/** * Verifies that a given signature is correct. * * @param JacobKiers\OAuth\Request\RequestInterface $request * @param JacobKiers\OAuth\Consumer\ConsumerInterface $consumer * @param JacobKiers\OAuth\Token\TokenInterface $token * @param string $signature * * @return bool */ public function checkSignature(RequestInterface $request, ConsumerInterface $consumer, TokenInterface $token, $signature) { $base_string = $request->getOAuthSignatureBaseString(); $decoded_sig = base64_decode($signature); // Fetch the public key cert based on the request $cert = $this->fetchPublicCert($request); // Pull the public key ID from the certificate $publickeyid = openssl_get_publickey($cert); // Check the computed signature against the one passed in the query $ok = openssl_verify($base_string, $decoded_sig, $publickeyid); // Release the key resource openssl_free_key($publickeyid); return $ok == 1; }
/** * Build up the signature. * * oauth_signature is set to the concatenated encoded values of the Consumer Secret and * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is * empty. The result MUST be encoded again. * - Chapter 9.4.1 ("Generating Signatures") * * Please note that the second encoding MUST NOT happen in the SignatureMethod, as * OAuthRequest handles this! * * @param JacobKiers\OAuth\Request\RequestInterface $request * @param JacobKiers\OAuth\Consumer\ConsumerInterface $consumer * @param JacobKiers\OAuth\Token\TokenInterface $token * * @return string */ public function buildSignature(RequestInterface $request, ConsumerInterface $consumer, TokenInterface $token = null) { $base_string = $request->getOAuthSignatureBaseString(); $key = $this->getSignatureKey($consumer, $token); return base64_encode(hash_hmac('sha1', $base_string, $key, true)); }