4 * This file is (c) Copyright 2010 by Olivier BERGER, Madhumita DHAR, Institut TELECOM
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version 2
9 * of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 * This program has been developed in the frame of the COCLICO
21 * project with financial support of its funders.
25 // Access token endpoint
27 // This is not exactly using FusionForge, as is not meant for humans, and just an endpoint of the OAuth protocol.
29 require_once '../../env.inc.php';
30 require_once $gfwww.'include/pre.php';
31 //require_once 'checks.php';
32 /*if (!session_loggedin()) {
37 $oauthprovider_server = new OAuthServer(FFDbOAuthDataStore::singleton());
39 $hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
40 $oauthprovider_server->add_signature_method($hmac_method);
42 // Retrieves an access token in exchange from the request token provided
43 $req = OAuthRequest::from_request();
44 //print_r($req->get_parameters());
45 $verifier = $req->get_parameter('oauth_verifier');
47 $request_token_key = $req->get_parameter('oauth_token');
48 $request_token = OauthAuthzRequestToken::load_by_key($request_token_key);
49 //make sure the verification code received in the request is the same as was sent when authorizing the request token
50 $request_token->check_verifier($verifier);
52 $token = $oauthprovider_server->fetch_access_token($req);
54 // the default print method is exactly what must be returned
57 } catch (OAuthException $e) {
58 $code = $e->getCode();
62 header('HTTP/1.1 401 Unauthorized', 401);
65 header('HTTP/1.1 400 Bad Request', 400);
71 print($e->getMessage() . "\n<hr />\n");