Skip to content

Instantly share code, notes, and snippets.

@tistaharahap

tistaharahap/OAUTHnesia.php

Created January 9, 2012 06:45
Show Gist options
  • Save tistaharahap/1581529 to your computer and use it in GitHub Desktop.
Save tistaharahap/1581529 to your computer and use it in GitHub Desktop.
Download ZIP
OAUTHnesia for PHP
Raw
OAUTHnesia.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
/**
* OAUTHnesia for PHP Class
*
* @package OAUTHnesia
* @subpackage PHP
* @category OAUTH Client
* @author Batista R. Harahap <[email protected]>
* @link http://www.bango29.com
* @license MIT License - http://www.opensource.org/licenses/mit-license.php
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
class Oauthnesia {
var $cons_key = "";
var $cons_sec = "";
var $user_key = "";
var $user_sec = "";
var $API_URL = "http://api1.urbanesia.com/";
var $api_uri = "";
function __construct($conf) {
if(empty($conf))
throw new Oauthnesia_Exception("Empty configuration array");
if(empty($conf['consumer_key']))
throw new Oauthnesia_Exception("Please initialize with Consumer Key");
if(empty($conf['consumer_secret']))
throw new Oauthnesia_Exception("Please initialize with Consumer Secret");
if( (empty($conf['user_key']) && !empty($conf['user_secret'])) || (!empty($user_key) && !empty($user_sec)) )
throw new Oauthnesia_Exception("Both User Tokens must be initialized");
$this->API_URL = !empty($conf['api_base_url']) ? $conf['api_base_url'] : $this->API_URL;
$this->cons_key = $conf['consumer_key'];
$this->cons_sec = $conf['consumer_secret'];
$this->user_key = !empty($conf['user_key']) ? $conf['user_key'] : '';
$this->user_sec = !empty($conf['user_secret']) ? $conf['user_secret'] : '';
}
function request($uri = "", $post = "", $get = "", $with_user_key = false) {
if(empty($uri))
throw new Oauthnesia_Exception("API URI must be initialized");
if(!is_string($uri))
throw new Oauthnesia_Exception("API URI must be a String object");
if(!is_string($post))
throw new Oauthnesia_Exception("API POST Requests must be a String object");
if(!is_string($get))
throw new Oauthnesia_Exception("API GET Requests must be a String object");
if(!is_bool($with_user_key))
throw new Oauthnesia_Exception("User Key Signing flag must be boolean");
$this->api_uri = $uri;
// Add default POST requirements for Urbanesia
$def_post = $this->get_default_post($with_user_key);
// Merge POST with default POST
if(empty($post))
$post = $def_post;
else
$post .= "&" . $def_post;
// Encode POST and GET for OAUTH
$post = $this->encode_for_oauth($post);
$get = $this->encode_for_oauth($get);
// Encode the whole GET + POST
$requestify = $this->sortify($post ."&". $get);
// Base Signature
$base_sig = $this->get_base_sig($requestify);
// Sign the request with Consumer/User Secret
$oauth_sig = hash_hmac("SHA1", $base_sig, $this->cons_sec . "&" . $this->user_sec, TRUE);
$oauth_sig = base64_encode($oauth_sig);
$oauth_sig = str_replace("=", "%3D", $oauth_sig);
$oauth_sig = str_replace("+", "%2B", $oauth_sig);
$oauth_sig = "?oauth_signature=" . $oauth_sig;
$url = $this->API_URL . $this->api_uri . $oauth_sig . "&" . $get;
return $this->send_request($url, $post);
}
function xauth($username, $password) {
if(empty($username))
throw new Oauthnesia_Exception("No username specified for xAuth");
if(empty($password))
throw new Oauthnesia_Exception("No password specified for xAuth");
$this->api_uri = "oauth/access_token";
// Add default POST requirements for Urbanesia
$def_post = $this->get_default_post(FALSE);
// Xauth Default POST
$xpost = "&x_auth_username={$username}&x_auth_password={$password}&x_auth_mode=client_auth";
// Merge POST with Xauth
$post = $this->encode_for_oauth($def_post . $xpost);
// Base Signature
$base_sig = $this->get_base_sig($post);
// Sign the request with Consumer/User Secret
$oauth_sig = hash_hmac("SHA1", $base_sig, $this->cons_sec . "&" . $this->user_sec, TRUE);
$oauth_sig = base64_encode($oauth_sig);
$oauth_sig = str_replace("=", "%3D", $oauth_sig);
$oauth_sig = str_replace("+", "%2B", $oauth_sig);
$oauth_sig = "?oauth_signature=" . $oauth_sig;
$url = $this->API_URL . $this->api_uri . $oauth_sig;
$result = $this->send_request($url, $post);
$r =& $result['response'];
if(
!empty($r->result) &&
!empty($r->result->oauth_token_key) &&
!empty($r->result->oauth_token_secret) &&
!empty($r->result->first_name) &&
!empty($r->result->last_name) &&
!empty($r->result->account_id)
) {
return $r->result;
} else {
return FALSE;
}
}
function send_request($url, $post) {
if(empty($url) || empty($post))
throw new Oauthnesia_Exception("Empty URL/POST request for CURL");
$c = curl_init();
curl_setopt($c, CURLOPT_USERAGENT, "OAUTHnesia for PHP v1.0");
curl_setopt($c, CURLOPT_CONNECTTIMEOUT, 1);
curl_setopt($c, CURLOPT_TIMEOUT, 5);
curl_setopt($c, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($c, CURLOPT_SSL_VERIFYPEER, FALSE);
curl_setopt($c, CURLOPT_FOLLOWLOCATION, TRUE);
curl_setopt($c, CURLOPT_URL, $url);
curl_setopt($c, CURLOPT_POST, TRUE);
curl_setopt($c, CURLOPT_POSTFIELDS, $post);
$response = curl_exec($c);
$code = curl_getinfo($c, CURLINFO_HTTP_CODE);
$info = curl_getinfo($c);
$mem = memory_get_usage(TRUE);
$return = array(
'response' => json_decode($response),
'code' => $code,
'info' => $info,
'memory' => round($mem/1024/1024, 2) . " MB"
);
return $return;
}
function get_base_sig($req) {
return "POST&" . rawurlencode($this->API_URL . $this->api_uri) . "&"
. rawurlencode($req);
}
function sortify($body) {
$arr = explode("&", $body);
$arr = array_filter($arr);
array_multisort($arr);
return implode("&", $arr);
}
function encode_for_oauth($var) {
$vars = explode("&", $var);
$vars = array_filter($vars);
array_multisort($vars);
$return = "";
for($i=0, $j=0, $max=count($vars); $i<$max; $i++) {
if($j === 1)
$return .= "&";
$tmp = explode("=", $vars[$i]);
$return .= rawurlencode($tmp[0]) . "=" . rawurlencode($tmp[1]);
$j = 1;
}
return $return;
}
function get_default_post($with_user_key = false) {
if($with_user_key === TRUE && empty($this->user_key))
throw new Oauthnesia_Exception("Trying to make a request signed with User Secret without initializing with User Secret");
$post = "oauth_consumer_key=" . $this->cons_key
. "&oauth_nonce=" . $this->get_nonce()
. "&oauth_signature_method=HMAC-SHA1"
. "&oauth_timestamp=" . mktime()
. "&oauth_version=1.0"
. "&safe_encode=1";
if($with_user_key)
return $post . "&oauth_token=" . $this->user_key;
else
return $post;
}
function get_nonce() {
return md5(microtime(TRUE));
}
function safe_encode($data) {
if (is_array($data)) {
return array_map(array($this, 'safe_encode'), $data);
} else if (is_scalar($data)) {
return str_ireplace(
array('+', '%7E'),
array(' ', '~'),
rawurlencode($data)
);
} else {
return '';
}
}
}
class Oauthnesia_Exception extends Exception {}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment