/** * Get key * * @param string $consumerSecret Consumer secret value * @param string $tokenSecret Token secret value (if exists) * * @return string Signature key */ public function getKey($consumerSecret, $tokenSecret = '') { $secrets = array($consumerSecret, $tokenSecret); $key = implode('&', HTTP_OAuth::urlencode($secrets)); $this->debug('Signing with key: ' . $key); return $key; }
public function testAttachLog() { foreach (explode(':', get_include_path()) as $path) { if (file_exists($path . '/Log.php')) { include_once 'Log.php'; } } if (!class_exists('Log')) { $this->markTestSkipped(); } $log = Log::factory('null'); HTTP_OAuth::attachLog($log); $oauth = $this->getMock('HTTP_OAuth', array('foo')); $oauth->debug('foo'); $oauth->info('foo'); $oauth->err('foo'); HTTP_OAuth::detachLog($log); }
/** * Get authorize url * * @param string $url Authorize url * @param array $additional Additional parameters for the auth url * * @return string Authorize url */ public function getAuthorizeUrl($url, array $additional = array()) { $params = array('oauth_token' => $this->getToken()); $params = array_merge($additional, $params); return sprintf('%s?%s', $url, HTTP_OAuth::buildHTTPQuery($params)); }
/** * Set parameters from the incoming request * * @return void */ public function setParametersFromRequest() { $params = array(); $auth = $this->getHeader('Authorization'); if ($auth !== null) { $this->debug('Using OAuth data from header'); $parts = explode(',', $auth); foreach ($parts as $part) { list($key, $value) = explode('=', trim($part)); if (strstr(strtolower($key), 'oauth ') || strstr(strtolower($key), 'uth re') || substr(strtolower($key), 0, 6) != 'oauth_') { continue; } $value = trim($value); $value = str_replace('"', '', $value); $params[$key] = $value; } } if ($this->getRequestMethod() == 'POST') { $this->debug('getting data from POST'); $contentType = substr($this->getHeader('Content-Type'), 0, 33); if ($contentType !== 'application/x-www-form-urlencoded') { throw new HTTP_OAuth_Provider_Exception_InvalidRequest('Invalid ' . 'content type for POST request'); } $params = array_merge($params, $this->parseQueryString($this->getPostData())); } else { $this->debug('getting data from GET'); $params = array_merge($params, $this->parseQueryString($this->getQueryString())); } if (empty($params)) { throw new HTTP_OAuth_Provider_Exception_InvalidRequest('No oauth ' . 'data found from request'); } $this->setParameters(HTTP_OAuth::urldecode($params)); }
/** * Creates OAuth header * * Given the passed in OAuth parameters, put them together * in a formated string for a Authorization header. * * @param array $params OAuth parameters * * @return void */ protected function getAuthForHeader(array $params) { $url = $this->getUrl(); $realm = $url->getScheme() . '://' . $url->getHost() . '/'; $header = 'OAuth realm="' . $realm . '"'; foreach ($params as $name => $value) { $header .= ", " . HTTP_OAuth::urlencode($name) . '="' . HTTP_OAuth::urlencode($value) . '"'; } return $header; }
public function testBuild() { $signature = new HTTP_OAuth_Signature_HMAC_SHA1(); $result = $signature->build('POST', 'http://twitter.com/oauth/request_token', array('oauth_consumer_key' => 'e1nTvIGVCPkbfqZdIE7OyA', 'oauth_nonce' => '5319B2C4-92DD-4568-B34C-993C5A102B2D', 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_timestamp' => '1245709445', 'oauth_version' => '1.0'), 's85GLpyelma8rvNCgOjxi3lBXoedqsoDas6OYIQCeI'); $this->assertEquals('6vdoM0LiiLr%2FjqcZqIE5Nq3I8Dc%3D', HTTP_OAuth::urlencode($result)); }
/** * Send an OAuth signed request with a body to the API * * @param string $url The URL to send the request to * @param string $body The raw body to PUT/POST to the URL * @param string $method The HTTP method to use (POST or PUT) * * @return object Instance of {@link HTTP_Request2_Response} * @see http://bit.ly/cdZGfr */ private function _sendRequestWithBody($url, $body, $method = "PUT") { static $map = array('PUT' => HTTP_Request2::METHOD_PUT, 'POST' => HTTP_Request2::METHOD_POST); if (array_key_exists($method, $map)) { $method = $map[$method]; } else { throw new Services_SimpleGeo_Exception('Invalid HTTP method ' . $method); } $signatureMethod = $this->_oauth->getSignatureMethod(); $params = array('oauth_nonce' => (string) rand(0, 100000000), 'oauth_timestamp' => time(), 'oauth_consumer_key' => $this->_oauth->getKey(), 'oauth_signature_method' => $signatureMethod, 'oauth_version' => '1.0'); $sig = HTTP_OAuth_Signature::factory($signatureMethod); $params['oauth_signature'] = $sig->build($method, $url, $params, $this->_secret); // Build the header $header = 'OAuth realm="' . $this->_api . '"'; foreach ($params as $name => $value) { $header .= ", " . HTTP_OAuth::urlencode($name) . '="' . HTTP_OAuth::urlencode($value) . '"'; } $req = new HTTP_Request2(new Net_URL2($url), $method); $req->setHeader('Authorization', $header); $req->setBody($body); try { $result = $req->send(); } catch (Exception $e) { throw new Services_SimpleGeo_Exception($e->getMessage(), $e->getCode()); } $check = (int) substr($result->getStatus(), 0, 1); if ($check !== 2) { $body = @json_decode($result->getBody()); throw new Services_SimpleGeo_Exception($body->message, $result->getStatus()); } return $result; }
/** * Prepare body * * Sets the body if nesscary * * @return void */ protected function prepareBody() { if ($this->headersSent() && $this->getBody() !== '') { $this->err('Body already sent, not setting'); } else { $this->setBody(HTTP_OAuth::buildHTTPQuery($this->getParameters())); } }
private function build_header($tweet = false) { $consumer = TwitPic_Config::getConsumer(); $oauth = TwitPic_Config::getOAuth(); $signature = HTTP_OAuth_Signature::factory('HMAC_SHA1'); $timestamp = gmdate('U'); $nonce = uniqid(); $version = '1.0'; if (is_string($tweet)) { $params = array('oauth_consumer_key' => $consumer['key'], 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_token' => $oauth['token'], 'oauth_timestamp' => $timestamp, 'oauth_nonce' => $nonce, 'oauth_version' => $version, 'status' => $tweet); $sig_text = $signature->build('POST', "http://api.twitter.com/1/statuses/update.{$this->format}", $params, $consumer['secret'], $oauth['secret']); $params['oauth_signature'] = $sig_text; } else { $params = array('oauth_consumer_key' => $consumer['key'], 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_token' => $oauth['token'], 'oauth_timestamp' => $timestamp, 'oauth_nonce' => $nonce, 'oauth_version' => $version); $sig_text = $signature->build('GET', 'https://api.twitter.com/1/account/verify_credentials.json', $params, $consumer['secret'], $oauth['secret']); $params['oauth_signature'] = $sig_text; } $realm = 'http://api.twitter.com/'; $header = 'OAuth realm="' . $realm . '"'; foreach ($params as $name => $value) { $header .= ", " . HTTP_OAuth::urlencode($name) . '="' . HTTP_OAuth::urlencode($value) . '"'; } return $header; }
/** * Parses a query string * * Does not use built-in urldecoding of name or values like $_GET and * $_POST. Instead, names and values are decoded using RFC 3986 as required * by OAuth. * * @param string $string Query string * * @return array Data from the query string */ protected function parseQueryString($string) { $data = array(); if (empty($string)) { return $data; } foreach (explode('&', $string) as $part) { if (!strstr($part, '=')) { continue; } list($key, $value) = explode('=', $part); $key = HTTP_OAuth::urldecode($key); $value = HTTP_OAuth::urldecode($value); if (isset($data[$key])) { if (is_array($data[$key])) { $data[$key][] = $value; } else { $data[$key] = array($data[$key], $value); } } else { $data[$key] = $value; } } return $data; }