If both AuthSub and ClientLogin tokens are set,
AuthSub takes precedence. If an AuthSub key is set, then
secure AuthSub authentication is used, and the request is signed.
Requests must be signed only with the private key corresponding to the
public key registered with Google. If an AuthSub key is set, but
openssl support is not enabled in the PHP installation, an exception is
thrown.
| public filterHttpRequest ( string $method, string $url, array $headers = [], string $body = null, string $contentType = null ) : array | ||
| $method | string | The HTTP method |
| $url | string | The URL |
| $headers | array | An associate array of headers to be sent with the request or null |
| $body | string | The body of the request or null |
| $contentType | string | The MIME content type of the body or null |
| return | array | The processed values in an associative array, using the same names as the params |
public function testSecureAuthSubSigning()
{
if (!extension_loaded('openssl')) {
$this->markTestSkipped('The openssl extension is not available');
} else {
$c = new Zend_Gdata_HttpClient();
$c->setAuthSubPrivateKeyFile("Zend/Gdata/_files/RsaKey.pem", null, true);
$c->setAuthSubToken('abcdefg');
$requestData = $c->filterHttpRequest('POST', 'http://www.example.com/feed', array(), 'foo bar', 'text/plain');
$authHeaderCheckPassed = false;
$headers = $requestData['headers'];
foreach ($headers as $headerName => $headerValue) {
if (strtolower($headerName) == 'authorization') {
preg_match('/data="([^"]*)"/', $headerValue, $matches);
$dataToSign = $matches[1];
preg_match('/sig="([^"]*)"/', $headerValue, $matches);
$sig = $matches[1];
if (function_exists('openssl_verify')) {
$fp = fopen('Zend/Gdata/_files/RsaCert.pem', 'r', true);
$cert = '';
while (!feof($fp)) {
$cert .= fread($fp, 8192);
}
fclose($fp);
$pubkeyid = openssl_get_publickey($cert);
$verified = openssl_verify($dataToSign, base64_decode($sig), $pubkeyid);
$this->assertEquals(1, $verified, 'The generated signature was unable ' . 'to be verified.');
$authHeaderCheckPassed = true;
}
}
}
$this->assertEquals(true, $authHeaderCheckPassed, 'Auth header not found for sig verification.');
}
}
/**
* Performs a HTTP request using the specified method.
*
* Overrides the definition in the parent (Zend_Gdata_App)
* and uses the Zend_Gdata_HttpClient functionality
* to filter the HTTP requests and responses.
*
* @param string $method The HTTP method for the request -
* 'GET', 'POST', 'PUT', 'DELETE'
* @param string $url The URL to which this request is being performed,
* or null if found in $data
* @param array $headers An associative array of HTTP headers
* for this request
* @param string $body The body of the HTTP request
* @param string $contentType The value for the content type of the
* request body
* @param int $remainingRedirects Number of redirects to follow
* if requests results in one
* @return Zend_Http_Response The response object
*/
public function performHttpRequest($method, $url, $headers = array(), $body = null, $contentType = null, $remainingRedirects = null)
{
if ($this->_httpClient instanceof Zend_Gdata_HttpClient) {
$filterResult = $this->_httpClient->filterHttpRequest($method, $url, $headers, $body, $contentType);
$method = $filterResult['method'];
$url = $filterResult['url'];
$body = $filterResult['body'];
$headers = $filterResult['headers'];
$contentType = $filterResult['contentType'];
return $this->_httpClient->filterHttpResponse(parent::performHttpRequest($method, $url, $headers, $body, $contentType, $remainingRedirects));
} else {
return parent::performHttpRequest($method, $url, $headers, $body, $contentType, $remainingRedirects);
}
}
