in modules/oauth/mod-oauth1.cpp [230:299]
const failable<int> authorize(const list<value>& args, request_rec* const r, const list<value>& appkeys, const memcache::MemCached& mc) {
// Extract authorize, access_token, client ID and info URIs
const list<value> ref = assoc<value>("openauth_referrer", args);
if (isNull(ref) || isNull(cdr(ref)))
return mkfailure<int>("Missing openauth_referrer parameter");
const list<value> req = assoc<value>("oauth1_request_token", args);
if (isNull(req) || isNull(cdr(req)))
return mkfailure<int>("Missing oauth1_request_token parameter");
const list<value> auth = assoc<value>("oauth1_authorize", args);
if (isNull(auth) || isNull(cdr(auth)))
return mkfailure<int>("Missing oauth1_authorize parameter");
const list<value> tok = assoc<value>("oauth1_access_token", args);
if (isNull(tok) || isNull(cdr(tok)))
return mkfailure<int>("Missing oauth1_access_token parameter");
const list<value> cid = assoc<value>("oauth1_client_id", args);
if (isNull(cid) || isNull(cdr(cid)))
return mkfailure<int>("Missing oauth1_client_id parameter");
const list<value> info = assoc<value>("oauth1_info", args);
if (isNull(info) || isNull(cdr(info)))
return mkfailure<int>("Missing oauth1_info parameter");
// Build the redirect URI
const list<value> redirargs = mklist<value>(tok, cid, info, ref);
const string redir = httpd::url("/oauth1/access_token/", r) + string("?") + http::queryString(redirargs);
debug(redir, "modoauth1::authorize::redir");
// Lookup client app configuration
const list<value> app = assoc<value>(cadr(cid), appkeys);
if (isNull(app) || isNull(cdr(app)))
return mkfailure<int>(string("client id not found: ") + (string)cadr(cid));
list<value> appkey = cadr(app);
// Build and sign the request token URI
const string requri = httpd::unescape(cadr(req)) + string("&") + http::queryString(mklist<value>(mklist<value>("oauth_callback", httpd::escape(redir))));
const list<string> srequri = sign("POST", requri, appkey, emptyString, emptyString);
debug(srequri, "modoauth1::authorize::srequri");
// Put the args into an oauth header
const string reqhdr = header(cadr(srequri), redir, emptyString);
// Send the request token request
char* const pres = oauth_http_post2(c_str(car(srequri)), "", c_str(reqhdr));
if (pres == NULL)
return mkfailure<int>("Couldn't send request token request");
const string res(pres);
free(pres);
debug(res, "modoauth1::authorize::res");
const list<value> resargs = httpd::queryArgs(res);
// Retrieve the request token
const list<value> conf = assoc<value>("oauth_callback_confirmed", resargs);
if (isNull(conf) || isNull(cdr(conf)) || cadr(conf) != "true")
return mkfailure<int>("Couldn't confirm oauth_callback");
const list<value> tv = assoc<value>("oauth_token", resargs);
if (isNull(tv) || isNull(cdr(tv)))
return mkfailure<int>("Couldn't retrieve oauth_token");
const list<value> sv = assoc<value>("oauth_token_secret", resargs);
if (isNull(sv) || isNull(cdr(sv)))
return mkfailure<int>("Couldn't retrieve oauth_token_secret");
// Store the request token in memcached
const failable<bool> prc = memcache::put(mklist<value>("tuscanyOAuth1Token", cadr(tv)), cadr(sv), mc);
if (!hasContent(prc))
return mkfailure<int>(prc);
// Redirect to the authorize URI
const string authuri = httpd::unescape(cadr(auth)) + string("?") + http::queryString(mklist<value>(tv));
debug(authuri, "modoauth1::authorize::authuri");
return httpd::externalRedirect(authuri, r);
}