protected function doHandle() { $extractor = new AuthorizationHeaderExtractor(array('consumerKey', 'signatureMethod', 'signature', 'timestamp', 'nonce', 'version', 'callback')); $request = $extractor->extract($this->request, new Request()); $consumer = $this->getConsumer($request->getConsumerKey()); if ($consumer instanceof Consumer) { $signature = Oauth::getSignature($request->getSignatureMethod()); $method = $this->request->getMethod(); $url = $this->request->getUri(); $params = array_merge($request->getRecordInfo()->getData(), $this->request->getUri()->getParameters()); $baseString = Oauth::buildBasestring($method, $url, $params); if ($signature->verify($baseString, $consumer->getConsumerSecret(), '', $request->getSignature()) !== false) { $response = $this->getResponse($consumer, $request); if ($response instanceof Response) { $response->addParam('oauth_callback_confirmed', true); $this->setBody($response, WriterInterface::FORM); } else { throw new Exception('Invalid response'); } } else { throw new Exception('Invalid signature'); } } else { throw new Exception('Invalid Consumer Key'); } }
public function handle(RequestInterface $request, ResponseInterface $response, FilterChainInterface $filterChain) { $authorization = $request->getHeader('Authorization'); if (!empty($authorization)) { $parts = explode(' ', $authorization, 2); $type = isset($parts[0]) ? $parts[0] : null; $data = isset($parts[1]) ? $parts[1] : null; if ($type == 'OAuth' && !empty($data)) { $params = Authentication::decodeParameters($data); $params = array_map(array('\\PSX\\Oauth', 'urlDecode'), $params); // realm is not used in the base string unset($params['realm']); if (!isset($params['oauth_consumer_key'])) { throw new BadRequestException('Consumer key not set'); } if (!isset($params['oauth_token'])) { throw new BadRequestException('Token not set'); } if (!isset($params['oauth_signature_method'])) { throw new BadRequestException('Signature method not set'); } if (!isset($params['oauth_signature'])) { throw new BadRequestException('Signature not set'); } $consumer = call_user_func_array($this->consumerCallback, array($params['oauth_consumer_key'], $params['oauth_token'])); if ($consumer instanceof Consumer) { $signature = Oauth::getSignature($params['oauth_signature_method']); $method = $request->getMethod(); $url = $request->getUri(); $params = array_merge($params, $request->getUri()->getParameters()); if (strpos($request->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) { $body = (string) $request->getBody(); $data = array(); parse_str($body, $data); $params = array_merge($params, $data); } $baseString = Oauth::buildBasestring($method, $url, $params); if ($signature->verify($baseString, $consumer->getConsumerSecret(), $consumer->getTokenSecret(), $params['oauth_signature']) !== false) { $this->callSuccess($response); $filterChain->handle($request, $response); } else { $this->callFailure($response); } } else { $this->callFailure($response); } } else { $this->callMissing($response); } } else { $this->callMissing($response); } }