/**
* Method that generates the OAuth signature
*
* In order for this method to correctly generate a signature, setToken()
* MUST be called to set the token and token secret within the instance of
* phpSmug.
*
* @access private
* @param string $apicall The API method.
* @param mixed $apiargs The arguments passed to the API method.
* @return string
**/
private function generate_signature($apicall, $apiargs = NULL, $url = NULL)
{
$this->oauth_timestamp = time();
$this->oauth_nonce = md5(time() . mt_rand());
if (!is_null($apicall) && $apicall != 'Upload') {
if (substr($apicall, 0, 8) != 'smugmug.') {
$apicall = 'smugmug.' . $apicall;
}
}
if ($this->oauth_signature_method == 'PLAINTEXT') {
return phpSmug::urlencodeRFC3986($this->OAuthSecret) . '&' . phpSmug::urlencodeRFC3986($this->oauth_token_secret);
} else {
$this->oauth_signature_method = 'HMAC-SHA1';
$encKey = phpSmug::urlencodeRFC3986($this->OAuthSecret) . '&' . phpSmug::urlencodeRFC3986($this->oauth_token_secret);
if (is_null($apicall) && !is_null($url)) {
$endpoint = $url;
} else {
if (strpos($apicall, 'Token') || $this->secure && $apicall != 'Upload') {
$endpoint = "https://secure.smugmug.com/services/api/php/{$this->APIVer}/";
} else {
if ($apicall == 'Upload') {
//$proto = ( $this->oauth_signature_method == 'PLAINTEXT' || $this->secure ) ? 'https' : 'http';
//$endpoint = $proto . '://upload.smugmug.com/'.$apiargs['FileName']; // No support for secure uploads yet
$endpoint = 'http://upload.smugmug.com/' . $apiargs['FileName'];
} else {
$endpoint = "http://api.smugmug.com/services/api/php/{$this->APIVer}/";
}
}
}
if (is_null($apicall)) {
$method = 'GET';
} else {
if ($apicall == 'Upload') {
$method = 'PUT';
} else {
$method = 'POST';
}
}
$params = array('oauth_version' => '1.0', 'oauth_nonce' => $this->oauth_nonce, 'oauth_timestamp' => $this->oauth_timestamp, 'oauth_consumer_key' => $this->APIKey, 'oauth_signature_method' => $this->oauth_signature_method);
if (!is_null($apicall) && $apicall != 'Upload') {
$params = array_merge($params, array('method' => $apicall));
}
$params = !empty($this->oauth_token) ? array_merge($params, array('oauth_token' => $this->oauth_token)) : $params;
if ($apicall != 'Upload') {
$params = !empty($apiargs) ? array_merge($params, $apiargs) : $params;
}
$keys = array_map(array('phpSmug', 'urlencodeRFC3986'), array_keys($params));
$values = array_map(array('phpSmug', 'urlencodeRFC3986'), array_values($params));
$params = array_combine($keys, $values);
// Sort by keys (natsort)
uksort($params, 'strnatcmp');
// We can't use implode() here as it plays havoc with array keys with empty values.
$count = count($params);
$string = '';
foreach ($params as $key => $value) {
$count--;
$string .= $key . '=' . $value;
if ($count) {
$string .= '&';
}
}
$base_string = $method . '&' . phpSmug::urlencodeRFC3986($endpoint) . '&' . phpSmug::urlencodeRFC3986($string);
$sig = base64_encode(hash_hmac('sha1', $base_string, $encKey, true));
return $sig;
}
}
/**
* Method that generates the OAuth signature
*
* In order for this method to correctly generate a signature, setToken()
* MUST be called to set the token and token secret within the instance of
* phpSmug.
*
* @return string
* @access private
* @param string $apicall The API method.
* @param mixed $apiargs The arguments passed to the API method.
**/
private function generate_signature($apicall, $apiargs = NULL)
{
$this->oauth_timestamp = time();
$this->oauth_nonce = md5(time() . mt_rand());
if ($apicall != 'Upload') {
if (substr($apicall, 0, 8) != 'smugmug.') {
$apicall = 'smugmug.' . $apicall;
}
}
if ($this->oauth_signature_method == 'PLAINTEXT') {
return phpSmug::urlencodeRFC3986($this->OAuthSecret) . '&' . phpSmug::urlencodeRFC3986($this->oauth_token_secret);
} else {
$this->oauth_signature_method = 'HMAC-SHA1';
$encKey = phpSmug::urlencodeRFC3986($this->OAuthSecret) . '&' . phpSmug::urlencodeRFC3986($this->oauth_token_secret);
$endpoint = $apicall == 'Upload' ? 'http://api.smugmug.com/' . $apiargs['FileName'] : 'http://api.smugmug.com/services/api/php/' . $this->APIVer . '/';
$method = $apicall == 'Upload' ? 'PUT' : 'POST';
$params = array('oauth_version' => '1.0', 'oauth_nonce' => $this->oauth_nonce, 'oauth_timestamp' => $this->oauth_timestamp, 'oauth_consumer_key' => $this->APIKey, 'oauth_signature_method' => $this->oauth_signature_method);
if ($apicall != 'Upload') {
$params = array_merge($params, array('method' => $apicall));
}
$params = !empty($this->oauth_token) ? array_merge($params, array('oauth_token' => $this->oauth_token)) : $params;
if ($apicall != 'Upload') {
$params = !empty($apiargs) ? array_merge($params, $apiargs) : $params;
}
$keys = array_map(array('phpSmug', 'urlencodeRFC3986'), array_keys($params));
$values = array_map(array('phpSmug', 'urlencodeRFC3986'), array_values($params));
$params = array_combine($keys, $values);
// Sort by keys (natsort)
uksort($params, 'strnatcmp');
$pairs = array();
foreach ($params as $key => $value) {
if (is_array($value)) {
natsort($value);
foreach ($value as $v2) {
$pairs[] = "{$key}={$v2}";
}
} else {
$pairs[] = "{$key}={$value}";
}
}
$string = implode('&', $pairs);
$base_string = $method . '&' . phpSmug::urlencodeRFC3986($endpoint) . '&' . phpSmug::urlencodeRFC3986($string);
$sig = base64_encode(hash_hmac('sha1', $base_string, $encKey, true));
return $sig;
}
}
