/**
* oauth_signature is set to the concatenated encoded values of the Consumer Secret and
* Token Secret, separated by a '&' character (ASCII code 38), even if either secret is
* empty. The result MUST be encoded again.
* - Chapter 9.4.1 ("Generating Signatures")
*
* Please note that the second encoding MUST NOT happen in the SignatureMethod, as
* OAuth\Request handles this!
*/
public function build_signature($request, $consumer, $token)
{
$key_parts = array($consumer->secret, $token ? $token->secret : "");
$key_parts = \OAuth\Util::urlencode_rfc3986($key_parts);
$key = implode('&', $key_parts);
$request->base_string = $key;
return $key;
}
/**
* oauth_signature is set to the concatenated encoded values of the Consumer Secret and
* Token Secret, separated by a '&' character (ASCII code 38), even if either secret is
* empty. The result MUST be encoded again.
* - Chapter 9.4.1 ("Generating Signatures")
*
* Please note that the second encoding MUST NOT happen in the SignatureMethod, as
* OAuthRequest handles this!
*/
public function buildSignature($request, $consumer, $token)
{
$key_parts = array($consumer->getSecret(), $token ? $token->getSecret() : "");
$key_parts = Util::urlencodeRfc3986($key_parts);
$key = implode('&', $key_parts);
$request->setBaseString($key);
return $key;
}
public function buildSignature($request, $consumer, $token)
{
$baseString = $request->getSignatureBaseString();
$request->setBaseString($baseString);
$key_parts = array($consumer->getSecret(), $token ? $token->getSecret() : "");
$key_parts = Util::urlencodeRfc3986($key_parts);
$key = implode('&', $key_parts);
return base64_encode(hash_hmac('sha1', $baseString, $key, true));
}
public function build_signature($request, $consumer, $token)
{
$base_string = $request->get_signature_base_string();
$request->base_string = $base_string;
$key_parts = array($consumer->secret, $token ? $token->secret : "");
$key_parts = \OAuth\Util::urlencode_rfc3986($key_parts);
$key = implode('&', $key_parts);
return base64_encode(hash_hmac('sha1', $base_string, $key, true));
}
/**
* builds the Authorization: header
*/
public function to_header($realm = null)
{
$first = true;
if ($realm) {
$out = 'Authorization: OAuth realm="' . \OAuth\Util::urlencode_rfc3986($realm) . '"';
$first = false;
} else {
$out = 'Authorization: OAuth';
}
$total = array();
foreach ($this->parameters as $k => $v) {
if (substr($k, 0, 5) != "oauth") {
continue;
}
if (is_array($v)) {
throw new Exception('Arrays not supported in headers');
}
$out .= $first ? ' ' : ',';
$out .= \OAuth\Util::urlencode_rfc3986($k) . '="' . \OAuth\Util::urlencode_rfc3986($v) . '"';
$first = false;
}
return $out;
}
public static function build_http_query($params)
{
if (!$params) {
return '';
}
// Urlencode both keys and values
$keys = \OAuth\Util::urlencode_rfc3986(array_keys($params));
$values = \OAuth\Util::urlencode_rfc3986(array_values($params));
$params = array_combine($keys, $values);
// Parameters are sorted by name, using lexicographical byte value ordering.
// Ref: Spec: 9.1.1 (1)
uksort($params, 'strcmp');
$pairs = array();
foreach ($params as $parameter => $value) {
if (is_array($value)) {
// If two or more parameters share the same name, they are sorted by their value
// Ref: Spec: 9.1.1 (1)
// June 12th, 2010 - changed to sort because of issue 164 by hidetaka
sort($value, SORT_STRING);
foreach ($value as $duplicate_value) {
$pairs[] = $parameter . '=' . $duplicate_value;
}
} else {
$pairs[] = $parameter . '=' . $value;
}
}
// For each parameter, the name is separated from the corresponding value by an '=' character (ASCII code 61)
// Each name-value pair is separated by an '&' character (ASCII code 38)
return implode('&', $pairs);
}
/**
* generates the basic string serialization of a token that a server
* would respond to request_token and access_token calls with
*/
public function to_string()
{
return "oauth_token=" . \OAuth\Util::urlencode_rfc3986($this->key) . "&oauth_token_secret=" . \OAuth\Util::urlencode_rfc3986($this->secret);
}
public function testGetHeaders()
{
if (function_exists('apache_request_headers')) {
$this->markTestSkipped('We assume the apache module is well tested. Since this module is present, no need testing our suplement');
}
$_SERVER['HTTP_HOST'] = 'foo';
$_SERVER['HTTP_X_WHATEVER'] = 'bar';
$this->assertEquals(array('Host' => 'foo', 'X-Whatever' => 'bar'), \OAuth\Util::getHeaders());
// Test picking up the Content-Type of POST requests running as an Apache module but not having the ARH method
$_SERVER['CONTENT_TYPE'] = 'application/x-www-form-urlencoded';
$this->assertEquals(array('Host' => 'foo', 'X-Whatever' => 'bar', 'Content-Type' => 'application/x-www-form-urlencoded'), \OAuth\Util::getHeaders());
// Test picking up the Content-Type of POST requests when using CGI
unset($_SERVER['CONTENT_TYPE']);
$this->assertEquals(array('Host' => 'foo', 'X-Whatever' => 'bar'), \OAuth\Util::getHeaders());
$_ENV['CONTENT_TYPE'] = 'application/x-www-form-urlencoded';
$this->assertEquals(array('Host' => 'foo', 'X-Whatever' => 'bar', 'Content-Type' => 'application/x-www-form-urlencoded'), \OAuth\Util::getHeaders());
}
