/**
* {@inheritdoc}
* @param \Zeflasher\OAuth\Provider\OAuthRequest $request
* @param string $consumer_secret
* @param string $token_secret
* @return string
*/
public function build_signature($request, $consumer_secret, $token_secret = '')
{
$base_string = $request->get_signature_base_string();
$request->base_string = $base_string;
$key_parts = array( $consumer_secret, $token_secret );
$key_parts = \Zeflasher\OAuth\OAuthUtil::urlencode_rfc3986($key_parts);
$key = implode('&', $key_parts);
return base64_encode(hash_hmac('sha1', $base_string, $key, true));
}
/**
* Call the appropriate signature method
* The check for required parameters has already be done, no need to repeat it here
* @param \Zeflasher\OAuth\Provider\OAuthRequest $request
* @return \Zeflasher\OAuth\SignatureMethods\OAuthSignatureMethod
* @throws \Zeflasher\OAuth\OAuthException
*/
private function __get_signature_method($request)
{
$signature_method = $request instanceof \Zeflasher\OAuth\Provider\OAuthRequest
? $request->get_parameter(\Zeflasher\OAuth\OAuthConstants::OAUTH_CLIENT_SIGNATURE_METHOD)
: NULL;
if (!$signature_method)
{
// According to chapter 7 ("Accessing Protected Resources") the signature-method
// parameter is required, and we can't just fallback to PLAINTEXT
throw new \Zeflasher\OAuth\OAuthException('No signature method parameter. This parameter is required');
}
if (!in_array($signature_method,
array_keys($this->_signature_methods)))
{
throw new \Zeflasher\OAuth\OAuthException(
"Signature method '$signature_method' not supported " .
"try one of the following: " .
implode(", ", array_keys($this->_signature_methods)), \Zeflasher\OAuth\OAuthConstants::OAUTH_SIGNATURE_METHOD_REJECTED
);
}
return $this->_signature_methods[$signature_method];
}
