From 31f9e7b7fa02dbe2eecbbc897046626156e849c5 Mon Sep 17 00:00:00 2001
From: Yasmany Cubela Medina <yasmanycm@gmail.com>
Date: Tue, 3 Jul 2012 22:22:45 -0530
Subject: [PATCH] fixing firewall only response to the entry point if there is
 a query string for twitter auth

---
 Security/Firewall/TwitterListener.php | 27 ++++++++++++++++-----------
 1 file changed, 16 insertions(+), 11 deletions(-)

diff --git a/Security/Firewall/TwitterListener.php b/Security/Firewall/TwitterListener.php
index d4d3980..b6060c3 100644
--- a/Security/Firewall/TwitterListener.php
+++ b/Security/Firewall/TwitterListener.php
@@ -24,17 +24,22 @@ class TwitterListener extends AbstractAuthenticationListener
 {
     protected function attemptAuthentication(Request $request)
     {
-        if (true === $this->options['use_twitter_anywhere']) {
-            if (null === $identity = $request->cookies->get('twitter_anywhere_identity')) {
-                throw new AuthenticationException(sprintf('Identity cookie "twitter_anywhere_identity" was not sent.'));
-            }
-            if (false === $pos = strpos($identity, ':')) {
-                throw new AuthenticationException(sprintf('The submitted identity "%s" is invalid.', $identity));
-            }
-
-            return $this->authenticationManager->authenticate(TwitterAnywhereToken::createUnauthenticated(substr($identity, 0, $pos), substr($identity, $pos + 1)));
-        } else {
-            return $this->authenticationManager->authenticate(new TwitterUserToken());
+        if($request->getSession()->get("oauth_token", null) && $request->get("oauth_token", null) && 
+            $request->getSession()->get("oauth_token", null) === $request->get("oauth_token", null))
+        {
+          if (true === $this->options['use_twitter_anywhere']) {
+              if (null === $identity = $request->cookies->get('twitter_anywhere_identity')) {
+                  throw new AuthenticationException(sprintf('Identity cookie "twitter_anywhere_identity" was not sent.'));
+              }
+              if (false === $pos = strpos($identity, ':')) {
+                  throw new AuthenticationException(sprintf('The submitted identity "%s" is invalid.', $identity));
+              }
+  
+              return $this->authenticationManager->authenticate(TwitterAnywhereToken::createUnauthenticated(substr($identity, 0, $pos), substr($identity, $pos + 1)));
+          } else {
+              return $this->authenticationManager->authenticate(new TwitterUserToken());
+          }
         }
+        return null;
     }
 }