/** * oauth_signature is set to the concatenated encoded values of the Consumer Secret and * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is * empty. The result MUST be encoded again. * - Chapter 9.4.1 ("Generating Signatures") * * Please note that the second encoding MUST NOT happen in the SignatureMethod, as * OAuthRequest handles this! */ public function build_signature($request, $consumer, $token) { $key_parts = array($consumer->secret, $token ? $token->secret : ""); $key_parts = TwitterOAuthUtil::urlencode_rfc3986($key_parts); $key = implode('&', $key_parts); $request->base_string = $key; return $key; }
public function build_signature($request, $consumer, $token) { $base_string = $request->get_signature_base_string(); $request->base_string = $base_string; $key_parts = array($consumer->secret, $token ? $token->secret : ""); $key_parts = TwitterOAuthUtil::urlencode_rfc3986($key_parts); $key = implode('&', $key_parts); return base64_encode(hash_hmac('sha1', $base_string, $key, true)); }
/** * generates the basic string serialization of a token that a server * would respond to request_token and access_token calls with */ function to_string() { return "oauth_token=" . TwitterOAuthUtil::urlencode_rfc3986($this->key) . "&oauth_token_secret=" . TwitterOAuthUtil::urlencode_rfc3986($this->secret); }
/** * One time exchange of username and password for access token and secret. * * @returns array("oauth_token" => "the-access-token", * "oauth_token_secret" => "the-access-secret", * "user_id" => "9436992", * "screen_name" => "abraham", * "x_auth_expires" => "0") */ function getXAuthToken($username, $password) { $parameters = array(); $parameters['x_auth_username'] = $username; $parameters['x_auth_password'] = $password; $parameters['x_auth_mode'] = 'client_auth'; $request = $this->oAuthRequest($this->accessTokenURL(), 'POST', $parameters); $token = TwitterOAuthUtil::parse_parameters($request); $this->token = new TwitterOAuthConsumer($token['oauth_token'], $token['oauth_token_secret']); return $token; }
public static function build_http_query($params) { if (!$params) { return ''; } // Urlencode both keys and values $keys = TwitterOAuthUtil::urlencode_rfc3986(array_keys($params)); $values = TwitterOAuthUtil::urlencode_rfc3986(array_values($params)); $params = array_combine($keys, $values); // Parameters are sorted by name, using lexicographical byte value ordering. // Ref: Spec: 9.1.1 (1) uksort($params, 'strcmp'); $pairs = array(); foreach ($params as $parameter => $value) { if (is_array($value)) { // If two or more parameters share the same name, they are sorted by their value // Ref: Spec: 9.1.1 (1) natsort($value); foreach ($value as $duplicate_value) { $pairs[] = $parameter . '=' . $duplicate_value; } } else { $pairs[] = $parameter . '=' . $value; } } // For each parameter, the name is separated from the corresponding value by an '=' character (ASCII code 61) // Each name-value pair is separated by an '&' character (ASCII code 38) return implode('&', $pairs); }
/** * builds the Authorization: header */ public function to_header($realm = null) { $first = true; if ($realm) { $out = 'Authorization: OAuth realm="' . TwitterOAuthUtil::urlencode_rfc3986($realm) . '"'; $first = false; } else { $out = 'Authorization: OAuth'; } $total = array(); foreach ($this->parameters as $k => $v) { if (substr($k, 0, 5) != "oauth") { continue; } if (is_array($v)) { throw new TwitterOAuthException('Arrays not supported in headers'); } $out .= $first ? ' ' : ','; $out .= TwitterOAuthUtil::urlencode_rfc3986($k) . '="' . TwitterOAuthUtil::urlencode_rfc3986($v) . '"'; $first = false; } return $out; }