Exemplo n.º 1
0
 /**
  * {@inheritDoc}
  */
 public function signResponse(ResponseInterface $response)
 {
     $authHeader = AuthorizationHeader::createFromRequest($this->request);
     $parts = [$authHeader->getNonce(), $this->request->getHeaderLine('X-Authorization-Timestamp'), (string) $response->getBody()];
     $message = implode("\n", $parts);
     $signature = $this->digest->sign($message, $this->key->getSecret());
     /** @var \Psr\Http\Message\ResponseInterface $response */
     $response = $response->withHeader('X-Server-Authorization-HMAC-SHA256', $signature);
     return $response;
 }
Exemplo n.º 2
0
 /**
  * Builds an AuthorizationHeader object.
  *
  * @param \Psr\Http\Message\RequestInterface $request
  *   The request being signed.
  * @param string[] $customHeaders
  *   A list of custom header names. The values of the headers will be
  *   extracted from the request.
  *
  * @return \Acquia\Hmac\AuthorizationHeader
  *   The compiled authorizatio header object.
  */
 protected function buildAuthorizationHeader(RequestInterface $request, array $customHeaders = [])
 {
     $authHeaderBuilder = new AuthorizationHeaderBuilder($request, $this->key, $this->digest);
     $authHeaderBuilder->setRealm($this->realm);
     $authHeaderBuilder->setId($this->key->getId());
     $authHeaderBuilder->setCustomHeaders($customHeaders);
     return $authHeaderBuilder->getAuthorizationHeader();
 }
 /**
  * Ensures a response can be authenticated.
  */
 public function testIsAuthentic()
 {
     $realm = 'Pipet service';
     $nonce = 'd1954337-5319-4821-8427-115542e08d10';
     $timestamp = 1432075982;
     $signature = 'LusIUHmqt9NOALrQ4N4MtXZEFE03MjcDjziK+vVqhvQ=';
     $requestHeaders = ['X-Authorization-Timestamp' => $timestamp];
     $request = new Request('GET', 'http://example.com', $requestHeaders);
     $authHeaderBuilder = new AuthorizationHeaderBuilder($request, $this->authKey);
     $authHeaderBuilder->setRealm($realm);
     $authHeaderBuilder->setId($this->authKey->getId());
     $authHeaderBuilder->setNonce($nonce);
     $authHeader = $authHeaderBuilder->getAuthorizationHeader();
     $requestSigner = new MockRequestSigner($this->authKey, $realm, new Digest(), $authHeader);
     $signedRequest = $requestSigner->signRequest($request);
     $responseHeaders = ['X-Server-Authorization-HMAC-SHA256' => $signature];
     $response = new Response(200, $responseHeaders);
     $authenticator = new ResponseAuthenticator($signedRequest, $this->authKey);
     $this->assertTrue($authenticator->isAuthentic($response));
 }
Exemplo n.º 4
0
 /**
  * Ensures the correct headers are generated when signing a request.
  */
 public function testSignRequest()
 {
     $headers = ['Content-Type' => 'text/plain', 'X-Authorization-Timestamp' => $this->timestamp];
     $request = new Request('GET', 'https://example.acquiapipet.net/v1.0/task-status/133?limit=10', $headers);
     $digest = new Digest();
     $authHeaderBuilder = new AuthorizationHeaderBuilder($request, $this->authKey, $digest);
     $authHeaderBuilder->setRealm($this->realm);
     $authHeaderBuilder->setId($this->authKey->getId());
     $authHeaderBuilder->setNonce('d1954337-5319-4821-8427-115542e08d10');
     $authHeader = $authHeaderBuilder->getAuthorizationHeader();
     $signer = new MockRequestSigner($this->authKey, $this->realm, $digest, $authHeader);
     $signedRequest = $signer->signRequest($request);
     $this->assertFalse($signedRequest->hasHeader('X-Authorization-Content-SHA256'));
     $this->assertTrue($signedRequest->hasHeader('X-Authorization-Timestamp'));
     $this->assertEquals($this->timestamp, $signedRequest->getHeaderLine('X-Authorization-Timestamp'));
     $this->assertTrue($signedRequest->hasHeader('Authorization'));
     $this->assertContains('signature="MRlPr/Z1WQY2sMthcaEqETRMw4gPYXlPcTpaLWS2gcc="', $signedRequest->getHeaderLine('Authorization'));
     // Ensure that we can get the AuthorizationHeader back from the request.
     $signedAuthRequest = $signer->getAuthorizedRequest($signedRequest);
     $this->assertContains('signature="MRlPr/Z1WQY2sMthcaEqETRMw4gPYXlPcTpaLWS2gcc="', $signedAuthRequest->getHeaderLine('Authorization'));
 }
 /**
  * Generate a signature from the request.
  *
  * @throws \Acquia\Hmac\Exception\MalformedRequestException
  *   When a required header is missing.
  *
  * @return string
  *   The generated signature.
  */
 protected function generateSignature()
 {
     if (!$this->request->hasHeader('X-Authorization-Timestamp')) {
         throw new MalformedRequestException('X-Authorization-Timestamp header missing from request.', null, 0, $this->request);
     }
     $parts = [strtoupper($this->request->getMethod()), $this->request->getUri()->getHost(), $this->request->getUri()->getPath(), $this->request->getUri()->getQuery(), $this->serializeAuthorizationParameters()];
     $parts = array_merge($parts, $this->normalizeCustomHeaders());
     $parts[] = $this->request->getHeaderLine('X-Authorization-Timestamp');
     $body = (string) $this->request->getBody();
     if (strlen($body)) {
         if ($this->request->hasHeader('Content-Type')) {
             $parts[] = $this->request->getHeaderLine('Content-Type');
         }
         $parts[] = $this->digest->hash((string) $body);
     }
     return $this->digest->sign(implode("\n", $parts), $this->key->getSecret());
 }