/** * {@inheritdoc} * @param \Zeflasher\OAuth\Provider\OAuthRequest $request * @param string $consumer_secret * @param string $token_secret * @return string */ public function build_signature($request, $consumer_secret, $token_secret = '') { $base_string = $request->get_signature_base_string(); $request->base_string = $base_string; $key_parts = array( $consumer_secret, $token_secret ); $key_parts = \Zeflasher\OAuth\OAuthUtil::urlencode_rfc3986($key_parts); $key = implode('&', $key_parts); return base64_encode(hash_hmac('sha1', $base_string, $key, true)); }
/** * Call the appropriate signature method * The check for required parameters has already be done, no need to repeat it here * @param \Zeflasher\OAuth\Provider\OAuthRequest $request * @return \Zeflasher\OAuth\SignatureMethods\OAuthSignatureMethod * @throws \Zeflasher\OAuth\OAuthException */ private function __get_signature_method($request) { $signature_method = $request instanceof \Zeflasher\OAuth\Provider\OAuthRequest ? $request->get_parameter(\Zeflasher\OAuth\OAuthConstants::OAUTH_CLIENT_SIGNATURE_METHOD) : NULL; if (!$signature_method) { // According to chapter 7 ("Accessing Protected Resources") the signature-method // parameter is required, and we can't just fallback to PLAINTEXT throw new \Zeflasher\OAuth\OAuthException('No signature method parameter. This parameter is required'); } if (!in_array($signature_method, array_keys($this->_signature_methods))) { throw new \Zeflasher\OAuth\OAuthException( "Signature method '$signature_method' not supported " . "try one of the following: " . implode(", ", array_keys($this->_signature_methods)), \Zeflasher\OAuth\OAuthConstants::OAUTH_SIGNATURE_METHOD_REJECTED ); } return $this->_signature_methods[$signature_method]; }