allow dynamic callback url, fix signing post params

csteipp · csteipp · commit d5e3ac18f3cf · 2015-05-24T05:08:28.000-07:00
diff --git a/MWOAuthClient.php b/MWOAuthClient.php
@@ -1,6 +1,6 @@
 <?php
 
-include_once './OAuth.php'; // reference php library from oauth.net
+include_once __DIR__ . '/OAuth.php'; // reference php library from oauth.net
 
 function wfDebugLog( $method, $msg) {
 	// Uncomment this if you want debuggging info from the OAuth library
@@ -47,6 +47,9 @@ class MWOAuthClient {
 	// Any extra params in the call that need to be signed
 	private $extraParams = array();
 
+	// url, defaults to oob
+	private $callbackUrl = 'oob';
+
 	// Track the last random nonce generated by the OAuth lib, used to
 	// verify /identity response isn't a replay
 	private $lastNonce;
@@ -71,6 +74,10 @@ public function setExtraParams( $params ) {
 		$this->extraParams = $params;
 	}
 
+	public function setCallback( $url ) {
+		$this->callbackUrl = $url;
+	}
+
 	/**
 	 * First part of 3-legged OAuth, get the request Token.
 	 * Redirect your authorizing users to the redirect url, and keep
@@ -79,7 +86,7 @@ public function setExtraParams( $params ) {
 	 * @return array (redirect, request/temp token)
 	 */
 	public function initiate() {
-		$initUrl = $this->config->endpointURL . '/initiate&format=json&oauth_callback=oob';
+		$initUrl = $this->config->endpointURL . '/initiate&format=json&oauth_callback=' . urlencode( $this->callbackUrl );
 		$data = $this->makeOAuthCall( null, $initUrl );
 		$return = json_decode( $data );
 		if ( $return->oauth_callback_confirmed !== 'true' ) {
@@ -161,6 +168,10 @@ public function makeOAuthCall( $token, $url, $isPost = false, $postFields = fals
 		}
 		$params += $this->extraParams;
 
+		if ( $isPost && $postFields ) {
+			$params += $postFields;
+		}
+
 		$method = $isPost ? 'POST' : 'GET';
 		$req = OAuthRequest::from_consumer_and_token(
 			$this->consumerToken,
