/** * Is valid signature * * @param string $consumerSecret Consumer secret value * @param string $tokenSecret Token secret value (if exists) * * @return bool Valid or not */ public function isValidSignature($consumerSecret, $tokenSecret = '') { $sign = HTTP_OAuth_Signature::factory($this->oauth_signature_method); $check = $sign->build($this->getRequestMethod(), $this->getUrl(), $this->getParameters(), $consumerSecret, $tokenSecret); if ($this->oauth_signature === $check) { $this->info('Valid signature'); return true; } $this->err('Invalid signature'); return false; }
<?php header("Content-type: text/event-stream; charset=utf-8"); header("Transfer-encoding: chunked"); $_TARGET_URL = "https://userstream.twitter.com/2/user.json"; $consumer_key = $consumer_secret = $access_token = $access_token_secret = $time = time(); $oauth_nonce = md5($time . rand()); include_once 'HTTP/OAuth/Consumer.php'; $consumer = new HTTP_OAuth_Consumer($consumer_key, $consumer_secret); //認証用 $signature = HTTP_OAuth_Signature::factory($consumer->getSignatureMethod()); //signature作成用 //HTTPS接続の設定 $http_request = new HTTP_Request2(); $http_request->setConfig('ssl_verify_peer', false); $consumer_request = new HTTP_OAuth_Consumer_Request(); $consumer_request->accept($http_request); $consumer->accept($consumer_request); //Tokenの設定 $consumer->setToken($access_token); $consumer->setTokenSecret($access_token_secret); //signature用の文字列設定 $param = array("oauth_consumer_key" => $consumer_key, "oauth_nonce" => $oauth_nonce, "oauth_signature_method" => $consumer->getSignatureMethod(), "oauth_timestamp" => $time, "oauth_token" => $access_token, "oauth_version" => "1.0"); //sigunature作成 $oauth_signature = urlencode($signature->build("GET", $_TARGET_URL, $param, $consumer_secret, $access_token_secret)); //echo 'Authorization: OAuth oauth_consumer_key="' . $consumer_key .'", oauth_nonce="'. $oauth_nonce .'", oauth_signature="' . $oauth_signature .'", oauth_signature_method="' . $consumer->getSignatureMethod() .'", oauth_timestamp="' . $time .'", oauth_token="' . $access_token .'", oauth_version="1.0"'; //HTTP通信ヘッダの作成 $options = array('http' => array('method' => "GET", 'header' => 'Authorization: OAuth oauth_consumer_key="' . $consumer_key . '", oauth_nonce="' . $oauth_nonce . '", oauth_signature="' . $oauth_signature . '", oauth_signature_method="' . $consumer->getSignatureMethod() . '", oauth_timestamp="' . $time . '", oauth_token="' . $access_token . '", oauth_version="1.0"', "Content-type: application/x-www-form-urlencoded\r\n")); //通信と出力 //JSONに変換可能だったもののみ、出力を行う。 $context = stream_context_create($options);
/** * Builds request for sending * * Adds timestamp, nonce, signs, and creates the HttpRequest object. * * @return HttpRequest Instance of the request object ready to send() */ protected function buildRequest() { $method = $this->getSignatureMethod(); $this->debug('signing request with: ' . $method); $sig = HTTP_OAuth_Signature::factory($this->getSignatureMethod()); $this->oauth_timestamp = time(); $this->oauth_nonce = md5(microtime(true) . rand(1, 999)); $this->oauth_version = '1.0'; $params = array_merge($this->getParameters(), $this->getUrl()->getQueryVariables()); $this->oauth_signature = $sig->build($this->getMethod(), $this->getUrl()->getURL(), $params, $this->secrets[0], $this->secrets[1]); $params = $this->getOAuthParameters(); switch ($this->getAuthType()) { case self::AUTH_HEADER: $auth = $this->getAuthForHeader($params); $this->setHeader('Authorization', $auth); break; case self::AUTH_POST: foreach ($params as $name => $value) { $this->addPostParameter($name, $value); } break; case self::AUTH_GET: break; } switch ($this->getMethod()) { case 'POST': foreach ($this->getParameters() as $name => $value) { if (substr($name, 0, 6) == 'oauth_') { continue; } $this->addPostParameter($name, $value); } break; case 'GET': $url = $this->getUrl(); foreach ($this->getParameters() as $name => $value) { if (substr($name, 0, 6) == 'oauth_') { continue; } $url->setQueryVariable($name, $value); } $this->setUrl($url); break; default: break; } }
/** * Is valid signature * * @param string $consumerSecret Consumer secret value * @param string $tokenSecret Token secret value (if exists) * * @return bool Valid or not */ public function isValidSignature($consumerSecret, $tokenSecret = '') { if (!$this->oauth_signature_method) { throw new HTTP_OAuth_Provider_Exception_InvalidRequest('Missing oauth_signature_method in request'); } $sign = HTTP_OAuth_Signature::factory($this->oauth_signature_method); $check = $sign->build($this->getRequestMethod(), $this->getUrl(), $this->getParameters(), $consumerSecret, $tokenSecret); if ($this->oauth_signature === $check) { $this->info('Valid signature'); return true; } $this->err('Invalid signature'); return false; }
/** * Send an OAuth signed request with a body to the API * * @param string $url The URL to send the request to * @param string $body The raw body to PUT/POST to the URL * @param string $method The HTTP method to use (POST or PUT) * * @return object Instance of {@link HTTP_Request2_Response} * @see http://bit.ly/cdZGfr */ private function _sendRequestWithBody($url, $body, $method = "PUT") { static $map = array('PUT' => HTTP_Request2::METHOD_PUT, 'POST' => HTTP_Request2::METHOD_POST); if (array_key_exists($method, $map)) { $method = $map[$method]; } else { throw new Services_SimpleGeo_Exception('Invalid HTTP method ' . $method); } $signatureMethod = $this->_oauth->getSignatureMethod(); $params = array('oauth_nonce' => (string) rand(0, 100000000), 'oauth_timestamp' => time(), 'oauth_consumer_key' => $this->_oauth->getKey(), 'oauth_signature_method' => $signatureMethod, 'oauth_version' => '1.0'); $sig = HTTP_OAuth_Signature::factory($signatureMethod); $params['oauth_signature'] = $sig->build($method, $url, $params, $this->_secret); // Build the header $header = 'OAuth realm="' . $this->_api . '"'; foreach ($params as $name => $value) { $header .= ", " . HTTP_OAuth::urlencode($name) . '="' . HTTP_OAuth::urlencode($value) . '"'; } $req = new HTTP_Request2(new Net_URL2($url), $method); $req->setHeader('Authorization', $header); $req->setBody($body); try { $result = $req->send(); } catch (Exception $e) { throw new Services_SimpleGeo_Exception($e->getMessage(), $e->getCode()); } $check = (int) substr($result->getStatus(), 0, 1); if ($check !== 2) { $body = @json_decode($result->getBody()); throw new Services_SimpleGeo_Exception($body->message, $result->getStatus()); } return $result; }
private function build_header($tweet = false) { $consumer = TwitPic_Config::getConsumer(); $oauth = TwitPic_Config::getOAuth(); $signature = HTTP_OAuth_Signature::factory('HMAC_SHA1'); $timestamp = gmdate('U'); $nonce = uniqid(); $version = '1.0'; if (is_string($tweet)) { $params = array('oauth_consumer_key' => $consumer['key'], 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_token' => $oauth['token'], 'oauth_timestamp' => $timestamp, 'oauth_nonce' => $nonce, 'oauth_version' => $version, 'status' => $tweet); $sig_text = $signature->build('POST', "http://api.twitter.com/1/statuses/update.{$this->format}", $params, $consumer['secret'], $oauth['secret']); $params['oauth_signature'] = $sig_text; } else { $params = array('oauth_consumer_key' => $consumer['key'], 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_token' => $oauth['token'], 'oauth_timestamp' => $timestamp, 'oauth_nonce' => $nonce, 'oauth_version' => $version); $sig_text = $signature->build('GET', 'https://api.twitter.com/1/account/verify_credentials.json', $params, $consumer['secret'], $oauth['secret']); $params['oauth_signature'] = $sig_text; } $realm = 'http://api.twitter.com/'; $header = 'OAuth realm="' . $realm . '"'; foreach ($params as $name => $value) { $header .= ", " . HTTP_OAuth::urlencode($name) . '="' . HTTP_OAuth::urlencode($value) . '"'; } return $header; }
/** * @expectedException InvalidArgumentException */ public function testNoParent() { $s = HTTP_OAuth_Signature::factory('NoParent'); }
/** * Builds request for sending * * Adds timestamp, nonce, signs, and creates the HttpRequest object. * * @return HttpRequest Instance of the request object ready to send() */ protected function buildRequest() { $method = $this->getSignatureMethod(); $this->debug('signing request with: ' . $method); $sig = HTTP_OAuth_Signature::factory($this->getSignatureMethod()); $this->oauth_timestamp = time(); $this->oauth_nonce = md5(microtime(true) . rand(1, 999)); $this->oauth_version = '1.0'; $this->oauth_signature = $sig->build($this->getMethod(), $this->getUrl()->getURL(), $this->getParameters(), $this->secrets[0], $this->secrets[1]); $params = $this->getOAuthParameters(); switch ($this->getAuthType()) { case self::AUTH_HEADER: $auth = $this->getAuthForHeader($params); $this->setHeader('Authorization', $auth); break; case self::AUTH_POST: foreach ($params as $name => $value) { $this->addPostParameter($name, $value); } break; case self::AUTH_GET: break; } if ($this->getMethod() == 'POST') { $this->setHeader('Content-Type', 'application/x-www-form-urlencoded'); foreach ($this->getParameters() as $name => $value) { if (substr($name, 0, 6) == 'oauth_') { continue; } $this->addPostParameter($name, $value); } } }