
186 }
187
188 protected function httpPost($url, $params = null, $isMultipart)
189 {
190 $this->addDefaultHeaders($url, $params['oauth']);
191 $ch = $this->curlInit($url);
192 curl_setopt($ch, CURLOPT_POST, 1);
193 // php's curl extension automatically sets the content type
194 // based on whether the params are in string or array form
195 if($isMultipart)
196 curl_setopt($ch, CURLOPT_POSTFIELDS, $params['request']);
197 else
198 curl_setopt($ch, CURLOPT_POSTFIELDS, $this->buildHttpQueryRaw($params['request']));
199 $resp = $this->curl->addCurl($ch);
200 return $resp;
201 }
202
203 protected function normalizeUrl($url = null)
204 {
205 $urlParts = parse_url($url);
206 $scheme = strtolower($urlParts['scheme']);
207 $host = strtolower($urlParts['host']);
208 $port = isset($urlParts['port']) ? intval($urlParts['port']) : 0;
209
210 $retval = strtolower($scheme) . '://' . strtolower($host);
211
212 if(!empty($port) && (($scheme === 'http' && $port != 80) || ($scheme === 'https' && $port != 443)))
213 $retval .= ":{$port}";
214
215 $retval .= $urlParts['path'];
216 if(!empty($urlParts['query']))
217 {
218 $retval .= "?{$urlParts['query']}";
219 }
220
221 return $retval;
222 }
223
224 protected function prepareParameters($method = null, $url = null, $params = null)
225 {
226 if(empty($method) || empty($url))
227 return false;
228
229 $oauth['oauth_consumer_key'] = $this->consumerKey;
230 $oauth['oauth_token'] = $this->token;
231 $oauth['oauth_nonce'] = $this->generateNonce();
232 $oauth['oauth_timestamp'] = !isset($this->timestamp) ? time() : $this->timestamp; // for unit test
233 $oauth['oauth_signature_method'] = $this->signatureMethod;
234 $oauth['oauth_version'] = $this->version;
235 // encode all oauth values
236 foreach($oauth as $k => $v)
237 $oauth[$k] = $this->encode_rfc3986($v);
238 // encode all non '@' params
239 // keep sigParams for signature generation (exclude '@' params)
240 // rename '@key' to 'key'
241 $sigParams = array();
242 $hasFile = false;
243 if(is_array($params))
244 {
245 foreach($params as $k => $v)
246 {
247 if(strncmp('@',$k,1) !== 0)
248 {
249 $sigParams[$k] = $this->encode_rfc3986($v);
250 $params[$k] = $this->encode_rfc3986($v);
251 }
252 else
253 {
254 $params[substr($k, 1)] = $v;
255 unset($params[$k]);
256 $hasFile = true;
257 }
258 }
259
260 if($hasFile === true)
261 $sigParams = array();
262 }
263
264 $sigParams = array_merge($oauth, (array)$sigParams);
265
266 // sorting
267 ksort($sigParams);
268
269 // signing
270 $oauth['oauth_signature'] = $this->encode_rfc3986($this->generateSignature($method, $url, $sigParams));
271 return array('request' => $params, 'oauth' => $oauth);
272 }
273
274 protected function signString($string = null)
275 {
276 $retval = false;
277 switch($this->signatureMethod)
278 {
279 case 'HMAC-SHA1':
280 $key = $this->encode_rfc3986($this->consumerSecret) . '&' . $this->encode_rfc3986($this->tokenSecret);
281 $retval = base64_encode(hash_hmac('sha1', $string, $key, true));
282 break;
283 }
284
285 return $retval;
286 }
287
288 public function __construct($consumerKey, $consumerSecret, $signatureMethod='HMAC-SHA1')
289 {
290 $this->consumerKey = $consumerKey;
291 $this->consumerSecret = $consumerSecret;
292 $this->signatureMethod = $signatureMethod;
293 $this->curl = EpiCurl::getInstance();
294 }
295 }
296
297 class EpiOAuthResponse
298 {
299 private $__resp;
300
301 public function __construct($resp)
302 {
303 $this->__resp = $resp;
304 }
305
306 public function __get($name)
307 {
308 if($this->__resp->code != 200)
309 EpiOAuthException::raise($this->__resp->data, $this->__resp->code);
310
311 parse_str($this->__resp->data, $result);
312 foreach($result as $k => $v)
313 {
314 $this->$k = $v;
315 }
316
317 return $result[$name];
318 }
319 }
320
321 class EpiOAuthException extends Exception
322 {
323 public static function raise($message, $code)
324 {
325 switch($code)
326 {
327 case 400:
328 throw new EpiOAuthBadRequestException($message, $code);
329 case 401:
330 throw new EpiOAuthUnauthorizedException($message, $code);
331 default:
332 throw new EpiOAuthException($message, $code);
333 }
334 }
335 }
336
337
338 class EpiOAuthBadRequestException extends EpiOAuthException{}
339 class EpiOAuthUnauthorizedException extends EpiOAuthException{}
My personal version of Vanilla Forums