/** * Returns a value for the CURLOPT_POSTFIELDS option. * * @return string|array A post fields value */ private static function getPostFields(RequestInterface $request) { if (!$request instanceof FormRequestInterface) { return $request->getContent(); } $fields = $request->getFields(); $multipart = false; foreach ($fields as $name => $value) { if ($value instanceof FormUploadInterface) { $multipart = true; if ($file = $value->getFile()) { // replace value with upload string $fields[$name] = '@' . $file; if ($contentType = $value->getContentType()) { $fields[$name] .= ';type=' . $contentType; } } else { return $request->getContent(); } } } return $multipart ? $fields : http_build_query($fields); }
/** * Returns a value for the CURLOPT_POSTFIELDS option. * * @return string|array A post fields value */ private static function getPostFields(RequestInterface $request) { if (!$request instanceof FormRequestInterface) { return $request->getContent(); } $fields = $request->getFields(); $multipart = false; foreach ($fields as $name => $value) { if (!$value instanceof FormUploadInterface) { continue; } if (!($file = $value->getFile())) { return $request->getContent(); } $multipart = true; if (version_compare(PHP_VERSION, '5.5', '>=')) { $curlFile = new \CURLFile($file); if ($contentType = $value->getContentType()) { $curlFile->setMimeType($contentType); } if (basename($file) != $value->getFilename()) { $curlFile->setPostFilename($value->getFilename()); } $fields[$name] = $curlFile; } else { // replace value with upload string $fields[$name] = '@' . $file; if ($contentType = $value->getContentType()) { $fields[$name] .= ';type=' . $contentType; } if (basename($file) != $value->getFilename()) { $fields[$name] .= ';filename=' . $value->getFilename(); } } } return $multipart ? $fields : http_build_query($fields, '', '&'); }
/** * @param AntiMattr\OAuth\OAuth $oauth * @param Buzz\Message\RequestInterface $request * * @throws RuntimeException */ protected function attachOAuthSignature(OAuth $oauth, RequestInterface $request) { $method = $request->getMethod(); $url = new Url($request->getUrl()); $parameters = $url->query->getData(); if ($request instanceof FormRequestInterface) { $fields = $request->getFields(); $parameters = array_merge($fields, $parameters); } // Parameters are sorted by name, using lexicographical byte value ordering. // Ref: Spec: 9.1.1 (1) uksort($parameters, 'strcmp'); // Validate required parameters foreach (array('oauth_consumer_key', 'oauth_timestamp', 'oauth_nonce', 'oauth_version', 'oauth_signature_method') as $parameter) { if (!isset($parameters[$parameter])) { throw new RuntimeException(sprintf('Parameter "%s" must be set.', $parameter)); } } // Remove oauth_signature if present // Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.") if (isset($parameters['oauth_signature'])) { unset($parameters['oauth_signature']); } // Remove default ports // Ref: Spec: 9.1.2 $explicitPort = $url->has('port') ? $url->get('port') : null; if ('https' === $url->get('scheme') && 443 === $explicitPort || 'http' === $url->get('scheme') && 80 === $explicitPort) { $explicitPort = null; } // Remove query params from URL // Ref: Spec: 9.1.2 $urlString = sprintf('%s://%s%s%s', $url->get('scheme'), $url->get('host'), $explicitPort ? ':' . $explicitPort : '', $url->has('path') ? $url->get('path') : ''); // Parameters are sorted by name, using lexicographical byte value ordering. // Ref: Spec: 9.1.1 (1) uksort($parameters, 'strcmp'); // http_build_query should use RFC3986 $parts = array(strtoupper($method), rawurlencode($urlString), rawurlencode(str_replace(array('%7E', '+'), array('~', '%20'), http_build_query($parameters, '', '&')))); $baseString = implode('&', $parts); $signatureMethod = $oauth->getSignatureMethod(); $consumerSecret = $oauth->getConsumerSecret(); $oAuthTokenSecret = $oauth->getOAuthTokenSecret(); switch ($signatureMethod) { case OAuth::SIGNATURE_METHOD_HMAC: $keyParts = array(rawurlencode($consumerSecret), rawurlencode($oAuthTokenSecret)); $signature = hash_hmac('sha1', $baseString, implode('&', $keyParts), true); break; case OAuth::SIGNATURE_METHOD_RSA: if (!function_exists('openssl_pkey_get_private')) { throw new RuntimeException('RSA-SHA1 signature method requires the OpenSSL extension.'); } $privateKey = openssl_pkey_get_private(file_get_contents($consumerSecret), $oAuthTokenSecret); $signature = false; openssl_sign($baseString, $signature, $privateKey); openssl_free_key($privateKey); break; case OAuth::SIGNATURE_METHOD_PLAINTEXT: $signature = $baseString; break; default: throw new RuntimeException(sprintf('Unknown signature method selected %s.', $signatureMethod)); } $encoded = base64_encode($signature); if ($request instanceof FormRequestInterface) { $fields = $request->getFields(); $fields['oauth_signature'] = $encoded; // Parameters are sorted by name, using lexicographical byte value ordering. // Ref: Spec: 9.1.1 (1) uksort($fields, 'strcmp'); $request->setFields($fields); } else { $parameters['oauth_signature'] = $encoded; // Parameters are sorted by name, using lexicographical byte value ordering. // Ref: Spec: 9.1.1 (1) uksort($parameters, 'strcmp'); $url->query->setData($parameters); $url = $url->getUrl(); $request->fromUrl($url); } }