]> git.mxchange.org Git - friendica.git/blob - include/oauth.php
projects / friendica.git / blob
? search:


b8430920764ac801958032cc0479c2743fef3d1e
[friendica.git] / include / oauth.php
1 <?php
2 /** 
3  * OAuth server
4  * Based on oauth2-php <http://code.google.com/p/oauth2-php/>
5  * 
6  */
7
8 define('REQUEST_TOKEN_DURATION', 300);
9 define('ACCESS_TOKEN_DURATION', 31536000);
10
11 require_once("library/OAuth1.php");
12 require_once("library/oauth2-php/lib/OAuth2.inc");
13
14 class FKOAuthDataStore extends OAuthDataStore {
15   function gen_token(){
16                 return md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
17   }
18         
19   function lookup_consumer($consumer_key) {
20       //echo "<pre>"; var_dump($consumer_key); killme();
21           
22                 $r = q("SELECT client_id, pw, redirect_uri FROM clients WHERE client_id='%s'",
23                         dbesc($consumer_key)
24                 );
25                 if (count($r))
26                         return new OAuthConsumer($r[0]['client_id'],$r[0]['pw'],$r[0]['redirect_uri']);
27                 return null;
28   }
29
30   function lookup_token($consumer, $token_type, $token) {
31                 //echo __file__.":".__line__."<pre>"; var_dump($consumer, $token_type, $token); killme();
32                 $r = q("SELECT id, secret,scope, expires  FROM tokens WHERE client_id='%s' AND scope='%s' AND id='%s'",
33                         dbesc($consumer->key),
34                         dbesc($token_type),
35                         dbesc($token)
36                 );
37                 if (count($r)){
38                         $ot=new OAuthToken($r[0]['id'],$r[0]['secret']);
39                         $ot->scope=$r[0]['scope'];
40                         $ot->expires = $r[0]['expires'];
41                         return $ot;
42                 }
43                 return null;
44   }
45
46   function lookup_nonce($consumer, $token, $nonce, $timestamp) {
47                 //echo __file__.":".__line__."<pre>"; var_dump($consumer,$key); killme();
48                 $r = q("SELECT id, secret  FROM tokens WHERE client_id='%s' AND id='%s' AND expires=%d",
49                         dbesc($consumer->key),
50                         dbesc($nonce),
51                         intval($timestamp)
52                 );
53                 if (count($r))
54                         return new OAuthToken($r[0]['id'],$r[0]['secret']);
55                 return null;
56   }
57
58   function new_request_token($consumer, $callback = null) {
59                 $key = $this->gen_token();
60                 $sec = $this->gen_token();
61                 $r = q("INSERT INTO tokens (id, secret, client_id, scope, expires) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP()+%d)",
62                                 dbesc($key),
63                                 dbesc($sec),
64                                 dbesc($consumer->key),
65                                 'request',
66                                 intval(REQUEST_TOKEN_DURATION));
67                 if (!$r) return null;
68                 return new OAuthToken($key,$sec);
69   }
70
71   function new_access_token($token, $consumer, $verifier = null) {
72     // return a new access token attached to this consumer
73     // for the user associated with this token if the request token
74     // is authorized
75     // should also invalidate the request token
76     
77     $ret=Null;
78     
79     // get verifier for this user
80     $uverifier = get_pconfig(local_user(), "oauth", "verifier");
81     
82     
83     if (is_null($verifier) || ($verifier==$uverifier)){
84                 
85                 $key = $this->gen_token();
86                 $sec = $this->gen_token();
87                 $r = q("INSERT INTO tokens (id, secret, client_id, scope, expires) VALUES ('%s','%s','%s','%s', UNIX_TIMESTAMP()+%d)",
88                                 dbesc($key),
89                                 dbesc($sec),
90                                 dbesc($consumer->$key),
91                                 'access',
92                                 intval(ACCESS_TOKEN_DURATION));
93                 if ($r)
94                         $ret = new OAuthToken($key,$sec);               
95         }
96                 
97                 
98         //q("DELETE FROM tokens WHERE id='%s'", $token->key);
99         
100         
101         if (!is_null($ret)){
102                 //del_pconfig(local_user(), "oauth", "verifier");
103                 $apps = get_pconfig(local_user(), "oauth", "apps");
104                 if ($apps===false) $apps=array();
105                 $apps[] = $consumer->key;
106                 //set_pconfig(local_user(), "oauth", "apps", $apps);
107         }
108                 
109     return $ret;
110     
111   }
112 }
113
114 class FKOAuth1 extends OAuthServer {
115         function __construct() {
116                 parent::__construct(new FKOAuthDataStore());
117                 $this->add_signature_method(new OAuthSignatureMethod_PLAINTEXT());
118                 $this->add_signature_method(new OAuthSignatureMethod_HMAC_SHA1());
119         }
120 }
121
122 class FKOAuth2 extends OAuth2 {
123
124         private function db_secret($client_secret){
125                 return hash('whirlpool',$client_secret);
126         }
127
128         public function addClient($client_id, $client_secret, $redirect_uri) {
129                 $client_secret = $this->db_secret($client_secret);
130                 $r = q("INSERT INTO clients (client_id, pw, redirect_uri) VALUES ('%s', '%s', '%s')",
131                         dbesc($client_id),
132                         dbesc($client_secret),
133                         dbesc($redirect_uri)
134                 );
135                   
136                 return $r;
137         }
138
139         protected function checkClientCredentials($client_id, $client_secret = NULL) {
140                 $client_secret = $this->db_secret($client_secret);
141                 
142                 $r = q("SELECT pw FROM clients WHERE client_id = '%s'",
143                         dbesc($client_id));
144
145                 if ($client_secret === NULL)
146                         return $result !== FALSE;
147
148                 return $result["client_secret"] == $client_secret;
149         }
150
151         protected function getRedirectUri($client_id) {
152                 $r = q("SELECT redirect_uri FROM clients WHERE client_id = '%s'",
153                                 dbesc($client_id));
154                 if ($r === FALSE)
155                         return FALSE;
156
157                 return isset($r[0]["redirect_uri"]) && $r[0]["redirect_uri"] ? $r[0]["redirect_uri"] : NULL;
158         }
159
160         protected function getAccessToken($oauth_token) {
161                 $r = q("SELECT client_id, expires, scope FROM tokens WHERE id = '%s'",
162                                 dbesc($oauth_token));
163         
164                 if (count($r))
165                         return $r[0];
166                 return null;
167         }
168
169
170         
171         protected function setAccessToken($oauth_token, $client_id, $expires, $scope = NULL) {
172                 $r = q("INSERT INTO tokens (id, client_id, expires, scope) VALUES ('%s', '%s', %d, '%s')",
173                                 dbesc($oauth_token),
174                                 dbesc($client_id),
175                                 intval($expires),
176                                 dbesc($scope));
177                                 
178                 return $r;
179         }
180
181         protected function getSupportedGrantTypes() {
182                 return array(
183                   OAUTH2_GRANT_TYPE_AUTH_CODE,
184                 );
185         }
186
187
188         protected function getAuthCode($code) {
189                 $r = q("SELECT id, client_id, redirect_uri, expires, scope FROM auth_codes WHERE id = '%s'",
190                                 dbesc($code));
191                 
192                 if (count($r))
193                         return $r[0];
194                 return null;
195         }
196
197         protected function setAuthCode($code, $client_id, $redirect_uri, $expires, $scope = NULL) {
198                 $r = q("INSERT INTO auth_codes 
199                                         (id, client_id, redirect_uri, expires, scope) VALUES 
200                                         ('%s', '%s', '%s', %d, '%s')",
201                                 dbesc($code),
202                                 dbesc($client_id),
203                                 dbesc($redirect_uri),
204                                 intval($expires),
205                                 dbesc($scope));
206                 return $r;        
207         }       
208         
209 }
Unnamed repository; edit this file 'description' to name the repository.