Function ProcessToken1($oauth, &$access_token)
{
if(!$this->GetAccessTokenURL($url))
return false;
$options = array('Resource'=>'OAuth access token');
$method = strtoupper($this->token_request_method);
switch($method)
{
case 'GET':
break;
case 'POST':
$options['PostValuesInURI'] = true;
break;
default:
$this->error = $method.' is not a supported method to request tokens';
return false;
}
if(!$this->SendAPIRequest($url, $method, array(), $oauth, $options, $response))
return false;
if(strlen($this->access_token_error))
{
$this->authorization_error = $this->access_token_error;
return true;
}
if(!IsSet($response['oauth_token'])
|| !IsSet($response['oauth_token_secret']))
{
$this->authorization_error= 'it was not returned the access token and secret';
return true;
}
$access_token = array(
'value'=>$response['oauth_token'],
'secret'=>$response['oauth_token_secret'],
'authorized'=>true
);
if(IsSet($response['oauth_expires_in'])
&& $response['oauth_expires_in'] == 0)
{
if($this->debug)
$this->OutputDebug('Ignoring access token expiry set to 0');
$this->access_token_expiry = '';
}
elseif(IsSet($response['oauth_expires_in']))
{
$expires = $response['oauth_expires_in'];
if(strval($expires) !== strval(intval($expires))
|| $expires <= 0)
return($this->SetError('OAuth server did not return a supported type of access token expiry time'));
$this->access_token_expiry = gmstrftime('%Y-%m-%d %H:%M:%S', time() + $expires);
if($this->debug)
$this->OutputDebug('Access token expiry: '.$this->access_token_expiry.' UTC');
$access_token['expiry'] = $this->access_token_expiry;
}
else
$this->access_token_expiry = '';
if(IsSet($response['oauth_session_handle']))
{
$access_token['refresh'] = $response['oauth_session_handle'];
if($this->debug)
$this->OutputDebug('Refresh token: '.$access_token['refresh']);
}
return $this->StoreAccessToken($access_token);
}
Function ProcessToken2($code, $refresh)
{
if(!$this->GetRedirectURI($redirect_uri))
return false;
$authentication = $this->access_token_authentication;
if(strlen($this->oauth_username))
{
$values = array(
'grant_type'=>'password',
'username'=>$this->oauth_username,
'password'=>$this->oauth_password
);
$authentication = 'Basic';
}
elseif($refresh)
{
$values = array(
'refresh_token'=>$this->refresh_token,
'grant_type'=>'refresh_token',
'scope'=>$this->scope,
);
}
else
{
$values = array(
'code'=>$code,
'redirect_uri'=>$redirect_uri,
'grant_type'=>'authorization_code'
);
}
$options = array(
'Resource'=>'OAuth '.($refresh ? 'refresh' : 'access').' token',
'ConvertObjects'=>true
);
switch(strtolower($authentication))
{
case 'basic':
$options['AccessTokenAuthentication'] = $authentication;
$values['redirect_uri'] = $redirect_uri;
break;
case '':
$values['client_id'] = $this->client_id;
$values['client_secret'] = ($this->get_token_with_api_key ? $this->api_key : $this->client_secret);
break;
default:
return($this->SetError($authentication.' is not a supported authentication mechanism to retrieve an access token'));
}
if(!$this->GetAccessTokenURL($access_token_url))
return false;
if(!$this->SendAPIRequest($access_token_url, 'POST', $values, null, $options, $response))
return false;
if(strlen($this->access_token_error))
{
$this->authorization_error = $this->access_token_error;
return true;
}
if(!IsSet($response['access_token']))
{
if(IsSet($response['error']))
{
$this->authorization_error = 'it was not possible to retrieve the access token: it was returned the error: '.$response['error'];
return true;
}
return($this->SetError('OAuth server did not return the access token'));
}
$access_token = array(
'value'=>($this->access_token = $response['access_token']),
'authorized'=>true,
);
if($this->store_access_token_response)
$access_token['response'] = $this->access_token_response = $response;
if($this->debug)
$this->OutputDebug('Access token: '.$this->access_token);
if(IsSet($response['expires_in'])
&& $response['expires_in'] == 0)
{
if($this->debug)
$this->OutputDebug('Ignoring access token expiry set to 0');
$this->access_token_expiry = '';
}
elseif(IsSet($response['expires'])
|| IsSet($response['expires_in']))
{
$expires = (IsSet($response['expires']) ? $response['expires'] : $response['expires_in']);
if(strval($expires) !== strval(intval($expires))
|| $expires <= 0)
return($this->SetError('OAuth server did not return a supported type of access token expiry time'));
$this->access_token_expiry = gmstrftime('%Y-%m-%d %H:%M:%S', time() + $expires);
if($this->debug)
$this->OutputDebug('Access token expiry: '.$this->access_token_expiry.' UTC');
$access_token['expiry'] = $this->access_token_expiry;
}
else
$this->access_token_expiry = '';
if(IsSet($response['token_type']))
{
$this->access_token_type = $response['token_type'];
if(strlen($this->access_token_type)
&& $this->debug)
$this->OutputDebug('Access token type: '.$this->access_token_type);
$access_token['type'] = $this->access_token_type;
}
else
{
$this->access_token_type = $this->default_access_token_type;
if(strlen($this->access_token_type)
&& $this->debug)
$this->OutputDebug('Assumed the default for OAuth access token type which is '.$this->access_token_type);
}
if(IsSet($response['refresh_token']))
{
$this->refresh_token = $response['refresh_token'];
if($this->debug)
$this->OutputDebug('Refresh token: '.$this->refresh_token);
$access_token['refresh'] = $this->refresh_token;
}
elseif(strlen($this->refresh_token))
{
if($this->debug)
$this->OutputDebug('Reusing previous refresh token: '.$this->refresh_token);
$access_token['refresh'] = $this->refresh_token;
}
return $this->StoreAccessToken($access_token);
}
Function RetrieveToken(&$valid)
{
$valid = false;
if(!$this->GetAccessToken($access_token))
return false;
if(IsSet($access_token['value']))
{
$this->access_token_expiry = '';
$expired = (IsSet($access_token['expiry']) && strcmp($this->access_token_expiry = $access_token['expiry'], gmstrftime('%Y-%m-%d %H:%M:%S')) < 0);
if($expired)
{
if($this->debug)
$this->OutputDebug('The OAuth access token expired in '.$this->access_token_expiry);
}
$this->access_token = $access_token['value'];
if(!$expired
&& $this->debug)
$this->OutputDebug('The OAuth access token '.$this->access_token.' is valid');
if(IsSet($access_token['type']))
{
$this->access_token_type = $access_token['type'];
if(strlen($this->access_token_type)
&& !$expired
&& $this->debug)
$this->OutputDebug('The OAuth access token is of type '.$this->access_token_type);
}
else
{
$this->access_token_type = $this->default_access_token_type;
if(strlen($this->access_token_type)
&& !$expired
&& $this->debug)
$this->OutputDebug('Assumed the default for OAuth access token type which is '.$this->access_token_type);
}
if(IsSet($access_token['secret']))
{
$this->access_token_secret = $access_token['secret'];
if($this->debug
&& !$expired)
$this->OutputDebug('The OAuth access token secret is '.$this->access_token_secret);
}
if(IsSet($access_token['refresh']))
$this->refresh_token = $access_token['refresh'];
else
$this->refresh_token = '';
$this->access_token_response = (($this->store_access_token_response && IsSet($access_token['response'])) ? $access_token['response'] : null);
$valid = true;
}
return true;
}
Function CallAPI($url, $method, $parameters, $options, &$response)
{
if(!IsSet($options['Resource']))
$options['Resource'] = 'API call';
if(!IsSet($options['ConvertObjects']))
$options['ConvertObjects'] = false;
if(strlen($this->access_token) === 0)
{
if(!$this->RetrieveToken($valid))
return false;
if(!$valid)
return $this->SetError('the access token is not set to a valid value');
}
switch(intval($this->oauth_version))
{
case 1:
if(strlen($this->access_token_expiry)
&& strcmp($this->access_token_expiry, gmstrftime('%Y-%m-%d %H:%M:%S')) <= 0)
{
if(strlen($this->refresh_token) === 0)
return($this->SetError('the access token expired and no refresh token is available'));
if($this->debug)
$this->OutputDebug('Refreshing the OAuth access token expired on '.$this->access_token_expiry);
$oauth = array(
'oauth_token'=>$this->access_token,
'oauth_session_handle'=>$this->refresh_token
);
if(!$this->ProcessToken1($oauth, $access_token))
return false;
if(IsSet($options['FailOnAccessError'])
&& $options['FailOnAccessError']
&& strlen($this->authorization_error))
{
$this->error = $this->authorization_error;
return false;
}
if(!IsSet($access_token['authorized'])
|| !$access_token['authorized'])
return($this->SetError('failed to obtain a renewed the expired access token'));
$this->access_token = $access_token['value'];
$this->access_token_secret = $access_token['secret'];
if(IsSet($access_token['refresh']))
$this->refresh_token = $access_token['refresh'];
}
$oauth = array(
(strlen($this->access_token_parameter) ? $this->access_token_parameter : 'oauth_token')=>((IsSet($options['2Legged']) && $options['2Legged']) ? '' : $this->access_token)
);
break;
case 2:
if(strlen($this->access_token_expiry)
&& strcmp($this->access_token_expiry, gmstrftime('%Y-%m-%d %H:%M:%S')) <= 0)
{
if(strlen($this->refresh_token) === 0)
return($this->SetError('the access token expired and no refresh token is available'));
if($this->debug)
$this->OutputDebug('Refreshing the OAuth access token expired on '.$this->access_token_expiry);
if(!$this->ProcessToken2(null, true))
return false;
if(IsSet($options['FailOnAccessError'])
&& $options['FailOnAccessError']
&& strlen($this->authorization_error))
{
$this->error = $this->authorization_error;
return false;
}
}
$oauth = null;
if(strcasecmp($this->access_token_type, 'Bearer'))
$url .= (strcspn($url, '?') < strlen($url) ? '&' : '?').(strlen($this->access_token_parameter) ? $this->access_token_parameter : 'access_token').'='.UrlEncode($this->access_token);
break;
default:
return($this->SetError($this->oauth_version.' is not a supported version of the OAuth protocol'));
}
return($this->SendAPIRequest($url, $method, $parameters, $oauth, $options, $response));
}
Function Initialize()
{
$this->oauth_version =
$this->dialog_url =
$this->access_token_url =
$this->request_token_url =
$this->append_state_to_redirect_uri = '';
$this->authorization_header = true;
$this->url_parameters = false;
$this->token_request_method = 'GET';
$this->signature_method = 'HMAC-SHA1';
$this->access_token_authentication = '';
$this->access_token_parameter = '';
$this->default_access_token_type = '';
$this->store_access_token_response = false;
$this->oauth_version = '1.0a';
$this->request_token_url = 'https://api.linkedin.com/uas/oauth/requestToken?scope={SCOPE}';
$this->dialog_url = 'https://api.linkedin.com/uas/oauth/authenticate';
$this->access_token_url = 'https://api.linkedin.com/uas/oauth/accessToken';
$this->url_parameters = true;
return(true);
}
Function Process()
{
if(strlen($this->access_token)
|| strlen($this->access_token_secret))
{
if($this->debug)
$this->OutputDebug('The Process function should not be called again if the OAuth token was already set manually');
return $this->SetError('the OAuth token was already set');
}
switch(intval($this->oauth_version))
{
case 1:
$one_a = ($this->oauth_version === '1.0a');
if($this->debug)
$this->OutputDebug('Checking the OAuth token authorization state');
if(!$this->GetAccessToken($access_token))
return false;
if(IsSet($access_token['expiry']))
$this->access_token_expiry = $access_token['expiry'];
if(IsSet($access_token['authorized'])
&& IsSet($access_token['value']))
{
$expired = (IsSet($access_token['expiry']) && strcmp($access_token['expiry'], gmstrftime('%Y-%m-%d %H:%M:%S')) <= 0);
if(!$access_token['authorized']
|| $expired)
{
if($this->debug)
{
if($expired)
$this->OutputDebug('The OAuth token expired on '.$access_token['expiry'].'UTC');
else
$this->OutputDebug('The OAuth token is not yet authorized');
$this->OutputDebug('Checking the OAuth token and verifier');
}
if(!$this->GetRequestToken($token, $verifier))
return false;
if(!IsSet($token)
|| ($one_a
&& !IsSet($verifier)))
{
if(!$this->GetRequestDenied($denied))
return false;
if(IsSet($denied)
&& $denied === $access_token['value'])
{
if($this->debug)
$this->OutputDebug('The authorization request was denied');
$this->authorization_error = 'the request was denied';
return true;
}
else
{
if($this->debug)
$this->OutputDebug('Reset the OAuth token state because token and verifier are not both set');
$access_token = array();
}
}
elseif($token !== $access_token['value'])
{
if($this->debug)
$this->OutputDebug('Reset the OAuth token state because token does not match what as previously retrieved');
$access_token = array();
}
else {
$this->access_token_secret = $access_token['secret'];
$oauth = array(
'oauth_token'=>$token,
);
if($one_a)
$oauth['oauth_verifier'] = $verifier;
if(!$this->ProcessToken1($oauth, $access_token))
return false;
if($this->debug)
$this->OutputDebug('The OAuth token was authorized');
}
}
elseif($this->debug)
$this->OutputDebug('The OAuth token was already authorized');
if(IsSet($access_token['authorized'])
&& $access_token['authorized'])
{
$this->access_token = $access_token['value'];
$this->access_token_secret = $access_token['secret'];
if(IsSet($access_token['refresh']))
$this->refresh_token = $access_token['refresh'];
return true;
}
} else {
if($this->debug)
$this->OutputDebug('The OAuth access token is not set');
$access_token = array();
}
if(!IsSet($access_token['authorized']))
{
if($this->debug)
$this->OutputDebug('Requesting the unauthorized OAuth token');
if(!$this->GetRequestTokenURL($url))
return false;
$url = str_replace('{SCOPE}', UrlEncode($this->scope), $url);
if(!$this->GetRedirectURI($redirect_uri))
return false;
$oauth = array(
'oauth_callback'=>$redirect_uri,
);
$options = array(
'Resource'=>'OAuth request token',
'FailOnAccessError'=>true
);
$method = strtoupper($this->token_request_method);
switch($method)
{
case 'GET':
break;
case 'POST':
$options['PostValuesInURI'] = true;
break;
default:
$this->error = $method.' is not a supported method to request tokens';
break;
}
if(!$this->SendAPIRequest($url, $method, array(), $oauth, $options, $response))
return false;
if(strlen($this->access_token_error))
{
$this->authorization_error = $this->access_token_error;
return true;
}
if(!IsSet($response['oauth_token'])
|| !IsSet($response['oauth_token_secret']))
{
$this->authorization_error = 'it was not returned the requested token';
return true;
}
$access_token = array(
'value'=>$response['oauth_token'],
'secret'=>$response['oauth_token_secret'],
'authorized'=>false
);
if(IsSet($response['login_url']))
$access_token['login_url'] = $response['login_url'];
if(!$this->StoreAccessToken($access_token))
return false;
}
if(!$this->GetDialogURL($url))
return false;
if($url === 'automatic')
{
if(!IsSet($access_token['login_url']))
return($this->SetError('The request token response did not automatically the login dialog URL as expected'));
if($this->debug)
$this->OutputDebug('Dialog URL obtained automatically from the request token response: '.$url);
$url = $access_token['login_url'];
}
else
$url .= (strpos($url, '?') === false ? '?' : '&').'oauth_token='.$access_token['value'];
if(!$one_a)
{
if(!$this->GetRedirectURI($redirect_uri))
return false;
$url .= '&oauth_callback='.UrlEncode($redirect_uri);
}
if($this->debug)
$this->OutputDebug('Redirecting to OAuth authorize page '.$url);
$this->Redirect($url);
$this->exit = true;
return true;
case 2:
if($this->debug)
{
if(!$this->GetAccessTokenURL($access_token_url))
return false;
$this->OutputDebug('Checking if OAuth access token was already retrieved from '.$access_token_url);
}
if(!$this->RetrieveToken($valid))
return false;
if($valid)
return true;
if(strlen($this->oauth_username))
{
if($this->debug)
$this->OutputDebug('Getting the access token using the username and password');
return $this->ProcessToken2(null, false);
}
if($this->debug)
$this->OutputDebug('Checking the authentication state in URI '.$_SERVER['REQUEST_URI']);
if(!$this->GetStoredState($stored_state))
return false;
if(strlen($stored_state) == 0)
return($this->SetError('it was not set the OAuth state'));
if(!$this->GetRequestState($state))
return false;
if($state === $stored_state)
{
if($this->debug)
$this->OutputDebug('Checking the authentication code');
if(!$this->GetRequestCode($code))
return false;
if(strlen($code) == 0)
{
if(!$this->GetRequestError($this->authorization_error))
return false;
if(IsSet($this->authorization_error))
{
if($this->debug)
$this->OutputDebug('Authorization failed with error code '.$this->authorization_error);
switch($this->authorization_error)
{
case 'invalid_request':
case 'unauthorized_client':
case 'access_denied':
case 'unsupported_response_type':
case 'invalid_scope':
case 'server_error':
case 'temporarily_unavailable':
case 'user_denied':
return true;
default:
return($this->SetError('it was returned an unknown OAuth error code'));
}
}
return($this->SetError('it was not returned the OAuth dialog code'));
}
if(!$this->ProcessToken2($code, false))
return false;
} else { if(!$this->GetRedirectURI($redirect_uri))
return false;
if(strlen($this->append_state_to_redirect_uri))
$redirect_uri .= (strpos($redirect_uri, '?') === false ? '?' : '&').$this->append_state_to_redirect_uri.'='.$stored_state;
if(!$this->GetDialogURL($url, $redirect_uri, $stored_state))
return false;
if(strlen($url) == 0)
return($this->SetError('it was not set the OAuth dialog URL'));
if($this->debug)
$this->OutputDebug('Redirecting to OAuth Dialog '.$url);
$this->Redirect($url);
$this->exit = true;
}
break;
default:
return($this->SetError($this->oauth_version.' is not a supported version of the OAuth protocol'));
}
return(true);
}
continue....
是否遵循了獲取OAuth令牌的步驟? http://developer.linkedin.com/documents/getting-oauth-token – Oldskool