protected function sign($url, $method, $params, $oauth_token_secret = null) { /*{{{*/ uksort($params, 'strcmp'); $pairs = array(); foreach ($params as $key => $value) { $key = XString::urlencode_rfc3986($key); if (is_array($value)) { // If two or more parameters share the same name, they are sorted by their value // Ref: Spec: 9.1.1 (1) natsort($value); foreach ($value as $duplicate_value) { $pairs[] = $key . '=' . XString::urlencode_rfc3986($duplicate_value); } } else { $pairs[] = $key . '=' . XString::urlencode_rfc3986($value); } } $sign_parts = XString::urlencode_rfc3986(implode('&', $pairs)); $base_string = implode('&', array(strtoupper($method), XString::urlencode_rfc3986($url), $sign_parts)); $key_parts = array(XString::urlencode_rfc3986($this->appsecret), XString::urlencode_rfc3986($oauth_token_secret)); $key = implode('&', $key_parts); return base64_encode(XString::hash_hmac('sha1', $base_string, $key, true)); }