<?php
/**
* Zend Framework
*
* LICENSE
*
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
*
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
* @version $Id$
*/
/** Zend_Oauth_Http */
require_once 'Zend/Oauth/Http.php';
/** Zend_Oauth_Token_Access */
require_once 'Zend/Oauth/Token/Access.php';
/**
* @category Zend
* @package Zend_Oauth
* @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
*/
class Zend_Oauth_Http_AccessToken extends Zend_Oauth_Http
{
/**
* Singleton instance if required of the HTTP client
*
* @var Zend_Http_Client
*/
protected $_httpClient = null;
/**
* Initiate a HTTP request to retrieve an Access Token.
*
* @return Zend_Oauth_Token_Access
*/
public function execute()
{
$params = $this->assembleParams();
$response = $this->startRequestCycle($params);
$return = new Zend_Oauth_Token_Access($response);
return $return;
}
/**
* Assemble all parameters for an OAuth Access Token request.
*
* @return array
*/
public function assembleParams()
{
$params = array(
'oauth_consumer_key' => $this->_consumer->getConsumerKey(),
'oauth_nonce' => $this->_httpUtility->generateNonce(),
'oauth_signature_method' => $this->_consumer->getSignatureMethod(),
'oauth_timestamp' => $this->_httpUtility->generateTimestamp(),
'oauth_token' => $this->_consumer->getLastRequestToken()->getToken(),
'oauth_version' => $this->_consumer->getVersion(),
);
if (!empty($this->_parameters)) {
$params = array_merge($params, $this->_parameters);
}
$params['oauth_signature'] = $this->_httpUtility->sign(
$params,
$this->_consumer->getSignatureMethod(),
$this->_consumer->getConsumerSecret(),
$this->_consumer->getLastRequestToken()->getTokenSecret(),
$this->_preferredRequestMethod,
$this->_consumer->getAccessTokenUrl()
);
return $params;
}
/**
* Generate and return a HTTP Client configured for the Header Request Scheme
* specified by OAuth, for use in requesting an Access Token.
*
* @param array $params
* @return Zend_Http_Client
*/
public function getRequestSchemeHeaderClient(array $params)
{
$params = $this->_cleanParamsOfIllegalCustomParameters($params);
$headerValue = $this->_toAuthorizationHeader($params);
$client = Zend_Oauth::getHttpClient();
$client->setUri($this->_consumer->getAccessTokenUrl());
$client->setHeaders('Authorization', $headerValue);
$client->setMethod($this->_preferredRequestMethod);
return $client;
}
/**
* Generate and return a HTTP Client configured for the POST Body Request
* Scheme specified by OAuth, for use in requesting an Access Token.
*
* @param array $params
* @return Zend_Http_Client
*/
public function getRequestSchemePostBodyClient(array $params)
{
$params = $this->_cleanParamsOfIllegalCustomParameters($params);
$client = Zend_Oauth::getHttpClient();
$client->setUri($this->_consumer->getAccessTokenUrl());
$client->setMethod($this->_preferredRequestMethod);
$client->setRawData(
$this->_httpUtility->toEncodedQueryString($params)
);
$client->setHeaders(
Zend_Http_Client::CONTENT_TYPE,
Zend_Http_Client::ENC_URLENCODED
);
return $client;
}
/**
* Generate and return a HTTP Client configured for the Query String Request
* Scheme specified by OAuth, for use in requesting an Access Token.
*
* @param array $params
* @param string $url
* @return Zend_Http_Client
*/
public function getRequestSchemeQueryStringClient(array $params, $url)
{
$params = $this->_cleanParamsOfIllegalCustomParameters($params);
return parent::getRequestSchemeQueryStringClient($params, $url);
}
/**
* Attempt a request based on the current configured OAuth Request Scheme and
* return the resulting HTTP Response.
*
* @param array $params
* @return Zend_Http_Response
*/
protected function _attemptRequest(array $params)
{
switch ($this->_preferredRequestScheme) {
case Zend_Oauth::REQUEST_SCHEME_HEADER:
$httpClient = $this->getRequestSchemeHeaderClient($params);
break;
case Zend_Oauth::REQUEST_SCHEME_POSTBODY:
$httpClient = $this->getRequestSchemePostBodyClient($params);
break;
case Zend_Oauth::REQUEST_SCHEME_QUERYSTRING:
$httpClient = $this->getRequestSchemeQueryStringClient($params,
$this->_consumer->getAccessTokenUrl());
break;
}
return $httpClient->request();
}
/**
* Access Token requests specifically may not contain non-OAuth parameters.
* So these should be striped out and excluded. Detection is easy since
* specified OAuth parameters start with "oauth_", Extension params start
* with "xouth_", and no other parameters should use these prefixes.
*
* xouth params are not currently allowable.
*
* @param array $params
* @return array
*/
protected function _cleanParamsOfIllegalCustomParameters(array $params)
{
foreach ($params as $key=>$value) {
if (!preg_match("/^oauth_/", $key)) {
unset($params[$key]);
}
}
return $params;
}
}