public function testSecureAuthSubSigning() { if (!extension_loaded('openssl')) { $this->markTestSkipped('The openssl extension is not available'); } else { $c = new HttpClient(); $c->setAuthSubPrivateKeyFile("Zend/GData/_files/RsaKey.pem", null, true); $c->setAuthSubToken('abcdefg'); $requestData = $c->filterHttpRequest('POST', 'http://www.example.com/feed', array(), 'foo bar', 'text/plain'); $authHeaderCheckPassed = false; $headers = $requestData['headers']; foreach ($headers as $headerName => $headerValue) { if (strtolower($headerName) == 'authorization') { preg_match('/data="([^"]*)"/', $headerValue, $matches); $dataToSign = $matches[1]; preg_match('/sig="([^"]*)"/', $headerValue, $matches); $sig = $matches[1]; if (function_exists('openssl_verify')) { $fp = fopen('ZendGData/_files/RsaCert.pem', 'r', true); $cert = ''; while (!feof($fp)) { $cert .= fread($fp, 8192); } fclose($fp); $pubkeyid = openssl_get_publickey($cert); $verified = openssl_verify($dataToSign, base64_decode($sig), $pubkeyid); $this->assertEquals(1, $verified, 'The generated signature was unable ' . 'to be verified.'); $authHeaderCheckPassed = true; } } } $this->assertEquals(true, $authHeaderCheckPassed, 'Auth header not found for sig verification.'); } }
/** * Performs a HTTP request using the specified method. * * Overrides the definition in the parent (ZendGData\App) * and uses the ZendGData\HttpClient functionality * to filter the HTTP requests and responses. * * @param string $method The HTTP method for the request - * 'GET', 'POST', 'PUT', 'DELETE' * @param string $url The URL to which this request is being performed, * or null if found in $data * @param array $headers An associative array of HTTP headers * for this request * @param string $body The body of the HTTP request * @param string $contentType The value for the content type of the * request body * @param int $remainingRedirects Number of redirects to follow * if requests results in one * @return \Zend\Http\Response The response object */ public function performHttpRequest($method, $url, $headers = array(), $body = null, $contentType = null, $remainingRedirects = null) { if ($this->_httpClient instanceof HttpClient) { $filterResult = $this->_httpClient->filterHttpRequest($method, $url, $headers, $body, $contentType); $method = $filterResult['method']; $url = $filterResult['url']; $body = $filterResult['body']; $headers = $filterResult['headers']; $contentType = $filterResult['contentType']; return $this->_httpClient->filterHttpResponse(parent::performHttpRequest($method, $url, $headers, $body, $contentType, $remainingRedirects)); } else { return parent::performHttpRequest($method, $url, $headers, $body, $contentType, $remainingRedirects); } }