Changeset 790774

Timestamp:

10/20/2013 06:50:57 AM (12 years ago)

Author:

mobius5150

Message:

Got twitter request signing working again.

File:

• globalfeed/trunk/feeds/mb_twitter/mb_twitter.php (modified) (24 diffs)

globalfeed/trunk/feeds/mb_twitter/mb_twitter.php

@@ -40 +40 @@
      * @var str
      */
-    private $feed_name = 'Twitter Connect';
+    protected $feed_name = 'Twitter Connect';
     
     /**
@@ -47 +47 @@
      * @var str
      */
-    private $feed_slug = 'twitter_connect';
-    
-    private $feed_version = '0.1.3';
+    protected $feed_slug = 'twitter_connect';
+    
+    protected $feed_version = '0.1.3';
     
     /**
@@ -56 +56 @@
      * @var str
      */
-    private $feed_type = 'request';
+    protected $feed_type = 'request';
     
     /**
@@ -62 +62 @@
      * @var boolean
      */
-    private $auto_interupt_flow = true;
+    protected $auto_interupt_flow = true;
     
     /**
@@ -69 +69 @@
      * @var array
      */
-    private $pages_to_show = array(
+    protected $pages_to_show = array(
         'all' => 'all'
     );
@@ -77 +77 @@
      * @var array
      */
-    private $pages_not_to_show = array(
+    protected $pages_not_to_show = array(
         
     );
@@ -85 +85 @@
      * @var type 
      */
-    private $globalfeed;
+    protected $globalfeed;
     
     private $_apiurl = 'http://api.twitter.com/1/';
@@ -96 +96 @@
         
         // Content endpoints
-        'get_status' => 'http://api.twitter.com/1/statuses/user_timeline.json',
-        'get_retweet'=> 'http://api.twitter.com/1/statuses/retweeted_by_user.json',
+        'get_status' => 'https://api.twitter.com/1.1/statuses/home_timeline.json',
+        'get_retweet'=> 'https://api.twitter.com/1.1/statuses/retweets_of_me.json',
+        
+        // User endpoints
+        'get_user' => 'https://api.twitter.com/1.1/users/show.json',
+        'user_lookup' => 'https://api.twitter.com/1.1/users/lookup.json',
     ); //['oauth_request_token']
     
@@ -156 +160 @@
      * @var array $feed_options
      */
-    private $feed_options = null;
+    protected $feed_options = null;
 
     /**
@@ -266 +270 @@
             add_action( 'wp_ajax_mbgf_twitter_connect_reset_feed_defaults', array( &$this, 'reset_feed_defaults' ) );
             add_action( 'wp_ajax_mbgf_twitter_connect_manual_feed_update', array( &$this, 'ajax_do_update' ) );
+            add_action( 'wp_ajax_mbgf_twitter_connect_get_user', array( &$this, 'ajax_user_lookup' ) );
             
             // General Hooks
@@ -272 +277 @@
             // Unregister feed hook
             add_action( 'mbgf_unregister_feed-' . $this->get_slug(), array( &$this, 'unregister_feed') );
+        }
+    }
+    
+    function get_message($message_slug) {
+        $text_domain = 'mb_globalfeed';
+        
+        switch ($message_slug) {
+            case 'client_configuration_error':
+                return __('GlobalFeed Twitter Connect cannot fetch updates due to a client side or network error.', $text_domain);
+            case 'not_configured':
+                return __('GlobalFeed Twitter Connect is not properly configured. Please redo the initial configuration.', $text_domain);
+            case 'need_reauth':
+                return __('GlobalFeed Twitter Connect needs you to reauthenticate the application with Twitter to continue receiving updates.', $text_domain);
+            case 'rate_limiting':
+                return __('GlobalFeed Twitter Connect is currently being rate limited. If you have issued a manual update please wait several minutes. Otherwise please reduce the update frequency.', $text_domain);
+            default:
+                return 'GlobalFeed Twitter error 404: Unknown message slug.';
         }
     }
@@ -486 +508 @@
         
         $this->globalfeed->print_debug_info("OAuth Key Generation");
-        $this->get_oauth_key_request(); // will call register_feed
+        if (!$this->get_oauth_key_request()) {
+            die("{'error':'An error occured'}");
+        }
         
         $this->register_feed(true);
@@ -535 +559 @@
         die(json_encode(array('object' => $this->feed_options['object_to_subscribe'])));
     }
+    
+    public function ajax_user_lookup() {
+        check_admin_referer( 'twitter-connect-admin' );
+        wp_verify_nonce( 'twitter-connect-admin' );
+        
+        $availparams = array( 'screen_name', 'user_id' );
+        $params = array();
+        
+        foreach ($availparams as $param) {
+            if ( isset($_GET[$param]) )
+                $params[$param] = $_GET[$param];
+        }
+        
+        $request = $this->do_twitter_remote_post($this->tw_endpoints['get_user'], $params, 'GET');
+        
+        // Check for a WP Error
+        if ( is_wp_error($request) ) {
+            http_response_code(500);
+            die();
+        }
+        
+        // Return the received data
+        header( "HTTP/1.1 {$request['response']['code']} {$request['response']['message']}", true, $request['response']['code']);
+        $this->globalfeed->print_debug_info($request);
+        die($request['body']);
+    }
 
     /**
@@ -592 +642 @@
             return new WP_Error ('not_setup', "You must set a Twitter consumer Key and Secret to get a request token");
         
+        $parameters = array(
+            'oauth_callback' => get_bloginfo('wpurl').'/',
+//            'x_auth_access_type' => 'read'
+        );
+        
         // Do the request
-        $request = $this->do_twitter_remote_post( $this->tw_endpoints['oauth_request_token'] );
+        $request = $this->do_twitter_remote_post( $this->tw_endpoints['oauth_request_token'], array(), 'POST', $parameters );
         
         // Check if a request error occured
@@ -685 +740 @@
      * @return array|WP_Error The result from executing wp_remote_post on the generated request
      */
-    private function do_twitter_remote_post( $endpoint, $parameters = array(), $method = 'POST' ) {
+    private function do_twitter_remote_post( $endpoint, $parameters = array(), $method = 'POST', $auth_params = array() ) {
         $default_parameters = array(
             'oauth_consumer_key' => $this->feed_options['consumer_key'],
             'oauth_nonce' => $_SESSION['state'],
+//            'oauth_nonce' => "f9b649e39402a68e3ebbdbd2f8968fd3",
             'oauth_signature_method' => 'HMAC-SHA1',
-            'oauth_timestamp' => time(),
+            'oauth_timestamp' => (string) time(),
+//            'oauth_timestamp' => "1382247124",
+//            'oauth_token' => $this->feed_options['oauth_access_token'],
             'oauth_version' => '1.0',
-            'oauth_callback' => get_bloginfo('wpurl').'/',
-            'x_auth_access_type' => 'read'
+//            'oauth_callback' => get_bloginfo('wpurl').'/',
+//            'x_auth_access_type' => 'read'
         );
         
-        if ( !empty($this->feed_options['oauth_access_token']) )
-            $default_parameters['oauth_access_token'] = $this->feed_options['oauth_access_token'];
+        
+        
+//        if ( !empty($this->feed_options['oauth_access_token']) )
+//            $default_parameters['oauth_token'] = $this->feed_options['oauth_access_token'];
         
         // Parse the default parameters
-        $parameters = wp_parse_args($parameters, $default_parameters);
+//        $parameters = wp_parse_args($parameters, $default_parameters);
+        $auth_params = wp_parse_args($auth_params, $default_parameters);
+        $all_params = wp_parse_args($parameters, $auth_params);
+        
+        ksort($all_params);
             
         // Get the signature for the request
-        $parameters['oauth_signature'] = $this->generate_twitter_request_signature($endpoint, $method, $parameters);
-        
-        // The below code is what is SUPPOSED to be done -- but it didn't want to work :(
-//        // Build the Authorization header string
-//        $header_str = 'OAuth ';
-//        foreach ( $parameters as $key => $value )
-//            $header_str .= rawurlencode($key) . '="' . rawurlencode($value) . '", ';
-//        
-//        // Remove trailing ", " from string
-//        $header_str = substr($header_str, 0, -2);
+        $signature = $this->generate_twitter_request_signature($endpoint, $method, $all_params);
+        $auth_params['oauth_signature'] = $signature;
+        
+        ksort($auth_params);
+        
+        $this->globalfeed->print_debug_info($auth_params);
+        
+        $this->globalfeed->print_debug_info($parameters);
         
         $endpoint .= '?';
@@ -720 +782 @@
         $endpoint = substr($endpoint, 0, -1);
         
+        $this->globalfeed->print_debug_info($endpoint);
+        
+        $auth_header = "OAuth ";
+        foreach ( $auth_params as $key => $value )
+            $auth_header .= rawurlencode($key) . "=\"" . rawurlencode($value) . "\", ";
+        
+        $this->globalfeed->print_debug_info(substr($auth_header, 0, -2));
+        
         // Execute the request, and return whatever results
-        return wp_remote_post($endpoint, array( 'method' => strtoupper($method), ) );
+        return wp_remote_post($endpoint, array( 'method' => strtoupper($method), 'headers' => array( 'Authorization' => $auth_header ) ) );
     }
     
@@ -733 +803 @@
      */
     private function generate_twitter_request_signature( $endpoint, $method, $parameters ) {
+        $this->globalfeed->print_debug_info("------------------------Beginning signature generation");
+        
         // Sort the parameters alphabetically
         ksort($parameters);
@@ -746 +818 @@
         // The base string is the parameter string appendd to the base string (as per oauth spec)
         $base_str = strtoupper($method) . '&' . rawurlencode($endpoint) . '&' . rawurlencode($param_str);
+        $this->globalfeed->print_debug_info('base string:');
+        $this->globalfeed->print_debug_info($base_str);
         
         // Build the signing key
@@ -752 +826 @@
         // If we have a user request token, that needs to be a part of the signing key
         if ( !empty($this->feed_options['oauth_access_token_secret']) )
-            $signing_key .= rawurlencode($this->feed_options['oauth_token_secret']);
+            $signing_key .= rawurlencode($this->feed_options['oauth_access_token_secret']);
+        
+        $this->globalfeed->print_debug_info('signing key:');
+        $this->globalfeed->print_debug_info($signing_key);
+        
+        $this->globalfeed->print_debug_info("------------------------Done signature generation");
         
         // Create and return the signature
         return base64_encode(hash_hmac('sha1', $base_str, $signing_key, true));
-    }
-    
-    /**
-     * Adds a Twitter alert that should be displayed to the user
-     * 
-     * If an alert with the same $alert_code already exists, it will be overwritten.
-     * 
-     * @param str $alert_code A slug-style code for the alert
-     * @param str $alert_text The alert text
-     * @param bool $sitewide (optional, defaults to false) Whether the alert should be shown sitewide, or just within GlobalFeed.
-     */
-    
-    /**
-     * Adds a Twitter alert that should be displayed to the user
-     * 
-     * If an alert with the same $alert_code already exists, it will be overwritten.
-     * 
-     * @global type $current_user
-     * 
-     * @param str $alert_code A slug-style code for the alert
-     * @param str $alert_text The alert text
-     * @param type $important Whether the alert should be shown as a notice or an error
-     * @param bool $sitewide (optional, defaults to false) Whether the alert should be shown sitewide, or just within GlobalFeed.
-     * @param type $require_priv What privilege the alert requires to be seen. '' if none.
-     * @param type $dismissable Whether the alert should be dismissable by the user
-     */
-    function add_alert( $alert_code, $alert_text, $important = false, $sitewide = false, $require_priv = 'manage_options', $dismissable = true ) {
-        global $current_user;
-        
-        $this->feed_options['alerts'][$alert_code] = array(
-            'alert_code' => $alert_code,
-            'alert_text' => $alert_text,
-            'sitewide'   => $sitewide,
-            'hidden'     => false,
-            'remind'     => 0,
-            'important'  => $important,
-            'require_priv' => $require_priv,
-            'never_show' => (isset($this->feed_options['alerts'][$alert_code]) ? $this->feed_options['alerts'][$alert_code]['never_show'] : false),
-            'dismissable'=> $dismissable,
-        );
-        
-        $this->globalfeed->print_debug_info("Feed options");
-        $this->globalfeed->print_debug_info($this->feed_options['alerts']);
-        
-        $this->register_feed(true);
-        
-        delete_user_meta($current_user->ID, "mbgf_twitter_connect_hide_alert_" . $alert_code);
-        
-        $this->globalfeed->print_debug_info("Added alert: $alert_code");
-    }
-    
-    /**
-     * When an alert no longer applies, hide it from the user.
-     * 
-     * @param type $alert_code 
-     */
-    function hide_alert( $alert_code ) {
-        if ( isset($this->feed_options['alerts'][$alert_code]) )
-            $this->feed_options['alerts'][$alert_code]['hidden'] = true;
-        
-        $this->register_feed(true);
-    }
-    
-    /**
-     * Shows any queued alerts. Also detects if the user hides an alert
-     * 
-     * Called by WordPress Action 'admin_notices'
-     * 
-     */
-    function show_alerts() {
-        global $current_user;
-        
-        // Check if there are alerts
-        if ( !count($this->feed_options['alerts']) )
-            return;
-        
-        $hide_text = __('Hide', 'mb_twitter');
-        $never_show_text = __('Never show again', 'mb_twitter');
-        
-        // Used for show/hide urls
-        $server_args = array();
-        parse_str($_SERVER['QUERY_STRING'], $server_args);
-        
-        // Loop through alerts
-        foreach ($this->feed_options['alerts'] as $alert_code => $alert) {
-            // Check if this alert should be hidden from the user
-            $hide_alert = "mbgf_twitter_connect_hide_alert_" . $alert['alert_code'];
-            $never_show_alert = "mbgf_twitter_connect_never_show_alert_" . $alert['alert_code'];
-            
-            // Check if alert is disabled -- but make sure we catch anything telling us to hide the alert (but make sure the user has permission)
-            if ( !isset($_GET[$hide_alert]) && !isset($_GET[$never_show_alert]) && !( $alert['require_priv'] !== '' && current_user_can($require_priv) ) && ( 
-                    // Is this alert disabled?
-                    $alert['hidden'] || $alert['never_show']
-                    
-                    // Check if the alert should be shown accross WP-Admin
-                    || ( $this->globalfeed->in_admin() === false && !$alert['sitewide'] )
-                    
-                    // Check if the user has previously hidden this alert
-                    || get_user_meta($current_user->ID, $hide_alert, true) === true ) )
-                continue;
-            
-            // Check if alert show status changed
-            if ( isset($_GET[$hide_alert]) ) {
-                add_user_meta($current_user->ID, $hide_alert, true);
-                continue;
-            }
-            
-            if ( isset($_GET[$never_show_alert]) ) {
-                $this->feed_options['alerts'][$alert_code]['never_show'] = true;
-                $this->register_feed(true);
-                continue;
-            }
-            
-            // This alert should be shown to the user
-            echo "<div class='{$alert['alert_code']} " . ($alert['important'] ? 'error' : 'updated') . "'><p>{$alert['alert_text']}</p>";
-            
-            if ( $alert['dismissable'] ) {
-                $hide_addr = http_build_query(array_merge($server_args, array($hide_alert=>1)));
-                $never_addr=  http_build_query(array_merge($server_args, array($never_show_alert=>1)));
-                echo "<div class='align_right'><a href='?$hide_addr' title='$hide_text'>$hide_text</a> | <a href='?$never_addr' title='$never_show_text'>$never_show_text</a></div></div>";
-            } else
-                echo '</div>';
-        }
     }
 
@@ -891 +847 @@
      */
     function update_feed() {
-        
         // Don't try and update if authorization is in progress
-        if ( $this->feed_options['tw_auth_status'] !== 'authorized' && $this->feed_options['tw_auth_status'] !== 'not_initiated' )
+        if ( $this->feed_options['tw_auth_status'] !== 'authorized' && $this->feed_options['tw_auth_status'] !== 'not_initiated' ) {
+            $this->add_alert('not_configure', $this->get_message('not_configure'), true, false);
             return;
+        }
+        
+        $this->hide_alert('not_authenticated');
         
         $globalfeed = &$this->globalfeed;
@@ -950 +909 @@
             
             // Check for a WP Error
-            if ( is_wp_error($request) )
-                return $request;
+            if ( is_wp_error($request) ) {
+                $this->add_alert('client_configuration_error', $this->get_message('client_configuration_error'), true, false);
+                continue;
+            }
 
             // Hide any previous alerts
-            $this->hide_alert('request_error');
-            $this->hide_alert('rate_limiting');
+            $this->hide_alerts(array('request_error', 'rate_limiting', 'client_configuration_error'));
             
             // Check the response code
@@ -961 +921 @@
             if ( $request['response']['code'] !== 200 ) {
                 if ( $request['response']['code'] === 302 ) {
-                    $this->globalfeed->print_debug_info('Rate limiting error', 'mb_twitter');
-                    
                     // We are being rate limited
                     if ( !empty($this->feed_options['oauth_access_token'])) {
@@ -974 +932 @@
                 } else {
                     $this->globalfeed->print_debug_info('Request error.', 'mb_twitter');
-                    $this->add_alert('error_connecting', "Problems were experienced communicating with Twitter. Received response code {$request['response']['code']} on endpoint {$endpoint_id}");
-                    return new WP_Error('request_error', "Twitter connect experienced a comms error fetching new content from Twitter.", $request['response']['code']);
+                    $this->add_alert('error_connecting', "GlobalFeed Twitter Connect experienced problems communicating with Twitter. Received response code {$request['response']['code']} on endpoint {$endpoint_id}.");
+                    return new WP_Error('request_error', "GlobalFeed Twitter Connect experienced a comms error fetching new content from Twitter.", $request['response']['code']);
                 }
             }
@@ -990 +948 @@
             
             foreach ($updates as $update) {
-                if ( $update['user']['id'] != $feed_options['object_to_subscribe'] ) {
-                    //$globalfeed->print_debug_info($update);
+                if ( $update['user']['id'] != $feed_options['object_to_subscribe'] )
                     continue;
-                }
 
                 $post_date = new DateTime((string) trim($update['created_at']), $gmt_timezone);