/** * Returns the canonicalized custom headers. * * @param \Acquia\Hmac\RequestSignerInterface $requestSigner * @param \Acquia\Hmac\Request\RequestInterface $request * * @return string */ protected function getCustomHeaders(RequestSignerInterface $requestSigner, RequestInterface $request) { $headers = $requestSigner->getCustomHeaders($request); $canonicalizedHeaders = array(); foreach ($headers as $header => $value) { $canonicalizedHeaders[] = strtolower($header) . ': ' . $value; } sort($canonicalizedHeaders); return join("\n", $canonicalizedHeaders); }
/** * Signs the request, adds the HMAC hash to the authorization header. * * @param \Psr\Http\Message\RequestInterface $request * * @return \Psr\Http\Message\RequestInterface */ public function signRequest(RequestInterface $request) { if (!$request->hasHeader('Date')) { $time = new \DateTime(); $time->setTimezone(new \DateTimeZone('GMT')); $request = $request->withHeader('Date', $time->format('D, d M Y H:i:s \\G\\M\\T')); } if (!$request->hasHeader('Content-Type')) { $request = $request->withHeader('Content-Type', $this->defaultContentType); } $authorization = $this->requestSigner->getAuthorization(new RequestWrapper($request), $this->id, $this->secretKey); return $request->withHeader('Authorization', $authorization); }
/** * @param \Guzzle\Http\Message\Request $request */ public function signRequest(Request $request) { $requestWrapper = new RequestWrapper($request); if (!$request->hasHeader('Date')) { $time = new \DateTime(); $time->setTimezone(new \DateTimeZone('GMT')); $request->setHeader('Date', $time->format(ClientInterface::HTTP_DATE)); } if (!$request->hasHeader('Content-Type')) { $request->setHeader('Content-Type', $this->defaultContentType); } $authorization = $this->requestSigner->getAuthorization($requestWrapper, $this->id, $this->secretKey); $request->setHeader('Authorization', $authorization); }
/** * {inheritDoc} */ public function authenticate(Request\RequestInterface $request, KeyLoaderInterface $keyLoader) { // Get the signature passed through the HTTP request. $passedSignature = $this->requestSigner->getSignature($request); // Check whether the timestamp is valid. $comparison = $passedSignature->compareTimestamp($this->expiry); if (-1 == $comparison) { throw new Exception\TimestampOutOfRangeException('Request is too old'); } elseif (1 == $comparison) { throw new Exception\TimestampOutOfRangeException('Request is too far in the future'); } // Load the API Key and sign the request. if (!($key = $keyLoader->load($passedSignature->getId()))) { throw new Exception\KeyNotFoundException('API key not found'); } // Sign the request and check whether it matches the one that was // passed. If it matches, the request is authenticated. $requestSignature = $this->requestSigner->signRequest($request, $key->getSecret()); if (!$passedSignature->matches($requestSignature)) { throw new Exception\InvalidSignatureException('Signature not valid'); } return $key; }
/** * Signs the request with the appropriate headers. * * @param \Psr\Http\Message\RequestInterface $request * * @return \Psr\Http\Message\RequestInterface */ public function signRequest(RequestInterface $request) { return $this->requestSigner->signRequest($request, $this->customHeaders); }
/** * Returns the value of the "Timestamp" header. * * @param \Acquia\Hmac\RequestSignerInterface $requestSigner * @param \Acquia\Hmac\Request\RequestInterface $request * * @return string */ protected function getTimestamp(RequestSignerInterface $requestSigner, RequestInterface $request) { return $requestSigner->getTimestamp($request); }