/** * Normalize all request parameters into a string. * * $query = OAuth::normalize_params($params); * * [!!] This method implements [OAuth 1.0 Spec 9.1.1](http://oauth.net/core/1.0/#rfc.section.9.1.1). * * @param array request parameters * @return string * @uses OAuth::urlencode */ public static function normalize_params(array $params) { // Encode the parameter keys and values $keys = OAuth::urlencode(array_keys($params)); $values = OAuth::urlencode(array_values($params)); // Recombine the parameters $params = array_combine($keys, $values); // OAuth Spec 9.1.1 (1) // "Parameters are sorted by name, using lexicographical byte value ordering." uksort($params, 'strcmp'); // Create a new query string $query = array(); foreach ($params as $name => $value) { if (is_array($value)) { // OAuth Spec 9.1.1 (1) // "If two or more parameters share the same name, they are sorted by their value." $value = natsort($value); foreach ($value as $duplicate) { $query[] = $name . '=' . $duplicate; } } else { $query[] = $name . '=' . $value; } } return implode('&', $query); }
/** * Get a signing key from a consumer and token. * * $key = $signature->key($consumer, $token); * * [!!] This method implements the signing key of [OAuth 1.0 Spec 9](http://oauth.net/core/1.0/#rfc.section.9). * * @param OAuth_Consumer consumer * @param OAuth_Token token * @return string * @uses OAuth::urlencode */ public function key(OAuth_Consumer $consumer, OAuth_Token $token = NULL) { $key = OAuth::urlencode($consumer->secret) . '&'; if ($token) { $key .= OAuth::urlencode($token->secret); } return $key; }
/** * Convert the request parameters into an `Authorization` header. * * $header = $request->as_header(); * * [!!] This method implements [OAuth 1.0 Spec 5.4.1](http://oauth.net/core/1.0/#rfc.section.5.4.1). * * @return string */ public function as_header() { $header = array(); foreach ($this->params as $name => $value) { if (strpos($name, 'oauth_') === 0) { // OAuth Spec 5.4.1 // "Parameter names and values are encoded per Parameter Encoding [RFC 3986]." $header[] = OAuth::urlencode($name) . '="' . OAuth::urlencode($value) . '"'; } } return 'OAuth ' . implode(', ', $header); }
protected function getSignature($method, $url, $params) { $signature = false; /** * Normalize method. */ $method = strtoupper($method); /** * Normalize URL. * * $urlnormalize = OAuth::urlnormalize($url); * $url = $urlnormalize['url']; */ /** * Remove `oauth_signature` if present. * Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.") */ if (isset($params['oauth_signature'])) { unset($params['oauth_signature']); } /** * Generate key. */ $keyParts = array($this->consumerSecret, $this->tokenSecret ? $this->tokenSecret : ''); $key = implode('&', OAuth::urlencode($keyParts)); switch ($this->signatureMethod) { case OAuth::SIG_METHOD_HMACSHA1: $baseParts = array($method, $url, OAuth::paramsBuild($params)); $base = implode('&', OAuth::urlencode($baseParts)); $signature = base64_encode(hash_hmac('sha1', $base, $key, true)); break; case OAuth::SIG_METHOD_PLAINTEXT: $signature = $key; break; } if (false === $signature) { throw new Exception('Can\'t generate signature.'); } return $signature; }
/** * Convert the request parameters into an `Authorization` header. * * $header = $request->as_header(); * * [!!] This method implements [OAuth 1.0 Spec 5.4.1](http://oauth.net/core/1.0/#rfc.section.5.4.1). * * @return string */ public function as_header() { $header = array(); // Check for the existance of "realm" if (array_key_exists('realm', $this->params) and !empty($this->params['realm'])) { // OAuth Spec 5.4.1 // "Parameter names and values are encoded per Parameter Encoding [RFC 3986]." $header[] = OAuth::urlencode('realm') . '="' . OAuth::urlencode($this->params['realm']) . '"'; } foreach ($this->params as $name => $value) { if (strpos($name, 'oauth_') === 0) { // OAuth Spec 5.4.1 // "Parameter names and values are encoded per Parameter Encoding [RFC 3986]." $header[] = OAuth::urlencode($name) . '="' . OAuth::urlencode($value) . '"'; } } return 'OAuth ' . implode(', ', $header); }