Merge pull request #6 from WP-API/check-verifier

rmccue · rmccue · commit 3b5ba2aa23b0 · 2014-05-06T12:03:28.000+10:00
Check OAuth verifier when generating access token
diff --git a/lib/class-wp-json-authentication-oauth1.php b/lib/class-wp-json-authentication-oauth1.php
@@ -46,7 +46,7 @@ public function parse_header( $header ) {
 
 	}
 
-	public function get_parameters( $require_token = true ) {
+	public function get_parameters( $require_token = true, $extra = array() ) {
 		$params = array_merge( $_GET, $_POST );
 		$params = wp_unslash( $params );
 
@@ -74,6 +74,10 @@ public function get_parameters( $require_token = true ) {
 			$param_names[] = 'oauth_token';
 		}
 
+		if ( ! empty( $extra ) ) {
+			$param_names = array_merge( $param_names, (array) $extra );
+		}
+
 		$errors = array();
 		$have_one = false;
 
@@ -193,7 +197,7 @@ public function dispatch( $route ) {
 				return $this->generate_request_token( $params );
 
 			case 'access':
-				$params = $this->get_parameters();
+				$params = $this->get_parameters( true, array( 'oauth_verifier' ) );
 
 				if ( is_wp_error( $params ) ) {
 					return $params;
@@ -204,7 +208,8 @@ public function dispatch( $route ) {
 
 				return $this->generate_access_token(
 					$params['oauth_consumer_key'],
-					$params['oauth_token']
+					$params['oauth_token'],
+					$params['oauth_verifier']
 				);
 
 			default:
@@ -377,7 +382,7 @@ public function get_access_token( $oauth_token ) {
 	 * @param string $oauth_token Request token key
 	 * @return WP_Error|array OAuth token data on success, error otherwise
 	 */
-	public function generate_access_token( $oauth_consumer_key, $oauth_token ) {
+	public function generate_access_token( $oauth_consumer_key, $oauth_token, $oauth_verifier ) {
 		$token = $this->get_request_token( $oauth_token );
 		if ( is_wp_error( $token ) ) {
 			return $token;
@@ -388,6 +393,10 @@ public function generate_access_token( $oauth_consumer_key, $oauth_token ) {
 			return new WP_Error( 'json_oauth1_unauthorized_token', __( 'OAuth token has not been authorized' ), array( 'status' => 401 ) );
 		}
 
+		if ( $oauth_verifier !== $token['verifier'] ) {
+			return new WP_Error( 'json_oauth1_invalid_verifier', __( 'OAuth verifier does not match' ), array( 'status' => 400 ) );
+		}
+
 		$consumer = $this->get_consumer( $oauth_consumer_key );
 		if ( is_wp_error( $consumer ) ) {
 			return $consumer;
