Squiz Matrix  4.12.2
 All Data Structures Namespaces Functions Variables Pages
page_rest_resource_oauth_session.inc
1 <?php
18 require_once SQ_PACKAGES_PATH.'/web_services/rest/page_templates/page_rest_resource/page_rest_resource.inc';
19 
20 
31 class Page_REST_Resource_OAuth_Session extends Page_REST_Resource
32 {
33  private $_errors = Array();
34 
41  function __construct($assetid=0)
42  {
43  parent::__construct($assetid);
44 
45  }//end constructor
46 
47 
54  public function printBody()
55  {
56 
57  // let the user decide if they want Matrix to do keyword replacements on the response. See bug
58  // #5701 Minor Enhancement : Allow REST resources assets to stop replacing keywords in response
59  $GLOBALS['SQ_SYSTEM']->setGlobalDefine('SQ_REPLACE_MYSOURCE_LEVEL_KEYWORDS', $this->attr('allow_global_replace'));
60 
61  // reset the oauth related session variables to restart the oauth authorization process in one of the following cases:
62  // - if the user click on 'Reset Existing Authorization Data'
63  // if only request token is available but not access token, which is likely the case that the user didn't complete the authorization process earlier
64  if (isset($_POST[$this->getPrefix().'_oauth_reset_session_vars']) || (isset($_SESSION['oauth'][$this->id]['oauth_token']) && !isset($_SESSION['oauth'][$this->id]['access_token']))) {
65  $this->resetOAuthSessionVariables();
66  unset($_POST[$this->getPrefix().'_oauth_reset_session_vars']);
67  }
68 
69  // Run the request(s).
70  $this->_process();
71 
72  // display the responses if access token is not available yet
73  // if access token is available, the contents should be controlled in paint layout
74  // using oauth_access_token_available keyword
75  if (!$this->isAccessTokenAvailable()) {
76 
77  if (!empty($this->_res['responses'])) {
78  foreach ($this->_res['responses'] as &$resp) {
79  // if the http code of the response is over 400, it's an error
80  // clear the session variable set so far to prepare for a restart
81  if ($resp['info']['http_code'] >= 400) {
82  $this->resetOAuthSessionVariables();
83  } else {
84  // the response is likely to be authorization/login display provided by the service provider
85  echo $resp['body'];
86  }
87  }
88  } else {
89  // if we don't have any data in responses, something must have gone wrong somewhere
90  // clear the session variables set so far to prepare for a restart
91  $this->resetOAuthSessionVariables();
92  }
93  }
94 
95  }//end printBody()
96 
97 
104  protected function _process()
105  {
106  $oauth = $this->getAttribute('oauth');
107 
108  // if access token already exists in the session, use the existing access token
109  if($this->isAccessTokenAvailable()) return;
110 
111  $oauth->setKeywordReplacements($this->_extra_replacements);
112 
113  // all the available keywords need to be passed to the attribute to have keyword set in the attribute to be replaced
114  $available_keywords = $this->getAvailableKeywords();
115  foreach ($available_keywords as $keyword => $val) {
116  $available_keywords[$keyword] = $this->getKeywordReplacement($keyword);
117  }
118 
119  $mm = $GLOBALS['SQ_SYSTEM']->getMetadataManager();
120  $metadata_fields = $mm->getMetadata($this->id);
121  foreach($metadata_fields as $schema_fieldid => $field_data) {
122  foreach ($field_data as $item) {
123  $available_keywords['asset_metadata_'.$item['name']] = $item['value'];
124  }
125  }
126 
127  $oauth->setKeywordReplacements($available_keywords);
128 
129  // this function is called when we start the oauth process from requesting a request token
130  // and also when the request token has been authorized by the user and the service provider calls back.
131  // when it's a call back, the request parameter will have 'oauth_token' and 'oauth_verifier'.
132  // if we don't have oauth_token or oauth_verifier, that means we haven't started the oauth process or
133  // something went wrong somewhere - either way, we should start from scratch
134  if (!isset($_GET['oauth_token']) && !isset($_GET['oauth_verifier'])) {
135  // request a Request Token from the service provider
136  if (!isset($_SESSION['oauth'][$this->id]['oauth_token'])) {
137  $this->_res = $oauth->getRequestToken();
138  $this->_errors = $oauth->getErrors();
139 
140  // if a requst token is returned, have it authorized by the user
141  if (isset($this->_res['request_token']['oauth_token']) && isset($this->_res['request_token']['oauth_token_secret'])) {
142  // set the token and token secret in the session for later use
143  $_SESSION['oauth'][$this->id]['oauth_token'] = $this->_res['request_token']['oauth_token'];
144  $_SESSION['oauth'][$this->id]['oauth_token_secret'] = $this->_res['request_token']['oauth_token_secret'];
145 
146  $redirect_authorise = $this->attr('redirect_authorise');
147  if($redirect_authorise) {
148  $oauth->authorizeRedirect($this->_res['request_token']);
149  }
150  else {
151  $this->_res =& $oauth->authorize($this->_res['request_token']);
152  $this->_errors = $oauth->getErrors();
153  }
154  }
155  }
156  } else {
157  // if we have 'oauth_token' and 'oauth_verifier', we can exchange the authorized request token to an access token.
158  // however, if the user hasn't grant access, we still receive token & verifier but it'll be an invalid token
159  // and the exchange will fail.
160  if (!isset($_SESSION['oauth'][$this->id]['access_token']) && isset($_SESSION['oauth'][$this->id]['oauth_token_secret'])) {
161  $this->_res =& $oauth->getAccessToken($_GET['oauth_token'], $_GET['oauth_verifier'], $_SESSION['oauth'][$this->id]['oauth_token_secret']);
162  $this->_errors = $oauth->getErrors();
163 
164  // if the access token and secret are returned from the service provider, set them in the session variables
165  if (isset($this->_res['access_token']['oauth_token']) && isset($this->_res['access_token']['oauth_token_secret'])) {
166  $_SESSION['oauth'][$this->id]['access_token'] = $this->_res['access_token']['oauth_token'];
167  $_SESSION['oauth'][$this->id]['access_token_secret'] = $this->_res['access_token']['oauth_token_secret'];
168  }
169  }
170  }
171 
172  }//end _process()
173 
174 
183  public function resetOAuthSessionVariables()
184  {
185  $oauth_session_vars = isset($_SESSION['oauth'][$this->id]) ? $_SESSION['oauth'][$this->id] : Array();
186  foreach ($oauth_session_vars as $session_var_name => $session_var_val) {
187  unset($_SESSION['oauth'][$this->id][$session_var_name]);
188  }
189  }//end resetOAuthSessionVariables()
190 
191 
205  public function getUserDataRequestAuthHeaders($urls=Array(), $args=Array())
206  {
207  $auth_headers = Array();
208  if (empty($urls)) return Array();
209 
210  $oauth = $this->getAttribute('oauth');
211  foreach ($args as $config_name => $config_value) {
212  $oauth->setConfig($config_name, $config_value);
213  }
214 
215  // if an access token is not available, there is no way user data can be accessed
216  // process each url only when we have an access token
217  if ($this->isAccessTokenAvailable()) {
218  $access_token = $this->getAccessToken();
219  foreach ($urls as $url) {
220  $auth_headers[$url] = $oauth->getUserDataAuthHeader($url, $access_token['access_token'], $access_token['access_token_secret']);
221  }
222  }
223 
224  return $auth_headers;
225 
226  }// end getUserDataRequestAuthHeaders()
227 
228 
237  public function isAccessTokenAvailable()
238  {
239  $access_token = $this->attr('access_token');
240  $access_token_secret = $this->attr('access_token_secret');
241  if(!empty($access_token) && !empty($access_token_secret)) return TRUE;
242 
243  if (isset($_SESSION['oauth'][$this->id]['access_token']) && isset($_SESSION['oauth'][$this->id]['access_token_secret'])) {
244  return TRUE;
245  } else {
246  return FALSE;
247  }
248  }//end isAccessTokenAvailable()
249 
257  public function getAccessToken()
258  {
259  $access_token = $this->attr('access_token');
260  $access_token_secret = $this->attr('access_token_secret');
261  if(!empty($access_token) && !empty($access_token_secret)) {
262  return (Array('access_token' => $access_token, 'access_token_secret' => $access_token_secret));
263  }
264  if (isset($_SESSION['oauth'][$this->id]['access_token']) && isset($_SESSION['oauth'][$this->id]['access_token_secret'])) {
265  return (Array('access_token' => $_SESSION['oauth'][$this->id]['access_token'], 'access_token_secret' => $_SESSION['oauth'][$this->id]['access_token_secret']));
266  } else {
267  return NULL;
268  }
269  }//end getAccessToken()
270 
271 
280  public function getAvailableKeywords()
281  {
282  $res = parent::getAvailableKeywords();
283  $res['oauth_reset_session_vars'] = translate('oauth_reset_session_vars_keyword');
284  $res['oauth_access_token_available'] = translate('oauth_access_token_available');
285  $res['oauth_errors'] = translate('oauth_errors');
286  return $res;
287 
288  }//end getAvailableKeywords()
289 
290 
299  public function getOauthResetSessionVarsKeywordReplacement()
300  {
301  require_once SQ_LIB_PATH.'/html_form/html_form.inc';
302  ob_start();
303  ?>
304  <form id="<?php echo $this->getPrefix() ?>_oauth_reset_session_vars_form" method="POST" action="<?php echo current_url(TRUE, TRUE); ?>">
305  <?php echo submit_button($this->getPrefix().'_oauth_reset_session_vars', translate('oauth_reset_session_vars')); ?>
306  </form>
307  <?php
308  $replacement = ob_get_contents();
309 
310  ob_end_clean();
311  return $replacement;
312 
313  }// end getOauthResetSessionVarsKeywordReplacement()
314 
315 
324  public function getOauthAccessTokenAvailableKeywordReplacement()
325  {
326  return $this->isAccessTokenAvailable();
327 
328  }//end getOauthAccessTokenAvailableKeywordReplacement()
329 
330 
339  public function getOauthErrorsKeywordReplacement()
340  {
341  return implode('<br />', $this->_errors);
342 
343  }//end getOauthErrorsKeywordReplacement()
344 
345 }
346 ?>