-
Notifications
You must be signed in to change notification settings - Fork 1
/
oauth_client.php
executable file
·2511 lines (2399 loc) · 82.4 KB
/
oauth_client.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<?php
/*
* oauth_client.php
*
* @(#) $Id: oauth_client.php,v 1.83 2014/01/27 09:59:39 mlemos Exp $
*
*/
/*
{metadocument}<?xml version="1.0" encoding="ISO-8859-1" ?>
<class>
<package>net.manuellemos.oauth</package>
<version>@(#) $Id: oauth_client.php,v 1.83 2014/01/27 09:59:39 mlemos Exp $</version>
<copyright>Copyright © (C) Manuel Lemos 2012</copyright>
<title>OAuth client</title>
<author>Manuel Lemos</author>
<authoraddress>mlemos-at-acm.org</authoraddress>
<documentation>
<idiom>en</idiom>
<purpose>This class serves two main purposes:<paragraphbreak />
1) Implement the OAuth protocol to retrieve a token from a server to
authorize the access to an API on behalf of the current
user.<paragraphbreak />
2) Perform calls to a Web services API using a token previously
obtained using this class or a token provided some other way by the
Web services provider.</purpose>
<usage>Regardless of your purposes, you always need to start calling
the class <functionlink>Initialize</functionlink> function after
initializing setup variables. After you are done with the class,
always call the <functionlink>Finalize</functionlink> function at
the end.<paragraphbreak />
This class supports either OAuth protocol versions 1.0, 1.0a and
2.0. It abstracts the differences between these protocol versions,
so the class usage is the same independently of the OAuth
version of the server.<paragraphbreak />
The class also provides built-in support to several popular OAuth
servers, so you do not have to manually configure all the details to
access those servers. Just set the
<variablelink>server</variablelink> variable to configure the class
to access one of the built-in supported servers.<paragraphbreak />
If you need to access one type of server that is not yet directly
supported by the class, you need to configure it explicitly setting
the variables: <variablelink>oauth_version</variablelink>,
<variablelink>url_parameters</variablelink>,
<variablelink>authorization_header</variablelink>,
<variablelink>request_token_url</variablelink>,
<variablelink>dialog_url</variablelink>,
<variablelink>offline_dialog_url</variablelink>,
<variablelink>append_state_to_redirect_uri</variablelink> and
<variablelink>access_token_url</variablelink>.<paragraphbreak />
Before proceeding to the actual OAuth authorization process, you
need to have registered your application with the OAuth server. The
registration provides you values to set the variables
<variablelink>client_id</variablelink> and
<variablelink>client_secret</variablelink>. Some servers also
provide an additional value to set the
<variablelink>api_key</variablelink> variable.<paragraphbreak />
You also need to set the variables
<variablelink>redirect_uri</variablelink> and
<variablelink>scope</variablelink> before calling the
<functionlink>Process</functionlink> function to make the class
perform the necessary interactions with the OAuth
server.<paragraphbreak />
The OAuth protocol involves multiple steps that include redirection
to the OAuth server. There it asks permission to the current user to
grant your application access to APIs on his/her behalf. When there
is a redirection, the class will set the
<variablelink>exit</variablelink> variable to
<booleanvalue>1</booleanvalue>. Then your script should exit
immediately without outputting anything.<paragraphbreak />
When the OAuth access token is successfully obtained, the following
variables are set by the class with the obtained values:
<variablelink>access_token</variablelink>,
<variablelink>access_token_secret</variablelink>,
<variablelink>access_token_expiry</variablelink>,
<variablelink>access_token_type</variablelink>. You may want to
store these values to use them later when calling the server
APIs.<paragraphbreak />
If there was a problem during OAuth authorization process, check the
variable <variablelink>authorization_error</variablelink> to
determine the reason.<paragraphbreak />
Once you get the access token, you can call the server APIs using
the <functionlink>CallAPI</functionlink> function. Check the
<variablelink>access_token_error</variablelink> variable to
determine if there was an error when trying to to call the
API.<paragraphbreak />
If for some reason the user has revoked the access to your
application, you need to ask the user to authorize your application
again. First you may need to call the function
<functionlink>ResetAccessToken</functionlink> to reset the value of
the access token that may be cached in session variables.</usage>
</documentation>
{/metadocument}
*/
class oauth_client_class
{
/*
{metadocument}
<variable>
<name>error</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Store the message that is returned when an error
occurs.</purpose>
<usage>Check this variable to understand what happened when a call to
any of the class functions has failed.<paragraphbreak />
This class uses cumulative error handling. This means that if one
class functions that may fail is called and this variable was
already set to an error message due to a failure in a previous call
to the same or other function, the function will also fail and does
not do anything.<paragraphbreak />
This allows programs using this class to safely call several
functions that may fail and only check the failure condition after
the last function call.<paragraphbreak />
Just set this variable to an empty string to clear the error
condition.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $error = '';
/*
{metadocument}
<variable>
<name>debug</name>
<type>BOOLEAN</type>
<value>0</value>
<documentation>
<purpose>Control whether debug output is enabled</purpose>
<usage>Set this variable to <booleanvalue>1</booleanvalue> if you
need to check what is going on during calls to the class. When
enabled, the debug output goes either to the variable
<variablelink>debug_output</variablelink> and the PHP error log.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $debug = false;
/*
{metadocument}
<variable>
<name>debug_http</name>
<type>BOOLEAN</type>
<value>0</value>
<documentation>
<purpose>Control whether the dialog with the remote Web server
should also be logged.</purpose>
<usage>Set this variable to <booleanvalue>1</booleanvalue> if you
want to inspect the data exchange with the OAuth server.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $debug_http = false;
/*
{metadocument}
<variable>
<name>exit</name>
<type>BOOLEAN</type>
<value>0</value>
<documentation>
<purpose>Determine if the current script should be exited.</purpose>
<usage>Check this variable after calling the
<functionlink>Process</functionlink> function and exit your script
immediately if the variable is set to
<booleanvalue>1</booleanvalue>.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $exit = false;
/*
{metadocument}
<variable>
<name>debug_output</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Capture the debug output generated by the class</purpose>
<usage>Inspect this variable if you need to see what happened during
the class function calls.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $debug_output = '';
/*
{metadocument}
<variable>
<name>debug_prefix</name>
<type>STRING</type>
<value>OAuth client: </value>
<documentation>
<purpose>Mark the lines of the debug output to identify actions
performed by this class.</purpose>
<usage>Change this variable if you prefer the debug output lines to
be prefixed with a different text.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $debug_prefix = 'OAuth client: ';
/*
{metadocument}
<variable>
<name>server</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Identify the type of OAuth server to access.</purpose>
<usage>The class provides built-in support to several types of OAuth
servers. This means that the class can automatically initialize
several configuration variables just by setting this server
variable.<paragraphbreak />
Currently it supports the following servers:
<stringvalue>Bitbucket</stringvalue>,
<stringvalue>Box</stringvalue>,
<stringvalue>Disqus</stringvalue>,
<stringvalue>Dropbox</stringvalue> (Dropbox with OAuth 1.0),
<stringvalue>Dropbox2</stringvalue> (Dropbox with OAuth 2.0),
<stringvalue>Eventful</stringvalue>,
<stringvalue>Facebook</stringvalue>,
<stringvalue>Fitbit</stringvalue>,
<stringvalue>Flickr</stringvalue>,
<stringvalue>Foursquare</stringvalue>,
<stringvalue>github</stringvalue>,
<stringvalue>Google</stringvalue>,
<stringvalue>Google1</stringvalue> (Google with OAuth 1.0),
<stringvalue>Instagram</stringvalue>,
<stringvalue>LinkedIn</stringvalue>,
<stringvalue>Microsoft</stringvalue>,
<stringvalue>Reddit</stringvalue>,
<stringvalue>Salesforce</stringvalue>,
<stringvalue>Scoop.it</stringvalue>,
<stringvalue>StockTwits</stringvalue>,
<stringvalue>SurveyMonkey</stringvalue>,
<stringvalue>Tumblr</stringvalue>,
<stringvalue>Twitter</stringvalue>,
<stringvalue>VK</stringvalue>,
<stringvalue>Withings</stringvalue>,
<stringvalue>XING</stringvalue> and
<stringvalue>Yahoo</stringvalue>. Please contact the author if you
would like to ask to add built-in support for other types of OAuth
servers.<paragraphbreak />
If you want to access other types of OAuth servers that are not
yet supported, set this variable to an empty string and configure
other variables with values specific to those servers.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $server = '';
/*
{metadocument}
<variable>
<name>request_token_url</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>URL of the OAuth server to request the initial token for
OAuth 1.0 and 1.0a servers.</purpose>
<usage>Set this variable to the OAuth request token URL when you are
not accessing one of the built-in supported OAuth
servers.<paragraphbreak />
For OAuth 1.0 and 1.0a servers, the request token URL can have
certain marks that will act as template placeholders which will be
replaced with given values before requesting the authorization
token. Currently it supports the following placeholder
marks:<paragraphbreak />
{SCOPE} - scope of the requested permissions to the granted by the
OAuth server with the user permissions</usage>
</documentation>
</variable>
{/metadocument}
*/
var $request_token_url = '';
/*
{metadocument}
<variable>
<name>dialog_url</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>URL of the OAuth server to redirect the browser so the user
can grant access to your application.</purpose>
<usage>Set this variable to the OAuth request token URL when you are
not accessing one of the built-in supported OAuth servers.<paragraphbreak />
For certain servers, the dialog URL can have certain marks that
will act as template placeholders which will be replaced with
values defined before redirecting the users browser. Currently it
supports the following placeholder marks:<paragraphbreak />
{REDIRECT_URI} - URL to redirect when returning from the OAuth
server authorization page<paragraphbreak />
{CLIENT_ID} - client application identifier registered at the
server<paragraphbreak />
{SCOPE} - scope of the requested permissions to the granted by the
OAuth server with the user permissions<paragraphbreak />
{STATE} - identifier of the OAuth session state<paragraphbreak />
{API_KEY} - API key to access the server</usage>
</documentation>
</variable>
{/metadocument}
*/
var $dialog_url = '';
/*
{metadocument}
<variable>
<name>offline_dialog_url</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>URL of the OAuth server to redirect the browser so the user
can grant access to your application when offline access is
requested.</purpose>
<usage>Set this variable to the OAuth request token URL when you are
not accessing one of the built-in supported OAuth servers and the
OAuth server supports offline access.<paragraphbreak />
It should have the same format as the
<variablelink>dialog_url</variablelink> variable.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $offline_dialog_url = '';
/*
{metadocument}
<variable>
<name>append_state_to_redirect_uri</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Pass the OAuth session state in a variable with a different
name to work around implementation bugs of certain OAuth
servers</purpose>
<usage>Set this variable when you are not accessing one of the
built-in supported OAuth servers if the OAuth server has a bug
that makes it not pass back the OAuth state identifier in a
request variable named state.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $append_state_to_redirect_uri = '';
/*
{metadocument}
<variable>
<name>access_token_url</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>OAuth server URL that will return the access token
URL.</purpose>
<usage>Set this variable to the OAuth access token URL when you are
not accessing one of the built-in supported OAuth servers.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $access_token_url = '';
/*
{metadocument}
<variable>
<name>oauth_version</name>
<type>STRING</type>
<value>2.0</value>
<documentation>
<purpose>Version of the protocol version supported by the OAuth
server.</purpose>
<usage>Set this variable to the OAuth server protocol version when
you are not accessing one of the built-in supported OAuth
servers.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $oauth_version = '2.0';
/*
{metadocument}
<variable>
<name>url_parameters</name>
<type>BOOLEAN</type>
<value>0</value>
<documentation>
<purpose>Determine if the API call parameters should be moved to the
call URL.</purpose>
<usage>Set this variable to <booleanvalue>1</booleanvalue> if the
API you need to call requires that the call parameters always be
passed via the API URL.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $url_parameters = false;
/*
{metadocument}
<variable>
<name>authorization_header</name>
<type>BOOLEAN</type>
<value>1</value>
<documentation>
<purpose>Determine if the OAuth parameters should be passed via HTTP
Authorization request header.</purpose>
<usage>Set this variable to <booleanvalue>1</booleanvalue> if the
OAuth server requires that the OAuth parameters be passed using
the HTTP Authorization instead of the request URI parameters.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $authorization_header = true;
/*
{metadocument}
<variable>
<name>token_request_method</name>
<type>STRING</type>
<value>GET</value>
<documentation>
<purpose>Define the HTTP method that should be used to request
tokens from the server.</purpose>
<usage>Set this variable to <stringvalue>POST</stringvalue> if the
OAuth server does not support requesting tokens using the HTTP GET
method.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $token_request_method = 'GET';
/*
{metadocument}
<variable>
<name>signature_method</name>
<type>STRING</type>
<value>HMAC-SHA1</value>
<documentation>
<purpose>Define the method to generate the signature for API request
parameters values.</purpose>
<usage>Currently it supports <stringvalue>PLAINTEXT</stringvalue>
and <stringvalue>HMAC-SHA1</stringvalue>.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $signature_method = 'HMAC-SHA1';
/*
{metadocument}
<variable>
<name>redirect_uri</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>URL of the current script page that is calling this
class</purpose>
<usage>Set this variable to the current script page URL before
proceeding the the OAuth authorization process.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $redirect_uri = '';
/*
{metadocument}
<variable>
<name>client_id</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Identifier of your application registered with the OAuth
server</purpose>
<usage>Set this variable to the application identifier that is
provided by the OAuth server when you register the
application.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $client_id = '';
/*
{metadocument}
<variable>
<name>client_secret</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Secret value assigned to your application when it is
registered with the OAuth server.</purpose>
<usage>Set this variable to the application secret that is provided
by the OAuth server when you register the application.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $client_secret = '';
/*
{metadocument}
<variable>
<name>api_key</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Identifier of your API key provided by the OAuth
server</purpose>
<usage>Set this variable to the API key if the OAuth server requires
one.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $api_key = '';
/*
{metadocument}
<variable>
<name>get_token_with_api_key</name>
<type>BOOLEAN</type>
<value>0</value>
<documentation>
<purpose>Option to determine if the access token should be retrieved
using the API key value instead of the client secret.</purpose>
<usage>Set this variable to <booleanvalue>1</booleanvalue> if the
OAuth server requires that the client secret be set to the API key
when retrieving the OAuth token.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $get_token_with_api_key = false;
/*
{metadocument}
<variable>
<name>scope</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Permissions that your application needs to call the OAuth
server APIs</purpose>
<usage>Check the documentation of the APIs that your application
needs to call to set this variable with the identifiers of the
permissions that the user needs to grant to your application.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $scope = '';
/*
{metadocument}
<variable>
<name>offline</name>
<type>BOOLEAN</type>
<value>0</value>
<documentation>
<purpose>Specify whether it will be necessary to call the API when
the user is not present and the server supports renewing expired
access tokens using refresh tokens.</purpose>
<usage>Set this variable to <booleanvalue>1</booleanvalue> if the
server supports renewing expired tokens automatically when the
user is not present.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $offline = false;
/*
{metadocument}
<variable>
<name>access_token</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Access token obtained from the OAuth server</purpose>
<usage>Check this variable to get the obtained access token upon
successful OAuth authorization.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $access_token = '';
/*
{metadocument}
<variable>
<name>access_token_secret</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Access token secret obtained from the OAuth server</purpose>
<usage>If the OAuth protocol version is 1.0 or 1.0a, check this
variable to get the obtained access token secret upon successful
OAuth authorization.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $access_token_secret = '';
/*
{metadocument}
<variable>
<name>access_token_expiry</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Timestamp of the expiry of the access token obtained from
the OAuth server.</purpose>
<usage>Check this variable to get the obtained access token expiry
time upon successful OAuth authorization. If this variable is
empty, that means no expiry time was set.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $access_token_expiry = '';
/*
{metadocument}
<variable>
<name>access_token_type</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Type of access token obtained from the OAuth server.</purpose>
<usage>Check this variable to get the obtained access token type
upon successful OAuth authorization.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $access_token_type = '';
/*
{metadocument}
<variable>
<name>default_access_token_type</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Type of access token to be assumed when the OAuth server
does not specify an access token type.</purpose>
<usage>Set this variable if the server requires a certain type of
access token to be used but it does not specify a token type
when the access token is returned.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $default_access_token_type = '';
/*
{metadocument}
<variable>
<name>access_token_parameter</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Name of the access token parameter to be passed in API call
requests.</purpose>
<usage>Set this variable to a non-empty string to override the
default name for the access token parameter which is
<stringvalue>oauth_token</stringvalue> of OAuth 1 and
<stringvalue>access_token</stringvalue> for OAuth 2.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $access_token_parameter = '';
/*
{metadocument}
<variable>
<name>access_token_response</name>
<type>ARRAY</type>
<documentation>
<purpose>The original response for the access token request</purpose>
<usage>Check this variable if the OAuth server returns custom
parameters in the request to obtain the access token.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $access_token_response;
/*
{metadocument}
<variable>
<name>store_access_token_response</name>
<type>BOOLEAN</type>
<value>0</value>
<documentation>
<purpose>Option to determine if the original response for the access
token request should be stored in the
<variablelink>access_token_response</variablelink>
variable.</purpose>
<usage>Set this variable to <booleanvalue>1</booleanvalue> if the
OAuth server returns custom parameters in the request to obtain
the access token that may be needed in subsequent API calls.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $store_access_token_response = false;
/*
{metadocument}
<variable>
<name>access_token_authentication</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Option to determine if the requests to obtain a new access
token should use authentication to pass the application client ID
and secret.</purpose>
<usage>Set this variable to <stringvalue>basic</stringvalue> if the
OAuth server requires that the the client ID and secret be passed
using HTTP basic authentication headers when retrieving a new
token.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $access_token_authentication = '';
/*
{metadocument}
<variable>
<name>refresh_token</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Refresh token obtained from the OAuth server</purpose>
<usage>Check this variable to get the obtained refresh token upon
successful OAuth authorization.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $refresh_token = '';
/*
{metadocument}
<variable>
<name>access_token_error</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Error message returned when a call to the API fails.</purpose>
<usage>Check this variable to determine if there was an error while
calling the Web services API when using the
<functionlink>CallAPI</functionlink> function.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $access_token_error = '';
/*
{metadocument}
<variable>
<name>authorization_error</name>
<type>STRING</type>
<value></value>
<documentation>
<purpose>Error message returned when it was not possible to obtain
an OAuth access token</purpose>
<usage>Check this variable to determine if there was an error while
trying to obtain the OAuth access token.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $authorization_error = '';
/*
{metadocument}
<variable>
<name>response_status</name>
<type>INTEGER</type>
<value>0</value>
<documentation>
<purpose>HTTP response status returned by the server when calling an
API</purpose>
<usage>Check this variable after calling the
<functionlink>CallAPI</functionlink> function if the API calls and you
need to process the error depending the response status.
<integervalue>200</integervalue> means no error.
<integervalue>0</integervalue> means the server response was not
retrieved.</usage>
</documentation>
</variable>
{/metadocument}
*/
var $response_status = 0;
var $oauth_user_agent = 'PHP-OAuth-API (http://www.phpclasses.org/oauth-api $Revision: 1.83 $)';
var $session_started = false;
Function SetError($error)
{
$this->error = $error;
if($this->debug)
$this->OutputDebug('Error: '.$error);
return(false);
}
Function SetPHPError($error, &$php_error_message)
{
if(IsSet($php_error_message)
&& strlen($php_error_message))
$error.=": ".$php_error_message;
return($this->SetError($error));
}
Function OutputDebug($message)
{
if($this->debug)
{
$message = $this->debug_prefix.$message;
$this->debug_output .= $message."\n";;
error_log($message);
}
return(true);
}
Function GetRequestTokenURL(&$request_token_url)
{
$request_token_url = $this->request_token_url;
return(true);
}
Function GetDialogURL(&$url, $redirect_uri = '', $state = '')
{
$url = (($this->offline && strlen($this->offline_dialog_url)) ? $this->offline_dialog_url : $this->dialog_url);
if(strlen($url) === 0)
return $this->SetError('the dialog URL '.($this->offline ? 'for offline access ' : '').'is not defined for this server');
$url = str_replace(
'{REDIRECT_URI}', UrlEncode($redirect_uri), str_replace(
'{STATE}', UrlEncode($state), str_replace(
'{CLIENT_ID}', UrlEncode($this->client_id), str_replace(
'{API_KEY}', UrlEncode($this->api_key), str_replace(
'{SCOPE}', UrlEncode($this->scope),
$url)))));
return(true);
}
Function GetAccessTokenURL(&$access_token_url)
{
$access_token_url = str_replace('{API_KEY}', $this->api_key, $this->access_token_url);
return(true);
}
Function GetStoredState(&$state)
{
if(!$this->session_started)
{
if(!function_exists('session_start'))
return $this->SetError('Session variables are not accessible in this PHP environment');
}
if(IsSet($_SESSION['OAUTH_STATE']))
$state = $_SESSION['OAUTH_STATE'];
else
$state = $_SESSION['OAUTH_STATE'] = time().'-'.substr(md5(rand().time()), 0, 6);
return(true);
}
Function GetRequestState(&$state)
{
$check = (strlen($this->append_state_to_redirect_uri) ? $this->append_state_to_redirect_uri : 'state');
$state = (IsSet($_GET[$check]) ? $_GET[$check] : null);
return(true);
}
Function GetRequestCode(&$code)
{
$code = (IsSet($_GET['code']) ? $_GET['code'] : null);
return(true);
}
Function GetRequestError(&$error)
{
$error = (IsSet($_GET['error']) ? $_GET['error'] : null);
return(true);
}
Function GetRequestDenied(&$denied)
{
$denied = (IsSet($_GET['denied']) ? $_GET['denied'] : null);
return(true);
}
Function GetRequestToken(&$token, &$verifier)
{
$token = (IsSet($_GET['oauth_token']) ? $_GET['oauth_token'] : null);
$verifier = (IsSet($_GET['oauth_verifier']) ? $_GET['oauth_verifier'] : null);
return(true);
}
Function GetRedirectURI(&$redirect_uri)
{
if(strlen($this->redirect_uri))
$redirect_uri = $this->redirect_uri;
else
$redirect_uri = 'http://'.$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI'];
return true;
}
/*
{metadocument}
<function>
<name>Redirect</name>
<type>VOID</type>
<documentation>
<purpose>Redirect the user browser to a given page.</purpose>
<usage>This function is meant to be only be called from inside the
class. By default it issues HTTP 302 response status and sets the
redirection location to a given URL. Sub-classes may override this
function to implement a different way to redirect the user
browser.</usage>
</documentation>
<argument>
<name>url</name>
<type>STRING</type>
<documentation>
<purpose>String with the full URL of the page to redirect.</purpose>
</documentation>
</argument>
<do>
{/metadocument}
*/
Function Redirect($url)
{
Header('HTTP/1.0 302 OAuth Redirection');
Header('Location: '.$url);
}
/*
{metadocument}
</do>
</function>
{/metadocument}
*/
/*
{metadocument}
<function>
<name>StoreAccessToken</name>
<type>BOOLEAN</type>
<documentation>
<purpose>Store the values of the access token when it is succefully
retrieved from the OAuth server.</purpose>
<usage>This function is meant to be only be called from inside the
class. By default it stores access tokens in a session variable
named <stringvalue>OAUTH_ACCESS_TOKEN</stringvalue>.<paragraphbreak />
Actual implementations should create a sub-class and override this
function to make the access token values be stored in other types
of containers, like for instance databases.</usage>
<returnvalue>This function should return
<booleanvalue>1</booleanvalue> if the access token was stored
successfully.</returnvalue>
</documentation>
<argument>
<name>access_token</name>
<type>HASH</type>
<documentation>
<purpose>Associative array with properties of the access token.
The array may have set the following
properties:<paragraphbreak />
<stringvalue>value</stringvalue>: string value of the access
token<paragraphbreak />
<stringvalue>authorized</stringvalue>: boolean value that
determines if the access token was obtained
successfully<paragraphbreak />