This method reads the file and then calls setAuthSubPrivateKey()
with the file contents.
public setAuthSubPrivateKeyFile ( string $file, string $passphrase = null, boolean $useIncludePath = false ) : void | ||
$file | string | The location of the file containing the PEM key |
$passphrase | string | The optional private key passphrase |
$useIncludePath | boolean | Whether to search the include_path for the file |
Результат | void |
public function testSecureAuthSubSigning() { if (!extension_loaded('openssl')) { $this->markTestSkipped('The openssl extension is not available'); } else { $c = new Zend_Gdata_HttpClient(); $c->setAuthSubPrivateKeyFile("Zend/Gdata/_files/RsaKey.pem", null, true); $c->setAuthSubToken('abcdefg'); $requestData = $c->filterHttpRequest('POST', 'http://www.example.com/feed', array(), 'foo bar', 'text/plain'); $authHeaderCheckPassed = false; $headers = $requestData['headers']; foreach ($headers as $headerName => $headerValue) { if (strtolower($headerName) == 'authorization') { preg_match('/data="([^"]*)"/', $headerValue, $matches); $dataToSign = $matches[1]; preg_match('/sig="([^"]*)"/', $headerValue, $matches); $sig = $matches[1]; if (function_exists('openssl_verify')) { $fp = fopen('Zend/Gdata/_files/RsaCert.pem', 'r', true); $cert = ''; while (!feof($fp)) { $cert .= fread($fp, 8192); } fclose($fp); $pubkeyid = openssl_get_publickey($cert); $verified = openssl_verify($dataToSign, base64_decode($sig), $pubkeyid); $this->assertEquals(1, $verified, 'The generated signature was unable ' . 'to be verified.'); $authHeaderCheckPassed = true; } } } $this->assertEquals(true, $authHeaderCheckPassed, 'Auth header not found for sig verification.'); } }
/** * Returns a HTTP client object with the appropriate headers for communicating * with Google using AuthSub authentication. * * @return Zend_Http_Client */ protected function _getAuthSubHttpClient() { $client = new Zend_Gdata_HttpClient(); #$this->_client = Zend_Gdata_AuthSub::getHttpClient($this->_sessionNs->sessionToken); // This sets your private key to be used to sign subsequent requests $client->setAuthSubPrivateKeyFile('/pub/www/core_live/application/configs/core.key', null, true); return $client; }
function authenticate($singleUseToken = null) { $sessionToken = isset($_SESSION['sessionToken']) ? $_SESSION['sessionToken'] : null; // If there is no AuthSub session or one-time token waiting for us, // redirect the user to Google Health's AuthSub handler to get one. if (!$sessionToken && !$singleUseToken) { $next = getCurrentUrl(); $secure = 1; $session = 1; $authSubHandler = 'https://www.google.com/h9/authsub'; $permission = 1; // 1 - allows reading of the profile && posting notices $authSubURL = Zend_Gdata_AuthSub::getAuthSubTokenUri($next, SCOPE, $secure, $session, $authSubHandler); $authSubURL .= '&permission=' . $permission; echo '<a href="' . $authSubURL . '">Link your Google Health Account</a>'; exit; } $client = new Zend_Gdata_HttpClient(); $client->setAuthSubPrivateKeyFile(HEALTH_PRIVATE_KEY, null, true); // Convert an AuthSub one-time token into a session token if needed if ($singleUseToken && !$sessionToken) { $sessionToken = Zend_Gdata_AuthSub::getAuthSubSessionToken($singleUseToken, $client); $_SESSION['sessionToken'] = $sessionToken; } $client->setAuthSubToken($sessionToken); return $client; }
public function getAuthSubHttpClient() { // Security check $this->throwForbiddenUnless(SecurityUtil::checkPermission('IWagendas::', '::', ACCESS_READ)); //global $_SESSION, $_GET, $_authSubKeyFile, $_authSubKeyFilePassphrase; $client = new Zend_Gdata_HttpClient(); if ($_authSubKeyFile != null) { // set the AuthSub key $client->setAuthSubPrivateKeyFile($_authSubKeyFile, $_authSubKeyFilePassphrase, true); } if (!isset($_SESSION['sessionToken']) && isset($_GET['token'])) { $_SESSION['sessionToken'] = Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token'], $client); } $client->setAuthSubToken($_SESSION['sessionToken']); return $client; }
/** * Returns a HTTP client object with the appropriate headers for communicating * with Google using AuthSub authentication. * * Uses the $_SESSION['sessionToken'] to store the AuthSub session token after * it is obtained. The single use token supplied in the URL when redirected * after the user succesfully authenticated to Google is retrieved from the * $_GET['token'] variable. * * @return Zend_Http_Client */ public function getAuthSubHttpClient() { global $_SESSION, $_GET, $_authSubKeyFile, $_authSubKeyFilePassphrase; $client = new Zend_Gdata_HttpClient(); if ($_authSubKeyFile != null) { // set the AuthSub key $client->setAuthSubPrivateKeyFile($_authSubKeyFile, $_authSubKeyFilePassphrase, true); } if (!isset($_SESSION['sessionToken']) && isset($_GET['token'])) { $_SESSION['sessionToken'] = Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token'], $client); } $client->setAuthSubToken($_SESSION['sessionToken']); return $client; }
public function testPrivateKeyNotFound() { $this->setExpectedException('Zend_Gdata_App_InvalidArgumentException'); if (!extension_loaded('openssl')) { $this->markTestSkipped('The openssl extension is not available'); } else { $c = new Zend_Gdata_HttpClient(); $c->setAuthSubPrivateKeyFile("zendauthsubfilenotfound", null, true); } }
/** * N.B.: A session token must be available before calling this method * * @return void */ public function init() { if (!is_object($this->service)) { $pathToKey = sfConfig::get('sf_root_dir') . '/' . sfConfig::get('app_googleCalendarIntegration_privateKeyPath'); $client = new Zend_Gdata_HttpClient(); $client->setAuthSubPrivateKeyFile($pathToKey, null, true); $sessionToken = $this->getSessionToken(); if (!$sessionToken) { throw new Exception("GoogleCalendarInterface: missing session token"); } $client->setAuthSubToken($sessionToken); $this->service = new Zend_Gdata_Calendar($client, 'google-calendar-plancake-integration'); $this->service->setMajorProtocolVersion(2); $this->service->setMinorProtocolVersion(null); } }
if (!isset($_GET['token'])) { // Parameters to give to AuthSub server $next = getCurrentUrl(); $scope = GoogleCalendarInterface::GCAL_INTEGRATION_SCOPE; $secure = false; $session = true; // Redirect the user to the AuthSub server to sign in $authSubUrl = Zend_Gdata_AuthSub::getAuthSubTokenUri($next, $scope, $secure, $session); header("HTTP/1.0 307 Temporary redirect"); header("Location: " . $authSubUrl); exit; } else { try { $client = new Zend_Gdata_HttpClient(); $pathToKey = sfConfig::get('sf_root_dir') . '/' . sfConfig::get('app_googleCalendarIntegration_privateKeyPath'); $client->setAuthSubPrivateKeyFile($pathToKey, null, true); $sessionToken = Zend_Gdata_AuthSub::getAuthSubSessionToken($_GET['token'], $client); } catch (Exception $e) { sfErrorNotifier::alert("Google Calendar Init: " . $e->getMessage()); $this->redirect('default', array('module' => 'googleCalendarIntegration', 'action' => 'step3Error')); } $redirectUrl = ''; if ($sessionToken) { $loggedInUser = PcUserPeer::getLoggedInUser(); if ($loggedInUser) { $googleCalendarInterface = new GoogleCalendarInterface($loggedInUser); $googleCalendarInterface->resetDbEntry(); $googleCalendarInterface->setSessionToken($sessionToken); } $configuration->loadHelpers('Url'); $redirectUrl = 'http://' . sfConfig::get('app_site_url') . '/' . sfConfig::get('app_accountApp_frontController') . '/googleCalendarIntegration/step3';