Oauth/Http/AccessToken.php

0001 <?php
0002 /**
0003  * Zend Framework
0004  *
0005  * LICENSE
0006  *
0007  * This source file is subject to the new BSD license that is bundled
0008  * with this package in the file LICENSE.txt.
0009  * It is also available through the world-wide-web at this URL:
0010  * http://framework.zend.com/license/new-bsd
0011  * If you did not receive a copy of the license and are unable to
0012  * obtain it through the world-wide-web, please send an email
0013  * to license@zend.com so we can send you a copy immediately.
0014  *
0015  * @category   Zend
0016  * @package    Zend_Oauth
0017  * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
0018  * @license    http://framework.zend.com/license/new-bsd     New BSD License
0019  * @version    $Id$
0020  */
0021
0022 /** Zend_Oauth_Http */
0023 // require_once 'Zend/Oauth/Http.php';
0024
0025 /** Zend_Oauth_Token_Access */
0026 // require_once 'Zend/Oauth/Token/Access.php';
0027
0028 /**
0029  * @category   Zend
0030  * @package    Zend_Oauth
0031  * @copyright  Copyright (c) 2005-2015 Zend Technologies USA Inc. (http://www.zend.com)
0032  * @license    http://framework.zend.com/license/new-bsd     New BSD License
0033  */
0034 class Zend_Oauth_Http_AccessToken extends Zend_Oauth_Http
0035 {
0036     /**
0037      * Singleton instance if required of the HTTP client
0038      *
0039      * @var Zend_Http_Client
0040      */
0041     protected $_httpClient = null;
0042
0043     /**
0044      * Initiate a HTTP request to retrieve an Access Token.
0045      *
0046      * @return Zend_Oauth_Token_Access
0047      */
0048     public function execute()
0049     {
0050         $params   = $this->assembleParams();
0051         $response = $this->startRequestCycle($params);
0052         $return   = new Zend_Oauth_Token_Access($response);
0053         return $return;
0054     }
0055
0056     /**
0057      * Assemble all parameters for an OAuth Access Token request.
0058      *
0059      * @return array
0060      */
0061     public function assembleParams()
0062     {
0063         $params = array(
0064             'oauth_consumer_key'     => $this->_consumer->getConsumerKey(),
0065             'oauth_nonce'            => $this->_httpUtility->generateNonce(),
0066             'oauth_signature_method' => $this->_consumer->getSignatureMethod(),
0067             'oauth_timestamp'        => $this->_httpUtility->generateTimestamp(),
0068             'oauth_token'            => $this->_consumer->getLastRequestToken()->getToken(),
0069             'oauth_version'          => $this->_consumer->getVersion(),
0070         );
0071
0072         if (!empty($this->_parameters)) {
0073             $params = array_merge($params, $this->_parameters);
0074         }
0075
0076         $params['oauth_signature'] = $this->_httpUtility->sign(
0077             $params,
0078             $this->_consumer->getSignatureMethod(),
0079             $this->_consumer->getConsumerSecret(),
0080             $this->_consumer->getLastRequestToken()->getTokenSecret(),
0081             $this->_preferredRequestMethod,
0082             $this->_consumer->getAccessTokenUrl()
0083         );
0084
0085         return $params;
0086     }
0087
0088     /**
0089      * Generate and return a HTTP Client configured for the Header Request Scheme
0090      * specified by OAuth, for use in requesting an Access Token.
0091      *
0092      * @param  array $params
0093      * @return Zend_Http_Client
0094      */
0095     public function getRequestSchemeHeaderClient(array $params)
0096     {
0097         $params      = $this->_cleanParamsOfIllegalCustomParameters($params);
0098         $headerValue = $this->_toAuthorizationHeader($params);
0099         $client      = Zend_Oauth::getHttpClient();
0100
0101         $client->setUri($this->_consumer->getAccessTokenUrl());
0102         $client->setHeaders('Authorization', $headerValue);
0103         $client->setMethod($this->_preferredRequestMethod);
0104
0105         return $client;
0106     }
0107
0108     /**
0109      * Generate and return a HTTP Client configured for the POST Body Request
0110      * Scheme specified by OAuth, for use in requesting an Access Token.
0111      *
0112      * @param  array $params
0113      * @return Zend_Http_Client
0114      */
0115     public function getRequestSchemePostBodyClient(array $params)
0116     {
0117         $params = $this->_cleanParamsOfIllegalCustomParameters($params);
0118         $client = Zend_Oauth::getHttpClient();
0119         $client->setUri($this->_consumer->getAccessTokenUrl());
0120         $client->setMethod($this->_preferredRequestMethod);
0121         $client->setRawData(
0122             $this->_httpUtility->toEncodedQueryString($params)
0123         );
0124         $client->setHeaders(
0125             Zend_Http_Client::CONTENT_TYPE,
0126             Zend_Http_Client::ENC_URLENCODED
0127         );
0128         return $client;
0129     }
0130
0131     /**
0132      * Generate and return a HTTP Client configured for the Query String Request
0133      * Scheme specified by OAuth, for use in requesting an Access Token.
0134      *
0135      * @param  array $params
0136      * @param  string $url
0137      * @return Zend_Http_Client
0138      */
0139     public function getRequestSchemeQueryStringClient(array $params, $url)
0140     {
0141         $params = $this->_cleanParamsOfIllegalCustomParameters($params);
0142         return parent::getRequestSchemeQueryStringClient($params, $url);
0143     }
0144
0145     /**
0146      * Attempt a request based on the current configured OAuth Request Scheme and
0147      * return the resulting HTTP Response.
0148      *
0149      * @param  array $params
0150      * @return Zend_Http_Response
0151      */
0152     protected function _attemptRequest(array $params)
0153     {
0154         switch ($this->_preferredRequestScheme) {
0155             case Zend_Oauth::REQUEST_SCHEME_HEADER:
0156                 $httpClient = $this->getRequestSchemeHeaderClient($params);
0157                 break;
0158             case Zend_Oauth::REQUEST_SCHEME_POSTBODY:
0159                 $httpClient = $this->getRequestSchemePostBodyClient($params);
0160                 break;
0161             case Zend_Oauth::REQUEST_SCHEME_QUERYSTRING:
0162                 $httpClient = $this->getRequestSchemeQueryStringClient($params,
0163                     $this->_consumer->getAccessTokenUrl());
0164                 break;
0165         }
0166         return $httpClient->request();
0167     }
0168
0169     /**
0170      * Access Token requests specifically may not contain non-OAuth parameters.
0171      * So these should be striped out and excluded. Detection is easy since
0172      * specified OAuth parameters start with "oauth_", Extension params start
0173      * with "xouth_", and no other parameters should use these prefixes.
0174      *
0175      * xouth params are not currently allowable.
0176      *
0177      * @param  array $params
0178      * @return array
0179      */
0180     protected function _cleanParamsOfIllegalCustomParameters(array $params)
0181     {
0182         foreach ($params as $key=>$value) {
0183             if (!preg_match("/^oauth_/", $key)) {
0184                 unset($params[$key]);
0185             }
0186         }
0187         return $params;
0188     }
0189 }