mods/_core/imscp/oauth/oauth_authenticate.php

   1 <?php\r
   2 /****************************************************************/\r
   3 /* ATutor                                                                                                               */\r
   4 /****************************************************************/\r
   5 /* Copyright (c) 2002-2010                                      */\r
   6 /* Inclusive Design Institute                                   */\r
   7 /* http://atutor.ca                                                                                             */\r
   8 /*                                                              */\r
   9 /* This program is free software. You can redistribute it and/or*/\r
  10 /* modify it under the terms of the GNU General Public License  */\r
  11 /* as published by the Free Software Foundation.                                */\r
  12 /****************************************************************/\r
  13 // $Id$\r
  14 \r
  15 /**\r
  16  * This script is called by mods/_core/imscp/ims_export.php\r
  17  * to export course content out of ATutor and import into\r
  18  * transformable.\r
  19  * This script also used as a callback endpoint for Tansformable\r
  20  * OAuth authentication.\r
  21  * @access public\r
  22  * @input  1. $client_callback_url is required\r
  23  *         2. when called back by Transformable OAuth authentication, \r
  24  *         a request token var 'oauth_token' is required.\r
  25  * @output $access_token_key, to import into transformable\r
  26  */\r
  27 \r
  28 if (!defined('AT_INCLUDE_PATH')) \r
  29 { // when the script is called back by oauth server, \r
  30         define('AT_INCLUDE_PATH', '../../../../include/');\r
  31         require_once(AT_INCLUDE_PATH.'vitals.inc.php');\r
  32 }\r
  33 \r
  34 require_once('OAuthUtility.class.php');\r
  35 require_once("OAuth.php");\r
  36 global $msg, $_config;\r
  37 \r
  38 // check whether the transformable url is accessible\r
  39 if (!OAuthUtility::isAccessible(AT_TILE_OAUTH_REGISTER_CONSUMER_URL))\r
  40 {\r
  41         $msg->addError(array('TILE_AUTHENTICATION_FAIL', _AT('tile_not_accessible')));\r
  42         header('Location: '.AT_BASE_HREF.'mods/_core/imscp/index.php');\r
  43         exit;\r
  44 }\r
  45 \r
  46 // check whether the last access token has expired. If not, return it, otherwise, get a new access token.\r
  47 // skip this step when this script is called by oauth server callback\r
  48 if (isset($_SESSION['member_id']))\r
  49         $access_token_key = OAuthUtility::getUnexpiredAccessToken();\r
  50 \r
  51 if ($access_token_key == '')\r
  52 { \r
  53         // initialize basic variables\r
  54         $sig_method = new OAuthSignatureMethod_HMAC_SHA1(); // use HMAC signature method as default\r
  55         \r
  56         if (!isset($_GET['oauth_token'])) // before oauth server authentication, get request token from oauth server\r
  57         {\r
  58                 // 1. register consumer\r
  59                 $sql = "SELECT * FROM ".TABLE_PREFIX."oauth_client_servers \r
  60                          WHERE oauth_server='".mysql_real_escape_string($_config['transformable_uri'])."'";\r
  61                 $result = mysql_query($sql, $db);\r
  62         \r
  63                 if (mysql_num_rows($result) == 0)\r
  64                 {\r
  65                         $register_consumer_url = AT_TILE_OAUTH_REGISTER_CONSUMER_URL.'?consumer='.urlencode(AT_BASE_HREF).'&expire='.$_config['transformable_oauth_expire'];\r
  66                         $oauth_server_response = file_get_contents($register_consumer_url);\r
  67                 \r
  68 //                      debug('register consumer - request: '.$register_consumer_url);\r
  69 //                      debug('register consumer - OAUTH response: '.$oauth_server_response);\r
  70                         \r
  71                         // handle OAUTH response on register consumer\r
  72                         foreach (explode('&', $oauth_server_response) as $rtn)\r
  73                         {\r
  74                                 $rtn_pair = explode('=', $rtn);\r
  75                                 \r
  76                                 if ($rtn_pair[0] == 'consumer_key') $consumer_key = $rtn_pair[1];\r
  77                                 if ($rtn_pair[0] == 'consumer_secret') $consumer_secret = $rtn_pair[1];\r
  78                                 if ($rtn_pair[0] == 'expire') $expire_threshold = $rtn_pair[1];\r
  79                                 if ($rtn_pair[0] == 'error') $error = urldecode($rtn_pair[1]);\r
  80                         }\r
  81                         \r
  82                         if ($error <> '')\r
  83                         {\r
  84                                 $msg->addError(array('TILE_AUTHENTICATION_FAIL', $error));\r
  85                                 header('Location: '.AT_BASE_HREF.'mods/_core/imscp/index.php');\r
  86                                 exit;\r
  87                         }\r
  88                         else\r
  89                         {\r
  90                                 $sql = "INSERT INTO ".TABLE_PREFIX."oauth_client_servers\r
  91                                             (oauth_server, consumer_key, consumer_secret, expire_threshold, create_date)\r
  92                                             VALUES ('".mysql_real_escape_string($_config['transformable_uri'])."', '".$consumer_key."',\r
  93                                             '".$consumer_secret."', ".$expire_threshold.", now())";\r
  94                                 $result = mysql_query($sql, $db);\r
  95                                 $oauth_server_id = mysql_insert_id();\r
  96                         }\r
  97                 }\r
  98                 else\r
  99                 {\r
 100                         $row = mysql_fetch_assoc($result);\r
 101                         $oauth_server_id = $row['oauth_server_id'];\r
 102                         $consumer_key = $row['consumer_key'];\r
 103                         $consumer_secret = $row['consumer_secret'];\r
 104                         $expire_threshold = $row['expire_threshold'];\r
 105                 }\r
 106                 $consumer = new OAuthConsumer($consumer_key, $consumer_secret, $client_callback_url);\r
 107                 \r
 108         //      debug('consumer: '.$consumer);\r
 109         //      debug('--- END OF REGISTERING CONSUMER ---');\r
 110         \r
 111                 // 2. get request token\r
 112                 $req_req = OAuthRequest::from_consumer_and_token($consumer, NULL, "GET", AT_TILE_OAUTH_REQUEST_TOKEN_URL);\r
 113                 $req_req->sign_request($sig_method, $consumer, NULL);\r
 114 \r
 115                 $oauth_server_response = file_get_contents($req_req);\r
 116                 \r
 117         //      debug('request token - request: '."\n".$req_req);\r
 118         //      debug('request token - response: '."\n".$oauth_server_response);\r
 119                 \r
 120                 // handle OAUTH request token response\r
 121                 foreach (explode('&', $oauth_server_response) as $rtn)\r
 122                 {\r
 123                         $rtn_pair = explode('=', $rtn);\r
 124                         \r
 125                         if ($rtn_pair[0] == 'oauth_token') $request_token_key = $rtn_pair[1];\r
 126                         if ($rtn_pair[0] == 'oauth_token_secret') $request_token_secret = $rtn_pair[1];\r
 127                         if ($rtn_pair[0] == 'error') $error = urldecode($rtn_pair[1]);\r
 128                 }\r
 129                 \r
 130                 if ($error == '' && strlen($request_token_key) > 0 && strlen($request_token_secret) > 0)\r
 131                 {\r
 132                         $sql = "INSERT INTO ".TABLE_PREFIX."oauth_client_tokens\r
 133                                         (oauth_server_id, token, token_type, token_secret, member_id, assign_date)\r
 134                                         VALUES (".$oauth_server_id.", '".$request_token_key."', 'request',\r
 135                                         '".$request_token_secret."', ".$_SESSION['member_id'].", now())";\r
 136                         $result = mysql_query($sql, $db);\r
 137                 }\r
 138                 else\r
 139                 {\r
 140                         $msg->addError(array('TILE_AUTHENTICATION_FAIL', $error));\r
 141                         header('Location: '.AT_BASE_HREF.'mods/_core/imscp/index.php');\r
 142                         exit;\r
 143                 }\r
 144                 \r
 145                 $request_token = new OAuthToken($request_token_key, $request_token_secret);\r
 146                 \r
 147         //      debug('--- END OF REQESTING REQUEST TOKEN ---');\r
 148                 \r
 149                 // 3. authorization\r
 150                 $auth_req = AT_TILE_OAUTH_AUTHORIZATION_URL.'?oauth_token='.$request_token_key.'&oauth_callback='.urlencode($client_callback_url);\r
 151                 \r
 152                 header('Location: '.$auth_req);\r
 153                 exit;\r
 154         }\r
 155         else // authenticated\r
 156         {\r
 157                 // get consumer id by request token\r
 158                 $sql = "SELECT ocs.oauth_server_id, ocs.consumer_key, ocs.consumer_secret, \r
 159                                ocs.expire_threshold, oct.member_id, oct.token_secret\r
 160                           FROM ".TABLE_PREFIX."oauth_client_servers ocs, ".TABLE_PREFIX."oauth_client_tokens oct  \r
 161                          WHERE ocs.oauth_server_id = oct.oauth_server_id\r
 162                            AND oct.token = '".$_GET['oauth_token']."'\r
 163                            AND token_type='request'";\r
 164                 \r
 165                 $result = mysql_query($sql, $db);\r
 166                 if (mysql_num_rows($result)==0)\r
 167                 {\r
 168                         $msg->addError(array('TILE_AUTHENTICATION_FAIL', _AT('wrong_request_token')));\r
 169                         header('Location: '.AT_BASE_HREF.'mods/_core/imscp/index.php');\r
 170                         exit;\r
 171                 }\r
 172                 \r
 173                 $row = mysql_fetch_assoc($result); \r
 174                 \r
 175                 $consumer = new OAuthConsumer($row['consumer_key'], $row['consumer_secret'], $client_callback_url);\r
 176                 $request_token = new OAuthToken($_GET['oauth_token'], $row['token_secret']);\r
 177                 \r
 178                 // 4. get access token\r
 179                 $access_req = OAuthRequest::from_consumer_and_token($consumer, $request_token, "GET", AT_TILE_OAUTH_ACCESS_TOKEN_URL);\r
 180                 $access_req->sign_request($sig_method, $consumer, NULL);\r
 181                 \r
 182                 $oauth_server_response = file_get_contents($access_req);\r
 183                 \r
 184         //      debug('access token - request: '."\n".$access_req);\r
 185         //      debug('access token - response: '."\n".$oauth_server_response);\r
 186                 \r
 187                 // handle OAUTH response on access token\r
 188                 foreach (explode('&', $oauth_server_response) as $rtn)\r
 189                 {\r
 190                         $rtn_pair = explode('=', $rtn);\r
 191                         \r
 192                         if ($rtn_pair[0] == 'oauth_token') $access_token_key = $rtn_pair[1];\r
 193                         if ($rtn_pair[0] == 'oauth_token_secret') $access_token_secret = $rtn_pair[1];\r
 194                         if ($rtn_pair[0] == 'error') $error = urldecode($rtn_pair[1]);\r
 195                 }\r
 196                 \r
 197                 if ($error == '' && strlen($access_token_key) > 0 && strlen($access_token_secret) > 0)\r
 198                 {\r
 199                         // insert access token\r
 200                         $sql = "INSERT INTO ".TABLE_PREFIX."oauth_client_tokens\r
 201                                         (oauth_server_id, token, token_type, token_secret, member_id, assign_date)\r
 202                                         VALUES (".$row['oauth_server_id'].", '".$access_token_key."', 'access',\r
 203                                         '".$access_token_secret."', ".$row['member_id'].", now())";\r
 204                         $result = mysql_query($sql, $db);\r
 205                         \r
 206                         // delete request_token\r
 207                         $sql = "DELETE FROM ".TABLE_PREFIX."oauth_client_tokens\r
 208                                          WHERE token = '".$_GET['oauth_token']."'\r
 209                                            AND token_type='request'";\r
 210                         $result = mysql_query($sql, $db);\r
 211                 }\r
 212                 else\r
 213                 {\r
 214                         $msg->addError(array('TILE_AUTHENTICATION_FAIL', $error));\r
 215                         header('Location: '.AT_BASE_HREF.'mods/_core/imscp/index.php');\r
 216                         exit;\r
 217                 }\r
 218         }\r
 219 }\r
 220 //debug('access token key: '.$access_token_key);\r
 221 //      debug('--- END OF REQESTING ACCESS TOKEN ---');\r
 222 //      exit;\r
 223 ?>