include/oauth.php

   1 <?php
   2 /**
   3  * OAuth server
   4  * Based on oauth2-php <http://code.google.com/p/oauth2-php/>
   5  *
   6  */
   7
   8 define('TOKEN_DURATION', 300);
   9
  10 require_once("library/OAuth1.php");
  11 require_once("library/oauth2-php/lib/OAuth2.inc");
  12
  13 class FKOAuthDataStore extends OAuthDataStore {
  14   function gen_token(){
  15                 return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
  16   }
  17
  18   function lookup_consumer($consumer_key) {
  19       //echo "<pre>"; var_dump($consumer_key); killme();
  20
  21                 $r = q("SELECT client_id, pw, redirect_uri FROM clients WHERE client_id='%s'",
  22                         dbesc($consumer_key)
  23                 );
  24                 if (count($r))
  25                         return new OAuthConsumer($r[0]['client_id'],$r[0]['pw'],$r[0]['redirect_uri']);
  26                 return null;
  27   }
  28
  29   function lookup_token($consumer, $token_type, $token) {
  30                 //echo __file__.":".__line__."<pre>"; var_dump($consumer, $token_type, $token); killme();
  31                 $r = q("SELECT id, secret,scope, expires  FROM tokens WHERE client_id='%s' AND scope='%s' AND id='%s'",
  32                         dbesc($consumer->key),
  33                         dbesc($token_type),
  34                         dbesc($token)
  35                 );
  36                 if (count($r)){
  37                         $ot=new OAuthToken($r[0]['id'],$r[0]['secret']);
  38                         $ot->scope=$r[0]['scope'];
  39                         $ot->expires = $r[0]['expires'];
  40                         return $ot;
  41                 }
  42                 return null;
  43   }
  44
  45   function lookup_nonce($consumer, $token, $nonce, $timestamp) {
  46                 //echo __file__.":".__line__."<pre>"; var_dump($consumer,$key); killme();
  47                 $r = q("SELECT id, secret  FROM tokens WHERE client_id='%s' AND id='%s' AND expires=%d",
  48                         dbesc($consumer->key),
  49                         dbesc($nonce),
  50                         intval($timestamp)
  51                 );
  52                 if (count($r))
  53                         return new OAuthToken($r[0]['id'],$r[0]['secret']);
  54                 return null;
  55   }
  56
  57   function new_request_token($consumer, $callback = null) {
  58                 $key = $this->gen_token();
  59                 $sec = $this->gen_token();
  60                 $r = q("INSERT INTO tokens (id, secret, client_id, scope, expires) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP()+%d)",
  61                                 dbesc($key),
  62                                 dbesc($sec),
  63                                 dbesc($consumer->key),
  64                                 'request',
  65                                 intval(TOKEN_DURATION));
  66                 if (!$r) return null;
  67                 return new OAuthToken($key,$sec);
  68   }
  69
  70   function new_access_token($token, $consumer, $verifier = null) {
  71     // return a new access token attached to this consumer
  72     // for the user associated with this token if the request token
  73     // is authorized
  74     // should also invalidate the request token
  75
  76     $ret=Null;
  77
  78     if (!is_null($token) && $token->expires > time()){
  79
  80                 $key = $this->gen_token();
  81                 $sec = $this->gen_token();
  82                 $r = q("INSERT INTO tokens (id, secret, client_id, scope, expires) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP()+%d)",
  83                                 dbesc($key),
  84                                 dbesc($sec),
  85                                 dbesc($consumer->$key),
  86                                 'access',
  87                                 intval(TOKEN_DURATION));
  88                 if ($r)
  89                         $ret = new OAuthToken($key,$sec);
  90         }
  91
  92
  93         q("DELETE FROM tokens WHERE id='%s'", $token->key);
  94
  95     return $ret;
  96
  97   }
  98 }
  99
 100 class FKOAuth1 extends OAuthServer {
 101         function __construct() {
 102                 parent::__construct(new FKOAuthDataStore());
 103                 $this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
 104                 $this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
 105         }
 106 }
 107
 108 class FKOAuth2 extends OAuth2 {
 109
 110         private function db_secret($client_secret){
 111                 return hash('whirlpool',$client_secret);
 112         }
 113
 114         public function addClient($client_id, $client_secret, $redirect_uri) {
 115                 $client_secret = $this->db_secret($client_secret);
 116                 $r = q("INSERT INTO clients (client_id, pw, redirect_uri) VALUES ('%s', '%s', '%s')",
 117                         dbesc($client_id),
 118                         dbesc($client_secret),
 119                         dbesc($redirect_uri)
 120                 );
 121
 122                 return $r;
 123         }
 124
 125         protected function checkClientCredentials($client_id, $client_secret = NULL) {
 126                 $client_secret = $this->db_secret($client_secret);
 127
 128                 $r = q("SELECT pw FROM clients WHERE client_id = '%s'",
 129                         dbesc($client_id));
 130
 131                 if ($client_secret === NULL)
 132                         return $result !== FALSE;
 133
 134                 return $result["client_secret"] == $client_secret;
 135         }
 136
 137         protected function getRedirectUri($client_id) {
 138                 $r = q("SELECT redirect_uri FROM clients WHERE client_id = '%s'",
 139                                 dbesc($client_id));
 140                 if ($r === FALSE)
 141                         return FALSE;
 142
 143                 return isset($r[0]["redirect_uri"]) && $r[0]["redirect_uri"] ? $r[0]["redirect_uri"] : NULL;
 144         }
 145
 146         protected function getAccessToken($oauth_token) {
 147                 $r = q("SELECT client_id, expires, scope FROM tokens WHERE id = '%s'",
 148                                 dbesc($oauth_token));
 149
 150                 if (count($r))
 151                         return $r[0];
 152                 return null;
 153         }
 154
 155
 156
 157         protected function setAccessToken($oauth_token, $client_id, $expires, $scope = NULL) {
 158                 $r = q("INSERT INTO tokens (id, client_id, expires, scope) VALUES ('%s', '%s', %d, '%s')",
 159                                 dbesc($oauth_token),
 160                                 dbesc($client_id),
 161                                 intval($expires),
 162                                 dbesc($scope));
 163
 164                 return $r;
 165         }
 166
 167         protected function getSupportedGrantTypes() {
 168                 return array(
 169                   OAUTH2_GRANT_TYPE_AUTH_CODE,
 170                 );
 171         }
 172
 173
 174         protected function getAuthCode($code) {
 175                 $r = q("SELECT id, client_id, redirect_uri, expires, scope FROM auth_codes WHERE id = '%s'",
 176                                 dbesc($code));
 177
 178                 if (count($r))
 179                         return $r[0];
 180                 return null;
 181         }
 182
 183         protected function setAuthCode($code, $client_id, $redirect_uri, $expires, $scope = NULL) {
 184                 $r = q("INSERT INTO auth_codes
 185                                         (id, client_id, redirect_uri, expires, scope) VALUES
 186                                         ('%s', '%s', '%s', %d, '%s')",
 187                                 dbesc($code),
 188                                 dbesc($client_id),
 189                                 dbesc($redirect_uri),
 190                                 intval($expires),
 191                                 dbesc($scope));
 192                 return $r;
 193         }
 194
 195 }