/**
* Returns a value for the CURLOPT_POSTFIELDS option.
*
* @return string|array A post fields value
*/
private static function getPostFields(RequestInterface $request)
{
if (!$request instanceof FormRequestInterface) {
return $request->getContent();
}
$fields = $request->getFields();
$multipart = false;
foreach ($fields as $name => $value) {
if ($value instanceof FormUploadInterface) {
$multipart = true;
if ($file = $value->getFile()) {
// replace value with upload string
$fields[$name] = '@' . $file;
if ($contentType = $value->getContentType()) {
$fields[$name] .= ';type=' . $contentType;
}
} else {
return $request->getContent();
}
}
}
return $multipart ? $fields : http_build_query($fields);
}
/**
* Returns a value for the CURLOPT_POSTFIELDS option.
*
* @return string|array A post fields value
*/
private static function getPostFields(RequestInterface $request)
{
if (!$request instanceof FormRequestInterface) {
return $request->getContent();
}
$fields = $request->getFields();
$multipart = false;
foreach ($fields as $name => $value) {
if (!$value instanceof FormUploadInterface) {
continue;
}
if (!($file = $value->getFile())) {
return $request->getContent();
}
$multipart = true;
if (version_compare(PHP_VERSION, '5.5', '>=')) {
$curlFile = new \CURLFile($file);
if ($contentType = $value->getContentType()) {
$curlFile->setMimeType($contentType);
}
if (basename($file) != $value->getFilename()) {
$curlFile->setPostFilename($value->getFilename());
}
$fields[$name] = $curlFile;
} else {
// replace value with upload string
$fields[$name] = '@' . $file;
if ($contentType = $value->getContentType()) {
$fields[$name] .= ';type=' . $contentType;
}
if (basename($file) != $value->getFilename()) {
$fields[$name] .= ';filename=' . $value->getFilename();
}
}
}
return $multipart ? $fields : http_build_query($fields, '', '&');
}
/**
* @param AntiMattr\OAuth\OAuth $oauth
* @param Buzz\Message\RequestInterface $request
*
* @throws RuntimeException
*/
protected function attachOAuthSignature(OAuth $oauth, RequestInterface $request)
{
$method = $request->getMethod();
$url = new Url($request->getUrl());
$parameters = $url->query->getData();
if ($request instanceof FormRequestInterface) {
$fields = $request->getFields();
$parameters = array_merge($fields, $parameters);
}
// Parameters are sorted by name, using lexicographical byte value ordering.
// Ref: Spec: 9.1.1 (1)
uksort($parameters, 'strcmp');
// Validate required parameters
foreach (array('oauth_consumer_key', 'oauth_timestamp', 'oauth_nonce', 'oauth_version', 'oauth_signature_method') as $parameter) {
if (!isset($parameters[$parameter])) {
throw new RuntimeException(sprintf('Parameter "%s" must be set.', $parameter));
}
}
// Remove oauth_signature if present
// Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.")
if (isset($parameters['oauth_signature'])) {
unset($parameters['oauth_signature']);
}
// Remove default ports
// Ref: Spec: 9.1.2
$explicitPort = $url->has('port') ? $url->get('port') : null;
if ('https' === $url->get('scheme') && 443 === $explicitPort || 'http' === $url->get('scheme') && 80 === $explicitPort) {
$explicitPort = null;
}
// Remove query params from URL
// Ref: Spec: 9.1.2
$urlString = sprintf('%s://%s%s%s', $url->get('scheme'), $url->get('host'), $explicitPort ? ':' . $explicitPort : '', $url->has('path') ? $url->get('path') : '');
// Parameters are sorted by name, using lexicographical byte value ordering.
// Ref: Spec: 9.1.1 (1)
uksort($parameters, 'strcmp');
// http_build_query should use RFC3986
$parts = array(strtoupper($method), rawurlencode($urlString), rawurlencode(str_replace(array('%7E', '+'), array('~', '%20'), http_build_query($parameters, '', '&'))));
$baseString = implode('&', $parts);
$signatureMethod = $oauth->getSignatureMethod();
$consumerSecret = $oauth->getConsumerSecret();
$oAuthTokenSecret = $oauth->getOAuthTokenSecret();
switch ($signatureMethod) {
case OAuth::SIGNATURE_METHOD_HMAC:
$keyParts = array(rawurlencode($consumerSecret), rawurlencode($oAuthTokenSecret));
$signature = hash_hmac('sha1', $baseString, implode('&', $keyParts), true);
break;
case OAuth::SIGNATURE_METHOD_RSA:
if (!function_exists('openssl_pkey_get_private')) {
throw new RuntimeException('RSA-SHA1 signature method requires the OpenSSL extension.');
}
$privateKey = openssl_pkey_get_private(file_get_contents($consumerSecret), $oAuthTokenSecret);
$signature = false;
openssl_sign($baseString, $signature, $privateKey);
openssl_free_key($privateKey);
break;
case OAuth::SIGNATURE_METHOD_PLAINTEXT:
$signature = $baseString;
break;
default:
throw new RuntimeException(sprintf('Unknown signature method selected %s.', $signatureMethod));
}
$encoded = base64_encode($signature);
if ($request instanceof FormRequestInterface) {
$fields = $request->getFields();
$fields['oauth_signature'] = $encoded;
// Parameters are sorted by name, using lexicographical byte value ordering.
// Ref: Spec: 9.1.1 (1)
uksort($fields, 'strcmp');
$request->setFields($fields);
} else {
$parameters['oauth_signature'] = $encoded;
// Parameters are sorted by name, using lexicographical byte value ordering.
// Ref: Spec: 9.1.1 (1)
uksort($parameters, 'strcmp');
$url->query->setData($parameters);
$url = $url->getUrl();
$request->fromUrl($url);
}
}
