public function testSecureAuthSubSigning() { if (!extension_loaded('openssl')) { $this->markTestSkipped('The openssl extension is not available'); } else { $c = new HttpClient(); $c->setAuthSubPrivateKeyFile("Zend/GData/_files/RsaKey.pem", null, true); $c->setAuthSubToken('abcdefg'); $requestData = $c->filterHttpRequest('POST', 'http://www.example.com/feed', array(), 'foo bar', 'text/plain'); $authHeaderCheckPassed = false; $headers = $requestData['headers']; foreach ($headers as $headerName => $headerValue) { if (strtolower($headerName) == 'authorization') { preg_match('/data="([^"]*)"/', $headerValue, $matches); $dataToSign = $matches[1]; preg_match('/sig="([^"]*)"/', $headerValue, $matches); $sig = $matches[1]; if (function_exists('openssl_verify')) { $fp = fopen('ZendGData/_files/RsaCert.pem', 'r', true); $cert = ''; while (!feof($fp)) { $cert .= fread($fp, 8192); } fclose($fp); $pubkeyid = openssl_get_publickey($cert); $verified = openssl_verify($dataToSign, base64_decode($sig), $pubkeyid); $this->assertEquals(1, $verified, 'The generated signature was unable ' . 'to be verified.'); $authHeaderCheckPassed = true; } } } $this->assertEquals(true, $authHeaderCheckPassed, 'Auth header not found for sig verification.'); } }
/** * Retrieve a HTTP client object with AuthSub credentials attached * as the Authorization header * * @param string $token The token to retrieve information about * @param HttpClient $client (optional) HTTP client to use to make the request * @return HttpClient */ public static function getHttpClient($token, HttpClient $client = null) { if ($client == null) { $client = new HttpClient(); } $useragent = App::getUserAgentString(); $client->setOptions(array('strictredirects' => true, 'useragent' => $useragent)); $client->setAuthSubToken($token); return $client; }