Google Analytics for WordPress by MonsterInsights - Version 4.2.2

Version Description

  • Fix for OAuth issues, caused by other plugins that don't check for the existence of a class. Namespaced the whole thing to prevent it.
Download this release

Release Info

Developer joostdevalk
Plugin Icon 128x128 Google Analytics for WordPress by MonsterInsights
Version 4.2.2
Comparing to
See all releases

Code changes from version 4.2.1 to 4.2.2

Files changed (4) hide show
  1. googleanalytics.php +4 -6
  2. readme.txt +5 -1
  3. wp-gdata/OAuth.php +63 -63
  4. wp-gdata/wp-gdata.php +9 -9
googleanalytics.php CHANGED
@@ -4,15 +4,15 @@ Plugin Name: Google Analytics for WordPress
4
  Plugin URI: http://yoast.com/wordpress/google-analytics/#utm_source=wordpress&utm_medium=plugin&utm_campaign=google-analytics-for-wordpress&utm_content=v420
5
  Description: This plugin makes it simple to add Google Analytics to your WordPress blog, adding lots of features, eg. custom variables and automatic clickout and download tracking.
6
  Author: Joost de Valk
7
- Version: 4.2
8
- Requires at least: 2.8
9
  Author URI: http://yoast.com/
10
  License: GPL
11
  */
12
 
13
  // This plugin was originally based on Rich Boakes' Analytics plugin: http://boakes.org/analytics
14
 
15
- define('GAWP_VERSION', '4.2');
16
 
17
  /*
18
  * Admin User Interface
@@ -823,9 +823,7 @@ if ( is_admin() && ( !defined('DOING_AJAX') || !DOING_AJAX ) && !class_exists( '
823
  function authenticate() {
824
  if ( isset( $_REQUEST['oauth_token'] ) ) {
825
  $o = get_option( $this->optionname );
826
- if ( isset( $o['gawp_oauth']['oauth_token'] ) && $o['gawp_oauth']['oauth_token'] !== $_REQUEST['oauth_token'] ) {
827
- $o['gawp_oauth']['oauth_token'] = '';
828
- } else {
829
  $gdata = new WP_GData(
830
  array(
831
  'scope' => 'https://www.google.com/analytics/feeds/',
4
  Plugin URI: http://yoast.com/wordpress/google-analytics/#utm_source=wordpress&utm_medium=plugin&utm_campaign=google-analytics-for-wordpress&utm_content=v420
5
  Description: This plugin makes it simple to add Google Analytics to your WordPress blog, adding lots of features, eg. custom variables and automatic clickout and download tracking.
6
  Author: Joost de Valk
7
+ Version: 4.2.2
8
+ Requires at least: 3.0
9
  Author URI: http://yoast.com/
10
  License: GPL
11
  */
12
 
13
  // This plugin was originally based on Rich Boakes' Analytics plugin: http://boakes.org/analytics
14
 
15
+ define('GAWP_VERSION', '4.2.2');
16
 
17
  /*
18
  * Admin User Interface
823
  function authenticate() {
824
  if ( isset( $_REQUEST['oauth_token'] ) ) {
825
  $o = get_option( $this->optionname );
826
+ if ( isset( $o['gawp_oauth']['oauth_token'] ) && $o['gawp_oauth']['oauth_token'] == $_REQUEST['oauth_token'] ) {
 
 
827
  $gdata = new WP_GData(
828
  array(
829
  'scope' => 'https://www.google.com/analytics/feeds/',
readme.txt CHANGED
@@ -4,7 +4,7 @@ Donate link: http://yoast.com/donate/
4
  Tags: analytics, google analytics, statistics, tracking, stats, google
5
  Requires at least: 2.8
6
  Tested up to: 3.2.1
7
- Stable tag: 4.2.1
8
 
9
  Track your WordPress site easily and with lots of metadata: views per author & category, automatic tracking of outbound clicks and pageviews.
10
 
@@ -59,6 +59,10 @@ This section describes how to install the plugin and get it working.
59
 
60
  == Changelog ==
61
 
 
 
 
 
62
  = 4.2.1 =
63
 
64
  * Minor bugfix.
4
  Tags: analytics, google analytics, statistics, tracking, stats, google
5
  Requires at least: 2.8
6
  Tested up to: 3.2.1
7
+ Stable tag: 4.2.2
8
 
9
  Track your WordPress site easily and with lots of metadata: views per author & category, automatic tracking of outbound clicks and pageviews.
10
 
59
 
60
  == Changelog ==
61
 
62
+ = 4.2.2 =
63
+
64
+ * Fix for OAuth issues, caused by other plugins that don't check for the existence of a class. Namespaced the whole thing to prevent it.
65
+
66
  = 4.2.1 =
67
 
68
  * Minor bugfix.
wp-gdata/OAuth.php CHANGED
@@ -3,11 +3,11 @@
3
 
4
  /* Generic exception class
5
  */
6
- class OAuthException extends Exception {
7
  // pass
8
  }
9
 
10
- class OAuthConsumer {
11
  public $key;
12
  public $secret;
13
 
@@ -18,11 +18,11 @@ class OAuthConsumer {
18
  }
19
 
20
  function __toString() {
21
- return "OAuthConsumer[key=$this->key,secret=$this->secret]";
22
  }
23
  }
24
 
25
- class OAuthToken {
26
  // access tokens and request tokens
27
  public $key;
28
  public $secret;
@@ -42,9 +42,9 @@ class OAuthToken {
42
  */
43
  function to_string() {
44
  return "oauth_token=" .
45
- OAuthUtil::urlencode_rfc3986($this->key) .
46
  "&oauth_token_secret=" .
47
- OAuthUtil::urlencode_rfc3986($this->secret);
48
  }
49
 
50
  function __toString() {
@@ -56,7 +56,7 @@ class OAuthToken {
56
  * A class for implementing a Signature Method
57
  * See section 9 ("Signing Requests") in the spec
58
  */
59
- abstract class OAuthSignatureMethod {
60
  /**
61
  * Needs to return the name of the Signature Method (ie HMAC-SHA1)
62
  * @return string
@@ -66,20 +66,20 @@ abstract class OAuthSignatureMethod {
66
  /**
67
  * Build up the signature
68
  * NOTE: The output of this function MUST NOT be urlencoded.
69
- * the encoding is handled in OAuthRequest when the final
70
  * request is serialized
71
- * @param OAuthRequest $request
72
- * @param OAuthConsumer $consumer
73
- * @param OAuthToken $token
74
  * @return string
75
  */
76
  abstract public function build_signature($request, $consumer, $token);
77
 
78
  /**
79
  * Verifies that a given signature is correct
80
- * @param OAuthRequest $request
81
- * @param OAuthConsumer $consumer
82
- * @param OAuthToken $token
83
  * @param string $signature
84
  * @return bool
85
  */
@@ -112,7 +112,7 @@ abstract class OAuthSignatureMethod {
112
  * character (ASCII code 38) even if empty.
113
  * - Chapter 9.2 ("HMAC-SHA1")
114
  */
115
- class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
116
  function get_name() {
117
  return "HMAC-SHA1";
118
  }
@@ -126,7 +126,7 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
126
  ($token) ? $token->secret : ""
127
  );
128
 
129
- $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
130
  $key = implode('&', $key_parts);
131
 
132
  return base64_encode(hash_hmac('sha1', $base_string, $key, true));
@@ -138,7 +138,7 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
138
  * over a secure channel such as HTTPS. It does not use the Signature Base String.
139
  * - Chapter 9.4 ("PLAINTEXT")
140
  */
141
- class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
142
  public function get_name() {
143
  return "PLAINTEXT";
144
  }
@@ -150,7 +150,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
150
  * - Chapter 9.4.1 ("Generating Signatures")
151
  *
152
  * Please note that the second encoding MUST NOT happen in the SignatureMethod, as
153
- * OAuthRequest handles this!
154
  */
155
  public function build_signature($request, $consumer, $token) {
156
  $key_parts = array(
@@ -158,7 +158,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
158
  ($token) ? $token->secret : ""
159
  );
160
 
161
- $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
162
  $key = implode('&', $key_parts);
163
  $request->base_string = $key;
164
 
@@ -174,7 +174,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
174
  * specification.
175
  * - Chapter 9.3 ("RSA-SHA1")
176
  */
177
- abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod {
178
  public function get_name() {
179
  return "RSA-SHA1";
180
  }
@@ -233,7 +233,7 @@ abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod {
233
  }
234
  }
235
 
236
- class OAuthRequest {
237
  protected $parameters;
238
  protected $http_method;
239
  protected $http_url;
@@ -244,7 +244,7 @@ class OAuthRequest {
244
 
245
  function __construct($http_method, $http_url, $parameters=NULL) {
246
  $parameters = ($parameters) ? $parameters : array();
247
- $parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
248
  $this->parameters = $parameters;
249
  $this->http_method = $http_method;
250
  $this->http_url = $http_url;
@@ -271,10 +271,10 @@ class OAuthRequest {
271
  // parsed parameter-list
272
  if (!$parameters) {
273
  // Find request headers
274
- $request_headers = OAuthUtil::get_headers();
275
 
276
  // Parse the query-string to find GET parameters
277
- $parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
278
 
279
  // It's a POST request of the proper content-type, so parse POST
280
  // parameters and add those overriding any duplicates from GET
@@ -283,7 +283,7 @@ class OAuthRequest {
283
  && strstr($request_headers['Content-Type'],
284
  'application/x-www-form-urlencoded')
285
  ) {
286
- $post_data = OAuthUtil::parse_parameters(
287
  file_get_contents(self::$POST_INPUT)
288
  );
289
  $parameters = array_merge($parameters, $post_data);
@@ -292,7 +292,7 @@ class OAuthRequest {
292
  // We have a Authorization-header with OAuth data. Parse the header
293
  // and add those overriding any duplicates from GET or POST
294
  if (isset($request_headers['Authorization']) && substr($request_headers['Authorization'], 0, 6) == 'OAuth ') {
295
- $header_parameters = OAuthUtil::split_header(
296
  $request_headers['Authorization']
297
  );
298
  $parameters = array_merge($parameters, $header_parameters);
@@ -300,7 +300,7 @@ class OAuthRequest {
300
 
301
  }
302
 
303
- return new OAuthRequest($http_method, $http_url, $parameters);
304
  }
305
 
306
  /**
@@ -308,16 +308,16 @@ class OAuthRequest {
308
  */
309
  public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
310
  $parameters = ($parameters) ? $parameters : array();
311
- $defaults = array("oauth_version" => OAuthRequest::$version,
312
- "oauth_nonce" => OAuthRequest::generate_nonce(),
313
- "oauth_timestamp" => OAuthRequest::generate_timestamp(),
314
  "oauth_consumer_key" => $consumer->key);
315
  if ($token)
316
  $defaults['oauth_token'] = $token->key;
317
 
318
  $parameters = array_merge($defaults, $parameters);
319
 
320
- return new OAuthRequest($http_method, $http_url, $parameters);
321
  }
322
 
323
  public function set_parameter($name, $value, $allow_duplicates = true) {
@@ -361,7 +361,7 @@ class OAuthRequest {
361
  unset($params['oauth_signature']);
362
  }
363
 
364
- return OAuthUtil::build_http_query($params);
365
  }
366
 
367
  /**
@@ -378,7 +378,7 @@ class OAuthRequest {
378
  $this->get_signable_parameters()
379
  );
380
 
381
- $parts = OAuthUtil::urlencode_rfc3986($parts);
382
 
383
  return implode('&', $parts);
384
  }
@@ -425,7 +425,7 @@ class OAuthRequest {
425
  * builds the data one would send in a POST request
426
  */
427
  public function to_postdata() {
428
- return OAuthUtil::build_http_query($this->parameters);
429
  }
430
 
431
  /**
@@ -434,7 +434,7 @@ class OAuthRequest {
434
  public function to_header($realm=null) {
435
  $first = true;
436
  if($realm) {
437
- $out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"';
438
  $first = false;
439
  } else
440
  $out = 'Authorization: OAuth';
@@ -443,12 +443,12 @@ class OAuthRequest {
443
  foreach ($this->parameters as $k => $v) {
444
  if (substr($k, 0, 5) != "oauth") continue;
445
  if (is_array($v)) {
446
- throw new OAuthException('Arrays not supported in headers');
447
  }
448
  $out .= ($first) ? ' ' : ',';
449
- $out .= OAuthUtil::urlencode_rfc3986($k) .
450
  '="' .
451
- OAuthUtil::urlencode_rfc3986($v) .
452
  '"';
453
  $first = false;
454
  }
@@ -493,7 +493,7 @@ class OAuthRequest {
493
  }
494
  }
495
 
496
- class OAuthServer {
497
  protected $timestamp_threshold = 300; // in seconds, five minutes
498
  protected $version = '1.0'; // hi blaine
499
  protected $signature_methods = array();
@@ -576,7 +576,7 @@ class OAuthServer {
576
  $version = '1.0';
577
  }
578
  if ($version !== $this->version) {
579
- throw new OAuthException("OAuth version '$version' not supported");
580
  }
581
  return $version;
582
  }
@@ -585,19 +585,19 @@ class OAuthServer {
585
  * figure out the signature with some defaults
586
  */
587
  private function get_signature_method($request) {
588
- $signature_method = $request instanceof OAuthRequest
589
  ? $request->get_parameter("oauth_signature_method")
590
  : NULL;
591
 
592
  if (!$signature_method) {
593
  // According to chapter 7 ("Accessing Protected Ressources") the signature-method
594
  // parameter is required, and we can't just fallback to PLAINTEXT
595
- throw new OAuthException('No signature method parameter. This parameter is required');
596
  }
597
 
598
  if (!in_array($signature_method,
599
  array_keys($this->signature_methods))) {
600
- throw new OAuthException(
601
  "Signature method '$signature_method' not supported " .
602
  "try one of the following: " .
603
  implode(", ", array_keys($this->signature_methods))
@@ -610,17 +610,17 @@ class OAuthServer {
610
  * try to find the consumer for the provided request's consumer key
611
  */
612
  private function get_consumer($request) {
613
- $consumer_key = $request instanceof OAuthRequest
614
  ? $request->get_parameter("oauth_consumer_key")
615
  : NULL;
616
 
617
  if (!$consumer_key) {
618
- throw new OAuthException("Invalid consumer key");
619
  }
620
 
621
  $consumer = $this->data_store->lookup_consumer($consumer_key);
622
  if (!$consumer) {
623
- throw new OAuthException("Invalid consumer");
624
  }
625
 
626
  return $consumer;
@@ -630,7 +630,7 @@ class OAuthServer {
630
  * try to find the token for the provided request's token key
631
  */
632
  private function get_token($request, $consumer, $token_type="access") {
633
- $token_field = $request instanceof OAuthRequest
634
  ? $request->get_parameter('oauth_token')
635
  : NULL;
636
 
@@ -638,7 +638,7 @@ class OAuthServer {
638
  $consumer, $token_type, $token_field
639
  );
640
  if (!$token) {
641
- throw new OAuthException("Invalid $token_type token: $token_field");
642
  }
643
  return $token;
644
  }
@@ -649,10 +649,10 @@ class OAuthServer {
649
  */
650
  private function check_signature($request, $consumer, $token) {
651
  // this should probably be in a different method
652
- $timestamp = $request instanceof OAuthRequest
653
  ? $request->get_parameter('oauth_timestamp')
654
  : NULL;
655
- $nonce = $request instanceof OAuthRequest
656
  ? $request->get_parameter('oauth_nonce')
657
  : NULL;
658
 
@@ -670,7 +670,7 @@ class OAuthServer {
670
  );
671
 
672
  if (!$valid_sig) {
673
- throw new OAuthException("Invalid signature");
674
  }
675
  }
676
 
@@ -679,14 +679,14 @@ class OAuthServer {
679
  */
680
  private function check_timestamp($timestamp) {
681
  if( ! $timestamp )
682
- throw new OAuthException(
683
  'Missing timestamp parameter. The parameter is required'
684
  );
685
 
686
  // verify that timestamp is recentish
687
  $now = time();
688
  if (abs($now - $timestamp) > $this->timestamp_threshold) {
689
- throw new OAuthException(
690
  "Expired timestamp, yours $timestamp, ours $now"
691
  );
692
  }
@@ -697,7 +697,7 @@ class OAuthServer {
697
  */
698
  private function check_nonce($consumer, $token, $nonce, $timestamp) {
699
  if( ! $nonce )
700
- throw new OAuthException(
701
  'Missing nonce parameter. The parameter is required'
702
  );
703
 
@@ -709,13 +709,13 @@ class OAuthServer {
709
  $timestamp
710
  );
711
  if ($found) {
712
- throw new OAuthException("Nonce already used: $nonce");
713
  }
714
  }
715
 
716
  }
717
 
718
- class OAuthDataStore {
719
  function lookup_consumer($consumer_key) {
720
  // implement me
721
  }
@@ -741,10 +741,10 @@ class OAuthDataStore {
741
 
742
  }
743
 
744
- class OAuthUtil {
745
  public static function urlencode_rfc3986($input) {
746
  if (is_array($input)) {
747
- return array_map(array('OAuthUtil', 'urlencode_rfc3986'), $input);
748
  } else if (is_scalar($input)) {
749
  return str_replace(
750
  '+',
@@ -773,7 +773,7 @@ class OAuthUtil {
773
  $params = array();
774
  if (preg_match_all('/('.($only_allow_oauth_parameters ? 'oauth_' : '').'[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $header, $matches)) {
775
  foreach ($matches[1] as $i => $h) {
776
- $params[$h] = OAuthUtil::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]);
777
  }
778
  if (isset($params['realm'])) {
779
  unset($params['realm']);
@@ -839,8 +839,8 @@ class OAuthUtil {
839
  $parsed_parameters = array();
840
  foreach ($pairs as $pair) {
841
  $split = explode('=', $pair, 2);
842
- $parameter = OAuthUtil::urldecode_rfc3986($split[0]);
843
- $value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
844
 
845
  if (isset($parsed_parameters[$parameter])) {
846
  // We have already recieved parameter(s) with this name, so add to the list
@@ -864,8 +864,8 @@ class OAuthUtil {
864
  if (!$params) return '';
865
 
866
  // Urlencode both keys and values
867
- $keys = OAuthUtil::urlencode_rfc3986(array_keys($params));
868
- $values = OAuthUtil::urlencode_rfc3986(array_values($params));
869
  $params = array_combine($keys, $values);
870
 
871
  // Parameters are sorted by name, using lexicographical byte value ordering.
3
 
4
  /* Generic exception class
5
  */
6
+ class Yoast_OAuthException extends Exception {
7
  // pass
8
  }
9
 
10
+ class Yoast_OAuthConsumer {
11
  public $key;
12
  public $secret;
13
 
18
  }
19
 
20
  function __toString() {
21
+ return "Yoast_OAuthConsumer[key=$this->key,secret=$this->secret]";
22
  }
23
  }
24
 
25
+ class Yoast_OAuthToken {
26
  // access tokens and request tokens
27
  public $key;
28
  public $secret;
42
  */
43
  function to_string() {
44
  return "oauth_token=" .
45
+ Yoast_OAuthUtil::urlencode_rfc3986($this->key) .
46
  "&oauth_token_secret=" .
47
+ Yoast_OAuthUtil::urlencode_rfc3986($this->secret);
48
  }
49
 
50
  function __toString() {
56
  * A class for implementing a Signature Method
57
  * See section 9 ("Signing Requests") in the spec
58
  */
59
+ abstract class Yoast_OAuthSignatureMethod {
60
  /**
61
  * Needs to return the name of the Signature Method (ie HMAC-SHA1)
62
  * @return string
66
  /**
67
  * Build up the signature
68
  * NOTE: The output of this function MUST NOT be urlencoded.
69
+ * the encoding is handled in Yoast_OAuthRequest when the final
70
  * request is serialized
71
+ * @param Yoast_OAuthRequest $request
72
+ * @param Yoast_OAuthConsumer $consumer
73
+ * @param Yoast_OAuthToken $token
74
  * @return string
75
  */
76
  abstract public function build_signature($request, $consumer, $token);
77
 
78
  /**
79
  * Verifies that a given signature is correct
80
+ * @param Yoast_OAuthRequest $request
81
+ * @param Yoast_OAuthConsumer $consumer
82
+ * @param Yoast_OAuthToken $token
83
  * @param string $signature
84
  * @return bool
85
  */
112
  * character (ASCII code 38) even if empty.
113
  * - Chapter 9.2 ("HMAC-SHA1")
114
  */
115
+ class Yoast_OAuthSignatureMethod_HMAC_SHA1 extends Yoast_OAuthSignatureMethod {
116
  function get_name() {
117
  return "HMAC-SHA1";
118
  }
126
  ($token) ? $token->secret : ""
127
  );
128
 
129
+ $key_parts = Yoast_OAuthUtil::urlencode_rfc3986($key_parts);
130
  $key = implode('&', $key_parts);
131
 
132
  return base64_encode(hash_hmac('sha1', $base_string, $key, true));
138
  * over a secure channel such as HTTPS. It does not use the Signature Base String.
139
  * - Chapter 9.4 ("PLAINTEXT")
140
  */
141
+ class Yoast_OAuthSignatureMethod_PLAINTEXT extends Yoast_OAuthSignatureMethod {
142
  public function get_name() {
143
  return "PLAINTEXT";
144
  }
150
  * - Chapter 9.4.1 ("Generating Signatures")
151
  *
152
  * Please note that the second encoding MUST NOT happen in the SignatureMethod, as
153
+ * Yoast_OAuthRequest handles this!
154
  */
155
  public function build_signature($request, $consumer, $token) {
156
  $key_parts = array(
158
  ($token) ? $token->secret : ""
159
  );
160
 
161
+ $key_parts = Yoast_OAuthUtil::urlencode_rfc3986($key_parts);
162
  $key = implode('&', $key_parts);
163
  $request->base_string = $key;
164
 
174
  * specification.
175
  * - Chapter 9.3 ("RSA-SHA1")
176
  */
177
+ abstract class Yoast_OAuthSignatureMethod_RSA_SHA1 extends Yoast_OAuthSignatureMethod {
178
  public function get_name() {
179
  return "RSA-SHA1";
180
  }
233
  }
234
  }
235
 
236
+ class Yoast_OAuthRequest {
237
  protected $parameters;
238
  protected $http_method;
239
  protected $http_url;
244
 
245
  function __construct($http_method, $http_url, $parameters=NULL) {
246
  $parameters = ($parameters) ? $parameters : array();
247
+ $parameters = array_merge( Yoast_OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
248
  $this->parameters = $parameters;
249
  $this->http_method = $http_method;
250
  $this->http_url = $http_url;
271
  // parsed parameter-list
272
  if (!$parameters) {
273
  // Find request headers
274
+ $request_headers = Yoast_OAuthUtil::get_headers();
275
 
276
  // Parse the query-string to find GET parameters
277
+ $parameters = Yoast_OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
278
 
279
  // It's a POST request of the proper content-type, so parse POST
280
  // parameters and add those overriding any duplicates from GET
283
  && strstr($request_headers['Content-Type'],
284
  'application/x-www-form-urlencoded')
285
  ) {
286
+ $post_data = Yoast_OAuthUtil::parse_parameters(
287
  file_get_contents(self::$POST_INPUT)
288
  );
289
  $parameters = array_merge($parameters, $post_data);
292
  // We have a Authorization-header with OAuth data. Parse the header
293
  // and add those overriding any duplicates from GET or POST
294
  if (isset($request_headers['Authorization']) && substr($request_headers['Authorization'], 0, 6) == 'OAuth ') {
295
+ $header_parameters = Yoast_OAuthUtil::split_header(
296
  $request_headers['Authorization']
297
  );
298
  $parameters = array_merge($parameters, $header_parameters);
300
 
301
  }
302
 
303
+ return new Yoast_OAuthRequest($http_method, $http_url, $parameters);
304
  }
305
 
306
  /**
308
  */
309
  public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
310
  $parameters = ($parameters) ? $parameters : array();
311
+ $defaults = array("oauth_version" => Yoast_OAuthRequest::$version,
312
+ "oauth_nonce" => Yoast_OAuthRequest::generate_nonce(),
313
+ "oauth_timestamp" => Yoast_OAuthRequest::generate_timestamp(),
314
  "oauth_consumer_key" => $consumer->key);
315
  if ($token)
316
  $defaults['oauth_token'] = $token->key;
317
 
318
  $parameters = array_merge($defaults, $parameters);
319
 
320
+ return new Yoast_OAuthRequest($http_method, $http_url, $parameters);
321
  }
322
 
323
  public function set_parameter($name, $value, $allow_duplicates = true) {
361
  unset($params['oauth_signature']);
362
  }
363
 
364
+ return Yoast_OAuthUtil::build_http_query($params);
365
  }
366
 
367
  /**
378
  $this->get_signable_parameters()
379
  );
380
 
381
+ $parts = Yoast_OAuthUtil::urlencode_rfc3986($parts);
382
 
383
  return implode('&', $parts);
384
  }
425
  * builds the data one would send in a POST request
426
  */
427
  public function to_postdata() {
428
+ return Yoast_OAuthUtil::build_http_query($this->parameters);
429
  }
430
 
431
  /**
434
  public function to_header($realm=null) {
435
  $first = true;
436
  if($realm) {
437
+ $out = 'Authorization: OAuth realm="' . Yoast_OAuthUtil::urlencode_rfc3986($realm) . '"';
438
  $first = false;
439
  } else
440
  $out = 'Authorization: OAuth';
443
  foreach ($this->parameters as $k => $v) {
444
  if (substr($k, 0, 5) != "oauth") continue;
445
  if (is_array($v)) {
446
+ throw new Yoast_OAuthException('Arrays not supported in headers');
447
  }
448
  $out .= ($first) ? ' ' : ',';
449
+ $out .= Yoast_OAuthUtil::urlencode_rfc3986($k) .
450
  '="' .
451
+ Yoast_OAuthUtil::urlencode_rfc3986($v) .
452
  '"';
453
  $first = false;
454
  }
493
  }
494
  }
495
 
496
+ class Yoast_OAuthServer {
497
  protected $timestamp_threshold = 300; // in seconds, five minutes
498
  protected $version = '1.0'; // hi blaine
499
  protected $signature_methods = array();
576
  $version = '1.0';
577
  }
578
  if ($version !== $this->version) {
579
+ throw new Yoast_OAuthException("OAuth version '$version' not supported");
580
  }
581
  return $version;
582
  }
585
  * figure out the signature with some defaults
586
  */
587
  private function get_signature_method($request) {
588
+ $signature_method = $request instanceof Yoast_OAuthRequest
589
  ? $request->get_parameter("oauth_signature_method")
590
  : NULL;
591
 
592
  if (!$signature_method) {
593
  // According to chapter 7 ("Accessing Protected Ressources") the signature-method
594
  // parameter is required, and we can't just fallback to PLAINTEXT
595
+ throw new Yoast_OAuthException('No signature method parameter. This parameter is required');
596
  }
597
 
598
  if (!in_array($signature_method,
599
  array_keys($this->signature_methods))) {
600
+ throw new Yoast_OAuthException(
601
  "Signature method '$signature_method' not supported " .
602
  "try one of the following: " .
603
  implode(", ", array_keys($this->signature_methods))
610
  * try to find the consumer for the provided request's consumer key
611
  */
612
  private function get_consumer($request) {
613
+ $consumer_key = $request instanceof Yoast_OAuthRequest
614
  ? $request->get_parameter("oauth_consumer_key")
615
  : NULL;
616
 
617
  if (!$consumer_key) {
618
+ throw new Yoast_OAuthException("Invalid consumer key");
619
  }
620
 
621
  $consumer = $this->data_store->lookup_consumer($consumer_key);
622
  if (!$consumer) {
623
+ throw new Yoast_OAuthException("Invalid consumer");
624
  }
625
 
626
  return $consumer;
630
  * try to find the token for the provided request's token key
631
  */
632
  private function get_token($request, $consumer, $token_type="access") {
633
+ $token_field = $request instanceof Yoast_OAuthRequest
634
  ? $request->get_parameter('oauth_token')
635
  : NULL;
636
 
638
  $consumer, $token_type, $token_field
639
  );
640
  if (!$token) {
641
+ throw new Yoast_OAuthException("Invalid $token_type token: $token_field");
642
  }
643
  return $token;
644
  }
649
  */
650
  private function check_signature($request, $consumer, $token) {
651
  // this should probably be in a different method
652
+ $timestamp = $request instanceof Yoast_OAuthRequest
653
  ? $request->get_parameter('oauth_timestamp')
654
  : NULL;
655
+ $nonce = $request instanceof Yoast_OAuthRequest
656
  ? $request->get_parameter('oauth_nonce')
657
  : NULL;
658
 
670
  );
671
 
672
  if (!$valid_sig) {
673
+ throw new Yoast_OAuthException("Invalid signature");
674
  }
675
  }
676
 
679
  */
680
  private function check_timestamp($timestamp) {
681
  if( ! $timestamp )
682
+ throw new Yoast_OAuthException(
683
  'Missing timestamp parameter. The parameter is required'
684
  );
685
 
686
  // verify that timestamp is recentish
687
  $now = time();
688
  if (abs($now - $timestamp) > $this->timestamp_threshold) {
689
+ throw new Yoast_OAuthException(
690
  "Expired timestamp, yours $timestamp, ours $now"
691
  );
692
  }
697
  */
698
  private function check_nonce($consumer, $token, $nonce, $timestamp) {
699
  if( ! $nonce )
700
+ throw new Yoast_OAuthException(
701
  'Missing nonce parameter. The parameter is required'
702
  );
703
 
709
  $timestamp
710
  );
711
  if ($found) {
712
+ throw new Yoast_OAuthException("Nonce already used: $nonce");
713
  }
714
  }
715
 
716
  }
717
 
718
+ class Yoast_OAuthDataStore {
719
  function lookup_consumer($consumer_key) {
720
  // implement me
721
  }
741
 
742
  }
743
 
744
+ class Yoast_OAuthUtil {
745
  public static function urlencode_rfc3986($input) {
746
  if (is_array($input)) {
747
+ return array_map(array('Yoast_OAuthUtil', 'urlencode_rfc3986'), $input);
748
  } else if (is_scalar($input)) {
749
  return str_replace(
750
  '+',
773
  $params = array();
774
  if (preg_match_all('/('.($only_allow_oauth_parameters ? 'oauth_' : '').'[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $header, $matches)) {
775
  foreach ($matches[1] as $i => $h) {
776
+ $params[$h] = Yoast_OAuthUtil::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]);
777
  }
778
  if (isset($params['realm'])) {
779
  unset($params['realm']);
839
  $parsed_parameters = array();
840
  foreach ($pairs as $pair) {
841
  $split = explode('=', $pair, 2);
842
+ $parameter = Yoast_OAuthUtil::urldecode_rfc3986($split[0]);
843
+ $value = isset($split[1]) ? Yoast_OAuthUtil::urldecode_rfc3986($split[1]) : '';
844
 
845
  if (isset($parsed_parameters[$parameter])) {
846
  // We have already recieved parameter(s) with this name, so add to the list
864
  if (!$params) return '';
865
 
866
  // Urlencode both keys and values
867
+ $keys = Yoast_OAuthUtil::urlencode_rfc3986(array_keys($params));
868
+ $values = Yoast_OAuthUtil::urlencode_rfc3986(array_values($params));
869
  $params = array_combine($keys, $values);
870
 
871
  // Parameters are sorted by name, using lexicographical byte value ordering.
wp-gdata/wp-gdata.php CHANGED
@@ -6,7 +6,7 @@
6
  */
7
 
8
  // Load the OAuth library.
9
- if ( ! class_exists( 'OAuthConsumer' ) )
10
  require( 'OAuth.php' );
11
 
12
  class WP_GData {
@@ -19,11 +19,11 @@ class WP_GData {
19
 
20
  function __construct( $parameters = array(), $oauth_token = null, $oauth_token_secret = null ) {
21
  $this->parameters = $parameters;
22
- $this->signature_method = new OAuthSignatureMethod_HMAC_SHA1();
23
- $this->consumer = new OAuthConsumer( 'anonymous', 'anonymous' );
24
 
25
  if ( !empty( $oauth_token ) && !empty( $oauth_token_secret ) )
26
- $this->token = new OAuthConsumer( $oauth_token, $oauth_token_secret );
27
  else
28
  $this->token = null;
29
  }
@@ -34,8 +34,8 @@ class WP_GData {
34
  $parameters['oauth_callback'] = $oauth_callback;
35
 
36
  $request = $this->oauth_request( self::request_token_url, 'GET', $parameters );
37
- $token = OAuthUtil::parse_parameters( wp_remote_retrieve_body( $request ) );
38
- $this->token = new OAuthConsumer( $token['oauth_token'], $token['oauth_token_secret'] );
39
  return $token;
40
  }
41
 
@@ -43,7 +43,7 @@ class WP_GData {
43
  * Format and sign an OAuth / API request
44
  */
45
  private function oauth_request( $url, $method, $parameters ) {
46
- $request = OAuthRequest::from_consumer_and_token( $this->consumer, $this->token, $method, $url, $parameters );
47
  $request->sign_request( $this->signature_method, $this->consumer, $this->token );
48
 
49
  if ( 'GET' == $method )
@@ -72,8 +72,8 @@ class WP_GData {
72
  $parameters['oauth_verifier'] = $oauth_verifier;
73
 
74
  $request = $this->oauth_request( self::access_token_url, 'GET', $parameters );
75
- $token = OAuthUtil::parse_parameters( wp_remote_retrieve_body( $request ) );
76
- $this->token = new OAuthConsumer( $token['oauth_token'], $token['oauth_token_secret'] );
77
  return $token;
78
  }
79
 
6
  */
7
 
8
  // Load the OAuth library.
9
+ if ( ! class_exists( 'Yoast_OAuthConsumer' ) )
10
  require( 'OAuth.php' );
11
 
12
  class WP_GData {
19
 
20
  function __construct( $parameters = array(), $oauth_token = null, $oauth_token_secret = null ) {
21
  $this->parameters = $parameters;
22
+ $this->signature_method = new Yoast_OAuthSignatureMethod_HMAC_SHA1();
23
+ $this->consumer = new Yoast_OAuthConsumer( 'anonymous', 'anonymous' );
24
 
25
  if ( !empty( $oauth_token ) && !empty( $oauth_token_secret ) )
26
+ $this->token = new Yoast_OAuthConsumer( $oauth_token, $oauth_token_secret );
27
  else
28
  $this->token = null;
29
  }
34
  $parameters['oauth_callback'] = $oauth_callback;
35
 
36
  $request = $this->oauth_request( self::request_token_url, 'GET', $parameters );
37
+ $token = Yoast_OAuthUtil::parse_parameters( wp_remote_retrieve_body( $request ) );
38
+ $this->token = new Yoast_OAuthConsumer( $token['oauth_token'], $token['oauth_token_secret'] );
39
  return $token;
40
  }
41
 
43
  * Format and sign an OAuth / API request
44
  */
45
  private function oauth_request( $url, $method, $parameters ) {
46
+ $request = Yoast_OAuthRequest::from_consumer_and_token( $this->consumer, $this->token, $method, $url, $parameters );
47
  $request->sign_request( $this->signature_method, $this->consumer, $this->token );
48
 
49
  if ( 'GET' == $method )
72
  $parameters['oauth_verifier'] = $oauth_verifier;
73
 
74
  $request = $this->oauth_request( self::access_token_url, 'GET', $parameters );
75
+ $token = Yoast_OAuthUtil::parse_parameters( wp_remote_retrieve_body( $request ) );
76
+ $this->token = new Yoast_OAuthConsumer( $token['oauth_token'], $token['oauth_token_secret'] );
77
  return $token;
78
  }
79