From 5a5df09d7b8e3c17c011f1fdfd6b268421b5a2b9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Andreas=20=C3=85kre=20Solberg?= <andreas.solberg@uninett.no>
Date: Thu, 29 Oct 2009 07:53:56 +0000
Subject: [PATCH] Some fixes for the Twitter Authentication module using OAuth,
and added documentation as well
git-svn-id: https://simplesamlphp.googlecode.com/svn/trunk@1933 44740490-163a-0410-bde0-09ae8108e29a
---
modules/authtwitter/docs/oauthtwitter.txt | 35 +++++++++++++++++++
.../authtwitter/lib/Auth/Source/Twitter.php | 16 +++++++--
modules/authtwitter/www/linkback.php | 9 +++--
modules/oauth/lib/Consumer.php | 4 +--
modules/oauth/libextinc/OAuth.php | 3 ++
5 files changed, 61 insertions(+), 6 deletions(-)
create mode 100644 modules/authtwitter/docs/oauthtwitter.txt
diff --git a/modules/authtwitter/docs/oauthtwitter.txt b/modules/authtwitter/docs/oauthtwitter.txt
new file mode 100644
index 000000000..18d3bbe3a
--- /dev/null
+++ b/modules/authtwitter/docs/oauthtwitter.txt
@@ -0,0 +1,35 @@
+Using the Twitter authentication source with simpleSAMLphp
+==========================================================
+
+Remember to configure `authsources.php`, with both Consumer key and secret.
+
+To get an API key and a secret, register the application at:
+
+ * <http://twitter.com/oauth_clients>
+
+Set the callback URL to be:
+
+ * `http://sp.example.org/simplesaml/module.php/authtwitter/linkback.php`
+
+Replace `sp.example.org` with your hostname.
+
+## Testing authentication
+
+On the SimpleSAMLphp frontpage, go to the *Authentication* tab, and use the link:
+
+ * *Test configured authentication sources*
+
+Then choose the *twitter* authentication source.
+
+Expected behaviour would then be that you are sent to twitter, and asked to login:
+
+
+
+The first time a user uses your application to login, he/she is asked for consent:
+
+
+
+You will then be authenticated in SimpleSAMLphp and see an attribute set similar to this:
+
+
+
diff --git a/modules/authtwitter/lib/Auth/Source/Twitter.php b/modules/authtwitter/lib/Auth/Source/Twitter.php
index 998908241..d6211e5e6 100644
--- a/modules/authtwitter/lib/Auth/Source/Twitter.php
+++ b/modules/authtwitter/lib/Auth/Source/Twitter.php
@@ -1,5 +1,7 @@
<?php
+require_once(dirname(dirname(dirname(dirname(dirname(__FILE__))))) . '/oauth/libextinc/OAuth.php');
+
/**
* Authenticate using Twitter.
*
@@ -74,7 +76,7 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source {
$requestToken->key . "] with the secret [" . $requestToken->secret . "]");
$oauthState = array(
- 'requestToken' => $requestToken,
+ 'requestToken' => serialize($requestToken),
'stateid' => $stateID,
);
$session = SimpleSAML_Session::getInstance();
@@ -89,15 +91,25 @@ class sspmod_authtwitter_Auth_Source_Twitter extends SimpleSAML_Auth_Source {
public function finalStep(&$state) {
- $requestToken = $state['requestToken'];
+
+
+
+ $requestToken = unserialize($state['requestToken']);
+
+ #echo '<pre>'; print_r($requestToken); exit;
$consumer = new sspmod_oauth_Consumer($this->key, $this->secret);
+
+ SimpleSAML_Logger::debug("oauth: Using this request token [" .
+ $requestToken->key . "] with the secret [" . $requestToken->secret . "]");
// Replace the request token with an access token
$accessToken = $consumer->getAccessToken('http://twitter.com/oauth/access_token', $requestToken);
SimpleSAML_Logger::debug("Got an access token from the OAuth service provider [" .
$accessToken->key . "] with the secret [" . $accessToken->secret . "]");
+
+
$userdata = $consumer->getUserInfo('http://twitter.com/account/verify_credentials.json', $accessToken);
$attributes = array();
diff --git a/modules/authtwitter/www/linkback.php b/modules/authtwitter/www/linkback.php
index 277d54222..e8d7555ca 100644
--- a/modules/authtwitter/www/linkback.php
+++ b/modules/authtwitter/www/linkback.php
@@ -3,7 +3,7 @@
/**
* Handle linkback() response from Twitter.
*/
-sspmod_oauth_Consumer::dummy();
+# sspmod_oauth_Consumer::dummy();
// $config = SimpleSAML_Configuration::getInstance();
$session = SimpleSAML_Session::getInstance();
@@ -13,7 +13,6 @@ $oauthState = $session->getData('oauth', 'oauth');
if (empty($oauthState)) throw new Exception('Could not load oauthstate');
if (empty($oauthState['stateid'])) throw new Exception('Could not load oauthstate:stateid');
-
$stateId = $oauthState['stateid'];
// echo 'stateid is ' . $stateId;
@@ -21,6 +20,8 @@ $stateId = $oauthState['stateid'];
$state = SimpleSAML_Auth_State::loadState($stateId, sspmod_authtwitter_Auth_Source_Twitter::STAGE_INIT);
$state['requestToken'] = $oauthState['requestToken'];
+
+
/* Find authentication source. */
assert('array_key_exists(sspmod_authtwitter_Auth_Source_Twitter::AUTHID, $state)');
$sourceId = $state[sspmod_authtwitter_Auth_Source_Twitter::AUTHID];
@@ -30,10 +31,14 @@ if ($source === NULL) {
throw new Exception('Could not find authentication source with id ' . $sourceId);
}
+
+
$config = SimpleSAML_Configuration::getInstance();
$source->finalStep($state);
+
+
SimpleSAML_Auth_Source::completeAuth($state);
diff --git a/modules/oauth/lib/Consumer.php b/modules/oauth/lib/Consumer.php
index 764856b8e..6eb6e0737 100644
--- a/modules/oauth/lib/Consumer.php
+++ b/modules/oauth/lib/Consumer.php
@@ -60,13 +60,13 @@ class sspmod_oauth_Consumer {
$acc_req = OAuthRequest::from_consumer_and_token($this->consumer, $requestToken, "GET", $url, NULL);
$acc_req->sign_request($this->signer, $this->consumer, $requestToken);
-
+
$response_acc = file_get_contents($acc_req->to_url());
if ($response_acc === FALSE) {
throw new Exception('Error contacting request_token endpoint on the OAuth Provider');
}
- SimpleSAML_Logger::info(' ==== RESPONSE: '. $response_acc);
+ SimpleSAML_Logger::debug('oauth: Reponse to get access token: '. $response_acc);
parse_str($response_acc, $accessResponseParsed);
diff --git a/modules/oauth/libextinc/OAuth.php b/modules/oauth/libextinc/OAuth.php
index cb26ed767..c3dfb8646 100644
--- a/modules/oauth/libextinc/OAuth.php
+++ b/modules/oauth/libextinc/OAuth.php
@@ -326,6 +326,9 @@ class OAuthRequest {/*{{{*/
public function get_normalized_http_url() {/*{{{*/
$parts = parse_url($this->http_url);
+ if (!isset($parts['port'])) $parts['port'] = '80';
+ if (!isset($parts['path'])) $parts['part'] = '';
+
$port = @$parts['port'];
$scheme = $parts['scheme'];
$host = $parts['host'];
--
GitLab