protected function getSignature($method, $url, $params) { $signature = false; /** * Normalize method. */ $method = strtoupper($method); /** * Normalize URL. * * $urlnormalize = OAuth::urlnormalize($url); * $url = $urlnormalize['url']; */ /** * Remove `oauth_signature` if present. * Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.") */ if (isset($params['oauth_signature'])) { unset($params['oauth_signature']); } /** * Generate key. */ $keyParts = array($this->consumerSecret, $this->tokenSecret ? $this->tokenSecret : ''); $key = implode('&', OAuth::urlencode($keyParts)); switch ($this->signatureMethod) { case OAuth::SIG_METHOD_HMACSHA1: $baseParts = array($method, $url, OAuth::paramsBuild($params)); $base = implode('&', OAuth::urlencode($baseParts)); $signature = base64_encode(hash_hmac('sha1', $base, $key, true)); break; case OAuth::SIG_METHOD_PLAINTEXT: $signature = $key; break; } if (false === $signature) { throw new Exception('Can\'t generate signature.'); } return $signature; }