3 * Laconica, the distributed open-source microblogging tool
5 * Class for doing OAuth authentication against Twitter
9 * LICENCE: This program is free software: you can redistribute it and/or modify
10 * it under the terms of the GNU Affero General Public License as published by
11 * the Free Software Foundation, either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU Affero General Public License for more details.
19 * You should have received a copy of the GNU Affero General Public License
20 * along with this program. If not, see <http://www.gnu.org/licenses/>.
22 * @category TwitterauthorizationAction
24 * @author Zach Copely <zach@controlyourself.ca>
25 * @copyright 2009 Control Yourself, Inc.
26 * @license http://www.fsf.org/licensing/licenses/agpl-3.0.html GNU Affero General Public License version 3.0
27 * @link http://laconi.ca/
30 if (!defined('LACONICA')) {
34 class TwitterauthorizationAction extends Action
37 function prepare($args)
39 parent::prepare($args);
41 $this->oauth_token = $this->arg('oauth_token');
46 function handle($args)
48 parent::handle($args);
50 if (!common_logged_in()) {
51 $this->clientError(_('Not logged in.'), 403);
54 $user = common_current_user();
55 $flink = Foreign_link::getByUserID($user->id, TWITTER_SERVICE);
57 // If there's already a foreign link record, it means we already
58 // have an access token, and this is unecessary. So go back.
61 common_redirect(common_local_url('twittersettings'));
64 // $this->oauth_token is only populated once Twitter authorizes our
65 // request token. If it's empty we're at the beginning of the auth
68 if (empty($this->oauth_token)) {
72 // Get a new request token and authorize it
74 $client = new TwitterOAuthClient();
75 $req_tok = $client->getRequestToken();
77 // Sock the request token away in the session temporarily
79 $_SESSION['twitter_request_token'] = $req_tok->key;
80 $_SESSION['twitter_request_token_secret'] = $req_tok->key;
82 $auth_link = $client->getAuthorizeLink($req_tok);
84 } catch (TwitterOAuthClientException $e) {
85 $msg = sprintf('OAuth client cURL error - code: %1s, msg: %2s',
86 $e->getCode(), $e->getMessage());
87 $this->serverError(_('Couldn\'t link your Twitter account.'));
90 common_redirect($auth_link);
94 // Check to make sure Twitter returned the same request
97 if ($_SESSION['twitter_request_token'] != $this->oauth_token) {
98 $this->serverError(_('Couldn\'t link your Twitter account.'));
103 $client = new TwitterOAuthClient($_SESSION['twitter_request_token'],
104 $_SESSION['twitter_request_token_secret']);
106 // Exchange the request token for an access token
108 $atok = $client->getAccessToken();
110 // Save the access token and Twitter user info
112 $client = new TwitterOAuthClient($atok->key, $atok->secret);
114 $twitter_user = $client->verify_credentials();
116 } catch (OAuthClientException $e) {
117 $msg = sprintf('OAuth client cURL error - code: %1s, msg: %2s',
118 $e->getCode(), $e->getMessage());
119 $this->serverError(_('Couldn\'t link your Twitter account.'));
122 $user = common_current_user();
124 $flink = new Foreign_link();
126 $flink->user_id = $user->id;
127 $flink->foreign_id = $twitter_user->id;
128 $flink->service = TWITTER_SERVICE;
129 $flink->token = $atok->key;
130 $flink->credentials = $atok->secret;
131 $flink->created = common_sql_now();
133 $flink->set_flags(true, false, false, false);
135 $flink_id = $flink->insert();
137 if (empty($flink_id)) {
138 common_log_db_error($flink, 'INSERT', __FILE__);
139 $this->serverError(_('Couldn\'t link your Twitter account.'));
142 save_twitter_user($twitter_user->id, $twitter_user->screen_name);
144 // clean up the the mess we made in the session
146 unset($_SESSION['twitter_request_token']);
147 unset($_SESSION['twitter_request_token_secret']);
149 common_redirect(common_local_url('twittersettings'));