| Index: trunk/extensions/TweetANew/lib/tmhOAuth.php |
| — | — | @@ -7,12 +7,12 @@ |
| 8 | 8 | * REST requests. OAuth authentication is sent using the an Authorization Header. |
| 9 | 9 | * |
| 10 | 10 | * @author themattharris |
| 11 | | - * @version 0.57 |
| | 11 | + * @version 0.60 |
| 12 | 12 | * |
| 13 | | - * 11 December 2011 |
| | 13 | + * 29 December 2011 |
| 14 | 14 | */ |
| 15 | 15 | class tmhOAuth { |
| 16 | | - const VERSION = 0.57; |
| | 16 | + const VERSION = 0.60; |
| 17 | 17 | |
| 18 | 18 | /** |
| 19 | 19 | * Creates a new tmhOAuth object |
| — | — | @@ -28,27 +28,40 @@ |
| 29 | 29 | // default configuration options |
| 30 | 30 | $this->config = array_merge( |
| 31 | 31 | array( |
| 32 | | - 'user_agent' => 'tmhOAuth ' . self::VERSION . ' - //github.com/themattharris/tmhOAuth', |
| | 32 | + // leave 'user_agent' blank for default, otherwise set this to |
| | 33 | + // something that clearly identifies your app |
| | 34 | + 'user_agent' => '', |
| | 35 | + |
| | 36 | + 'use_ssl' => true, |
| | 37 | + 'host' => 'api.twitter.com', |
| | 38 | + |
| 33 | 39 | 'consumer_key' => '', |
| 34 | 40 | 'consumer_secret' => '', |
| 35 | 41 | 'user_token' => '', |
| 36 | 42 | 'user_secret' => '', |
| 37 | | - 'use_ssl' => true, |
| 38 | | - 'host' => 'api.twitter.com', |
| 39 | | - 'debug' => false, |
| 40 | 43 | 'force_nonce' => false, |
| 41 | 44 | 'nonce' => false, // used for checking signatures. leave as false for auto |
| 42 | 45 | 'force_timestamp' => false, |
| 43 | 46 | 'timestamp' => false, // used for checking signatures. leave as false for auto |
| | 47 | + |
| | 48 | + // oauth signing variables that are not dynamic |
| 44 | 49 | 'oauth_version' => '1.0', |
| | 50 | + 'oauth_signature_method' => 'HMAC-SHA1', |
| 45 | 51 | |
| 46 | 52 | // you probably don't want to change any of these curl values |
| 47 | 53 | 'curl_connecttimeout' => 30, |
| 48 | 54 | 'curl_timeout' => 10, |
| 49 | | - // for security you may want to set this to TRUE. If you do you need |
| 50 | | - // to install the servers certificate in your local certificate store. |
| 51 | | - 'curl_ssl_verifypeer' => false, |
| | 55 | + |
| | 56 | + // for security these should always be set to true. |
| | 57 | + 'curl_ssl_verifyhost' => true, |
| | 58 | + 'curl_ssl_verifypeer' => true, |
| | 59 | + |
| | 60 | + // you can get the latest cacert.pem from here http://curl.haxx.se/ca/cacert.pem |
| | 61 | + 'curl_cainfo' => dirname(__FILE__) . '/cacert.pem', |
| | 62 | + 'curl_capath' => dirname(__FILE__), |
| | 63 | + |
| 52 | 64 | 'curl_followlocation' => false, // whether to follow redirects or not |
| | 65 | + |
| 53 | 66 | // support for proxy servers |
| 54 | 67 | 'curl_proxy' => false, // really you don't want to use this if you are using streaming |
| 55 | 68 | 'curl_proxyuserpwd' => false, // format username:password for proxy, if required |
| — | — | @@ -59,15 +72,30 @@ |
| 60 | 73 | 'streaming_eol' => "\r\n", |
| 61 | 74 | 'streaming_metrics_interval' => 60, |
| 62 | 75 | |
| 63 | | - // header or querystring. You should always use header |
| 64 | | - // this is just to help me debug other developers |
| 65 | | - // implementations |
| | 76 | + // header or querystring. You should always use header! |
| | 77 | + // this is just to help me debug other developers implementations |
| 66 | 78 | 'as_header' => true, |
| | 79 | + 'debug' => false, |
| 67 | 80 | ), |
| 68 | 81 | $config |
| 69 | 82 | ); |
| | 83 | + $this->set_user_agent(); |
| 70 | 84 | } |
| 71 | 85 | |
| | 86 | + function set_user_agent() { |
| | 87 | + if (!empty($this->config['user_agent'])) |
| | 88 | + return; |
| | 89 | + |
| | 90 | + if ($this->config['curl_ssl_verifyhost'] && $this->config['curl_ssl_verifypeer']) { |
| | 91 | + $ssl = '+SSL'; |
| | 92 | + } else { |
| | 93 | + $ssl = '-SSL'; |
| | 94 | + } |
| | 95 | + |
| | 96 | + $ua = 'tmhOAuth ' . self::VERSION . $ssl . ' - //github.com/themattharris/tmhOAuth'; |
| | 97 | + $this->config['user_agent'] = $ua; |
| | 98 | + } |
| | 99 | + |
| 72 | 100 | /** |
| 73 | 101 | * Generates a random OAuth nonce. |
| 74 | 102 | * If 'force_nonce' is true a nonce is not generated and the value in the configuration will be retained. |
| — | — | @@ -83,7 +111,7 @@ |
| 84 | 112 | shuffle($sequence); |
| 85 | 113 | |
| 86 | 114 | $prefix = $include_time ? microtime() : ''; |
| 87 | | - $this->config['nonce'] = md5(substr($prefix . implode($sequence), 0, $length)); |
| | 115 | + $this->config['nonce'] = md5(substr($prefix . implode('', $sequence), 0, $length)); |
| 88 | 116 | } |
| 89 | 117 | } |
| 90 | 118 | |
| — | — | @@ -146,7 +174,7 @@ |
| 147 | 175 | 'oauth_nonce' => $this->config['nonce'], |
| 148 | 176 | 'oauth_timestamp' => $this->config['timestamp'], |
| 149 | 177 | 'oauth_consumer_key' => $this->config['consumer_key'], |
| 150 | | - 'oauth_signature_method' => 'HMAC-SHA1', |
| | 178 | + 'oauth_signature_method' => $this->config['oauth_signature_method'], |
| 151 | 179 | ); |
| 152 | 180 | |
| 153 | 181 | // include the user token if it exists |
| — | — | @@ -261,6 +289,11 @@ |
| 262 | 290 | unset($_signing_params['oauth_callback']); |
| 263 | 291 | } |
| 264 | 292 | |
| | 293 | + if (isset($_signing_params['oauth_verifier'])) { |
| | 294 | + $this->auth_params['oauth_verifier'] = $_signing_params['oauth_verifier']; |
| | 295 | + unset($_signing_params['oauth_verifier']); |
| | 296 | + } |
| | 297 | + |
| 265 | 298 | // request_params is already set if we're doing multipart, if not we need to set them now |
| 266 | 299 | if ( ! $this->config['multipart']) |
| 267 | 300 | $this->request_params = array_diff_key($_signing_params, $this->get_defaults()); |
| — | — | @@ -535,18 +568,26 @@ |
| 536 | 569 | CURLOPT_USERAGENT => $this->config['user_agent'], |
| 537 | 570 | CURLOPT_CONNECTTIMEOUT => $this->config['curl_connecttimeout'], |
| 538 | 571 | CURLOPT_TIMEOUT => $this->config['curl_timeout'], |
| 539 | | - CURLOPT_RETURNTRANSFER => TRUE, |
| | 572 | + CURLOPT_RETURNTRANSFER => true, |
| 540 | 573 | CURLOPT_SSL_VERIFYPEER => $this->config['curl_ssl_verifypeer'], |
| | 574 | + CURLOPT_SSL_VERIFYHOST => $this->config['curl_ssl_verifyhost'], |
| | 575 | + |
| 541 | 576 | CURLOPT_FOLLOWLOCATION => $this->config['curl_followlocation'], |
| 542 | 577 | CURLOPT_PROXY => $this->config['curl_proxy'], |
| 543 | 578 | CURLOPT_ENCODING => $this->config['curl_encoding'], |
| 544 | 579 | CURLOPT_URL => $this->url, |
| 545 | 580 | // process the headers |
| 546 | 581 | CURLOPT_HEADERFUNCTION => array($this, 'curlHeader'), |
| 547 | | - CURLOPT_HEADER => FALSE, |
| | 582 | + CURLOPT_HEADER => false, |
| 548 | 583 | CURLINFO_HEADER_OUT => true, |
| 549 | 584 | )); |
| 550 | 585 | |
| | 586 | + if ($this->config['curl_cainfo'] !== false) |
| | 587 | + curl_setopt($c, CURLOPT_CAINFO, $this->config['curl_cainfo']); |
| | 588 | + |
| | 589 | + if ($this->config['curl_capath'] !== false) |
| | 590 | + curl_setopt($c, CURLOPT_CAPATH, $this->config['curl_capath']); |
| | 591 | + |
| 551 | 592 | if ($this->config['curl_proxyuserpwd'] !== false) |
| 552 | 593 | curl_setopt($c, CURLOPT_PROXYUSERPWD, $this->config['curl_proxyuserpwd']); |
| 553 | 594 | |
| — | — | @@ -561,7 +602,7 @@ |
| 562 | 603 | case 'GET': |
| 563 | 604 | break; |
| 564 | 605 | case 'POST': |
| 565 | | - curl_setopt($c, CURLOPT_POST, TRUE); |
| | 606 | + curl_setopt($c, CURLOPT_POST, true); |
| 566 | 607 | break; |
| 567 | 608 | default: |
| 568 | 609 | curl_setopt($c, CURLOPT_CUSTOMREQUEST, $this->method); |
| — | — | @@ -599,12 +640,16 @@ |
| 600 | 641 | $response = curl_exec($c); |
| 601 | 642 | $code = curl_getinfo($c, CURLINFO_HTTP_CODE); |
| 602 | 643 | $info = curl_getinfo($c); |
| | 644 | + $error = curl_error($c); |
| | 645 | + $errno = curl_errno($c); |
| 603 | 646 | curl_close($c); |
| 604 | 647 | |
| 605 | 648 | // store the response |
| 606 | 649 | $this->response['code'] = $code; |
| 607 | 650 | $this->response['response'] = $response; |
| 608 | 651 | $this->response['info'] = $info; |
| | 652 | + $this->response['error'] = $error; |
| | 653 | + $this->response['errno'] = $errno; |
| 609 | 654 | return $code; |
| 610 | 655 | } |
| 611 | 656 | } |