public function getSecurityToken($oauthRequest, $appUrl, $userId, $contentType) { $appId = 0; $consumer = new OAuthConsumer(OpenPNEServiceConfig::OAUTH_CONSUMER_KEY, OpenPNEServiceConfig::OAUTH_CONSUMER_SECRET); $signatureMethod = new OAuthSignatureMethod_HMAC_SHA1(); $oauthSignature = $oauthRequest->get_parameter('oauth_signature'); if (!$signatureMethod->check_signature($oauthRequest, $consumer, null, $oauthSignature)) { return null; } return new OAuthSecurityToken($userId, $appUrl, $appId, 'openpne'); }
function authenticate() { $request = OAuthRequest::from_request(); $consumer_key = $request->get_parameter('oauth_consumer_key'); $signature_method = $request->get_parameter('oauth_signature_method'); $signature = $request->get_parameter('oauth_signature'); if ($signature_method === "HMAC-SHA1") { $sm = new OAuthSignatureMethod_HMAC_SHA1(); $stmt = $this->db->prepare('SELECT consumerSecret FROM storageConsumers WHERE consumerKey = :key'); $stmt->bindParam(':key', $consumer_key); $stmt->execute(); $row = $stmt->fetch(); if ($row === FALSE || empty($row)) { throw new Exception("consumer not found"); } $consumer_secret = $row['consumerSecret']; $valid = $sm->check_signature($request, new OAuthConsumer($consumer_key, $consumer_secret), NULL, $signature); } else { if ($signature_method === "RSA-SHA1") { $sm = new MyOAuthSignatureMethod_RSA_SHA1($this->db); $valid = $sm->check_signature($request, NULL, NULL, $signature); } else { throw new Exception("invalid signature method"); } } if (!$valid) { throw new Exception("invalid signature"); } else { /* SURFconext (contains groupContext) */ $instance_id = $request->get_parameter('opensocial_instance_id'); /* iGoogle and other OpenSocial/Shindig portals/containers */ $owner_id = $request->get_parameter('opensocial_owner_id'); if ($instance_id !== NULL) { $this->consumerKey = $consumer_key . '_' . $instance_id; } else { if ($owner_id !== NULL) { $this->consumerKey = $consumer_key . '_' . $owner_id; } else { $this->consumerKey = $consumer_key; } } } }
function login() { /* See: http://developer.yahoo.com/blogs/ydn/posts/2010/04/a_twolegged_oauth_serverclient_example/ */ $sig = getRequest('oauth_signature', TRUE); $key = getRequest('oauth_consumer_key', TRUE); $sig_method = new OAuthSignatureMethod_HMAC_SHA1(); $req_method = $_SERVER['REQUEST_METHOD']; $url = getProtocol() . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']; /* check if consumer key is in list of consumers */ $consumers = getConfig($this->config, 'oauth_consumers', TRUE); if (!array_key_exists($key, $consumers)) { throw new Exception("oauth consumer key not registered"); } $consumer = new OAuthConsumer($key, $consumers[$key]); $req = new OAuthRequest($req_method, $url); $valid = $sig_method->check_signature($req, $consumer, NULL, $sig); if (!$valid) { throw new Exception('invalid oauth signature'); } $this->userId = getRequest('userId', TRUE); }
/** * Verfies a 2 legged OAuth signature. 2 legged OAuth means the security context is of the application, * and no specific user is associated with it. Most of the logic is done manually and not through the OAuth * library, since it has no knowledge of- / support for 2 legged OAuth. */ private function verify2LeggedOAuth($oauthRequest, $userId, $appUrl, $dataStore) { $consumerToken = $dataStore->lookup_consumer($oauthRequest->parameters['oauth_consumer_key']); $signature_method = new OAuthSignatureMethod_HMAC_SHA1(); $signature_valid = $signature_method->check_signature($oauthRequest, $consumerToken, null, $_GET["oauth_signature"]); if (!$signature_valid) { // signature did not check out, abort return null; } return new OAuthSecurityToken($userId, $appUrl, $dataStore->get_app_id($consumerToken), "partuza"); }
function verify_signature($consumer, $token=NULL, $oauth_signature) { $oauth_signature_method = new OAuthSignatureMethod_HMAC_SHA1(); $oauth_consumer = new OAuthConsumer($consumer->key, $consumer->secret); $oauth_token = ($token) ? new OAuthToken($token->key, $token->secret) : NULL; $oauth_request = OAuthRequest::from_request(); $ok = $oauth_signature_method->check_signature($oauth_request, $oauth_consumer, $oauth_token, $oauth_signature); return $ok; }
protected function verify2LeggedOAuth($oauthRequest, $userId, $appUrl) { $appId = 0; $consumerKey = $oauthRequest->get_parameter('oauth_consumer_key'); $application = Doctrine::getTable('Application')->findOneByConsumerKey($consumerKey); if ($application) { if (!($application->getConsumerSecret() && $application->isHadByMember($userId))) { return null; } $appId = $application->getId(); $consumer = new OAuthConsumer($application->getConsumerKey(), $application->getConsumerSecret()); } else { $consumer = $this->dataStore->lookup_consumer($consumerKey); if (!($consumerInformation = $this->getConsumerInformation($consumer))) { return null; } if (!$this->isAdmin) { if ($consumerInformation->getMemberId() != $userId) { return null; } } } $signatureMethod = new OAuthSignatureMethod_HMAC_SHA1(); $oauthSignature = $oauthRequest->get_parameter('oauth_signature'); $signatureValid = $signatureMethod->check_signature($oauthRequest, $consumer, null, $oauthSignature); if (!$signatureValid) { return null; } return new OAuthSecurityToken($userId, $appUrl, $appId, 'openpne'); }
<?php require_once "OAuth.php"; $key = "KEY HERE"; $secret = "KEY HERE"; //Build a request object from the current request $request = OAuthRequest::from_request(null, null, $_REQUEST); $consumer = new OAuthConsumer($key, $secret, null); //Initialize signature method $sig_method = new OAuthSignatureMethod_HMAC_SHA1(); //validate passed oauth signature $signature = $_GET['oauth_signature']; $valid_sig = $sig_method->check_signature($request, $consumer, null, $signature); //check if signature check succeeded if (!$valid_sig) { //SIGNATURE INVALID – Produce appropriate error message } else { //SIGNATURE IS VALID – Continue with normal program execution } ?>