protected function getBodyAsString(RequestInterface $request)
{
$body = Util::toString($request->getBody());
if (empty($body)) {
$body = null;
}
return $body;
}
public static function createRequest(RequestInterface $request)
{
$psrRequest = ServerRequestFactory::fromGlobals()->withUri($request->getUri())->withMethod($request->getMethod())->withBody($request->getBody());
foreach ($request->getHeaders() as $name => $values) {
$psrRequest = $psrRequest->withHeader($name, $values);
}
return $psrRequest;
}
public function handle(RequestInterface $request, ResponseInterface $response, FilterChainInterface $filterChain)
{
$authorization = $request->getHeader('Authorization');
if (!empty($authorization)) {
$parts = explode(' ', $authorization, 2);
$type = isset($parts[0]) ? $parts[0] : null;
$data = isset($parts[1]) ? $parts[1] : null;
if ($type == 'Digest' && !empty($data)) {
$params = Authentication::decodeParameters($data);
$algo = isset($params['algorithm']) ? $params['algorithm'] : 'MD5';
$qop = isset($params['qop']) ? $params['qop'] : 'auth';
if (!$this->digest instanceof Digest) {
throw new BadRequestException('Digest not available');
}
if ($this->digest->getOpaque() != $params['opaque']) {
throw new BadRequestException('Invalid opaque');
}
// build ha1
$ha1 = call_user_func_array($this->ha1Callback, array($params['username']));
if ($algo == 'MD5-sess') {
$ha1 = md5($ha1 . ':' . $this->digest->getNonce() . ':' . $params['cnonce']);
}
// build ha2
if ($qop == 'auth-int') {
$ha2 = md5($request->getMethod() . ':' . $request->getUri()->getPath() . ':' . md5($request->getBody()));
} else {
$ha2 = md5($request->getMethod() . ':' . $request->getUri()->getPath());
}
// build response
if ($qop == 'auth' || $qop == 'auth-int') {
$hash = md5($ha1 . ':' . $this->digest->getNonce() . ':' . $params['nc'] . ':' . $params['cnonce'] . ':' . $qop . ':' . $ha2);
} else {
$hash = md5($ha1 . ':' . $this->digest->getNonce() . ':' . $ha2);
}
if (strcmp($hash, $params['response']) === 0) {
$this->callSuccess($response, $hash);
$filterChain->handle($request, $response);
} else {
$this->callFailure($response);
}
} else {
$this->callMissing($response);
}
} else {
$this->callMissing($response);
}
}
public function handle(RequestInterface $request, ResponseInterface $response, FilterChainInterface $filterChain)
{
$authorization = $request->getHeader('Authorization');
if (!empty($authorization)) {
$parts = explode(' ', $authorization, 2);
$type = isset($parts[0]) ? $parts[0] : null;
$data = isset($parts[1]) ? $parts[1] : null;
if ($type == 'OAuth' && !empty($data)) {
$params = Authentication::decodeParameters($data);
$params = array_map(array('\\PSX\\Oauth', 'urlDecode'), $params);
// realm is not used in the base string
unset($params['realm']);
if (!isset($params['oauth_consumer_key'])) {
throw new BadRequestException('Consumer key not set');
}
if (!isset($params['oauth_token'])) {
throw new BadRequestException('Token not set');
}
if (!isset($params['oauth_signature_method'])) {
throw new BadRequestException('Signature method not set');
}
if (!isset($params['oauth_signature'])) {
throw new BadRequestException('Signature not set');
}
$consumer = call_user_func_array($this->consumerCallback, array($params['oauth_consumer_key'], $params['oauth_token']));
if ($consumer instanceof Consumer) {
$signature = Oauth::getSignature($params['oauth_signature_method']);
$method = $request->getMethod();
$url = $request->getUri();
$params = array_merge($params, $request->getUri()->getParameters());
if (strpos($request->getHeader('Content-Type'), 'application/x-www-form-urlencoded') !== false) {
$body = (string) $request->getBody();
$data = array();
parse_str($body, $data);
$params = array_merge($params, $data);
}
$baseString = Oauth::buildBasestring($method, $url, $params);
if ($signature->verify($baseString, $consumer->getConsumerSecret(), $consumer->getTokenSecret(), $params['oauth_signature']) !== false) {
$this->callSuccess($response);
$filterChain->handle($request, $response);
} else {
$this->callFailure($response);
}
} else {
$this->callFailure($response);
}
} else {
$this->callMissing($response);
}
} else {
$this->callMissing($response);
}
}
