/** * The Signature Base String is a consistent reproducible concatenation of the * request elements into a single string. The string is used as an input in hashing or signing algorithms. * * The base string => $http_method&urlencode($Url without query params)&urlencode(normalized_request_parameters) * (Basically HTTP method(GET/POST etc), the URL(scheme://host/path, doesnt include the query string), and the norlalized request parameters * each urlencoded and the concated with &.) */ private function get_signature_base_string($http_method, $Url, $oAuthOptions) { // Get the Query String parameters. Example if the request is http://photos.example.net/photos.aspx?file=vacation.jpg&size=original // then get the query string and create an array from it in form of key value pairs // $qsArray Key Value // file vacation.jpg // size original $parts = parse_url($Url); $qs = $parts['query']; parse_str($qs, $qsArray); $signable_options = array_merge($oAuthOptions, $qsArray); $signable_parameters = RequestSigner::get_normalized_request_parameters($signable_options); $normalized_url = Util::get_normalized_http_url($Url); if (AppConfig::$debug) { print AppConfig::$lineBreak . '[----------START Parts to build base string from ' . $Url . '-----------]' . AppConfig::$lineBreak; print AppConfig::$lineBreak . 'HTTP Method: ' . $http_method . AppConfig::$lineBreak; print AppConfig::$lineBreak . 'Normalized Url: ' . $normalized_url . AppConfig::$lineBreak; print AppConfig::$lineBreak . 'Signable Parameters: ' . $signable_parameters . AppConfig::$lineBreak; print AppConfig::$lineBreak . 'Query String parameters: ' . $qs . AppConfig::$lineBreak; print AppConfig::$lineBreak . '[----------END Parts to build base string-----------]' . AppConfig::$lineBreak; } $parts = array($http_method, $normalized_url, $signable_parameters); // Url encode each of http method, Url(without query string), and the normalized parameters (oauth parameters, along with query string parameters) $parts = Util::urlencode_rfc3986($parts); // After url encoding, concatenate them with an & return implode('&', $parts); }
/** * The Signature Base String is a consistent reproducible concatenation of the * request elements into a single string. The string is used as an input in hashing or signing algorithms. * * The base string => $httpMethod&urlencode($url without query params)&urlencode(normalized_request_parameters) * (Basically HTTP method(GET/POST etc), the URL(scheme://host/path, doesnt include the query string), and the norlalized request parameters * each urlencoded and then concated with &.) */ private function getSignatureBaseString($httpMethod, $url, $oAuthOptions, &$debugInfo) { // Get the Query String parameters. Example if the request is http://photos.example.net/photos.aspx?file=vacation.jpg&size=original // then get the query string and create an array from it in form of key value pairs // $qsArray Key Value // file vacation.jpg // size original $parts = parse_url($url); $qs = $parts['query']; parse_str($qs, $qsArray); $signable_options = array_merge($oAuthOptions, $qsArray); $signable_parameters = RequestSigner::getNormalizedRequestParameters($signable_options); $normalized_url = Util::getNormalizedHttpUrl($url); $debug = array(); $debug['HTTP Method'] = $httpMethod; $debug['Normalized Url'] = $normalized_url; $debug['Signable Parameters'] = $signable_parameters; $debug['Query parameters'] = $qs; $debugInfo['signature_base_string_parts'] = $debug; $parts = array($httpMethod, $normalized_url, $signable_parameters); // Url encode each of http method, Url(without query string), and the normalized parameters (oauth parameters, along with query string parameters) $parts = Util::urlencode_rfc3986($parts); // After url encoding, concatenate them with an & return implode('&', $parts); }
private function getOAuthHeader($http_method, $requestURL, $tokenType = 1) { $oAuthHeaderValues = array("oauth_consumer_key" => $this->consumerKey, "oauth_nonce" => $this->getOAuthNonce(), "oauth_signature_method" => "HMAC-SHA1", "oauth_timestamp" => mktime(), "oauth_version" => "1.0"); if ($tokenType > 0) { // Its not a request Request Token $oAuthHeaderValues["oauth_token"] = $this->requestToken; } $oAuthHeaderValues["oauth_signature"] = RequestSigner::build_signature($this->consumerSecret, $this->tokenSecret, $http_method, $requestURL, $oAuthHeaderValues); $oauthHeader = $this->buildOAuthHeader($oAuthHeaderValues); return sprintf("Authorization: %s", $oauthHeader); }