public function testGenerateBodyhash() { $this->assertEquals('qUqP5cyxm6YcTAhz05Hph5gvu9M=', OAuth2MacTokenUtil::generateBodyhash('test', 'hmac-sha-1')); $this->assertEquals('n4bQgYhMfWWaL+qgxVrQFaO/TxsrC4Is0V1sFbDwCgg=', OAuth2MacTokenUtil::generateBodyhash('test', 'hmac-sha-256')); // sample at http://tools.ietf.org/html/draft-hammer-oauth-v2-mac-token-02 $this->assertEquals('k9kbtCIy0CkI3/FEfpS/oIDjk6k=', OAuth2MacTokenUtil::generateBodyhash('hello=world%21', 'hmac-sha-1')); $this->assertEquals('Lve95gjOVATpfV8EL5X4nxwjKHE=', OAuth2MacTokenUtil::generateBodyhash('Hello World!', 'hmac-sha-1')); }
public function sendRequest($method, $url, $entitybody = null, $headers = array()) { $headers[] = OAuth2MacTokenUtil::genetateAuthZHeader($this->_token, $this->_secret, $this->_algorithm, $this->_timestamp, $this->_nonce, $method, $url, $entitybody); $this->_http_info = array(); $this->_http_code = null; $this->_http_body = null; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_USERAGENT, $this->_useragent); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, $this->_connecttimeout); curl_setopt($ch, CURLOPT_TIMEOUT, $this->_timeout); curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); curl_setopt($ch, CURLOPT_HTTPHEADER, $headers); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, $this->_ssl_verifypeer); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, $this->_ssl_verifyhost); curl_setopt($ch, CURLOPT_HEADER, $this->_responseheader); curl_setopt($ch, CURLINFO_HEADER_OUT, TRUE); switch ($method) { case 'POST': curl_setopt($ch, CURLOPT_POST, TRUE); if (!empty($entitybody)) { curl_setopt($ch, CURLOPT_POSTFIELDS, $entitybody); } break; case 'DELETE': curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'DELETE'); if (!empty($entitybody)) { $url = "{$url}?{$entitybody}"; } } $this->_http_body = curl_exec($ch); $this->_http_code = curl_getinfo($ch, CURLINFO_HTTP_CODE); $this->_http_info = array_merge($this->_http_info, curl_getinfo($ch)); curl_close($ch); return ($this->_http_code = 200) ? true : false; }
/** * Validate signature param */ public function validateSignature() { if (empty($this->_secret) || empty($this->_algorithm)) { throw new Exception('Missing MAC Credential(secret/algorithm)'); } $cal_signature = OAuth2MacTokenUtil::generateSignature($this->_token, $this->_secret, $this->_algorithm, $this->_timestamp, $this->_nonce, $this->_method, $this->_url, $this->_entitybody); if ($this->_signature != $cal_signature) { $this->_enabled = false; $this->_code = 'HTTP/1.1 401 Unauthorized'; $this->_error = 'invalid_signature'; } }
=== Input Parameters === EOF; print "\n"; print OAuth2MacTokenUtil::genetateAuthZHeader($key_id, $key, $algorithm, $iss, $nonce, $method, $url, $entitybody, $ext); print "\n\n"; $key_id = "samplekeyid"; $key = "samplekey"; $algorithm = "hmac-sha-1"; $iss = time() - 1; // dummy $nonce = ""; $method = "GET"; $url = "http://example.com:80/request?foo=var"; $entitybody = ""; $ext = "a,b,c"; print <<<EOF === Input Parameters === key_id = "{$key_id}"; key = "{$key}"; algorithm = "{$algorithm}"; iss = {$iss}; // dummy nonce = "{$nonce}"; method = "{$method}"; url = "{$url}"; entitybody = "{$entitybody}"; ext = "{$ext}"; === Input Parameters === EOF; print "\n"; print OAuth2MacTokenUtil::genetateAuthZHeader($key_id, $key, $algorithm, $iss, $nonce, $method, $url, $entitybody, $ext); print "\n\n";