Exemple #1
0
 public function testSecureAuthSubSigning()
 {
     if (!extension_loaded('openssl')) {
         $this->markTestSkipped('The openssl extension is not available');
     } else {
         $c = new GData\HttpClient();
         $c->setAuthSubPrivateKeyFile("Zend/GData/_files/RsaKey.pem", null, true);
         $c->setAuthSubToken('abcdefg');
         $requestData = $c->filterHttpRequest('POST', 'http://www.example.com/feed', array(), 'foo bar', 'text/plain');
         $authHeaderCheckPassed = false;
         $headers = $requestData['headers'];
         foreach ($headers as $headerName => $headerValue) {
             if (strtolower($headerName) == 'authorization') {
                 preg_match('/data="([^"]*)"/', $headerValue, $matches);
                 $dataToSign = $matches[1];
                 preg_match('/sig="([^"]*)"/', $headerValue, $matches);
                 $sig = $matches[1];
                 if (function_exists('openssl_verify')) {
                     $fp = fopen('Zend/GData/_files/RsaCert.pem', 'r', true);
                     $cert = '';
                     while (!feof($fp)) {
                         $cert .= fread($fp, 8192);
                     }
                     fclose($fp);
                     $pubkeyid = openssl_get_publickey($cert);
                     $verified = openssl_verify($dataToSign, base64_decode($sig), $pubkeyid);
                     $this->assertEquals(1, $verified, 'The generated signature was unable ' . 'to be verified.');
                     $authHeaderCheckPassed = true;
                 }
             }
         }
         $this->assertEquals(true, $authHeaderCheckPassed, 'Auth header not found for sig verification.');
     }
 }
Exemple #2
0
 /**
  * Performs a HTTP request using the specified method.
  *
  * Overrides the definition in the parent (Zend_Gdata_App)
  * and uses the Zend_Gdata_HttpClient functionality
  * to filter the HTTP requests and responses.
  *
  * @param string $method The HTTP method for the request -
  *                       'GET', 'POST', 'PUT', 'DELETE'
  * @param string $url The URL to which this request is being performed,
  *                    or null if found in $data
  * @param array $headers An associative array of HTTP headers
  *                       for this request
  * @param string $body The body of the HTTP request
  * @param string $contentType The value for the content type of the
  *                            request body
  * @param int $remainingRedirects Number of redirects to follow
  *                                if requests results in one
  * @return \Zend\Http\Response The response object
  */
 public function performHttpRequest($method, $url, $headers = array(), $body = null, $contentType = null, $remainingRedirects = null)
 {
     if ($this->_httpClient instanceof HttpClient) {
         $filterResult = $this->_httpClient->filterHttpRequest($method, $url, $headers, $body, $contentType);
         $method = $filterResult['method'];
         $url = $filterResult['url'];
         $body = $filterResult['body'];
         $headers = $filterResult['headers'];
         $contentType = $filterResult['contentType'];
         return $this->_httpClient->filterHttpResponse(parent::performHttpRequest($method, $url, $headers, $body, $contentType, $remainingRedirects));
     } else {
         return parent::performHttpRequest($method, $url, $headers, $body, $contentType, $remainingRedirects);
     }
 }