protected function doHandle()
{
$extractor = new AuthorizationHeaderExtractor(array('consumerKey', 'signatureMethod', 'signature', 'timestamp', 'nonce', 'version', 'callback'));
$request = $extractor->extract($this->request, new Request());
$consumer = $this->getConsumer($request->getConsumerKey());
if ($consumer instanceof Consumer) {
$signature = Oauth::getSignature($request->getSignatureMethod());
$method = $this->request->getMethod();
$url = $this->request->getUri();
$params = array_merge($request->getRecordInfo()->getData(), $this->request->getUri()->getParameters());
$baseString = Oauth::buildBasestring($method, $url, $params);
if ($signature->verify($baseString, $consumer->getConsumerSecret(), '', $request->getSignature()) !== false) {
$response = $this->getResponse($consumer, $request);
if ($response instanceof Response) {
$response->addParam('oauth_callback_confirmed', true);
$this->setBody($response, WriterInterface::FORM);
} else {
throw new Exception('Invalid response');
}
} else {
throw new Exception('Invalid signature');
}
} else {
throw new Exception('Invalid Consumer Key');
}
}
public function handle(RequestInterface $request, ResponseInterface $response, FilterChainInterface $filterChain)
{
$authorization = $request->getHeader('Authorization');
if (!empty($authorization)) {
$parts = explode(' ', $authorization, 2);
$type = isset($parts[0]) ? $parts[0] : null;
$data = isset($parts[1]) ? $parts[1] : null;
if ($type == 'OAuth' && !empty($data)) {
$params = Authentication::decodeParameters($data);
$params = array_map(array('\\PSX\\Oauth', 'urlDecode'), $params);
// realm is not used in the base string
unset($params['realm']);
if (!isset($params['oauth_consumer_key'])) {
throw new BadRequestException('Consumer key not set');
}
if (!isset($params['oauth_token'])) {
throw new BadRequestException('Token not set');
}
if (!isset($params['oauth_signature_method'])) {
throw new BadRequestException('Signature method not set');
}
if (!isset($params['oauth_signature'])) {
throw new BadRequestException('Signature not set');
}
$consumer = call_user_func_array($this->consumerCallback, array($params['oauth_consumer_key'], $params['oauth_token']));
if ($consumer instanceof Consumer) {
$signature = Oauth::getSignature($params['oauth_signature_method']);
$method = $request->getMethod();
$url = $request->getUri();
$params = array_merge($params, $request->getUri()->getParameters());
if (strpos($request->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) {
$body = (string) $request->getBody();
$data = array();
parse_str($body, $data);
$params = array_merge($params, $data);
}
$baseString = Oauth::buildBasestring($method, $url, $params);
if ($signature->verify($baseString, $consumer->getConsumerSecret(), $consumer->getTokenSecret(), $params['oauth_signature']) !== false) {
$this->callSuccess($response);
$filterChain->handle($request, $response);
} else {
$this->callFailure($response);
}
} else {
$this->callFailure($response);
}
} else {
$this->callMissing($response);
}
} else {
$this->callMissing($response);
}
}
