/**
* Calculate the signature using MD5
* Binary md5 digest, as distinct from PHP's built-in hexdigest.
* This function is copyright Andy Smith, 2007.
*
* @param string $base
* @param string $consumerSecret
* @param string $tokenSecret
* @return string The encoded signature
*/
public function make($base, $consumerSecret, $tokenSecret)
{
$s .= '&' . Rfc3986::urlEncode($consumerSecret) . '&' . Rfc3986::urlEncode($tokenSecret);
$md5 = md5($base);
$bin = '';
for ($i = 0; $i < strlen($md5); $i += 2) {
$bin .= chr(hexdec($md5[$i + 1]) + hexdec($md5[$i]) * 16);
}
// return encoded signature
return Rfc3986::urlEncode(base64_encode($bin));
}
/**
* Calculate the signature using HMAC-SHA1
* This function is copyright Andy Smith, 2007.
*
* @param string $signatureBase
* @param string $consumerSecret
* @param string $tokenSecret
* @return string The encoded signature
*/
public function make($signatureBase, $consumerSecret, $tokenSecret)
{
$key = Rfc3986::urlEncode($consumerSecret) . '&' . Rfc3986::urlEncode($tokenSecret);
if (function_exists('hash_hmac')) {
$signature = base64_encode(hash_hmac('sha1', $signatureBase, $key, true));
} else {
$blocksize = 64;
$hashfunc = 'sha1';
if (strlen($key) > $blocksize) {
$key = pack('H*', $hashfunc($key));
}
$key = str_pad($key, $blocksize, chr(0x0));
$ipad = str_repeat(chr(0x36), $blocksize);
$opad = str_repeat(chr(0x5c), $blocksize);
$hmac = pack('H*', $hashfunc(($key ^ $opad) . pack('H*', $hashfunc(($key ^ $ipad) . $signatureBase))));
$signature = base64_encode($hmac);
}
// Return encoded signature
return Rfc3986::urlEncode($signature);
}
/**
* Exchange a request token for an access token
*
* @param boolean $bypassNonce
* Whether bypass nonce check or not
* @return array The new access token
*/
public function accessToken($bypassNonce = false)
{
$result = $this->verify('request', $bypassNonce);
// Optional TTL
$options = array();
$ttl = $this->getParam(self::XOAUTH_TOKEN_TTL, true);
if ($ttl) {
$options['token_ttl'] = $ttl;
}
$verifier = $this->getParam(self::OAUTH_VERIFIER, true);
if ($verifier) {
$options['verifier'] = $verifier;
}
$options['callback_url'] = isset($result['callback_url']) ? $result['callback_url'] : null;
$options['referer_url'] = isset($result['referer_url']) ? $result['referer_url'] : null;
// Exchange request token for an access token
if (!isset($this->storages['request_token'])) {
throw new \RuntimeException('You must supply a storage object implementing ' . $this->storageMap['request_token']);
}
if (!isset($this->storages['access_token'])) {
throw new \RuntimeException('You must supply a storage object implementing ' . $this->storageMap['access_token']);
}
// Should have a transaction here?
$accessToken = $this->storages['access_token']->createAccessToken($result['consumer_key'], $result['username'], $options);
if (!$accessToken) {
throw new \RuntimeException('Cannot create new access token for ' . json_encode($result));
}
// Delete request token here
$this->storages['access_token']->deleteRequestToken($result['token']);
$data = [];
$data[self::OAUTH_TOKEN] = Rfc3986::urlEncode($accessToken['token']);
$data[self::OAUTH_TOKEN_SECRET] = Rfc3986::urlEncode($accessToken['token_secret']);
$data[self::OAUTH_CALLBACK_CONFIRMED] = 1;
if (!empty($accessToken['expires_at']) && is_numeric($accessToken['expires_at'])) {
$expiresAt = Carbon::createFromTimestamp(intval($accessToken['expires_at']));
$data[self::XOAUTH_TOKEN_TTL] = $expiresAt->diffInSeconds();
}
return $data;
}
