1 | <?php
|
---|
2 |
|
---|
3 | /**
|
---|
4 | * Zend Framework
|
---|
5 | *
|
---|
6 | * LICENSE
|
---|
7 | *
|
---|
8 | * This source file is subject to the new BSD license that is bundled
|
---|
9 | * with this package in the file LICENSE.txt.
|
---|
10 | * It is also available through the world-wide-web at this URL:
|
---|
11 | * http://framework.zend.com/license/new-bsd
|
---|
12 | * If you did not receive a copy of the license and are unable to
|
---|
13 | * obtain it through the world-wide-web, please send an email
|
---|
14 | * to license@zend.com so we can send you a copy immediately.
|
---|
15 | *
|
---|
16 | * @category Zend
|
---|
17 | * @package Zend_Gdata
|
---|
18 | * @subpackage Gdata
|
---|
19 | * @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
|
---|
20 | * @license http://framework.zend.com/license/new-bsd New BSD License
|
---|
21 | */
|
---|
22 |
|
---|
23 | /**
|
---|
24 | * Zend_Gdata_HttpClient
|
---|
25 | */
|
---|
26 | require_once 'Zend/Gdata/HttpClient.php';
|
---|
27 |
|
---|
28 | /**
|
---|
29 | * Zend_Version
|
---|
30 | */
|
---|
31 | require_once 'Zend/Version.php';
|
---|
32 |
|
---|
33 | /**
|
---|
34 | * Wrapper around Zend_Http_Client to facilitate Google's "Account Authentication
|
---|
35 | * Proxy for Web-Based Applications".
|
---|
36 | *
|
---|
37 | * @see http://code.google.com/apis/accounts/AuthForWebApps.html
|
---|
38 | *
|
---|
39 | * @category Zend
|
---|
40 | * @package Zend_Gdata
|
---|
41 | * @subpackage Gdata
|
---|
42 | * @copyright Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com)
|
---|
43 | * @license http://framework.zend.com/license/new-bsd New BSD License
|
---|
44 | */
|
---|
45 | class Zend_Gdata_AuthSub
|
---|
46 | {
|
---|
47 |
|
---|
48 | const AUTHSUB_REQUEST_URI = 'https://www.google.com/accounts/AuthSubRequest';
|
---|
49 |
|
---|
50 | const AUTHSUB_SESSION_TOKEN_URI = 'https://www.google.com/accounts/AuthSubSessionToken';
|
---|
51 |
|
---|
52 | const AUTHSUB_REVOKE_TOKEN_URI = 'https://www.google.com/accounts/AuthSubRevokeToken';
|
---|
53 |
|
---|
54 | const AUTHSUB_TOKEN_INFO_URI = 'https://www.google.com/accounts/AuthSubTokenInfo';
|
---|
55 |
|
---|
56 | /**
|
---|
57 | * Creates a URI to request a single-use AuthSub token.
|
---|
58 | *
|
---|
59 | * @param string $next (required) URL identifying the service to be
|
---|
60 | * accessed.
|
---|
61 | * The resulting token will enable access to the specified service only.
|
---|
62 | * Some services may limit scope further, such as read-only access.
|
---|
63 | * @param string $scope (required) URL identifying the service to be
|
---|
64 | * accessed. The resulting token will enable
|
---|
65 | * access to the specified service only.
|
---|
66 | * Some services may limit scope further, such
|
---|
67 | * as read-only access.
|
---|
68 | * @param int $secure (optional) Boolean flag indicating whether the
|
---|
69 | * authentication transaction should issue a secure
|
---|
70 | * token (1) or a non-secure token (0). Secure tokens
|
---|
71 | * are available to registered applications only.
|
---|
72 | * @param int $session (optional) Boolean flag indicating whether
|
---|
73 | * the one-time-use token may be exchanged for
|
---|
74 | * a session token (1) or not (0).
|
---|
75 | * @param string $request_uri (optional) URI to which to direct the
|
---|
76 | * authentication request.
|
---|
77 | */
|
---|
78 | public static function getAuthSubTokenUri($next, $scope, $secure=0, $session=0,
|
---|
79 | $request_uri = self::AUTHSUB_REQUEST_URI)
|
---|
80 | {
|
---|
81 | $querystring = '?next=' . urlencode($next)
|
---|
82 | . '&scope=' . urldecode($scope)
|
---|
83 | . '&secure=' . urlencode($secure)
|
---|
84 | . '&session=' . urlencode($session);
|
---|
85 | return $request_uri . $querystring;
|
---|
86 | }
|
---|
87 |
|
---|
88 |
|
---|
89 | /**
|
---|
90 | * Upgrades a single use token to a session token
|
---|
91 | *
|
---|
92 | * @param string $token The single use token which is to be upgraded
|
---|
93 | * @param Zend_Http_Client $client (optional) HTTP client to use to
|
---|
94 | * make the request
|
---|
95 | * @param string $request_uri (optional) URI to which to direct
|
---|
96 | * the session token upgrade
|
---|
97 | * @return string The upgraded token value
|
---|
98 | * @throws Zend_Gdata_App_AuthException
|
---|
99 | * @throws Zend_Gdata_App_HttpException
|
---|
100 | */
|
---|
101 | public static function getAuthSubSessionToken(
|
---|
102 | $token, $client = null,
|
---|
103 | $request_uri = self::AUTHSUB_SESSION_TOKEN_URI)
|
---|
104 | {
|
---|
105 | $client = self::getHttpClient($token, $client);
|
---|
106 |
|
---|
107 | if ($client instanceof Zend_Gdata_HttpClient) {
|
---|
108 | $filterResult = $client->filterHttpRequest('GET', $request_uri);
|
---|
109 | $url = $filterResult['url'];
|
---|
110 | $headers = $filterResult['headers'];
|
---|
111 | $client->setHeaders($headers);
|
---|
112 | $client->setUri($url);
|
---|
113 | } else {
|
---|
114 | $client->setUri($request_uri);
|
---|
115 | }
|
---|
116 |
|
---|
117 | try {
|
---|
118 | $response = $client->request('GET');
|
---|
119 | } catch (Zend_Http_Client_Exception $e) {
|
---|
120 | require_once 'Zend/Gdata/App/HttpException.php';
|
---|
121 | throw new Zend_Gdata_App_HttpException($e->getMessage(), $e);
|
---|
122 | }
|
---|
123 |
|
---|
124 | // Parse Google's response
|
---|
125 | if ($response->isSuccessful()) {
|
---|
126 | $goog_resp = array();
|
---|
127 | foreach (explode("\n", $response->getBody()) as $l) {
|
---|
128 | $l = chop($l);
|
---|
129 | if ($l) {
|
---|
130 | list($key, $val) = explode('=', chop($l), 2);
|
---|
131 | $goog_resp[$key] = $val;
|
---|
132 | }
|
---|
133 | }
|
---|
134 | return $goog_resp['Token'];
|
---|
135 | } else {
|
---|
136 | require_once 'Zend/Gdata/App/AuthException.php';
|
---|
137 | throw new Zend_Gdata_App_AuthException(
|
---|
138 | 'Token upgrade failed. Reason: ' . $response->getBody());
|
---|
139 | }
|
---|
140 | }
|
---|
141 |
|
---|
142 | /**
|
---|
143 | * Revoke a token
|
---|
144 | *
|
---|
145 | * @param string $token The token to revoke
|
---|
146 | * @param Zend_Http_Client $client (optional) HTTP client to use to make the request
|
---|
147 | * @param string $request_uri (optional) URI to which to direct the revokation request
|
---|
148 | * @return boolean Whether the revokation was successful
|
---|
149 | * @throws Zend_Gdata_App_HttpException
|
---|
150 | */
|
---|
151 | public static function AuthSubRevokeToken($token, $client = null,
|
---|
152 | $request_uri = self::AUTHSUB_REVOKE_TOKEN_URI)
|
---|
153 | {
|
---|
154 | $client = self::getHttpClient($token, $client);
|
---|
155 |
|
---|
156 | if ($client instanceof Zend_Gdata_HttpClient) {
|
---|
157 | $filterResult = $client->filterHttpRequest('GET', $request_uri);
|
---|
158 | $url = $filterResult['url'];
|
---|
159 | $headers = $filterResult['headers'];
|
---|
160 | $client->setHeaders($headers);
|
---|
161 | $client->setUri($url);
|
---|
162 | $client->resetParameters();
|
---|
163 | } else {
|
---|
164 | $client->setUri($request_uri);
|
---|
165 | }
|
---|
166 |
|
---|
167 | ob_start();
|
---|
168 | try {
|
---|
169 | $response = $client->request('GET');
|
---|
170 | } catch (Zend_Http_Client_Exception $e) {
|
---|
171 | require_once 'Zend/Gdata/App/HttpException.php';
|
---|
172 | throw new Zend_Gdata_App_HttpException($e->getMessage(), $e);
|
---|
173 | }
|
---|
174 | ob_end_clean();
|
---|
175 | // Parse Google's response
|
---|
176 | if ($response->isSuccessful()) {
|
---|
177 | return true;
|
---|
178 | } else {
|
---|
179 | return false;
|
---|
180 | }
|
---|
181 | }
|
---|
182 |
|
---|
183 |
|
---|
184 | /**
|
---|
185 | * get token information
|
---|
186 | *
|
---|
187 | * @param string $token The token to retrieve information about
|
---|
188 | * @param Zend_Http_Client $client (optional) HTTP client to use to
|
---|
189 | * make the request
|
---|
190 | * @param string $request_uri (optional) URI to which to direct
|
---|
191 | * the information request
|
---|
192 | */
|
---|
193 | public static function getAuthSubTokenInfo(
|
---|
194 | $token, $client = null, $request_uri = self::AUTHSUB_TOKEN_INFO_URI)
|
---|
195 | {
|
---|
196 | $client = self::getHttpClient($token, $client);
|
---|
197 |
|
---|
198 | if ($client instanceof Zend_Gdata_HttpClient) {
|
---|
199 | $filterResult = $client->filterHttpRequest('GET', $request_uri);
|
---|
200 | $url = $filterResult['url'];
|
---|
201 | $headers = $filterResult['headers'];
|
---|
202 | $client->setHeaders($headers);
|
---|
203 | $client->setUri($url);
|
---|
204 | } else {
|
---|
205 | $client->setUri($request_uri);
|
---|
206 | }
|
---|
207 |
|
---|
208 | ob_start();
|
---|
209 | try {
|
---|
210 | $response = $client->request('GET');
|
---|
211 | } catch (Zend_Http_Client_Exception $e) {
|
---|
212 | require_once 'Zend/Gdata/App/HttpException.php';
|
---|
213 | throw new Zend_Gdata_App_HttpException($e->getMessage(), $e);
|
---|
214 | }
|
---|
215 | ob_end_clean();
|
---|
216 | return $response->getBody();
|
---|
217 | }
|
---|
218 |
|
---|
219 | /**
|
---|
220 | * Retrieve a HTTP client object with AuthSub credentials attached
|
---|
221 | * as the Authorization header
|
---|
222 | *
|
---|
223 | * @param string $token The token to retrieve information about
|
---|
224 | * @param Zend_Gdata_HttpClient $client (optional) HTTP client to use to make the request
|
---|
225 | */
|
---|
226 | public static function getHttpClient($token, $client = null)
|
---|
227 | {
|
---|
228 | if ($client == null) {
|
---|
229 | $client = new Zend_Gdata_HttpClient();
|
---|
230 | }
|
---|
231 | if (!$client instanceof Zend_Http_Client) {
|
---|
232 | require_once 'Zend/Gdata/App/HttpException.php';
|
---|
233 | throw new Zend_Gdata_App_HttpException('Client is not an instance of Zend_Http_Client.');
|
---|
234 | }
|
---|
235 | $useragent = 'Zend_Framework_Gdata/' . Zend_Version::VERSION;
|
---|
236 | $client->setConfig(array(
|
---|
237 | 'strictredirects' => true,
|
---|
238 | 'useragent' => $useragent
|
---|
239 | )
|
---|
240 | );
|
---|
241 | $client->setAuthSubToken($token);
|
---|
242 | return $client;
|
---|
243 | }
|
---|
244 |
|
---|
245 | }
|
---|