X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=lib%2Foauthstore.php;h=f224c6c2213ed3324ad49d3f87567abc4ef988fd;hb=7dc271723110cd2e9b179a3ae8dc8eee2c7c2534;hp=421b618b75223e7f89165c3182887e7106070e75;hpb=eb2f9c98ac115ce67e9a740b200c832153ffa05c;p=quix0rs-gnu-social.git

diff --git a/lib/oauthstore.php b/lib/oauthstore.php
index 421b618b75..f224c6c221 100644
--- a/lib/oauthstore.php
+++ b/lib/oauthstore.php
@@ -1,7 +1,7 @@
 <?php
 /*
  * Laconica - a distributed open-source microblogging tool
- * Copyright (C) 2008, Controlez-Vous, Inc.
+ * Copyright (C) 2008, 2009, Control Yourself, Inc.
  *
  * This program is free software: you can redistribute it and/or modify
  * it under the terms of the GNU Affero General Public License as published by
@@ -21,11 +21,13 @@ if (!defined('LACONICA')) { exit(1); }
 
 require_once(INSTALLDIR.'/lib/omb.php');
 
-class LaconicaOAuthDataStore extends OAuthDataStore {
+class LaconicaOAuthDataStore extends OAuthDataStore
+{
 
-    # We keep a record of who's contacted us
+    // We keep a record of who's contacted us
 
-    function lookup_consumer($consumer_key) {
+    function lookup_consumer($consumer_key)
+    {
         $con = Consumer::staticGet('consumer_key', $consumer_key);
         if (!$con) {
             $con = new Consumer();
@@ -39,7 +41,8 @@ class LaconicaOAuthDataStore extends OAuthDataStore {
         return new OAuthConsumer($con->consumer_key, '');
     }
 
-    function lookup_token($consumer, $token_type, $token_key) {
+    function lookup_token($consumer, $token_type, $token_key)
+    {
         $t = new Token();
         $t->consumer_key = $consumer->key;
         $t->tok = $token_key;
@@ -51,28 +54,35 @@ class LaconicaOAuthDataStore extends OAuthDataStore {
         }
     }
 
-    function lookup_nonce($consumer, $token, $nonce, $timestamp) {
+    // http://oauth.net/core/1.0/#nonce
+    // "The Consumer SHALL then generate a Nonce value that is unique for
+    // all requests with that timestamp."
+
+    // XXX: It's not clear why the token is here
+
+    function lookup_nonce($consumer, $token, $nonce, $timestamp)
+    {
         $n = new Nonce();
         $n->consumer_key = $consumer->key;
-        $n->tok = $token->key;
+        $n->ts = $timestamp;
         $n->nonce = $nonce;
-        if ($n->find(TRUE)) {
-            return TRUE;
+        if ($n->find(true)) {
+            return true;
         } else {
-            $n->timestamp = $timestamp;
             $n->created = DB_DataObject_Cast::dateTime();
             $n->insert();
-            return FALSE;
+            return false;
         }
     }
 
-    function new_request_token($consumer) {
+    function new_request_token($consumer)
+    {
         $t = new Token();
         $t->consumer_key = $consumer->key;
         $t->tok = common_good_rand(16);
         $t->secret = common_good_rand(16);
-        $t->type = 0; # request
-        $t->state = 0; # unauthorized
+        $t->type = 0; // request
+        $t->state = 0; // unauthorized
         $t->created = DB_DataObject_Cast::dateTime();
         if (!$t->insert()) {
             return null;
@@ -81,25 +91,27 @@ class LaconicaOAuthDataStore extends OAuthDataStore {
         }
     }
 
-    # defined in OAuthDataStore, but not implemented anywhere
+    // defined in OAuthDataStore, but not implemented anywhere
 
-    function fetch_request_token($consumer) {
+    function fetch_request_token($consumer)
+    {
         return $this->new_request_token($consumer);
     }
 
-    function new_access_token($token, $consumer) {
+    function new_access_token($token, $consumer)
+    {
         common_debug('new_access_token("'.$token->key.'","'.$consumer->key.'")', __FILE__);
         $rt = new Token();
         $rt->consumer_key = $consumer->key;
         $rt->tok = $token->key;
-        $rt->type = 0; # request
-        if ($rt->find(TRUE) && $rt->state == 1) { # authorized
+        $rt->type = 0; // request
+        if ($rt->find(true) && $rt->state == 1) { // authorized
             common_debug('request token found.', __FILE__);
             $at = new Token();
             $at->consumer_key = $consumer->key;
             $at->tok = common_good_rand(16);
             $at->secret = common_good_rand(16);
-            $at->type = 1; # access
+            $at->type = 1; // access
             $at->created = DB_DataObject_Cast::dateTime();
             if (!$at->insert()) {
                 $e = $at->_lastError;
@@ -107,15 +119,15 @@ class LaconicaOAuthDataStore extends OAuthDataStore {
                 return null;
             } else {
                 common_debug('access token "'.$at->tok.'" inserted', __FILE__);
-                # burn the old one
+                // burn the old one
                 $orig_rt = clone($rt);
-                $rt->state = 2; # used
+                $rt->state = 2; // used
                 if (!$rt->update($orig_rt)) {
                     return null;
                 }
                 common_debug('request token "'.$rt->tok.'" updated', __FILE__);
-                # Update subscription
-                # XXX: mixing levels here
+                // Update subscription
+                // XXX: mixing levels here
                 $sub = Subscription::staticGet('token', $rt->tok);
                 if (!$sub) {
                     return null;
@@ -136,9 +148,10 @@ class LaconicaOAuthDataStore extends OAuthDataStore {
         }
     }
 
-    # defined in OAuthDataStore, but not implemented anywhere
+    // defined in OAuthDataStore, but not implemented anywhere
 
-    function fetch_access_token($consumer) {
+    function fetch_access_token($consumer)
+    {
         return $this->new_access_token($consumer);
     }
 }