3 * Laconica - a distributed open-source microblogging tool
4 * Copyright (C) 2008, 2009, Control Yourself, Inc.
6 * This program is free software: you can redistribute it and/or modify
7 * it under the terms of the GNU Affero General Public License as published by
8 * the Free Software Foundation, either version 3 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU Affero General Public License for more details.
16 * You should have received a copy of the GNU Affero General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
20 if (!defined('LACONICA')) {
24 require_once 'libomb/datastore.php';
26 class LaconicaDataStore extends OMB_Datastore
29 // We keep a record of who's contacted us
30 function lookup_consumer($consumer_key)
32 $con = Consumer::staticGet('consumer_key', $consumer_key);
34 $con = new Consumer();
35 $con->consumer_key = $consumer_key;
36 $con->seed = common_good_rand(16);
37 $con->created = DB_DataObject_Cast::dateTime();
38 if (!$con->insert()) {
42 return new OAuthConsumer($con->consumer_key, '');
45 function lookup_token($consumer, $token_type, $token_key)
48 if (!is_null($consumer)) {
49 $t->consumer_key = $consumer->key;
52 $t->type = ($token_type == 'access') ? 1 : 0;
54 return new OAuthToken($t->tok, $t->secret);
60 // http://oauth.net/core/1.0/#nonce
61 // "The Consumer SHALL then generate a Nonce value that is unique for
62 // all requests with that timestamp."
64 // XXX: It's not clear why the token is here
66 function lookup_nonce($consumer, $token, $nonce, $timestamp)
69 $n->consumer_key = $consumer->key;
75 $n->created = DB_DataObject_Cast::dateTime();
81 function new_request_token($consumer)
84 $t->consumer_key = $consumer->key;
85 $t->tok = common_good_rand(16);
86 $t->secret = common_good_rand(16);
87 $t->type = 0; // request
88 $t->state = 0; // unauthorized
89 $t->created = DB_DataObject_Cast::dateTime();
93 return new OAuthToken($t->tok, $t->secret);
97 // defined in OAuthDataStore, but not implemented anywhere
99 function fetch_request_token($consumer)
101 return $this->new_request_token($consumer);
104 function new_access_token($token, $consumer)
106 common_debug('new_access_token("'.$token->key.'","'.$consumer->key.'")', __FILE__);
108 $rt->consumer_key = $consumer->key;
109 $rt->tok = $token->key;
110 $rt->type = 0; // request
111 if ($rt->find(true) && $rt->state == 1) { // authorized
112 common_debug('request token found.', __FILE__);
114 $at->consumer_key = $consumer->key;
115 $at->tok = common_good_rand(16);
116 $at->secret = common_good_rand(16);
117 $at->type = 1; // access
118 $at->created = DB_DataObject_Cast::dateTime();
119 if (!$at->insert()) {
120 $e = $at->_lastError;
121 common_debug('access token "'.$at->tok.'" not inserted: "'.$e->message.'"', __FILE__);
124 common_debug('access token "'.$at->tok.'" inserted', __FILE__);
126 $orig_rt = clone($rt);
127 $rt->state = 2; // used
128 if (!$rt->update($orig_rt)) {
131 common_debug('request token "'.$rt->tok.'" updated', __FILE__);
132 // Update subscription
133 // XXX: mixing levels here
134 $sub = Subscription::staticGet('token', $rt->tok);
138 common_debug('subscription for request token found', __FILE__);
139 $orig_sub = clone($sub);
140 $sub->token = $at->tok;
141 $sub->secret = $at->secret;
142 if (!$sub->update($orig_sub)) {
145 common_debug('subscription updated to use access token', __FILE__);
146 return new OAuthToken($at->tok, $at->secret);
154 // defined in OAuthDataStore, but not implemented anywhere
156 function fetch_access_token($consumer)
158 return $this->new_access_token($consumer);
163 * Revoke specified OAuth token
165 * Revokes the authorization token specified by $token_key.
166 * Throws exceptions in case of error.
168 * @param string $token_key The token to be revoked
172 public function revoke_token($token_key) {
174 $rt->tok = $token_key;
177 if (!$rt->find(true)) {
178 throw new Exception('Tried to revoke unknown token');
180 if (!$rt->delete()) {
181 throw new Exception('Failed to delete revoked token');
186 * Authorize specified OAuth token
188 * Authorizes the authorization token specified by $token_key.
189 * Throws exceptions in case of error.
191 * @param string $token_key The token to be authorized
195 public function authorize_token($token_key) {
197 $rt->tok = $token_key;
200 if (!$rt->find(true)) {
201 throw new Exception('Tried to authorize unknown token');
203 $orig_rt = clone($rt);
204 $rt->state = 1; # Authorized but not used
205 if (!$rt->update($orig_rt)) {
206 throw new Exception('Failed to authorize token');
211 * Get profile by identifying URI
213 * Returns an OMB_Profile object representing the OMB profile identified by
215 * Returns null if there is no such OMB profile.
216 * Throws exceptions in case of other error.
218 * @param string $identifier_uri The OMB identifier URI specifying the
223 * @return OMB_Profile The corresponding profile
225 public function getProfile($identifier_uri) {
226 /* getProfile is only used for remote profiles by libomb.
227 TODO: Make it work with local ones anyway. */
228 $remote = Remote_profile::staticGet('uri', $identifier_uri);
229 if (!$remote) throw new Exception('No such remote profile');
230 $profile = Profile::staticGet('id', $remote->id);
231 if (!$profile) throw new Exception('No profile for remote user');
233 require_once INSTALLDIR.'/lib/omb.php';
234 return profile_to_omb_profile($identifier_uri, $profile);
238 * Save passed profile
240 * Stores the OMB profile $profile. Overwrites an existing entry.
241 * Throws exceptions in case of error.
243 * @param OMB_Profile $profile The OMB profile which should be saved
247 public function saveProfile($omb_profile) {
248 if (common_profile_url($omb_profile->getNickname()) ==
249 $omb_profile->getProfileURL()) {
250 throw new Exception('Not implemented');
252 $remote = Remote_profile::staticGet('uri', $omb_profile->getIdentifierURI());
256 $profile = Profile::staticGet($remote->id);
257 $orig_remote = clone($remote);
258 $orig_profile = clone($profile);
259 # XXX: compare current postNotice and updateProfile URLs to the ones
260 # stored in the DB to avoid (possibly...) above attack
263 $remote = new Remote_profile();
264 $remote->uri = $omb_profile->getIdentifierURI();
265 $profile = new Profile();
268 $profile->nickname = $omb_profile->getNickname();
269 $profile->profileurl = $omb_profile->getProfileURL();
271 $fullname = $omb_profile->getFullname();
272 $profile->fullname = is_null($fullname) ? '' : $fullname;
273 $homepage = $omb_profile->getHomepage();
274 $profile->homepage = is_null($homepage) ? '' : $homepage;
275 $bio = $omb_profile->getBio();
276 $profile->bio = is_null($bio) ? '' : $bio;
277 $location = $omb_profile->getLocation();
278 $profile->location = is_null($location) ? '' : $location;
281 $profile->update($orig_profile);
283 $profile->created = DB_DataObject_Cast::dateTime(); # current time
284 $id = $profile->insert();
286 throw new Exception(_('Error inserting new profile'));
291 $avatar_url = $omb_profile->getAvatarURL();
293 if (!$this->add_avatar($profile, $avatar_url)) {
294 throw new Exception(_('Error inserting avatar'));
297 $avatar = $profile->getOriginalAvatar();
298 if($avatar) $avatar->delete();
299 $avatar = $profile->getAvatar(AVATAR_PROFILE_SIZE);
300 if($avatar) $avatar->delete();
301 $avatar = $profile->getAvatar(AVATAR_STREAM_SIZE);
302 if($avatar) $avatar->delete();
303 $avatar = $profile->getAvatar(AVATAR_MINI_SIZE);
304 if($avatar) $avatar->delete();
308 if (!$remote->update($orig_remote)) {
309 throw new Exception(_('Error updating remote profile'));
312 $remote->created = DB_DataObject_Cast::dateTime(); # current time
313 if (!$remote->insert()) {
314 throw new Exception(_('Error inserting remote profile'));
320 function add_avatar($profile, $url)
322 $temp_filename = tempnam(sys_get_temp_dir(), 'listener_avatar');
323 copy($url, $temp_filename);
324 $imagefile = new ImageFile($profile->id, $temp_filename);
325 $filename = Avatar::filename($profile->id,
326 image_type_to_extension($imagefile->type),
329 rename($temp_filename, Avatar::path($filename));
330 return $profile->setOriginal($filename);
336 * Stores the OMB notice $notice. The datastore may change the passed notice.
337 * This might by neccessary for URIs depending on a database key. Note that
338 * it is the user’s duty to present a mechanism for his OMB_Datastore to
339 * appropriately change his OMB_Notice.
340 * Throws exceptions in case of error.
342 * @param OMB_Notice $notice The OMB notice which should be saved
346 public function saveNotice(&$omb_notice) {
347 if (Notice::staticGet('uri', $omb_notice->getIdentifierURI())) {
348 throw new Exception(_('Duplicate notice'));
350 $author_uri = $omb_notice->getAuthor()->getIdentifierURI();
351 common_log(LOG_DEBUG, $author_uri, __FILE__);
352 $author = Remote_profile::staticGet('uri', $author_uri);
354 $author = User::staticGet('uri', $author_uri);
357 throw new Exception('No such user');
360 common_log(LOG_DEBUG, print_r($author, true), __FILE__);
362 $notice = Notice::saveNew($author->id,
363 $omb_notice->getContent(),
367 $omb_notice->getIdentifierURI());
368 if (is_string($notice)) {
369 throw new Exception($notice);
371 common_broadcast_notice($notice, true);
375 * Get subscriptions of a given profile
377 * Returns an array containing subscription informations for the specified
378 * profile. Every array entry should in turn be an array with keys
379 * 'uri´: The identifier URI of the subscriber
380 * 'token´: The subscribe token
381 * 'secret´: The secret token
382 * Throws exceptions in case of error.
384 * @param string $subscribed_user_uri The OMB identifier URI specifying the
389 * @return mixed An array containing the subscriptions or 0 if no
390 * subscription has been found.
392 public function getSubscriptions($subscribed_user_uri) {
393 $sub = new Subscription();
395 $user = $this->_getAnyProfile($subscribed_user_uri);
397 $sub->subscribed = $user->id;
399 if (!$sub->find(true)) {
403 /* Since we do not use OMB_Service_Provider’s action methods, there
404 is no need to actually return the subscriptions. */
408 private function _getAnyProfile($uri)
410 $user = Remote_profile::staticGet('uri', $uri);
412 $user = User::staticGet('uri', $uri);
415 throw new Exception('No such user');
421 * Delete a subscription
423 * Deletes the subscription from $subscriber_uri to $subscribed_user_uri.
424 * Throws exceptions in case of error.
426 * @param string $subscriber_uri The OMB identifier URI specifying the
427 * subscribing profile
429 * @param string $subscribed_user_uri The OMB identifier URI specifying the
434 public function deleteSubscription($subscriber_uri, $subscribed_user_uri)
436 $sub = new Subscription();
438 $subscribed = $this->_getAnyProfile($subscribed_user_uri);
439 $subscriber = $this->_getAnyProfile($subscriber_uri);
441 $sub->subscribed = $subscribed->id;
442 $sub->subscriber = $subscriber->id;
448 * Save a subscription
450 * Saves the subscription from $subscriber_uri to $subscribed_user_uri.
451 * Throws exceptions in case of error.
453 * @param string $subscriber_uri The OMB identifier URI specifying
454 * the subscribing profile
456 * @param string $subscribed_user_uri The OMB identifier URI specifying
457 * the subscribed profile
458 * @param OAuthToken $token The access token
462 public function saveSubscription($subscriber_uri, $subscribed_user_uri,
465 $sub = new Subscription();
467 $subscribed = $this->_getAnyProfile($subscribed_user_uri);
468 $subscriber = $this->_getAnyProfile($subscriber_uri);
470 $sub->subscribed = $subscribed->id;
471 $sub->subscriber = $subscriber->id;
473 $sub_exists = $sub->find(true);
476 $orig_sub = clone($sub);
478 $sub->created = DB_DataObject_Cast::dateTime();
481 $sub->token = $token->key;
482 $sub->secret = $token->secret;
485 $result = $sub->update($orig_sub);
487 $result = $sub->insert();
491 common_log_db_error($sub, ($sub_exists) ? 'UPDATE' : 'INSERT', __FILE__);
492 throw new Exception(_('Couldn\'t insert new subscription.'));
496 /* Notify user, if necessary. */
498 if ($subscribed instanceof User) {
499 mail_subscribe_notify_profile($subscribed,
500 Profile::staticGet($subscriber->id));