From 16ce7771add240266d8f73e8e137894e2184d240 Mon Sep 17 00:00:00 2001
From: Andjelko Horvat <comel@vingd.com>
Date: Wed, 4 May 2011 15:42:29 +0000
Subject: [PATCH] authtwitter: new exceptions and some cleaning.

git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@2827 44740490-163a-0410-bde0-09ae8108e29a
---
 .../authtwitter/lib/Auth/Source/Twitter.php   | 17 +++++------
 modules/authtwitter/www/linkback.php          | 30 +++++++++----------
 2 files changed, 23 insertions(+), 24 deletions(-)

diff --git a/modules/authtwitter/lib/Auth/Source/Twitter.php b/modules/authtwitter/lib/Auth/Source/Twitter.php
index 9f4c0fd50..0aa6397cd 100644
--- a/modules/authtwitter/lib/Auth/Source/Twitter.php
+++ b/modules/authtwitter/lib/Auth/Source/Twitter.php
@@ -54,7 +54,7 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source {
 
 
 	/**
-	 * Log-in using Facebook platform
+	 * Log-in using Twitter platform
 	 *
 	 * @param array &$state  Information about the current authentication.
 	 */
@@ -91,8 +91,6 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source {
 	public function finalStep(&$state) {
 		$requestToken = unserialize($state['requestToken']);
 		
-		#echo '<pre>'; print_r($requestToken); exit;
-		
 		$consumer = new sspmod_oauth_Consumer($this->key, $this->secret);
 		
 		SimpleSAML_Logger::debug("oauth: Using this request token [" . 
@@ -105,18 +103,19 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source {
 			
 		$userdata = $consumer->getUserInfo('https://api.twitter.com/account/verify_credentials.json', $accessToken);
 		
+		if (!isset($userdata['id_str']) || !isset($userdata['screen_name'])) {
+			throw new SimpleSAML_Error_AuthSource($this->authId, 'Authentication error: id_str and screen_name not set.');
+		}
+
 		$attributes = array();
 		foreach($userdata AS $key => $value) {
 			if (is_string($value))
 				$attributes['twitter.' . $key] = array((string)$value);
 		}
 		
-		if (array_key_exists('screen_name', $userdata) ) {
-			$attributes['twitter_at_screen_name'] = array('@' . $userdata['screen_name']);
-			$attributes['twitter_screen_n_realm'] = array($userdata['screen_name'] . '@twitter.com');
-		}
-		if (array_key_exists('id_str', $userdata) )
-			$attributes['twitter_targetedID'] = array('http://twitter.com!' . $userdata['id_str']);
+		$attributes['twitter_at_screen_name'] = array('@' . $userdata['screen_name']);
+		$attributes['twitter_screen_n_realm'] = array($userdata['screen_name'] . '@twitter.com');
+		$attributes['twitter_targetedID'] = array('http://twitter.com!' . $userdata['id_str']);
 			
 		$state['Attributes'] = $attributes;
 	}
diff --git a/modules/authtwitter/www/linkback.php b/modules/authtwitter/www/linkback.php
index 507c79ddb..99bd06662 100644
--- a/modules/authtwitter/www/linkback.php
+++ b/modules/authtwitter/www/linkback.php
@@ -3,40 +3,40 @@
 /**
  * Handle linkback() response from Twitter.
  */
-# sspmod_oauth_Consumer::dummy();
 
-// $config = SimpleSAML_Configuration::getInstance();
 $session = SimpleSAML_Session::getInstance();
  
 $oauthState = $session->getData('oauth', 'oauth');
 
-if (empty($oauthState)) throw new SimpleSAML_Error_Exception('Could not load oauthstate');
-if (empty($oauthState['stateid'])) throw new SimpleSAML_Error_Exception('Could not load oauthstate:stateid');
-
+if (!array_key_exists('stateid', $oauthState) || empty($oauthState['stateid'])) {
+	throw new SimpleSAML_Error_BadRequest('Could not load oauthstate:stateid');
+}
 $stateId = $oauthState['stateid'];
 
-// echo 'stateid is ' . $stateId;
-
 $state = SimpleSAML_Auth_State::loadState($stateId, sspmod_authtwitter_Auth_Source_Twitter::STAGE_INIT);
 $state['requestToken'] = $oauthState['requestToken'];
 
 /* Find authentication source. */
 if (!array_key_exists(sspmod_authtwitter_Auth_Source_Twitter::AUTHID, $state)) {
-	throw new SimpleSAML_Error_Exception('No data in state for ' . sspmod_authtwitter_Auth_Source_Twitter::AUTHID);
+	throw new SimpleSAML_Error_BadRequest('No data in state for ' . sspmod_authtwitter_Auth_Source_Twitter::AUTHID);
 }
 $sourceId = $state[sspmod_authtwitter_Auth_Source_Twitter::AUTHID];
 
 $source = SimpleSAML_Auth_Source::getById($sourceId);
 if ($source === NULL) {
-	throw new SimpleSAML_Error_Exception('Could not find authentication source with id ' . $sourceId);
+	throw new SimpleSAML_Error_BadRequest('Could not find authentication source with id ' . var_export($sourceId, TRUE));
 }
 
-if (array_key_exists('denied', $_REQUEST)) {
-	SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_UserAborted());
-}
-
-$config = SimpleSAML_Configuration::getInstance();
+try {
+	if (array_key_exists('denied', $_REQUEST)) {
+		throw new SimpleSAML_Error_UserAborted();
+	}
 
-$source->finalStep($state);
+	$source->finalStep($state);
+} catch (SimpleSAML_Error_Exception $e) {
+	SimpleSAML_Auth_State::throwException($state, $e);
+} catch (Exception $e) {
+	SimpleSAML_Auth_State::throwException($state, new SimpleSAML_Error_AuthSource($sourceId, 'Error on authtwitter linkback endpoint.', $e));
+}
 
 SimpleSAML_Auth_Source::completeAuth($state);
-- 
GitLab