first import
This commit is contained in:
Bachir Soussi Chiadmi
97
sites/all/modules/oauth/oauth_common.inc
Normal file
97
sites/all/modules/oauth/oauth_common.inc
Normal file
@@ -0,0 +1,97 @@
|
||||
<?php
|
||||
|
||||
/**
|
||||
* Return information about consumers related to a user.
|
||||
*
|
||||
* @param int $uid
|
||||
* User ID to retrieve consumer info for.
|
||||
* @return array
|
||||
* An array of consumer info
|
||||
*/
|
||||
function oauth_common_user_consumers($uid) {
|
||||
$result = db_query('SELECT c.secret, c.configuration, pc.*
|
||||
FROM {oauth_common_consumer} c
|
||||
INNER JOIN {oauth_common_provider_consumer} pc ON pc.csid = c.csid
|
||||
WHERE pc.uid = :uid', array(':uid' => $uid));
|
||||
|
||||
$consumers = array();
|
||||
while ($consumer = DrupalOAuthConsumer::fromResult($result)) {
|
||||
$consumers[] = $consumer;
|
||||
}
|
||||
|
||||
return $consumers;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return information about access tokens related to a user.
|
||||
*
|
||||
* @param int $uid
|
||||
* User ID to retrieve consumer info for.
|
||||
* @return array
|
||||
* An array of consumer info
|
||||
*/
|
||||
function oauth_common_user_access_tokens($uid) {
|
||||
$result = db_query("SELECT * FROM {oauth_common_token} WHERE uid = :uid AND type = :type", array(
|
||||
':uid' => $uid,
|
||||
':type' => OAUTH_COMMON_TOKEN_TYPE_ACCESS,
|
||||
));
|
||||
$tokens = array();
|
||||
while ($token = DrupalOAuthToken::fromResult($result)) {
|
||||
$tokens[] = $token;
|
||||
}
|
||||
return $tokens;
|
||||
}
|
||||
|
||||
/**
|
||||
* Verifies the request
|
||||
*
|
||||
* @return array
|
||||
* An array containing three elements. The first is TRUE if the request was
|
||||
* signed, otherwise FALSE. Then comes the validated consumer and token objects.
|
||||
*/
|
||||
function oauth_common_verify_request() {
|
||||
$req = DrupalOAuthRequest::from_request();
|
||||
// Verify
|
||||
$consumer_key = $req->get_parameter('oauth_consumer_key');
|
||||
if (!empty($consumer_key)) {
|
||||
$consumer = DrupalOAuthConsumer::loadProviderByKey($consumer_key);
|
||||
if ($consumer) {
|
||||
$context = oauth_common_context_load($consumer->context);
|
||||
|
||||
if (!$context) {
|
||||
throw new Exception('No OAuth context found');
|
||||
}
|
||||
|
||||
_oauth_common_verify_body_hash($req);
|
||||
|
||||
// Only verify request if we got a signature
|
||||
$signature = $req->get_parameter('oauth_signature');
|
||||
if (!empty($signature)) {
|
||||
$server = new DrupalOAuthServer($context);
|
||||
return array_merge(array(TRUE), $server->verify_request($req));
|
||||
}
|
||||
else {
|
||||
$token_key = $req->get_parameter('oauth_token');
|
||||
if (empty($token_key) || !($token = DrupalOAuthToken::loadbyKey($token_key, $consumer))) {
|
||||
$token = NULL;
|
||||
}
|
||||
return array(FALSE, $consumer, $token);
|
||||
}
|
||||
}
|
||||
}
|
||||
return array(FALSE, NULL, NULL);
|
||||
}
|
||||
|
||||
function _oauth_common_verify_body_hash($req) {
|
||||
$body_hash = $req->get_parameter('oauth_body_hash');
|
||||
if ($body_hash && module_exists('inputstream')) {
|
||||
$hres = hash_init('sha1');
|
||||
$stream = fopen('drupal://input', 'r');
|
||||
hash_update_stream($hres, $stream);
|
||||
fclose($stream);
|
||||
$sha1 = hash_final($hres, TRUE);
|
||||
if ($sha1 !== base64_decode($body_hash)) {
|
||||
throw new OAuthException("Invalid body hash");
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user