public function extract(MessageInterface $message, RecordInterface $record) { $auth = (string) $message->getHeader('Authorization'); if (!empty($auth)) { if (strpos($auth, 'OAuth') !== false) { // get oauth data $data = array(); $items = explode(',', $auth); foreach ($items as $v) { $v = trim($v); if (substr($v, 0, 6) == 'oauth_') { $pair = explode('=', $v); if (isset($pair[0]) && isset($pair[1])) { $key = substr(strtolower($pair[0]), 6); $val = trim($pair[1], '"'); $data[$key] = Oauth::urlDecode($val); } } } // check whether all required values are available foreach ($this->map as $k => $v) { if (isset($data[$v])) { $method = 'set' . ucfirst($k); if (method_exists($record, $method)) { $record->{$method}($data[$v]); } else { throw new InvalidDataException('Unknown parameter'); } } elseif (in_array($k, $this->requiredFields)) { throw new InvalidDataException('Required parameter "' . $v . '" is missing'); } } return $record; } else { throw new InvalidDataException('Unknown OAuth authentication'); } } else { throw new InvalidDataException('Missing Authorization header'); } }
/** * Compares whether the $signature is valid by creating a new signature * and comparing them with $signature * * @param string $baseString * @param string $consumerSecret * @param string $tokenSecret * @param string $signature * @return boolean */ public function verify($baseString, $consumerSecret, $tokenSecret = '', $signature) { $lft = Oauth::urlDecode($signature); $rgt = Oauth::urlDecode($this->build($baseString, $consumerSecret, $tokenSecret)); return strcasecmp($lft, $rgt) == 0; }