Add gravity flow demo

backend/wordpress/wp-content/plugins/gravityflow-master/includes/class-oauth1-client.php

@@ -0,0 +1,326 @@
+<?php
+/**
+ * Gravity Flow OAuth1 Client
+ *
+ * @package     GravityFlow
+ * @subpackage  Classes/API
+ * @copyright   Copyright (c) 2015-2018, Steven Henty S.L.
+ * @license     http://opensource.org/licenses/gpl-2.0.php GNU Public Licenses
+ * @since       1.0
+ **/
+
+if ( ! class_exists( 'GFForms' ) ) {
+	die();
+}
+
+/**
+ * A minimal oauth1 client. Currently only supports the official WordPress oauth server plugin for the WP REST API.
+ *
+ * Class Gravity_Flow_Oauth1_Client
+ *
+ * @since 1.8.1
+ */
+class Gravity_Flow_Oauth1_Client {
+
+	/**
+	 * Gives unique name to the application for storage.
+	 *
+	 * @var array
+	 */
+	public $data_store;
+
+	/**
+	 * Class constructor
+	 *
+	 * @param array  $config                sent in to build the client.
+	 * @param string $connection_identifier a unique identifier for the instance.
+	 * @param string $url                   the app url used for collecting the auth urls.
+	 *
+	 * @throws InvalidArgumentException If missing keys in config.
+	 */
+	public function __construct( $config, $connection_identifier, $url ) {
+
+		$required_params = array(
+			'consumer_key',
+			'consumer_secret',
+		);
+		foreach ( $required_params as $param ) {
+			if ( ! isset( $config[ $param ] ) ) {
+				throw new InvalidArgumentException( sprintf( 'Missing OAuth1 client configuration: %s - see includes/class-oauth1-client.php', $param ) );
+			}
+		}
+		$this->url       = $url;
+		$this->config    = $config;
+		$this->timestamp = time();
+
+		$this->connection_identifier = $connection_identifier;
+		$this->data_store            = array(
+			'auth_urls'        => 'gravityflow_oauth_urls_' . base64_encode( $this->connection_identifier ),
+			'progress'         => 'gravity_flow_oauth_progress_' . base64_encode( $this->connection_identifier ),
+			'full_credentials' => 'gravity_flow_oauth_full_credentials_' . base64_encode( $this->connection_identifier ),
+		);
+		$this->api_auth_urls         = $this->get_auth_urls();
+	}
+
+	/**
+	 * Hits the app url and collects authorization endpoint urls.
+	 *
+	 * @throws Exception If collection of api auth urls fails.
+	 * @return array
+	 */
+	function get_auth_urls() {
+		if ( get_option( $this->data_store['auth_urls'] ) !== false ) {
+			return get_option( $this->data_store['auth_urls'] );
+		}
+		$url  = wp_parse_url( $this->url, PHP_URL_SCHEME ) . '://' . wp_parse_url( $this->url, PHP_URL_HOST );
+		$page = wp_remote_get( $url );
+
+		if ( ! is_wp_error( $page ) ) {
+			$headers            = $page['headers'];
+			$link               = rgar( $headers['link'], 0, $headers['link'] );
+			$link_parts         = explode( '; ', $link );
+			$this->api_base_url = str_replace( array( '<', '>' ), '', $link_parts[0] );
+			$api_details        = wp_remote_get( $this->api_base_url );
+			if ( ! is_wp_error( $api_details ) ) {
+				$api_details = json_decode( $api_details['body'], true );
+				if ( isset( $api_details['authentication'] ) ) {
+					update_option( $this->data_store['auth_urls'], $api_details['authentication'] );
+
+					return $api_details['authentication'];
+				} else {
+					throw new Exception( sprintf( 'No authentication array in api details from %s', $this->api_base_url ) );
+				}
+			} else {
+				throw new Exception( sprintf( 'Problem with remote get call for %s. WP_Error: %s', $this->api_base_url, $api_details->get_error_message() ) );
+			}
+		} else {
+			throw new Exception( sprintf( 'Broken request for %s', $url ) );
+		}
+
+	}
+
+	/**
+	 * Request token i.e. temporary credentials using consumer key and secret.
+	 *
+	 * @throws Exception If request for temporary credentials fails.
+	 *
+	 * @return array
+	 */
+	function request_token() {
+		$response = wp_remote_post( $this->api_auth_urls['oauth1']['request'], array(
+			'headers' => $this->request_token_headers(),
+		) );
+		if ( ! is_wp_error( $response ) && 200 === (int) $response['response']['code'] ) {
+			parse_str( $response['body'], $temporary_credentials );
+
+			return $temporary_credentials;
+		} else {
+			gravity_flow()->log_debug( __METHOD__ . '() - response: ' . print_r( $response, true ) );
+			throw new Exception( 'Problem with remote post for temporary credentials' );
+		}
+	}
+
+	/**
+	 * Gets request header for final access request.
+	 *
+	 * @param string $url       Url for the request.
+	 * @param string $http_verb Request type (GET, POST etc).
+	 * @param array  $options   Optional array of options.
+	 *
+	 * @return string
+	 */
+	function get_full_request_header( $url, $http_verb, $options = array() ) {
+		$parameters = $this->full_request_params();
+		if ( ! empty( $options ) ) {
+			$parameters = array_merge( $parameters, $options );
+		}
+
+		$parameters['oauth_signature'] = $this->hmac_sign( $url, $parameters, $http_verb );
+
+		return $this->authorization_headers( $parameters );
+
+	}
+
+	/**
+	 * Request access token from oauth server.
+	 *
+	 * @param string $verifier The code sent back after authorizing at remote site.
+	 *
+	 * @throws Exception If remote request fails.
+	 *
+	 * @return array
+	 */
+	function request_access_token( $verifier ) {
+		$response = wp_remote_post( $this->api_auth_urls['oauth1']['access'], array(
+			'headers' => $this->request_access_token_headers( $verifier ),
+		) );
+		if ( ! is_wp_error( $response ) && 200 === (int) $response['response']['code'] ) {
+			parse_str( $response['body'], $access_credentials );
+
+			return $access_credentials;
+		} else {
+			gravity_flow()->log_debug( __METHOD__ . '() - response: ' . print_r( $response, true ) );
+			throw new Exception( 'Problem with remote post for access credentials' );
+		}
+	}
+
+	/**
+	 * Get headers for token request.
+	 *
+	 * @return array
+	 */
+	function request_token_headers() {
+		$parameters = $this->request_token_params();
+
+		$parameters['oauth_signature'] = $this->hmac_sign( $this->api_auth_urls['oauth1']['request'], $parameters );
+
+		return array(
+			'Authorization' => $this->authorization_headers( $parameters ),
+		);
+	}
+
+	/**
+	 * Get headers for access token request.
+	 *
+	 * @param string $verifier Code sent back after authorizing app on remote site.
+	 *
+	 * @return array
+	 */
+	function request_access_token_headers( $verifier ) {
+		$parameters = $this->request_access_token_params( $verifier );
+
+		$parameters['oauth_signature'] = $this->hmac_sign( $this->api_auth_urls['oauth1']['access'], $parameters );
+
+		return array(
+			'Authorization' => $this->authorization_headers( $parameters ),
+		);
+	}
+
+	/**
+	 * Generates nonce for oauth requests.
+	 *
+	 * @return string
+	 */
+	public function nonce() {
+		return md5( mt_rand() );
+	}
+
+	/**
+	 * Sets up params for request token request.
+	 *
+	 * @return array
+	 */
+	function request_token_params() {
+		return array(
+			'oauth_consumer_key'     => $this->config['consumer_key'],
+			'oauth_nonce'            => $this->nonce(),
+			'oauth_signature_method' => 'HMAC-SHA1',
+			'oauth_timestamp'        => $this->timestamp,
+			'oauth_callback'         => $this->config['callback_url'],
+		);
+	}
+
+	/**
+	 * Sets up params for full request.
+	 *
+	 * @return array
+	 */
+	function full_request_params() {
+		return array(
+			'oauth_consumer_key'     => $this->config['consumer_key'],
+			'oauth_token'            => $this->config['token'],
+			'oauth_nonce'            => $this->nonce(),
+			'oauth_signature_method' => 'HMAC-SHA1',
+			'oauth_timestamp'        => $this->timestamp,
+		);
+	}
+
+	/**
+	 * Sets up params for request access token request.
+	 *
+	 * @param string $verifier Verification code sent back after authorizing app at remote site.
+	 *
+	 * @return array
+	 */
+	function request_access_token_params( $verifier ) {
+		return array(
+			'oauth_consumer_key'     => $this->config['consumer_key'],
+			'oauth_nonce'            => $this->nonce(),
+			'oauth_signature_method' => 'HMAC-SHA1',
+			'oauth_timestamp'        => $this->timestamp,
+			'oauth_verifier'         => $verifier,
+			'oauth_token'            => $this->config['token'],
+		);
+	}
+
+	/**
+	 * Signs oauth request.
+	 *
+	 * @param string $uri        Url used to sign the request.
+	 * @param array  $parameters Parameters to build into signature.
+	 * @param string $http_verb  Request type.
+	 *
+	 * @return string
+	 */
+	function hmac_sign( $uri, array $parameters = array(), $http_verb = 'POST' ) {
+		$base_string = $this->base_string( $uri, $parameters, $http_verb );
+
+		return base64_encode( $this->hash( $base_string ) );
+	}
+
+	/**
+	 * Builds base string for request signing.
+	 *
+	 * @param string $uri        Url in the request.
+	 * @param array  $parameters Params from the request.
+	 * @param string $http_verb  Request method.
+	 *
+	 * @return string
+	 */
+	public function base_string( $uri, array $parameters = array(), $http_verb = 'POST' ) {
+		ksort( $parameters );
+
+		$parameters = http_build_query( $parameters, '', '&', PHP_QUERY_RFC3986 );
+
+		return sprintf( '%s&%s&%s', $http_verb, rawurlencode( $uri ), rawurlencode( $parameters ) );
+	}
+
+	/**
+	 * Get key:secret pair for request.
+	 *
+	 * @return string
+	 */
+	public function key() {
+		$key = rawurlencode( $this->config['consumer_secret'] ) . '&';
+
+		if ( array_key_exists( 'token_secret', $this->config ) && ! is_null( $this->config['token_secret'] ) ) {
+			$key .= rawurlencode( $this->config['token_secret'] );
+		}
+
+		return $key;
+	}
+
+	/**
+	 * Hash request
+	 *
+	 * @param array $data Data to be included in the hash.
+	 *
+	 * @return array
+	 */
+	public function hash( $data ) {
+		return hash_hmac( 'sha1', $data, $this->key(), true );
+	}
+
+	/**
+	 * Build header for request.
+	 *
+	 * @param array $parameters Oauth parameters to be sent.
+	 *
+	 * @return array
+	 */
+	public function authorization_headers( array $parameters ) {
+		$parameters = http_build_query( $parameters, '', ', ', PHP_QUERY_RFC3986 );
+
+		return "OAuth $parameters";
+	}
+}