From a8cd9fbb86a666829fe67ed87491244d7cdaf7ff Mon Sep 17 00:00:00 2001 From: tlshaheen Date: Wed, 9 Jul 2014 08:25:26 -0400 Subject: [PATCH 1/9] Don't throw exception if access token is in JSON If params are passed as JSON (instead of array), check and see if the access token is part of the JSON. If it is, do not throw the "You need to give parameters as array if you want to give the token within the URI" exception. --- src/OAuth2/Client.php | 17 +++++++++++++---- 1 file changed, 13 insertions(+), 4 deletions(-) diff --git a/src/OAuth2/Client.php b/src/OAuth2/Client.php index 698739f..a74fdaf 100644 --- a/src/OAuth2/Client.php +++ b/src/OAuth2/Client.php @@ -320,10 +320,19 @@ public function fetch($protected_resource_url, $parameters = array(), $http_meth if (is_array($parameters)) { $parameters[$this->access_token_param_name] = $this->access_token; } else { - throw new InvalidArgumentException( - 'You need to give parameters as array if you want to give the token within the URI.', - InvalidArgumentException::REQUIRE_PARAMS_AS_ARRAY - ); + $throwexception = true; + + $testparams = json_decode($parameters, true); + if (array_key_exists($this->access_token_param_name, $testparams)) { + $throwexception = false; + } + + if ($throwexception) { + throw new InvalidArgumentException( + 'You need to give parameters as array if you want to give the token within the URI.', + InvalidArgumentException::REQUIRE_PARAMS_AS_ARRAY + ); + } } break; case self::ACCESS_TOKEN_BEARER: From 7232f413930b8c8ae7005f71f862eed33e8e40a2 Mon Sep 17 00:00:00 2001 From: tlshaheen Date: Wed, 9 Jul 2014 08:30:12 -0400 Subject: [PATCH 2/9] Formatting fix --- src/OAuth2/Client.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/OAuth2/Client.php b/src/OAuth2/Client.php index a74fdaf..8b320cd 100644 --- a/src/OAuth2/Client.php +++ b/src/OAuth2/Client.php @@ -332,7 +332,7 @@ public function fetch($protected_resource_url, $parameters = array(), $http_meth 'You need to give parameters as array if you want to give the token within the URI.', InvalidArgumentException::REQUIRE_PARAMS_AS_ARRAY ); - } + } } break; case self::ACCESS_TOKEN_BEARER: From d4bcffbdb0de7238115054ad2d58fe052c17fdf3 Mon Sep 17 00:00:00 2001 From: tlshaheen Date: Tue, 15 Jul 2014 08:48:33 -0400 Subject: [PATCH 3/9] Return response headers with fetch() Issue #30 doesn't appear to have been merged. In addition, the http_parse_headers function here is a better implementation of parsing the headers - it accounts for a number of things that could be different about the headers. --- src/OAuth2/Client.php | 55 ++++++++++++++++++++++++++++++++++++++----- 1 file changed, 49 insertions(+), 6 deletions(-) diff --git a/src/OAuth2/Client.php b/src/OAuth2/Client.php index 8b320cd..280bed0 100644 --- a/src/OAuth2/Client.php +++ b/src/OAuth2/Client.php @@ -26,6 +26,39 @@ */ namespace OAuth2; +//http://php.net/manual/en/function.http-parse-headers.php#112986 +if (!function_exists('http_parse_headers')) { + function http_parse_headers($raw_headers) { + $headers = array(); + $key = ''; + + foreach(explode("\n", $raw_headers) as $i => $h) { + $h = explode(':', $h, 2); + + if (isset($h[1])) { + if (!isset($headers[$h[0]])) + $headers[$h[0]] = trim($h[1]); + elseif (is_array($headers[$h[0]])) { + $headers[$h[0]] = array_merge($headers[$h[0]], array(trim($h[1]))); + } + else { + $headers[$h[0]] = array_merge(array($headers[$h[0]]), array(trim($h[1]))); + } + + $key = $h[0]; + } + else { + if (substr($h[0], 0, 1) == "\t") + $headers[$key] .= "\r\n\t".trim($h[0]); + elseif (!$key) + $headers[0] = trim($h[0]); + } + } + + return $headers; + } +} + class Client { /** @@ -323,9 +356,9 @@ public function fetch($protected_resource_url, $parameters = array(), $http_meth $throwexception = true; $testparams = json_decode($parameters, true); - if (array_key_exists($this->access_token_param_name, $testparams)) { - $throwexception = false; - } + if (array_key_exists($this->access_token_param_name, $testparams)) { + $throwexception = false; + } if ($throwexception) { throw new InvalidArgumentException( @@ -404,6 +437,7 @@ private function executeRequest($url, $parameters = array(), $http_method = self $curl_options = array( CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => true, + CURLOPT_HEADER => true, CURLOPT_CUSTOMREQUEST => $http_method ); @@ -464,20 +498,29 @@ private function executeRequest($url, $parameters = array(), $http_method = self if (!empty($this->curl_options)) { curl_setopt_array($ch, $this->curl_options); } + $result = curl_exec($ch); + + //Split result into body and headers + list($headers, $body) = explode("\r\n\r\n", $result, 2); + + //Parse headers to return + $headers = http_parse_headers($headers); + $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE); if ($curl_error = curl_error($ch)) { throw new Exception($curl_error, Exception::CURL_ERROR); } else { - $json_decode = json_decode($result, true); + $json_decode = json_decode($body, true); } curl_close($ch); return array( - 'result' => (null === $json_decode) ? $result : $json_decode, + 'result' => (null === $json_decode) ? $body : $json_decode, 'code' => $http_code, - 'content_type' => $content_type + 'content_type' => $content_type, + 'headers' => $headers ); } From 5719484cda39d2ddbecc5c26d94c6dc6c2d55c42 Mon Sep 17 00:00:00 2001 From: tlshaheen Date: Tue, 15 Jul 2014 08:55:03 -0400 Subject: [PATCH 4/9] Remove previous "headers" commit from this pull request --- src/OAuth2/Client.php | 55 +++++-------------------------------------- 1 file changed, 6 insertions(+), 49 deletions(-) diff --git a/src/OAuth2/Client.php b/src/OAuth2/Client.php index 280bed0..8b320cd 100644 --- a/src/OAuth2/Client.php +++ b/src/OAuth2/Client.php @@ -26,39 +26,6 @@ */ namespace OAuth2; -//http://php.net/manual/en/function.http-parse-headers.php#112986 -if (!function_exists('http_parse_headers')) { - function http_parse_headers($raw_headers) { - $headers = array(); - $key = ''; - - foreach(explode("\n", $raw_headers) as $i => $h) { - $h = explode(':', $h, 2); - - if (isset($h[1])) { - if (!isset($headers[$h[0]])) - $headers[$h[0]] = trim($h[1]); - elseif (is_array($headers[$h[0]])) { - $headers[$h[0]] = array_merge($headers[$h[0]], array(trim($h[1]))); - } - else { - $headers[$h[0]] = array_merge(array($headers[$h[0]]), array(trim($h[1]))); - } - - $key = $h[0]; - } - else { - if (substr($h[0], 0, 1) == "\t") - $headers[$key] .= "\r\n\t".trim($h[0]); - elseif (!$key) - $headers[0] = trim($h[0]); - } - } - - return $headers; - } -} - class Client { /** @@ -356,9 +323,9 @@ public function fetch($protected_resource_url, $parameters = array(), $http_meth $throwexception = true; $testparams = json_decode($parameters, true); - if (array_key_exists($this->access_token_param_name, $testparams)) { - $throwexception = false; - } + if (array_key_exists($this->access_token_param_name, $testparams)) { + $throwexception = false; + } if ($throwexception) { throw new InvalidArgumentException( @@ -437,7 +404,6 @@ private function executeRequest($url, $parameters = array(), $http_method = self $curl_options = array( CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => true, - CURLOPT_HEADER => true, CURLOPT_CUSTOMREQUEST => $http_method ); @@ -498,29 +464,20 @@ private function executeRequest($url, $parameters = array(), $http_method = self if (!empty($this->curl_options)) { curl_setopt_array($ch, $this->curl_options); } - $result = curl_exec($ch); - - //Split result into body and headers - list($headers, $body) = explode("\r\n\r\n", $result, 2); - - //Parse headers to return - $headers = http_parse_headers($headers); - $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE); if ($curl_error = curl_error($ch)) { throw new Exception($curl_error, Exception::CURL_ERROR); } else { - $json_decode = json_decode($body, true); + $json_decode = json_decode($result, true); } curl_close($ch); return array( - 'result' => (null === $json_decode) ? $body : $json_decode, + 'result' => (null === $json_decode) ? $result : $json_decode, 'code' => $http_code, - 'content_type' => $content_type, - 'headers' => $headers + 'content_type' => $content_type ); } From e21c6d608a0860e7c3ae31ddb30dd99670778303 Mon Sep 17 00:00:00 2001 From: Luke Shaheen Date: Tue, 19 Jul 2016 16:45:47 -0400 Subject: [PATCH 5/9] Update name, description, authors --- composer.json | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/composer.json b/composer.json index 80cbc9d..e54d049 100644 --- a/composer.json +++ b/composer.json @@ -1,6 +1,6 @@ { - "name": "adoy/oauth2", - "description": "Light PHP wrapper for the OAuth 2.0 protocol (based on OAuth 2.0 Authorization Protocol draft-ietf-oauth-v2-15)", + "name": "tlshaheen/oauth2", + "description": "Light PHP wrapper for the OAuth 2.0 protocol (based on OAuth 2.0 Authorization Protocol draft-ietf-oauth-v2-15). Original source at adoy/oauth2", "license": "LGPL-2.1", "authors": [ { @@ -10,6 +10,10 @@ { "name": "Berejeb Anis", "email": "anis.berejeb@gmail.com" + }, + { + "name": "Luke Shaheen", + "email": "tshaheen07@hotmail.com" } ], "require": { From 22b138141080bb2ede99c2eadad26be10d362ed4 Mon Sep 17 00:00:00 2001 From: Luke Shaheen Date: Wed, 27 Jul 2016 10:28:19 -0400 Subject: [PATCH 6/9] Return headers --- src/OAuth2/Client.php | 50 +++++++++++++++++++++++++++++++++++++++---- 1 file changed, 46 insertions(+), 4 deletions(-) diff --git a/src/OAuth2/Client.php b/src/OAuth2/Client.php index 173cafd..9ae2634 100644 --- a/src/OAuth2/Client.php +++ b/src/OAuth2/Client.php @@ -415,7 +415,8 @@ private function executeRequest($url, $parameters = array(), $http_method = self $curl_options = array( CURLOPT_RETURNTRANSFER => true, CURLOPT_SSL_VERIFYPEER => true, - CURLOPT_CUSTOMREQUEST => $http_method + CURLOPT_CUSTOMREQUEST => $http_method, + CURLOPT_HEADER => true, ); switch($http_method) { @@ -478,17 +479,25 @@ private function executeRequest($url, $parameters = array(), $http_method = self $result = curl_exec($ch); $http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $content_type = curl_getinfo($ch, CURLINFO_CONTENT_TYPE); + + //Split result into body and headers + list($headers, $body) = explode("\r\n\r\n", $result, 2); + + //Parse headers to return + $headers = http_parse_headers($headers); + if ($curl_error = curl_error($ch)) { throw new Exception($curl_error, Exception::CURL_ERROR); } else { - $json_decode = json_decode($result, true); + $json_decode = json_decode($body, true); } curl_close($ch); return array( - 'result' => (null === $json_decode) ? $result : $json_decode, + 'result' => (null === $json_decode) ? $body : $json_decode, 'code' => $http_code, - 'content_type' => $content_type + 'content_type' => $content_type, + 'headers' => $headers, ); } @@ -533,3 +542,36 @@ class InvalidArgumentException extends \InvalidArgumentException const REQUIRE_PARAMS_AS_ARRAY = 0x03; const MISSING_PARAMETER = 0x04; } + +//http://php.net/manual/en/function.http-parse-headers.php#112986 +if (!function_exists('http_parse_headers')) { + function http_parse_headers($raw_headers) { + $headers = array(); + $key = ''; + + foreach(explode("\n", $raw_headers) as $i => $h) { + $h = explode(':', $h, 2); + + if (isset($h[1])) { + if (!isset($headers[$h[0]])) + $headers[$h[0]] = trim($h[1]); + elseif (is_array($headers[$h[0]])) { + $headers[$h[0]] = array_merge($headers[$h[0]], array(trim($h[1]))); + } + else { + $headers[$h[0]] = array_merge(array($headers[$h[0]]), array(trim($h[1]))); + } + + $key = $h[0]; + } + else { + if (substr($h[0], 0, 1) == "\t") + $headers[$key] .= "\r\n\t".trim($h[0]); + elseif (!$key) + $headers[0] = trim($h[0]); + } + } + + return $headers; + } +} \ No newline at end of file From feb05c9276bae261c4344a8dbf9ebf95e9c04927 Mon Sep 17 00:00:00 2001 From: Luke Shaheen Date: Wed, 27 Jul 2016 11:12:40 -0400 Subject: [PATCH 7/9] Add appropriate character for adding GET params --- src/OAuth2/Client.php | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) diff --git a/src/OAuth2/Client.php b/src/OAuth2/Client.php index 9ae2634..2d76732 100644 --- a/src/OAuth2/Client.php +++ b/src/OAuth2/Client.php @@ -441,10 +441,28 @@ private function executeRequest($url, $parameters = array(), $http_method = self /* No break */ case self::HTTP_METHOD_DELETE: case self::HTTP_METHOD_GET: - if (is_array($parameters) && count($parameters) > 0) { - $url .= '?' . http_build_query($parameters, null, '&'); - } elseif ($parameters) { - $url .= '?' . $parameters; + if ($parameters) { + //Remove any trailing question marks or ampersands + if (substr($url, -1) == '?') { + $url = substr($url, 0, mb_strlen($url) - 1); + } else { + if (substr($url, -1) == '&') { + $url = substr($url, 0, mb_strlen($url) - 1); + } + } + //Check to see if there are existing parameters in the URL + //We want to add the appropriate character to start adding our own params + parse_str(parse_url($url, PHP_URL_QUERY), $existingParams); + if (sizeof($existingParams)) { + $url .= '&'; + } else { + $url .= '?'; + } + if (is_array($parameters) && count($parameters) > 0) { + $url .= http_build_query($parameters, null, '&'); + } else { + $url .= $parameters; + } } break; default: From b2d05f44db3e43bbc2503025c1a0b3f49220dc03 Mon Sep 17 00:00:00 2001 From: Luke Shaheen Date: Wed, 10 Aug 2016 15:14:47 -0400 Subject: [PATCH 8/9] Pass Expect header --- src/OAuth2/Client.php | 1 + 1 file changed, 1 insertion(+) diff --git a/src/OAuth2/Client.php b/src/OAuth2/Client.php index 2d76732..11ddb62 100644 --- a/src/OAuth2/Client.php +++ b/src/OAuth2/Client.php @@ -472,6 +472,7 @@ private function executeRequest($url, $parameters = array(), $http_method = self $curl_options[CURLOPT_URL] = $url; if (is_array($http_headers)) { + $http_headers['Expect'] = ''; $header = array(); foreach($http_headers as $key => $parsed_urlvalue) { $header[] = "$key: $parsed_urlvalue"; From 9077c6511fe1fd9ccc4ae715d342d580e2087fa4 Mon Sep 17 00:00:00 2001 From: Luke Shaheen Date: Mon, 2 Jan 2017 13:39:06 -0500 Subject: [PATCH 9/9] send delete params as post --- src/OAuth2/Client.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/OAuth2/Client.php b/src/OAuth2/Client.php index 11ddb62..b1b3c93 100644 --- a/src/OAuth2/Client.php +++ b/src/OAuth2/Client.php @@ -420,6 +420,7 @@ private function executeRequest($url, $parameters = array(), $http_method = self ); switch($http_method) { + case self::HTTP_METHOD_DELETE: case self::HTTP_METHOD_POST: $curl_options[CURLOPT_POST] = true; /* No break */ @@ -439,7 +440,6 @@ private function executeRequest($url, $parameters = array(), $http_method = self case self::HTTP_METHOD_HEAD: $curl_options[CURLOPT_NOBODY] = true; /* No break */ - case self::HTTP_METHOD_DELETE: case self::HTTP_METHOD_GET: if ($parameters) { //Remove any trailing question marks or ampersands