You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shindig.apache.org by ch...@apache.org on 2008/07/02 21:01:48 UTC
svn commit: r673466 - in /incubator/shindig/trunk/php/src/gadgets:
ProxyHandler.php oauth/BasicGadgetOAuthTokenStore.php
oauth/BasicOAuthStore.php oauth/OAuth.php oauth/OAuthFetcher.php
oauth/OAuthFetcherFactory.php
Author: chabotc
Date: Wed Jul 2 12:01:47 2008
New Revision: 673466
URL: http://svn.apache.org/viewvc?rev=673466&view=rev
Log:
SHINDIG-355 cleanup patch, looks much better now
Modified:
incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php
Modified: incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php?rev=673466&r1=673465&r2=673466&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/ProxyHandler.php Wed Jul 2 12:01:47 2008
@@ -285,7 +285,7 @@
$this->oauthFetcher = $oAuthFetcherFactory->getOAuthFetcher($fetcher, $token, $params);
$request = new RemoteContentRequest($url);
$request->createRemoteContentRequestWithUri($url);
- return $this->oauthFetcher->fetchRequest($request);
+ return $this->oauthFetcher->fetch($request);
case 'NONE':
default:
return $this->fetchContent($url, $method);
Modified: incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=673466&r1=673465&r2=673466&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php Wed Jul 2 12:01:47 2008
@@ -47,7 +47,7 @@
foreach ($oauthConfig as $gadgetUri => $value) {
$this->storeConsumerInfos($gadgetUri, $value);
}
- } catch (Exception $e) {
+ } catch (Exception $e) {
throw new GadgetException($e);
}
}
@@ -62,7 +62,12 @@
}
private function storeConsumerInfo($gadgetUri, $serviceName, $consumerInfo)
- {
+ {
+ if (!isset($consumerInfo[$this->CONSUMER_SECRET_KEY]) ||
+ !isset($consumerInfo[$this->CONSUMER_KEY_KEY]) ||
+ !isset($consumerInfo[$this->KEY_TYPE_KEY]) ) {
+ throw new Exception("Invalid configuration in oauth.json");
+ }
$consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
$consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
$keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
@@ -95,7 +100,7 @@
}
}
$kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret, $keyType);
- $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
+ $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName, $kas);
}
}
Modified: incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php?rev=673466&r1=673465&r2=673466&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/oauth/BasicOAuthStore.php Wed Jul 2 12:01:47 2008
@@ -57,7 +57,7 @@
}
public function getOAuthAccessorProviderKey(ProviderKey $providerKey, ProviderInfo $provInfo)
- {
+ {
if ($provInfo == null) {
throw new OAuthNoDataException("must pass non-null provider info to getOAuthAccessor");
}
@@ -68,8 +68,10 @@
//ConsumerKeyAndSecret
$key = md5(serialize($providerKey));
$consumerKeyAndSecret = null;
- if (isset($this->consumerInfos[$key])) {
+ if (isset($this->consumerInfos[$key])) {
$consumerKeyAndSecret = $this->consumerInfos[$key];
+ } else {
+ throw new OAuthNoDataException("The Key was invalid for consumerInfos, maybe your oauth.json configuration is wrong.");
}
if ($consumerKeyAndSecret == null) {
if ($this->defaultConsumerKey == null || $this->defaultConsumerSecret == null) {
Modified: incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php?rev=673466&r1=673465&r2=673466&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/oauth/OAuth.php Wed Jul 2 12:01:47 2008
@@ -553,196 +553,6 @@
}
}
-class OAuthServer {
- protected $timestamp_threshold = 300; // in seconds, five minutes
- protected $version = 1.0; // hi blaine
- protected $signature_methods = array();
- protected $data_store;
-
- function __construct($data_store)
- {
- $this->data_store = $data_store;
- }
-
- public function add_signature_method($signature_method)
- {
- $this->signature_methods[$signature_method->get_name()] = $signature_method;
- }
-
- // high level functions
- /**
- * process a request_token request
- * returns the request token on success
- */
- public function fetch_request_token(&$request)
- {
- $this->get_version($request);
- $consumer = $this->get_consumer($request);
- // no token required for the initial token request
- $token = NULL;
- $this->check_signature($request, $consumer, $token);
- $new_token = $this->data_store->new_request_token($consumer);
- return $new_token;
- }
-
- /**
- * process an access_token request
- * returns the access token on success
- */
- public function fetch_access_token(&$request)
- {
- $this->get_version($request);
- $consumer = $this->get_consumer($request);
- // requires authorized request token
- $token = $this->get_token($request, $consumer, "request");
- $this->check_signature($request, $consumer, $token);
- $new_token = $this->data_store->new_access_token($token, $consumer);
- return $new_token;
- }
-
- /**
- * verify an api call, checks all the parameters
- */
- public function verify_request(&$request)
- {
- $this->get_version($request);
- $consumer = $this->get_consumer($request);
- $token = $this->get_token($request, $consumer, "access");
- $this->check_signature($request, $consumer, $token);
- return array($consumer, $token);
- }
-
- // Internals from here
- /**
- * version 1
- */
- private function get_version(&$request)
- {
- $version = $request->get_parameter("oauth_version");
- if (! $version) {
- $version = 1.0;
- }
- if ($version && $version != $this->version) {
- throw new OAuthException("OAuth version '$version' not supported");
- }
- return $version;
- }
-
- /**
- * figure out the signature with some defaults
- */
- private function get_signature_method(&$request)
- {
- $signature_method = @$request->get_parameter("oauth_signature_method");
- if (! $signature_method) {
- $signature_method = "PLAINTEXT";
- }
- if (! in_array($signature_method, array_keys($this->signature_methods))) {
- throw new OAuthException("Signature method '$signature_method' not supported try one of the following: " . implode(", ", array_keys($this->signature_methods)));
- }
- return $this->signature_methods[$signature_method];
- }
-
- /**
- * try to find the consumer for the provided request's consumer key
- */
- private function get_consumer(&$request)
- {
- $consumer_key = @$request->get_parameter("oauth_consumer_key");
- if (! $consumer_key) {
- throw new OAuthException("Invalid consumer key");
- }
- $consumer = $this->data_store->lookup_consumer($consumer_key);
- if (! $consumer) {
- throw new OAuthException("Invalid consumer");
- }
- return $consumer;
- }
-
- /**
- * try to find the token for the provided request's token key
- */
- private function get_token(&$request, $consumer, $token_type = "access")
- {
- $token_field = @$request->get_parameter('oauth_token');
- $token = $this->data_store->lookup_token($consumer, $token_type, $token_field);
- if (! $token) {
- throw new OAuthException("Invalid $token_type token: $token_field");
- }
- return $token;
- }
-
- /**
- * all-in-one function to check the signature on a request
- * should guess the signature method appropriately
- */
- private function check_signature(&$request, $consumer, $token)
- {
- // this should probably be in a different method
- $timestamp = @$request->get_parameter('oauth_timestamp');
- $nonce = @$request->get_parameter('oauth_nonce');
- $this->check_timestamp($timestamp);
- $this->check_nonce($consumer, $token, $nonce, $timestamp);
- $signature_method = $this->get_signature_method($request);
- $signature = $request->get_parameter('oauth_signature');
- $valid_sig = $signature_method->check_signature($request, $consumer, $token, $signature);
- if (! $valid_sig) {
- throw new OAuthException("Invalid signature");
- }
- }
-
- /**
- * check that the timestamp is new enough
- */
- private function check_timestamp($timestamp)
- {
- // verify that timestamp is recentish
- $now = time();
- if ($now - $timestamp > $this->timestamp_threshold) {
- throw new OAuthException("Expired timestamp, yours $timestamp, ours $now");
- }
- }
-
- /**
- * check that the nonce is not repeated
- */
- private function check_nonce($consumer, $token, $nonce, $timestamp)
- {
- // verify that the nonce is uniqueish
- $found = $this->data_store->lookup_nonce($consumer, $token, $nonce, $timestamp);
- if ($found) {
- throw new OAuthException("Nonce already used: $nonce");
- }
- }
-}
-
-class OAuthDataStore {
-
- function lookup_consumer($consumer_key)
- { // implement me
- }
-
- function lookup_token($consumer, $token_type, $token)
- { // implement me
- }
-
- function lookup_nonce($consumer, $token, $nonce, $timestamp)
- { // implement me
- }
-
- function fetch_request_token($consumer)
- { // return a new token attached to this consumer
- }
-
- function fetch_access_token($token, $consumer)
- { // return a new access token attached to this consumer
- // for the user associated with this token if the request token
- // is authorized
- // should also invalidate the request token
- }
-}
-
-
class OAuthUtil {
public static $AUTH_SCHEME = "OAuth";
Modified: incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php?rev=673466&r1=673465&r2=673466&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcher.php Wed Jul 2 12:01:47 2008
@@ -147,16 +147,6 @@
$this->tokenStore = $tokenStore;
}
- public function init()
- {
- try {
- $this->lookupOAuthMetadata();
- } catch (Exception $e) {
- $this->error = OAuthError::$BAD_OAUTH_CONFIGURATION;
- return $this->buildErrorResponse($e);
- }
- }
-
private function buildErrorResponse(Exception $e)
{
if ($this->error == null) {
@@ -169,12 +159,12 @@
$errorBuf = '';
$errorBuf .= $e->getMessage();
$errorBuf .= "\n\n";
- $this->errorText = $errorBuf;
+ $this->errorText = $errorBuf;
return $this->buildNonDataResponse();
}
private function buildNonDataResponse()
- {
+ {
return $this->addResponseMetadata();
}
@@ -219,11 +209,22 @@
// owner identity seems reasonable.
$tokenKey->setUserId($this->authToken->getOwnerId());
return $tokenKey;
+ }
+
+ public function fetch($request) {
+ try {
+ $this->lookupOAuthMetadata();
+ } catch (Exception $e) {
+ $this->error = OAuthError::$BAD_OAUTH_CONFIGURATION;
+ return $this->buildErrorResponse($e);
+ }
+ $this->realRequest = $request;
+ $response = $this->fetchRequest($request);
+ return $response;
}
public function fetchRequest($request)
{
- $this->realRequest = $request;
if ($this->needApproval()) {
// This is section 6.1 of the OAuth spec.
$this->checkCanApprove();
@@ -611,6 +612,6 @@
}
if ($this->errorText != null) {
$this->responseMetadata[self::$ERROR_TEXT] = $this->errorText;
- }
+ }
}
}
\ No newline at end of file
Modified: incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php
URL: http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php?rev=673466&r1=673465&r2=673466&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php (original)
+++ incubator/shindig/trunk/php/src/gadgets/oauth/OAuthFetcherFactory.php Wed Jul 2 12:01:47 2008
@@ -81,7 +81,6 @@
public function getOAuthFetcher($nextFetcher, $token, $params)
{
$fetcher = new OAuthFetcher($this->tokenStore, $this->oauthCrypter, $nextFetcher, $token, $params);
- $fetcher->init();
return $fetcher;
}
}