diff --git a/OAuth.php b/OAuth.php index dfa6fe4..4570013 100644 --- a/OAuth.php +++ b/OAuth.php @@ -2,9 +2,11 @@ // vim: foldmethod=marker /* Generic exception class -*/ -class OAuthException extends Exception { - // pass + */ +if (!class_exists('OAuthException')) { + class OAuthException extends Exception { + // pass + } } class OAuthConsumer { @@ -28,18 +30,18 @@ class OAuthToken { public $secret; /** -* key = the token -* secret = the token secret -*/ + * key = the token + * secret = the token secret + */ function __construct($key, $secret) { $this->key = $key; $this->secret = $secret; } /** -* generates the basic string serialization of a token that a server -* would respond to request_token and access_token calls with -*/ + * generates the basic string serialization of a token that a server + * would respond to request_token and access_token calls with + */ function to_string() { return "oauth_token=" . OAuthUtil::urlencode_rfc3986($this->key) . @@ -53,36 +55,36 @@ function __toString() { } /** -* A class for implementing a Signature Method -* See section 9 ("Signing Requests") in the spec -*/ + * A class for implementing a Signature Method + * See section 9 ("Signing Requests") in the spec + */ abstract class OAuthSignatureMethod { /** -* Needs to return the name of the Signature Method (ie HMAC-SHA1) -* @return string -*/ + * Needs to return the name of the Signature Method (ie HMAC-SHA1) + * @return string + */ abstract public function get_name(); /** -* Build up the signature -* NOTE: The output of this function MUST NOT be urlencoded. -* the encoding is handled in OAuthRequest when the final -* request is serialized -* @param OAuthRequest $request -* @param OAuthConsumer $consumer -* @param OAuthToken $token -* @return string -*/ + * Build up the signature + * NOTE: The output of this function MUST NOT be urlencoded. + * the encoding is handled in OAuthRequest when the final + * request is serialized + * @param OAuthRequest $request + * @param OAuthConsumer $consumer + * @param OAuthToken $token + * @return string + */ abstract public function build_signature($request, $consumer, $token); /** -* Verifies that a given signature is correct -* @param OAuthRequest $request -* @param OAuthConsumer $consumer -* @param OAuthToken $token -* @param string $signature -* @return bool -*/ + * Verifies that a given signature is correct + * @param OAuthRequest $request + * @param OAuthConsumer $consumer + * @param OAuthToken $token + * @param string $signature + * @return bool + */ public function check_signature($request, $consumer, $token, $signature) { $built = $this->build_signature($request, $consumer, $token); return $built == $signature; @@ -90,12 +92,12 @@ public function check_signature($request, $consumer, $token, $signature) { } /** -* The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104] -* where the Signature Base String is the text and the key is the concatenated values (each first -* encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&' -* character (ASCII code 38) even if empty. -* - Chapter 9.2 ("HMAC-SHA1") -*/ + * The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104] + * where the Signature Base String is the text and the key is the concatenated values (each first + * encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&' + * character (ASCII code 38) even if empty. + * - Chapter 9.2 ("HMAC-SHA1") + */ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { function get_name() { return "HMAC-SHA1"; @@ -118,24 +120,24 @@ public function build_signature($request, $consumer, $token) { } /** -* The PLAINTEXT method does not provide any security protection and SHOULD only be used -* over a secure channel such as HTTPS. It does not use the Signature Base String. -* - Chapter 9.4 ("PLAINTEXT") -*/ + * The PLAINTEXT method does not provide any security protection and SHOULD only be used + * over a secure channel such as HTTPS. It does not use the Signature Base String. + * - Chapter 9.4 ("PLAINTEXT") + */ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod { public function get_name() { return "PLAINTEXT"; } /** -* oauth_signature is set to the concatenated encoded values of the Consumer Secret and -* Token Secret, separated by a '&' character (ASCII code 38), even if either secret is -* empty. The result MUST be encoded again. -* - Chapter 9.4.1 ("Generating Signatures") -* -* Please note that the second encoding MUST NOT happen in the SignatureMethod, as -* OAuthRequest handles this! -*/ + * oauth_signature is set to the concatenated encoded values of the Consumer Secret and + * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is + * empty. The result MUST be encoded again. + * - Chapter 9.4.1 ("Generating Signatures") + * + * Please note that the second encoding MUST NOT happen in the SignatureMethod, as + * OAuthRequest handles this! + */ public function build_signature($request, $consumer, $token) { $key_parts = array( $consumer->secret, @@ -151,13 +153,13 @@ public function build_signature($request, $consumer, $token) { } /** -* The RSA-SHA1 signature method uses the RSASSA-PKCS1-v1_5 signature algorithm as defined in -* [RFC3447] section 8.2 (more simply known as PKCS#1), using SHA-1 as the hash function for -* EMSA-PKCS1-v1_5. It is assumed that the Consumer has provided its RSA public key in a -* verified way to the Service Provider, in a manner which is beyond the scope of this -* specification. -* - Chapter 9.3 ("RSA-SHA1") -*/ + * The RSA-SHA1 signature method uses the RSASSA-PKCS1-v1_5 signature algorithm as defined in + * [RFC3447] section 8.2 (more simply known as PKCS#1), using SHA-1 as the hash function for + * EMSA-PKCS1-v1_5. It is assumed that the Consumer has provided its RSA public key in a + * verified way to the Service Provider, in a manner which is beyond the scope of this + * specification. + * - Chapter 9.3 ("RSA-SHA1") + */ abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod { public function get_name() { return "RSA-SHA1"; @@ -236,8 +238,8 @@ function __construct($http_method, $http_url, $parameters=NULL) { /** -* attempt to build up a request from what was passed to the server -*/ + * attempt to build up a request from what was passed to the server + */ public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) { $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") ? 'http' @@ -287,8 +289,8 @@ public static function from_request($http_method=NULL, $http_url=NULL, $paramete } /** -* pretty much a helper function to set up the request -*/ + * pretty much a helper function to set up the request + */ public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) { @$parameters or $parameters = array(); $defaults = array("oauth_version" => OAuthRequest::$version, @@ -331,9 +333,9 @@ public function unset_parameter($name) { } /** -* The request parameters, sorted and concatenated into a normalized string. -* @return string -*/ + * The request parameters, sorted and concatenated into a normalized string. + * @return string + */ public function get_signable_parameters() { // Grab all parameters $params = $this->parameters; @@ -348,12 +350,12 @@ public function get_signable_parameters() { } /** -* Returns the base string of this request -* -* The base string defined as the method, the url -* and the parameters (normalized), each urlencoded -* and the concated with &. -*/ + * Returns the base string of this request + * + * The base string defined as the method, the url + * and the parameters (normalized), each urlencoded + * and the concated with &. + */ public function get_signature_base_string() { $parts = array( $this->get_normalized_http_method(), @@ -367,16 +369,16 @@ public function get_signature_base_string() { } /** -* just uppercases the http method -*/ + * just uppercases the http method + */ public function get_normalized_http_method() { return strtoupper($this->http_method); } /** -* parses the url and rebuilds it to be -* scheme://host/path -*/ + * parses the url and rebuilds it to be + * scheme://host/path + */ public function get_normalized_http_url() { $parts = parse_url($this->http_url); @@ -395,8 +397,8 @@ public function get_normalized_http_url() { } /** -* builds a url usable for a GET request -*/ + * builds a url usable for a GET request + */ public function to_url() { $post_data = $this->to_postdata(); $out = $this->get_normalized_http_url(); @@ -407,18 +409,18 @@ public function to_url() { } /** -* builds the data one would send in a POST request -*/ + * builds the data one would send in a POST request + */ public function to_postdata() { return OAuthUtil::build_http_query($this->parameters); } /** -* builds the Authorization: header -*/ + * builds the Authorization: header + */ public function to_header($realm=null) { $first = true; -if($realm) { + if($realm) { $out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"'; $first = false; } else @@ -461,15 +463,15 @@ public function build_signature($signature_method, $consumer, $token) { } /** -* util function: current timestamp -*/ + * util function: current timestamp + */ private static function generate_timestamp() { return time(); } /** -* util function: current nonce -*/ + * util function: current nonce + */ private static function generate_nonce() { $mt = microtime(); $rand = mt_rand(); @@ -480,7 +482,7 @@ private static function generate_nonce() { class OAuthServer { protected $timestamp_threshold = 300; // in seconds, five minutes - protected $version = '1.0'; // hi blaine + protected $version = '1.0'; // hi blaine protected $signature_methods = array(); protected $data_store; @@ -497,9 +499,9 @@ public function add_signature_method($signature_method) { // high level functions /** -* process a request_token request -* returns the request token on success -*/ + * process a request_token request + * returns the request token on success + */ public function fetch_request_token(&$request) { $this->get_version($request); @@ -518,9 +520,9 @@ public function fetch_request_token(&$request) { } /** -* process an access_token request -* returns the access token on success -*/ + * process an access_token request + * returns the access token on success + */ public function fetch_access_token(&$request) { $this->get_version($request); @@ -539,8 +541,8 @@ public function fetch_access_token(&$request) { } /** -* verify an api call, checks all the parameters -*/ + * verify an api call, checks all the parameters + */ public function verify_request(&$request) { $this->get_version($request); $consumer = $this->get_consumer($request); @@ -551,12 +553,12 @@ public function verify_request(&$request) { // Internals from here /** -* version 1 -*/ + * version 1 + */ private function get_version(&$request) { $version = $request->get_parameter("oauth_version"); if (!$version) { - // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present. + // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present. // Chapter 7.0 ("Accessing Protected Ressources") $version = '1.0'; } @@ -567,8 +569,8 @@ private function get_version(&$request) { } /** -* figure out the signature with some defaults -*/ + * figure out the signature with some defaults + */ private function get_signature_method(&$request) { $signature_method = @$request->get_parameter("oauth_signature_method"); @@ -591,8 +593,8 @@ private function get_signature_method(&$request) { } /** -* try to find the consumer for the provided request's consumer key -*/ + * try to find the consumer for the provided request's consumer key + */ private function get_consumer(&$request) { $consumer_key = @$request->get_parameter("oauth_consumer_key"); if (!$consumer_key) { @@ -608,8 +610,8 @@ private function get_consumer(&$request) { } /** -* try to find the token for the provided request's token key -*/ + * try to find the token for the provided request's token key + */ private function get_token(&$request, $consumer, $token_type="access") { $token_field = @$request->get_parameter('oauth_token'); $token = $this->data_store->lookup_token( @@ -622,9 +624,9 @@ private function get_token(&$request, $consumer, $token_type="access") { } /** -* all-in-one function to check the signature on a request -* should guess the signature method appropriately -*/ + * all-in-one function to check the signature on a request + * should guess the signature method appropriately + */ private function check_signature(&$request, $consumer, $token) { // this should probably be in a different method $timestamp = @$request->get_parameter('oauth_timestamp'); @@ -649,8 +651,8 @@ private function check_signature(&$request, $consumer, $token) { } /** -* check that the timestamp is new enough -*/ + * check that the timestamp is new enough + */ private function check_timestamp($timestamp) { if( ! $timestamp ) throw new OAuthException( @@ -667,8 +669,8 @@ private function check_timestamp($timestamp) { } /** -* check that the nonce is not repeated -*/ + * check that the nonce is not repeated + */ private function check_nonce($consumer, $token, $nonce, $timestamp) { if( ! $nonce ) throw new OAuthException( @@ -870,5 +872,3 @@ public static function build_http_query($params) { return implode('&', $pairs); } } - -?> diff --git a/config.php b/config.php index 2a91911..152d383 100644 --- a/config.php +++ b/config.php @@ -7,7 +7,7 @@ define('ACCESS_TOKEN_SECRET', 'insert_your_access_token_secret_here'); $twitter = new TwitterOAuth(CONSUMER_KEY, CONSUMER_SECRET, ACCESS_TOKEN, ACCESS_TOKEN_SECRET); -$twitter->host = "http://search.twitter.com/"; +$twitter->host = "https://api.twitter.com/1.1/"; $search = $twitter->get('search', array('q' => 'search key word', 'rpp' => 15)); $twitter->host = "https://api.twitter.com/1.1/"; @@ -18,5 +18,3 @@ } echo "Success! Check your twitter bot for retweets!"; - -?> diff --git a/twitteroauth.php b/twitteroauth.php index 85a3382..3fb5052 100644 --- a/twitteroauth.php +++ b/twitteroauth.php @@ -1,28 +1,28 @@ http_status; } function lastAPICall() { return $this->last_api_call; } /** -* construct TwitterOAuth object -*/ + * construct TwitterOAuth object + */ function __construct($consumer_key, $consumer_secret, $oauth_token = NULL, $oauth_token_secret = NULL) { $this->sha1_method = new OAuthSignatureMethod_HMAC_SHA1(); $this->consumer = new OAuthConsumer($consumer_key, $consumer_secret); @@ -68,15 +68,13 @@ function __construct($consumer_key, $consumer_secret, $oauth_token = NULL, $oaut /** -* Get a request_token from Twitter -* -* @returns a key/value array containing oauth_token and oauth_token_secret -*/ - function getRequestToken($oauth_callback = NULL) { + * Get a request_token from Twitter + * + * @returns a key/value array containing oauth_token and oauth_token_secret + */ + function getRequestToken($oauth_callback) { $parameters = array(); - if (!empty($oauth_callback)) { - $parameters['oauth_callback'] = $oauth_callback; - } + $parameters['oauth_callback'] = $oauth_callback; $request = $this->oAuthRequest($this->requestTokenURL(), 'GET', $parameters); $token = OAuthUtil::parse_parameters($request); $this->token = new OAuthConsumer($token['oauth_token'], $token['oauth_token_secret']); @@ -84,10 +82,10 @@ function getRequestToken($oauth_callback = NULL) { } /** -* Get the authorize URL -* -* @returns a string -*/ + * Get the authorize URL + * + * @returns a string + */ function getAuthorizeURL($token, $sign_in_with_twitter = TRUE) { if (is_array($token)) { $token = $token['oauth_token']; @@ -100,19 +98,17 @@ function getAuthorizeURL($token, $sign_in_with_twitter = TRUE) { } /** -* Exchange request token and secret for an access token and -* secret, to sign API calls. -* -* @returns array("oauth_token" => "the-access-token", -* "oauth_token_secret" => "the-access-secret", -* "user_id" => "9436992", -* "screen_name" => "abraham") -*/ - function getAccessToken($oauth_verifier = FALSE) { + * Exchange request token and secret for an access token and + * secret, to sign API calls. + * + * @returns array("oauth_token" => "the-access-token", + * "oauth_token_secret" => "the-access-secret", + * "user_id" => "9436992", + * "screen_name" => "abraham") + */ + function getAccessToken($oauth_verifier) { $parameters = array(); - if (!empty($oauth_verifier)) { - $parameters['oauth_verifier'] = $oauth_verifier; - } + $parameters['oauth_verifier'] = $oauth_verifier; $request = $this->oAuthRequest($this->accessTokenURL(), 'GET', $parameters); $token = OAuthUtil::parse_parameters($request); $this->token = new OAuthConsumer($token['oauth_token'], $token['oauth_token_secret']); @@ -120,14 +116,14 @@ function getAccessToken($oauth_verifier = FALSE) { } /** -* One time exchange of username and password for access token and secret. -* -* @returns array("oauth_token" => "the-access-token", -* "oauth_token_secret" => "the-access-secret", -* "user_id" => "9436992", -* "screen_name" => "abraham", -* "x_auth_expires" => "0") -*/ + * One time exchange of username and password for access token and secret. + * + * @returns array("oauth_token" => "the-access-token", + * "oauth_token_secret" => "the-access-secret", + * "user_id" => "9436992", + * "screen_name" => "abraham", + * "x_auth_expires" => "0") + */ function getXAuthToken($username, $password) { $parameters = array(); $parameters['x_auth_username'] = $username; @@ -140,8 +136,8 @@ function getXAuthToken($username, $password) { } /** -* GET wrapper for oAuthRequest. -*/ + * GET wrapper for oAuthRequest. + */ function get($url, $parameters = array()) { $response = $this->oAuthRequest($url, 'GET', $parameters); if ($this->format === 'json' && $this->decode_json) { @@ -151,8 +147,8 @@ function get($url, $parameters = array()) { } /** -* POST wrapper for oAuthRequest. -*/ + * POST wrapper for oAuthRequest. + */ function post($url, $parameters = array()) { $response = $this->oAuthRequest($url, 'POST', $parameters); if ($this->format === 'json' && $this->decode_json) { @@ -162,8 +158,8 @@ function post($url, $parameters = array()) { } /** -* DELETE wrapper for oAuthReqeust. -*/ + * DELETE wrapper for oAuthReqeust. + */ function delete($url, $parameters = array()) { $response = $this->oAuthRequest($url, 'DELETE', $parameters); if ($this->format === 'json' && $this->decode_json) { @@ -173,8 +169,8 @@ function delete($url, $parameters = array()) { } /** -* Format and sign an OAuth / API request -*/ + * Format and sign an OAuth / API request + */ function oAuthRequest($url, $method, $parameters) { if (strrpos($url, 'https://') !== 0 && strrpos($url, 'http://') !== 0) { $url = "{$this->host}{$url}.{$this->format}"; @@ -190,10 +186,10 @@ function oAuthRequest($url, $method, $parameters) { } /** -* Make an HTTP request -* -* @return API results -*/ + * Make an HTTP request + * + * @return API results + */ function http($url, $method, $postfields = NULL) { $this->http_info = array(); $ci = curl_init(); @@ -231,8 +227,8 @@ function http($url, $method, $postfields = NULL) { } /** -* Get the header info to store. -*/ + * Get the header info to store. + */ function getHeader($ch, $header) { $i = strpos($header, ':'); if (!empty($i)) {