4 * Based on oauth2-php <http://code.google.com/p/oauth2-php/>
8 define('TOKEN_DURATION', 300);
10 require_once("library/OAuth1.php");
11 require_once("library/oauth2-php/lib/OAuth2.inc");
13 class FKOAuthDataStore extends OAuthDataStore {
15 return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
18 function lookup_consumer($consumer_key) {
19 //echo "<pre>"; var_dump($consumer_key); killme();
21 $r = q("SELECT client_id, pw, redirect_uri FROM clients WHERE client_id='%s'",
25 return new OAuthConsumer($r[0]['client_id'],$r[0]['pw'],$r[0]['redirect_uri']);
29 function lookup_token($consumer, $token_type, $token) {
30 //echo __file__.":".__line__."<pre>"; var_dump($consumer, $token_type, $token); killme();
31 $r = q("SELECT id, secret,scope, expires FROM tokens WHERE client_id='%s' AND scope='%s' AND id='%s'",
32 dbesc($consumer->key),
37 $ot=new OAuthToken($r[0]['id'],$r[0]['secret']);
38 $ot->scope=$r[0]['scope'];
39 $ot->expires = $r[0]['expires'];
45 function lookup_nonce($consumer, $token, $nonce, $timestamp) {
46 //echo __file__.":".__line__."<pre>"; var_dump($consumer,$key); killme();
47 $r = q("SELECT id, secret FROM tokens WHERE client_id='%s' AND id='%s' AND expires=%d",
48 dbesc($consumer->key),
53 return new OAuthToken($r[0]['id'],$r[0]['secret']);
57 function new_request_token($consumer, $callback = null) {
58 $key = $this->gen_token();
59 $sec = $this->gen_token();
60 $r = q("INSERT INTO tokens (id, secret, client_id, scope, expires) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP()+%d)",
63 dbesc($consumer->key),
65 intval(TOKEN_DURATION));
67 return new OAuthToken($key,$sec);
70 function new_access_token($token, $consumer, $verifier = null) {
71 // return a new access token attached to this consumer
72 // for the user associated with this token if the request token
74 // should also invalidate the request token
78 if (!is_null($token) && $token->expires > time()){
80 $key = $this->gen_token();
81 $sec = $this->gen_token();
82 $r = q("INSERT INTO tokens (id, secret, client_id, scope, expires) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP()+%d)",
85 dbesc($consumer->$key),
87 intval(TOKEN_DURATION));
89 $ret = new OAuthToken($key,$sec);
93 q("DELETE FROM tokens WHERE id='%s'", $token->key);
100 class FKOAuth1 extends OAuthServer {
101 function __construct() {
102 parent::__construct(new FKOAuthDataStore());
103 $this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
107 class FKOAuth2 extends OAuth2 {
109 private function db_secret($client_secret){
110 return hash('whirlpool',$client_secret);
113 public function addClient($client_id, $client_secret, $redirect_uri) {
114 $client_secret = $this->db_secret($client_secret);
115 $r = q("INSERT INTO clients (client_id, pw, redirect_uri) VALUES ('%s', '%s', '%s')",
117 dbesc($client_secret),
124 protected function checkClientCredentials($client_id, $client_secret = NULL) {
125 $client_secret = $this->db_secret($client_secret);
127 $r = q("SELECT pw FROM clients WHERE client_id = '%s'",
130 if ($client_secret === NULL)
131 return $result !== FALSE;
133 return $result["client_secret"] == $client_secret;
136 protected function getRedirectUri($client_id) {
137 $r = q("SELECT redirect_uri FROM clients WHERE client_id = '%s'",
142 return isset($r[0]["redirect_uri"]) && $r[0]["redirect_uri"] ? $r[0]["redirect_uri"] : NULL;
145 protected function getAccessToken($oauth_token) {
146 $r = q("SELECT client_id, expires, scope FROM tokens WHERE id = '%s'",
147 dbesc($oauth_token));
156 protected function setAccessToken($oauth_token, $client_id, $expires, $scope = NULL) {
157 $r = q("INSERT INTO tokens (id, client_id, expires, scope) VALUES ('%s', '%s', %d, '%s')",
166 protected function getSupportedGrantTypes() {
168 OAUTH2_GRANT_TYPE_AUTH_CODE,
173 protected function getAuthCode($code) {
174 $r = q("SELECT id, client_id, redirect_uri, expires, scope FROM auth_codes WHERE id = '%s'",
182 protected function setAuthCode($code, $client_id, $redirect_uri, $expires, $scope = NULL) {
183 $r = q("INSERT INTO auth_codes
184 (id, client_id, redirect_uri, expires, scope) VALUES
185 ('%s', '%s', '%s', %d, '%s')",
188 dbesc($redirect_uri),