Source for file client.php
Documentation is available at client.php
* @package Joomla.Platform
* @copyright Copyright (C) 2005 - 2013 Open Source Matters, Inc. All rights reserved.
* @license GNU General Public License version 2 or later; see LICENSE
defined('JPATH_PLATFORM') or die();
* Joomla Platform class for interacting with an OAuth 1.0 and 1.0a server.
* @package Joomla.Platform
* @var JRegistry Options for the JOAuth1Client object.
* @var array Contains access token key, secret and verifier.
* @var JHttp The HTTP client object to use in sending HTTP requests.
* @var JInput The input object to use in retrieving GET/POST data.
* @var JApplicationWeb The application object to send HTTP headers for redirects.
* @var string Selects which version of OAuth to use: 1.0 or 1.0a.
* @param JRegistry $options OAuth1Client options object.
* @param JHttp $client The HTTP client object.
* @param JInput $input The input object
* @param JApplicationWeb $application The application object
* @param string $version Specify the OAuth version. By default we are using 1.0a.
public function __construct(JRegistry $options =
null, JHttp $client =
null, JInput $input =
null, JApplicationWeb $application =
null,
$this->version = isset
($version) ?
$version :
'1.0a';
* Method to for the oauth flow.
* @return array Contains access token key, secret and verifier.
* @throws DomainException
// Already got some credentials stored?
$verifier =
$this->input->get('oauth_verifier');
$verifier =
$this->input->get('oauth_token');
// Generate a request token.
$this->_generateRequestToken();
// Authenticate the user and authorise the app.
// Get token form session.
$this->token =
array('key' =>
$session->get('key', null, 'oauth_token'), 'secret' =>
$session->get('secret', null, 'oauth_token'));
// Verify the returned request token.
throw
new DomainException('Bad session!');
// Set token verifier for 1.0a.
// Generate access token.
$this->_generateAccessToken();
// Return the access token.
* Method used to get a request token.
* @throws DomainException
private function _generateRequestToken()
'oauth_callback' =>
$this->getOption('callback')
// Make an OAuth request for the Request Token.
if (strcmp($this->version, '1.0a') ===
0 &&
strcmp($params['oauth_callback_confirmed'], 'true') !==
0)
throw
new DomainException('Bad request token!');
// Save the request token.
$this->token =
array('key' =>
$params['oauth_token'], 'secret' =>
$params['oauth_token_secret']);
// Save the request token in session
$session->set('key', $this->token['key'], 'oauth_token');
$session->set('secret', $this->token['secret'], 'oauth_token');
* Method used to authorise the application.
private function _authorise()
$url =
$this->getOption('authoriseURL') .
'?oauth_token=' .
$this->token['key'];
* Method used to get an access token.
private function _generateAccessToken()
'oauth_token' =>
$this->token['key']
$parameters =
array_merge($parameters, array('oauth_verifier' =>
$this->token['verifier']));
// Make an OAuth request for the Access Token.
// Save the access token.
$this->token =
array('key' =>
$params['oauth_token'], 'secret' =>
$params['oauth_token_secret']);
* Method used to make an OAuth request.
* @param string $url The request URL.
* @param string $method The request method.
* @param array $parameters Array containing request parameters.
* @param mixed $data The POST request data.
* @param array $headers An array of name-value pairs to include in the header of the request
* @throws DomainException
public function oauthRequest($url, $method, $parameters, $data =
array(), $headers =
array())
'oauth_consumer_key' =>
$this->getOption('consumer_key'),
'oauth_signature_method' =>
'HMAC-SHA1',
'oauth_version' =>
'1.0',
'oauth_timestamp' =>
time()
// Do not encode multipart parameters. Do not include $data in the signature if $data is not array.
if (isset
($headers['Content-Type']) &&
strpos($headers['Content-Type'], 'multipart/form-data') !==
false ||
!is_array($data))
$oauth_headers =
$parameters;
// Use all parameters for the signature.
$oauth_headers =
$this->_signRequest($url, $method, $oauth_headers);
// Get parameters for the Authorisation header.
$url =
$this->toUrl($url, $data);
$response =
$this->client->get($url, array('Authorization' =>
$this->_createHeader($oauth_headers)));
$headers =
array_merge($headers, array('Authorization' =>
$this->_createHeader($oauth_headers)));
$response =
$this->client->post($url, $data, $headers);
$headers =
array_merge($headers, array('Authorization' =>
$this->_createHeader($oauth_headers)));
$response =
$this->client->put($url, $data, $headers);
$headers =
array_merge($headers, array('Authorization' =>
$this->_createHeader($oauth_headers)));
// Validate the response code.
* Method to validate a response.
* @param string $url The request URL.
* @param JHttpResponse $response The response to validate.
* @throws DomainException
* Method used to create the header for the POST request.
* @param array $parameters Array containing request parameters.
* @return string The header.
private function _createHeader($parameters)
foreach ($parameters as $key =>
$value)
if (!strcmp($header, 'OAuth '))
$header .=
$key .
'="' .
$this->safeEncode($value) .
'"';
$header .=
', ' .
$key .
'="' .
$value .
'"';
* Method to create the URL formed string with the parameters.
* @param string $url The request URL.
* @param array $parameters Array containing request parameters.
* @return string The formed URL.
public function toUrl($url, $parameters)
foreach ($parameters as $key =>
$value)
if (strpos($url, '?') ===
false)
$url .=
'?' .
$key .
'=' .
$v;
$url .=
'&' .
$key .
'=' .
$v;
if (strpos($value, ' ') !==
false)
if (strpos($url, '?') ===
false)
$url .=
'?' .
$key .
'=' .
$value;
$url .=
'&' .
$key .
'=' .
$value;
* Method used to sign requests.
* @param string $url The URL to sign.
* @param string $method The request method.
* @param array $parameters Array containing request parameters.
private function _signRequest($url, $method, $parameters)
// Create the signature base string.
$base =
$this->_baseString($url, $method, $parameters);
$parameters['oauth_signature'] =
$this->safeEncode(
hash_hmac('sha1', $base, $this->_prepareSigningKey(), true)
* Prepare the signature base string.
* @param string $url The URL to sign.
* @param string $method The request method.
* @param array $parameters Array containing request parameters.
* @return string The base string.
private function _baseString($url, $method, $parameters)
// Sort the parameters alphabetically
uksort($parameters, 'strcmp');
foreach ($parameters as $key =>
$value)
$kv[] =
"{
$key}={$value}";
// Form the parameter string.
// Signature base string elements.
// Return the base string.
* Encodes the string or array passed in a way compatible with OAuth.
* If an array is passed each array value will will be encoded.
* @param mixed $data The scalar or array to encode.
* @return string $data encoded in a way compatible with OAuth.
return array_map(array($this, 'safeEncode'), $data);
* Method used to generate the current nonce.
* @return string The current nonce.
// The md5s look nicer than numbers.
* Prepares the OAuth signing key.
* @return string The prepared signing key.
private function _prepareSigningKey()
* Returns an HTTP 200 OK response code and a representation of the requesting user if authentication was successful;
* returns a 401 status code and an error message if not.
* @return array The decoded JSON response
* Get an option from the JOauth1aClient instance.
* @param string $key The name of the option to get
* @return mixed The option value
* Set an option for the JOauth1aClient instance.
* @param string $key The name of the option to set
* @param mixed $value The option value to set
* @return JOAuth1Client This object for method chaining
* Get the oauth token key or secret.
* @return array The oauth token key and secret.
* @param array $token The access token key and secret.
* @return JOAuth1Client This object for method chaining.
Documentation generated on Tue, 19 Nov 2013 14:55:53 +0100 by phpDocumentor 1.4.3