+ /**
+ * Determine whether the request is an OAuth request.
+ * This is to avoid doign any unnecessary DB lookups.
+ *
+ * @return mixed the OAuthRequest or false
+ */
+
+ function getOAuthRequest()
+ {
+ ApiOauthAction::cleanRequest();
+
+ $req = OAuthRequest::from_request();
+
+ $consumer = $req->get_parameter('oauth_consumer_key');
+ $accessToken = $req->get_parameter('oauth_token');
+
+ // XXX: Is it good enough to assume it's not meant to be an
+ // OAuth request if there is no consumer or token? --Z
+
+ if (empty($consumer) || empty($accessToken)) {
+ return false;
+ }
+
+ return $req;
+ }
+
+ /**
+ * Verifies the OAuth request signature, sets the auth user
+ * and access type (read-only or read-write)
+ *
+ * @param OAuthRequest $request the OAuth Request
+ *
+ * @return nothing
+ */
+
+ function checkOAuthRequest($request)
+ {
+ $datastore = new ApiStatusNetOAuthDataStore();
+ $server = new OAuthServer($datastore);
+ $hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
+
+ $server->add_signature_method($hmac_method);
+
+ try {
+
+ $server->verify_request($request);
+
+ $consumer = $request->get_parameter('oauth_consumer_key');
+ $access_token = $request->get_parameter('oauth_token');
+
+ $app = Oauth_application::getByConsumerKey($consumer);
+
+ if (empty($app)) {
+ common_log(LOG_WARNING,
+ 'Couldn\'t find the OAuth app for consumer key: ' .
+ $consumer);
+ throw new OAuthException('No application for that consumer key.');
+ }
+
+ // set the source attr
+
+ $this->oauth_source = $app->name;
+
+ $appUser = Oauth_application_user::staticGet('token', $access_token);
+
+ if (!empty($appUser)) {
+
+ // If access_type == 0 we have either a request token
+ // or a bad / revoked access token
+
+ if ($appUser->access_type != 0) {
+
+ // Set the access level for the api call
+
+ $this->access = ($appUser->access_type & Oauth_application::$writeAccess)
+ ? self::READ_WRITE : self::READ_ONLY;
+
+ // Set the auth user
+
+ if (Event::handle('StartSetApiUser', array(&$user))) {
+ $this->auth_user = User::staticGet('id', $appUser->profile_id);
+ Event::handle('EndSetApiUser', array($user));
+ }
+
+ $msg = "API OAuth authentication for user '%s' (id: %d) on behalf of " .
+ "application '%s' (id: %d) with %s access.";
+
+ common_log(LOG_INFO, sprintf($msg,
+ $this->auth_user->nickname,
+ $this->auth_user->id,
+ $app->name,
+ $app->id,
+ ($this->access = self::READ_WRITE) ?
+ 'read-write' : 'read-only'
+ ));
+ } else {
+ throw new OAuthException('Bad access token.');
+ }
+ } else {
+
+ // Also should not happen
+
+ throw new OAuthException('No user for that token.');
+ }
+
+ } catch (OAuthException $e) {
+ common_log(LOG_WARNING, 'API OAuthException - ' . $e->getMessage());
+ $this->showAuthError();
+ exit;
+ }
+ }
+