@@ -4,12 +4,26 @@ error_reporting(E_ALL); require_once dirname(__FILE__)."/../lib/fireeagle.php"; function main() { + //To enable the new OAuth protocol, change the line at the end of this + //comment block. This tells FireEagle to use new OAuth protocol. Beware that + //this requires that you set the $fe_callback also. By default, the + //FireEagle class will behave as per the old OAUTH protocol. For details of + //the new OAuth, see the developer documentation at + //https://fireeagle.yahoo.net/developer/documentation/web_auth + FireEagle::$FE_OAUTH_VERSION = OAUTH_VERSION_10; //Use OAUTH_VERSION_10A for + //new OAuth // hardcode your keys here $fe_key = 'INSERT CONSUMER KEY HERE'; $fe_secret = 'INSERT CONSUMER SECRET HERE'; // or put them in walkthru_config.php, if you don't want to change this file + + //For the new OAuth protocol, the URL registered at the Fire Eagle website + //for your web app will not work. Hardcode your application callback URL + //here. Don't forget to put '?f=callback' + $fe_callback = 'INSERT CALLBACK URL HERE'; //The string is ignored in old + //OAuth. $cfn = dirname(__FILE__)."/walkthru_config.php"; if (file_exists($cfn)) require_once($cfn); @@ -20,7 +34,7 @@ function main() { // get a request token + secret from FE and redirect to the authorization page // START step 1 $fe = new FireEagle($fe_key, $fe_secret); - $tok = $fe->getRequestToken(); + $tok = $fe->getRequestToken($fe_callback); if (!isset($tok['oauth_token']) || !is_string($tok['oauth_token']) || !isset($tok['oauth_token_secret']) @@ -44,16 +58,21 @@ function main() { echo "Token mismatch."; exit; } - + if ((FireEagle::$FE_OAUTH_VERSION == OAUTH_VERSION_10A) + && !isset($_GET['oauth_verifier'])) { + echo "OAuth protocol error. No verifier in response."; + exit; + } + $fe = new FireEagle($fe_key, $fe_secret, $_SESSION['request_token'], $_SESSION['request_secret']); - $tok = $fe->getAccessToken(); + $tok = $fe->getAccessToken($_GET['oauth_verifier']); if (!isset($tok['oauth_token']) || !is_string($tok['oauth_token']) || !isset($tok['oauth_token_secret']) || !is_string($tok['oauth_token_secret'])) { error_log("Bad token from FireEagle::getAccessToken(): ".var_export($tok, TRUE)); echo "ERROR! FireEagle::getAccessToken() returned an invalid response. Giving up."; exit; } - + $_SESSION['access_token'] = $tok['oauth_token']; $_SESSION['access_secret'] = $tok['oauth_token_secret']; $_SESSION['auth_state'] = "done"; @@ -136,4 +155,4 @@ function main() { main(); -?> \ No newline at end of file +?> example/walkthru.php @@ -100,10 +100,15 @@ class FireEagleException extends Exception { } } +/* The OAuth version that governs the OAuth dance */ +define("OAUTH_VERSION_10", 1); //The old version. +define("OAUTH_VERSION_10A", 2); //The new OAuth version 1.0 Rev A. + /** * FireEagle API access helper class. */ class FireEagle { + public static $FE_OAUTH_VERSION = OAUTH_VERSION_10; //Default to older version. public static $FE_ROOT = "http://fireeagle.yahoo.net"; public static $FE_API_ROOT = "https://fireeagle.yahooapis.com"; @@ -176,14 +181,27 @@ class FireEagle { * @returns a key/value pair array containing: oauth_token and * oauth_token_secret. */ - public function getRequestToken() { - $r = $this->oAuthRequest($this->requestTokenURL()); + public function getRequestToken($callback=NULL) { + $params = array(); + if (self::$FE_OAUTH_VERSION == OAUTH_VERSION_10A) { + if (empty($callback)) $callback = 'oob'; + $params['oauth_callback'] = $callback; + } + $r = $this->oAuthRequest($this->requestTokenURL(), $params); $token = $this->oAuthParseResponse($r); + if (self::$FE_OAUTH_VERSION == OAUTH_VERSION_10A) { + if (empty($token['oauth_callback_confirmed']) + || (strcmp($token['oauth_callback_confirmed'], 'true') != 0)) + throw new FireEagleException("Fire Eagle server is not talking the correct protocol", FireEagleException::REMOTE_ERROR); + } $this->token = new OAuthConsumer($token['oauth_token'], $token['oauth_token_secret']); // use this token from now on if (self::$FE_DUMP_REQUESTS) self::dump("Now the user is redirected to ".$this->getAuthorizeURL($token['oauth_token'])."\nOnce the user returns, via the callback URL for web authentication or manually for desktop authentication, we can get their access token and secret by calling /oauth/access_token.\n\n"); return $token; } - public function request_token() { return $this->getRequestToken(); } + + public function request_token($callback=NULL) { + return $this->getRequestToken($callback); + } /** * Get the URL to redirect to to authorize the user and validate a @@ -206,14 +224,20 @@ class FireEagle { * @returns array("oauth_token" => the access token, * "oauth_token_secret" => the access secret) */ - public function getAccessToken($token=NULL) { + public function getAccessToken($verifier=NULL) { $this->requireToken(); - $r = $this->oAuthRequest($this->accessTokenURL()); + $params = array(); + if (self::$FE_OAUTH_VERSION == OAUTH_VERSION_10A) { + if (empty($verifier)) + throw new FireEagleException("Access token verifier is empty", FireEagleException::REQUEST_FAILED); + $params['oauth_verifier'] = $verifier; + } + $r = $this->oAuthRequest($this->accessTokenURL(), $params); $token = $this->oAuthParseResponse($r); $this->token = new OAuthConsumer($token['oauth_token'], $token['oauth_token_secret']); // use this token from now on return $token; } - public function access_token() { return $this->getAccessToken(); } + public function access_token($verifier=NULL) { return $this->getAccessToken($verifier); } /** * Generic method call function. You can use this to get the raw lib/fireeagle.php d31c0a591d2fca543d685aacf1cb32722009be25 Arnab Nandi arnob.nandi@gmail.com http://github.com/myelin/fireeagle-php-lib/commit/1f2ea9d09e164ee58813be396d3cab66faf374ac 1f2ea9d09e164ee58813be396d3cab66faf374ac 2009-05-31T09:50:29-07:00 2009-05-31T09:50:29-07:00 Added capabilities for new OAuth dance. Default is still old one 38728e50f5767b3c0937f7b84aca08da712bd89f Arnab Nandi arnob.nandi@gmail.com