本文整理汇总了PHP中OAuthServer类的典型用法代码示例。如果您正苦于以下问题:PHP OAuthServer类的具体用法?PHP OAuthServer怎么用?PHP OAuthServer使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了OAuthServer类的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的PHP代码示例。
示例1: handle
/**
* Handle a request for temporary OAuth credentials
*
* Make sure the request is kosher, then emit a set of temporary
* credentials -- AKA an unauthorized request token.
*
* @param array $args array of arguments
*
* @return void
*/
function handle($args)
{
parent::handle($args);
$datastore = new ApiStatusNetOAuthDataStore();
$server = new OAuthServer($datastore);
$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($hmac_method);
try {
$req = OAuthRequest::from_request();
// verify callback
if (!$this->verifyCallback($req->get_parameter('oauth_callback'))) {
throw new OAuthException("You must provide a valid URL or 'oob' in oauth_callback.", 400);
}
// check signature and issue a new request token
$token = $server->fetch_request_token($req);
common_log(LOG_INFO, sprintf("API OAuth - Issued request token %s for consumer %s with oauth_callback %s", $token->key, $req->get_parameter('oauth_consumer_key'), "'" . $req->get_parameter('oauth_callback') . "'"));
// return token to the client
$this->showRequestToken($token);
} catch (OAuthException $e) {
common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage());
// Return 401 for for bad credentials or signature problems,
// and 400 for missing or unsupported parameters
$code = $e->getCode();
$this->clientError($e->getMessage(), empty($code) ? 401 : $code, 'text');
}
}
开发者ID:ronhuang,项目名称:statusnet,代码行数:36,代码来源:apioauthrequesttoken.php
示例2: handle
/**
* Class handler.
*
* @param array $args array of arguments
*
* @return void
*/
function handle($args)
{
parent::handle($args);
$datastore = new ApiStatusNetOAuthDataStore();
$server = new OAuthServer($datastore);
$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($hmac_method);
$atok = $app = null;
// XXX: Insist that oauth_token and oauth_verifier be populated?
// Spec doesn't say they MUST be.
try {
$req = OAuthRequest::from_request();
$this->reqToken = $req->get_parameter('oauth_token');
$this->verifier = $req->get_parameter('oauth_verifier');
$app = $datastore->getAppByRequestToken($this->reqToken);
$atok = $server->fetch_access_token($req);
} catch (Exception $e) {
common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage());
common_debug(var_export($req, true));
$code = $e->getCode();
$this->clientError($e->getMessage(), empty($code) ? 401 : $code, 'text');
return;
}
if (empty($atok)) {
// Token exchange failed -- log it
$msg = sprintf('API OAuth - Failure exchanging OAuth request token for access token, ' . 'request token = %s, verifier = %s', $this->reqToken, $this->verifier);
common_log(LOG_WARNING, $msg);
// TRANS: Client error given from the OAuth API when the request token or verifier is invalid.
$this->clientError(_('Invalid request token or verifier.'), 400, 'text');
} else {
common_log(LOG_INFO, sprintf("Issued access token '%s' for application %d (%s).", $atok->key, $app->id, $app->name));
$this->showAccessToken($atok);
}
}
开发者ID:microcosmx,项目名称:experiments,代码行数:41,代码来源:apioauthaccesstoken.php
示例3: omb_oauth_server
function omb_oauth_server()
{
static $server = null;
if (is_null($server)) {
$server = new OAuthServer(omb_oauth_datastore());
$server->add_signature_method(omb_hmac_sha1());
}
return $server;
}
开发者ID:microcosmx,项目名称:experiments,代码行数:9,代码来源:omb.php
示例4: handleOAuthBodyPOST
function handleOAuthBodyPOST($oauth_consumer_key, $oauth_consumer_secret)
{
$request_headers = OAuthUtil::get_headers();
// print_r($request_headers);
// Must reject application/x-www-form-urlencoded
if ($request_headers['Content-type'] == 'application/x-www-form-urlencoded' ) {
throw new Exception("OAuth request body signing must not use application/x-www-form-urlencoded");
}
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
// echo("HEADER PARMS=\n");
// print_r($header_parameters);
$oauth_body_hash = $header_parameters['oauth_body_hash'];
// echo("OBH=".$oauth_body_hash."\n");
}
if ( ! isset($oauth_body_hash) ) {
throw new Exception("OAuth request body signing requires oauth_body_hash body");
}
// Verify the message signature
$store = new TrivialOAuthDataStore();
$store->add_consumer($oauth_consumer_key, $oauth_consumer_secret);
$server = new OAuthServer($store);
$method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($method);
$request = OAuthRequest::from_request();
global $LastOAuthBodyBaseString;
$LastOAuthBodyBaseString = $request->get_signature_base_string();
// echo($LastOAuthBodyBaseString."\n");
try {
$server->verify_request($request);
} catch (Exception $e) {
$message = $e->getMessage();
throw new Exception("OAuth signature failed: " . $message);
}
$postdata = file_get_contents('php://input');
// echo($postdata);
$hash = base64_encode(sha1($postdata, TRUE));
if ( $hash != $oauth_body_hash ) {
throw new Exception("OAuth oauth_body_hash mismatch");
}
return $postdata;
}
开发者ID:anilch,项目名称:Personel,代码行数:55,代码来源:OAuthBody.php
示例5: genSign
public function genSign($key, $secret, $token, $tokenSecret, $httpMethod, $endpoint)
{
$authServer = new OAuthServer(new MockOAuthDataStore());
$hmac_method = new OAuthSignatureMethodHmacSha1();
$authServer->add_signature_method($hmac_method);
$sig_method = $hmac_method;
$authConsumer = new OAuthConsumer($key, $secret, NULL);
$authToken = NULL;
$authToken = new OAuthToken($token, $tokenSecret);
//$params is the query param array which is required only in the httpMethod is "GET"
$params = array();
//TODO: set the Query parameters to $params if httpMethod is "GET"
$acc_req = OAuthRequest::from_consumer_and_token($authConsumer, $authToken, $httpMethod, $endpoint, $params);
$acc_req->sign_request($sig_method, $authConsumer, $authToken);
return OAuthutil::parseQueryString($acc_req);
}
开发者ID:oscarsmartwave,项目名称:l45fbl45t,代码行数:16,代码来源:AuthSignature.php
示例6: access_token
public function access_token($params)
{
try {
$server = new OAuthServer($this->oauthDataStore);
$server->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
$server->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
$request = OAuthRequest::from_request();
$token = $server->fetch_access_token($request);
if ($token) {
echo $token->to_string();
}
} catch (OAuthException $e) {
$this->sendServerError(401, $e->getMessage());
} catch (Exception $e) {
$this->sendServerError(400, $e->getMessage());
}
}
开发者ID:vuxuandung,项目名称:Partuza-bundle,代码行数:17,代码来源:oauth.php
示例7: handle
/**
* Class handler.
*
* @param array $args array of arguments
*
* @return void
*/
function handle($args)
{
parent::handle($args);
$datastore = new ApiStatusNetOAuthDataStore();
$server = new OAuthServer($datastore);
$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($hmac_method);
try {
$req = OAuthRequest::from_request();
$token = $server->fetch_request_token($req);
print $token;
} catch (OAuthException $e) {
common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage());
header('HTTP/1.1 401 Unauthorized');
header('Content-Type: text/html; charset=utf-8');
print $e->getMessage() . "\n";
}
}
开发者ID:sukhjindersingh,项目名称:PHInest-Solutions,代码行数:25,代码来源:apioauthrequesttoken.php
示例8: __construct
/**
* Create new Basic LTI access object
*
* @param string $key
* @param string $secret
*
* @throws \Exception
*/
public function __construct($key, $secret)
{
$request = \OAuthRequest::from_request();
$oauth_consumer_key = $request->get_parameter("oauth_consumer_key");
// ensure the key in the request matches the locally supplied one
if ($oauth_consumer_key == null) {
throw new \Exception("Missing oauth_consumer_key in request");
}
if ($oauth_consumer_key != $key) {
throw new \Exception("oauth_consumer_key doesn't match supplied key");
}
// verify the message signature
$store = new TrivialOAuthDataStore($oauth_consumer_key, $secret);
$server = new \OAuthServer($store);
$method = new \OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($method);
$server->verify_request($request);
$this->request = $request;
}
开发者ID:fresnostate-library,项目名称:xerxes,代码行数:27,代码来源:Basic.php
示例9: handle_oauth_body_post
function handle_oauth_body_post($oauthconsumerkey, $oauthconsumersecret, $body, $requestheaders = null)
{
if ($requestheaders == null) {
$requestheaders = OAuthUtil::get_headers();
}
// Must reject application/x-www-form-urlencoded.
if (isset($requestheaders['Content-type'])) {
if ($requestheaders['Content-type'] == 'application/x-www-form-urlencoded') {
throw new OAuthException("OAuth request body signing must not use application/x-www-form-urlencoded");
}
}
if (@substr($requestheaders['Authorization'], 0, 6) == "OAuth ") {
$headerparameters = OAuthUtil::split_header($requestheaders['Authorization']);
$oauthbodyhash = $headerparameters['oauth_body_hash'];
}
if (!isset($oauthbodyhash)) {
throw new OAuthException("OAuth request body signing requires oauth_body_hash body");
}
// Verify the message signature.
$store = new TrivialOAuthDataStore();
$store->add_consumer($oauthconsumerkey, $oauthconsumersecret);
$server = new OAuthServer($store);
$method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($method);
$request = OAuthRequest::from_request();
try {
$server->verify_request($request);
} catch (\Exception $e) {
$message = $e->getMessage();
throw new OAuthException("OAuth signature failed: " . $message);
}
$postdata = $body;
$hash = base64_encode(sha1($postdata, true));
if ($hash != $oauthbodyhash) {
throw new OAuthException("OAuth oauth_body_hash mismatch");
}
return $postdata;
}
开发者ID:CTANZ,项目名称:moodle-mod_equella,代码行数:38,代码来源:oauthlocallib.php
示例10: authorizeAction
public function authorizeAction()
{
$auth = Zend_Auth::getInstance();
$store = OAuthStore::instance();
$registry = Zend_Registry::getInstance();
$router = Zend_Controller_Front::getInstance()->getRouter();
$request = $this->getRequest();
if (!$auth->hasIdentity()) {
Zend_Controller_Front::getInstance()->registerPlugin(new Ml_Plugins_LoginRedirect());
}
$this->_helper->loadOauthstore->preloadServer();
$server = new OAuthServer();
$form = Ml_Model_Api::authorizeForm();
// Check if there is a valid request token in the current request
// Returns an array with the
//consumer key, consumer secret, token, token secret and token type.
$rs = $server->authorizeVerify();
$consumer = $store->getConsumer($rs['consumer_key'], $auth->getIdentity());
$this->view->consumerInfo = $consumer;
if ($request->isPost() && $form->isValid($request->getPost())) {
$values = $form->getValues();
if (isset($values['allow'])) {
$authorized = true;
} else {
if (isset($values['deny'])) {
$authorized = false;
}
}
if (isset($authorized)) {
$server->authorizeFinish($authorized, $auth->getIdentity());
//If no oauth_callback, the user is redirected to
$this->_redirect($router->assemble(array(), "accountapps") . "?new_addition", array("exit"));
}
}
$this->view->authorizeForm = $form;
}
开发者ID:henvic,项目名称:MediaLab,代码行数:36,代码来源:ApiController.php
示例11: handle
/**
* Class handler.
*
* @param array $args array of arguments
*
* @return void
*/
function handle($args)
{
parent::handle($args);
$datastore = new ApiStatusNetOAuthDataStore();
$server = new OAuthServer($datastore);
$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($hmac_method);
$atok = null;
try {
$req = OAuthRequest::from_request();
$atok = $server->fetch_access_token($req);
} catch (OAuthException $e) {
common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage());
common_debug(var_export($req, true));
$this->outputError($e->getMessage());
return;
}
if (empty($atok)) {
common_debug('couldn\'t get access token.');
print "Token exchange failed. Has the request token been authorized?\n";
} else {
print $atok;
}
}
开发者ID:sukhjindersingh,项目名称:PHInest-Solutions,代码行数:31,代码来源:apioauthaccesstoken.php
示例12: actionAuthorize
public function actionAuthorize()
{
//登陆用户
$user_id = Yii::app()->user->id;
$model = new LoginForm();
$errmsg = '';
// 取得 oauth store 和 oauth server 对象
$server = new OAuthServer();
try {
// 检查当前请求中是否包含一个合法的请求token
// 返回一个数组, 包含consumer key, consumer secret, token, token secret 和 token type.
$rs = $server->authorizeVerify($user_id);
// 没有登录时不允许跳转
if (!empty($user_id)) {
//当application_type 为 system 时,可以不须经过用户授权
if ($rs['application_type'] == 'system') {
$authorized = True;
$server->authorizeFinish($authorized, $user_id);
}
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
// 判断用户是否点击了 "allow" 按钮(或者你可以自定义为其他标识)
$authorized = True;
// 设置token的认证状态(已经被认证或者尚未认证)
// 如果存在 oauth_callback 参数, 重定向到客户(消费方)地址
$verifier = $server->authorizeFinish($authorized, $user_id);
// 如果没有 oauth_callback 参数, 显示认证结果
// ** 你的代码 **
echo $verifier;
die;
} else {
#echo 'Error';
}
} else {
// if it is ajax validation request
if (isset($_POST['ajax']) && $_POST['ajax'] === 'login-form') {
echo EActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if (isset($_POST['LoginForm'])) {
$model->attributes = $_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if ($model->validate() && $model->login()) {
$this->refresh();
}
}
}
} catch (OAuthException $e) {
$errmsg = $e->getMessage();
throw new CHttpException(401, $errmsg);
// 请求中没有包含token, 显示一个使用户可以输入token以进行验证的页面
// ** 你的代码 **
} catch (OAuthException2 $e) {
$errmsg = $e->getMessage();
// 请求了一个错误的token
// ** 你的代码 **
throw new CHttpException(401, $errmsg);
}
$data = array('rs' => $rs, 'model' => $model, 'errmsg' => $errmsg);
$this->render('Authorize', $data);
}
开发者ID:vangogogo,项目名称:justsns,代码行数:61,代码来源:OauthController.php
示例13: checkOAuthRequest
/**
* Verifies the OAuth request signature, sets the auth user
* and access type (read-only or read-write)
*
* @param OAuthRequest $request the OAuth Request
*
* @return nothing
*/
function checkOAuthRequest($request)
{
$datastore = new ApiGNUsocialOAuthDataStore();
$server = new OAuthServer($datastore);
$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($hmac_method);
try {
$server->verify_request($request);
$consumer = $request->get_parameter('oauth_consumer_key');
$access_token = $request->get_parameter('oauth_token');
$app = Oauth_application::getByConsumerKey($consumer);
if (empty($app)) {
common_log(LOG_WARNING, 'API OAuth - Couldn\'t find the OAuth app for consumer key: ' . $consumer);
// TRANS: OAuth exception thrown when no application is found for a given consumer key.
throw new OAuthException(_('No application for that consumer key.'));
}
// set the source attr
if ($app->name != 'anonymous') {
$this->source = $app->name;
}
$appUser = Oauth_application_user::getKV('token', $access_token);
if (!empty($appUser)) {
// If access_type == 0 we have either a request token
// or a bad / revoked access token
if ($appUser->access_type != 0) {
// Set the access level for the api call
$this->access = $appUser->access_type & Oauth_application::$writeAccess ? self::READ_WRITE : self::READ_ONLY;
// Set the auth user
if (Event::handle('StartSetApiUser', array(&$user))) {
$user = User::getKV('id', $appUser->profile_id);
if (!empty($user)) {
if (!$user->hasRight(Right::API)) {
// TRANS: Authorization exception thrown when a user without API access tries to access the API.
throw new AuthorizationException(_('Not allowed to use API.'));
}
}
$this->auth_user = $user;
// FIXME: setting the value returned by common_current_user()
// There should probably be a better method for this. common_set_user()
// does lots of session stuff.
global $_cur;
$_cur = $this->auth_user;
Event::handle('EndSetApiUser', array($user));
}
$msg = "API OAuth authentication for user '%s' (id: %d) on behalf of " . "application '%s' (id: %d) with %s access.";
common_log(LOG_INFO, sprintf($msg, $this->auth_user->nickname, $this->auth_user->id, $app->name, $app->id, ($this->access = self::READ_WRITE) ? 'read-write' : 'read-only'));
} else {
// TRANS: OAuth exception given when an incorrect access token was given for a user.
throw new OAuthException(_('Bad access token.'));
}
} else {
// Also should not happen.
// TRANS: OAuth exception given when no user was found for a given token (no token was found).
throw new OAuthException(_('No user for that token.'));
}
} catch (OAuthException $e) {
$this->logAuthFailure($e->getMessage());
common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage());
$this->clientError($e->getMessage(), 401);
}
}
开发者ID:allmende,项目名称:qvitter,代码行数:69,代码来源:apiauthaction.php
示例14: checkOAuthRequest
/**
* Verifies the OAuth request signature, sets the auth user
* and access type (read-only or read-write)
*
* @param OAuthRequest $request the OAuth Request
*
* @return nothing
*/
function checkOAuthRequest($request)
{
$datastore = new ApiStatusNetOAuthDataStore();
$server = new OAuthServer($datastore);
$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($hmac_method);
try {
$server->verify_request($request);
$consumer = $request->get_parameter('oauth_consumer_key');
$access_token = $request->get_parameter('oauth_token');
$app = Oauth_application::getByConsumerKey($consumer);
if (empty($app)) {
common_log(LOG_WARNING, 'Couldn\'t find the OAuth app for consumer key: ' . $consumer);
throw new OAuthException('No application for that consumer key.');
}
// set the source attr
$this->source = $app->name;
$appUser = Oauth_application_user::staticGet('token', $access_token);
if (!empty($appUser)) {
// If access_type == 0 we have either a request token
// or a bad / revoked access token
if ($appUser->access_type != 0) {
// Set the access level for the api call
$this->access = $appUser->access_type & Oauth_application::$writeAccess ? self::READ_WRITE : self::READ_ONLY;
// Set the auth user
if (Event::handle('StartSetApiUser', array(&$user))) {
$this->auth_user = User::staticGet('id', $appUser->profile_id);
Event::handle('EndSetApiUser', array($user));
}
$msg = "API OAuth authentication for user '%s' (id: %d) on behalf of " . "application '%s' (id: %d) with %s access.";
common_log(LOG_INFO, sprintf($msg, $this->auth_user->nickname, $this->auth_user->id, $app->name, $app->id, ($this->access = self::READ_WRITE) ? 'read-write' : 'read-only'));
} else {
throw new OAuthException('Bad access token.');
}
} else {
// Also should not happen
throw new OAuthException('No user for that token.');
}
} catch (OAuthException $e) {
common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage());
$this->clientError($e->getMessage(), 401, $this->format);
exit;
}
}
开发者ID:Br3nda,项目名称:StatusNet,代码行数:52,代码来源:apiauth.php
示例15: OAuthServer
<?php
$server = new OAuthServer(new DataApi_OAuthDataStore());
$server->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
$request = OAuthRequest::from_request();
try {
if ($server->verify_request($request)) {
echo json_encode(true);
}
} catch (Exception $e) {
echo json_encode("Exception: " . $e->getMessage());
}
class DataApi_OAuthDataStore extends OAuthDataStore
{
function lookup_consumer($consumer_key)
{
$consumer_secrets = array('thisisakey' => 'thisisasecret', 'anotherkey' => 'f3ac5b093f3eab260520d8e3049561e6');
if (isset($consumer_secrets[$consumer_key])) {
return new OAuthConsumer($consumer_key, $consumer_secrets[$consumer_key], NULL);
} else {
return false;
}
}
function lookup_token($consumer, $token_type, $token)
{
// we are not using tokens, so return empty token
return new OAuthToken("", "");
}
function lookup_nonce($consumer, $token, $nonce, $timestamp)
{
// @todo lookup nonce and make sure it hasn't been used before (perhaps in combination with timestamp?)
开发者ID:nazirahmedmir,项目名称:php-simple-oauth,代码行数:31,代码来源:provider.php
示例16: access_token_action
/**
*
**/
public function access_token_action()
{
$server = new OAuthServer();
$server->accessToken();
$this->render_nothing();
}
开发者ID:ratbird,项目名称:hope,代码行数:9,代码来源:oauth.php
示例17: __construct
function __construct($parm = false, $usesession = true, $doredirect = true)
{
// If this request is not an LTI Launch, either
// give up or try to retrieve the context from session
if (!is_lti_request()) {
$this->message = 'Request is missing LTI information';
if ($usesession === false) {
return;
}
if (strlen(session_id()) > 0) {
$row = $_SESSION['_lti_row'];
if (isset($row)) {
$this->row = $row;
}
$context_id = $_SESSION['_lti_context_id'];
if (isset($context_id)) {
$this->context_id = $context_id;
}
$info = $_SESSION['_lti_context'];
if (isset($info)) {
$this->info = $info;
$this->valid = true;
return;
}
$this->message = "Could not find context in session";
return;
}
$this->message = "Session not available";
return;
}
// Insure we have a valid launch
if (empty($_REQUEST["oauth_consumer_key"])) {
$this->message = "Missing oauth_consumer_key in request";
return;
}
$oauth_consumer_key = $_REQUEST["oauth_consumer_key"];
// Find the secret - either form the parameter as a string or
// look it up in a database from parameters we are given
$secret = false;
$row = false;
if (is_string($parm)) {
$secret = $parm;
} else {
if (!is_array($parm)) {
$this->message = "Constructor requires a secret or database information.";
return;
} else {
$sql = 'SELECT * FROM ' . $parm['table'] . ' WHERE ' . ($parm['key_column'] ? $parm['key_column'] : 'oauth_consumer_key') . '=' . "'" . mysql_real_escape_string($oauth_consumer_key) . "'";
$result = mysql_query($sql);
$num_rows = mysql_num_rows($result);
if ($num_rows != 1) {
$this->message = "Your consumer is not authorized oauth_consumer_key=" . $oauth_consumer_key;
return;
} else {
while ($row = mysql_fetch_assoc($result)) {
$secret = $row[$parms['secret_column'] ? $parms['secret_column'] : 'secret'];
$context_id = $row[$parms['context_column'] ? $parms['context_column'] : 'context_id'];
if ($context_id) {
$this->context_id = $context_id;
}
$this->row = $row;
break;
}
if (!is_string($secret)) {
$this->message = "Could not retrieve secret oauth_consumer_key=" . $oauth_consumer_key;
return;
}
}
}
}
// Verify the message signature
$store = new TrivialOAuthDataStore();
$store->add_consumer($oauth_consumer_key, $secret);
$server = new OAuthServer($store);
$request = OAuthRequest::from_request();
$method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($method);
$method = new OAuthSignatureMethod_HMAC_SHA256();
$server->add_signature_method($method);
$this->basestring = $request->get_signature_base_string();
try {
$server->verify_request($request);
$this->valid = true;
} catch (Exception $e) {
$this->message = $e->getMessage();
return;
}
// Store the launch information in the session for later
$newinfo = array();
foreach ($_POST as $key => $value) {
if (get_magic_quotes_gpc()) {
$value = stripslashes($value);
}
if ($key == "basiclti_submit") {
continue;
}
if (strpos($key, "oauth_") === false) {
$newinfo[$key] = $value;
continue;
}
//.........这里部分代码省略.........
开发者ID:philsawa,项目名称:sakai,代码行数:101,代码来源:lti_util.php
示例18: __construct
function __construct($parm = false, $usesession = true, $doredirect = true)
{
global $link;
$this->message = "blti loaded";
// If this request is not an LTI Launch, either
// give up or try to retrieve the context from session
if (!is_basic_lti_request()) {
if ($usesession === false) {
return;
}
if (strlen(session_id()) > 0) {
$row = $_SESSION['_basiclti_lti_row'];
if (isset($row)) {
$this->row = $row;
}
$context_id = $_SESSION['_basiclti_lti_context_id'];
if (isset($context_id)) {
$this->context_id = $context_id;
}
$info = $_SESSION['_basic_lti_context'];
if (isset($info)) {
$this->info = $info;
$this->valid = true;
return;
}
$this->message = "Could not find context in session";
return;
}
$this->message = "Session not available";
return;
}
// Insure we have a valid launch
if (empty($_REQUEST["oauth_consumer_key"])) {
$this->message = "Missing oauth_consumer_key in request";
return;
}
$oauth_consumer_key = $_REQUEST["oauth_consumer_key"];
// Find the secret - either from the parameter as a string or
// look it up in a database from parameters we are given
$secret = false;
$row = false;
if (is_string($parm)) {
$secret = $parm;
} else {
if (!is_array($parm)) {
$this->message = "Constructor requires a secret or database information.";
return;
} else {
//changelog: parms -> parm (typo) throughout
$sql = 'SELECT * FROM ' . $parm['table'] . ' WHERE ' . ($parm['key_column'] ? $parm['key_column'] : 'oauth_consumer_key') . '=' . "'" . mysqli_real_escape_string($link, $oauth_consumer_key) . "'";
$result = mysqli_query($link, $sql);
//echo $sql;
$num_rows = mysqli_num_rows($result);
if ($num_rows != 1) {
$this->message = "Your consumer is not authorized oauth_consumer_key=" . $oauth_consumer_key . " " . $sql;
return;
} else {
while ($row = mysqli_fetch_assoc($result)) {
$secret = $row[$parm['secret_column'] ? $parm['secret_column'] : 'secret'];
$context_id = $row[$parm['context_column'] ? $parm['context_column'] : 'context_id'];
if ($context_id) {
$this->context_id = $context_id;
}
//changelog: look for token. probably get rid of this at some point, since I've separated the key/secret table from tokens
//if($row['token'] !="")$token = $_SESSION['token']=$row['token'];
//setcookie("ttable",$parm['table']);//use this to update bad tokens in get_token_domain
$this->row = $row;
break;
}
if (!is_string($secret)) {
$this->message = "Could not retrieve secret oauth_consumer_key=" . $oauth_consumer_key;
return;
}
}
}
}
// Verify the message signature
$store = new TrivialOAuthDataStore();
$store->add_consumer($oauth_consumer_key, $secret);
$server = new OAuthServer($store);
$method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($method);
$request = OAuthRequest::from_request();
$this->basestring = $request->get_signature_base_string();
try {
$server->verify_request($request);
$this->valid = true;
} catch (Exception $e) {
$this->message = $e->getMessage();
return;
}
// Store the launch information in the session for later
$newinfo = array();
foreach ($_POST as $key => $value) {
if ($key == "basiclti_submit") {
continue;
}
if (strpos($key, "oauth_") === false) {
$newinfo[$key] = $value;
continue;
//.........这里部分代码省略.........
开发者ID:udcanvas,项目名称:canvas,代码行数:101,代码来源:blti.php
示例19: OAuthServer
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
require_once '../core/init.php';
$server = new OAuthServer();
switch ($_SERVER['PATH_INFO']) {
case '/request_token':
$server->requestToken();
exit;
case '/access_token':
$server->accessToken();
exit;
case '/authorize':
# logon
assert_logged_in();
try {
$server->authorizeVerify();
$server->authorizeFinish(true, 1);
} catch (OAuthException $e) {
header('HTTP/1.1 400 Bad Request');
开发者ID:portokallidis,项目名称:Metamorphosis-Meducator,代码行数:31,代码来源:oauth.php
示例20: ATutorOAuthDataStore
/***********************************************************************/
/* ATutor */
/***********************************************************************/
/* Copyright (c) 2002-2010 */
/* Inclusive Design Institute */
/* http://atutor.ca */
/* */
/* This program is free software. You can redistribute it and/or */
/* modify it under the terms of the GNU General Public License */
/* as published by the Free Software Foundation. */
/***********************************************************************/
// $Id$
require_once 'OAuth.php';
require_once '../Shindig/ATutorOAuthDataStore.php';
$oauthDataStore = new ATutorOAuthDataStore();
try {
$server = new OAuthServer($oauthDataStore);
$server->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
$server->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
$request = OAuthRequest::from_request();
$token = $server->fetch_access_token($request);
if ($token) {
echo $token->to_string();
}
echo $token;
} catch (OAuthException $e) {
echo $e->getMessage();
} catch (Exception $e) {
echo $e->getMessage();
}
开发者ID:genaromendezl,项目名称:ATutor,代码行数:30,代码来源:access_token.php
注:本文中的OAuthServer类示例整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论