You are here

class LingotekOAuthRequestSigner in Lingotek Translation 7.6

Same name and namespace in other branches
  1. 7.7 lib/oauth-php/library/LingotekOAuthRequestSigner.php \LingotekOAuthRequestSigner
  2. 7.4 lib/oauth-php/library/LingotekOAuthRequestSigner.php \LingotekOAuthRequestSigner
  3. 7.5 lib/oauth-php/library/LingotekOAuthRequestSigner.php \LingotekOAuthRequestSigner

Hierarchy

Expanded class hierarchy of LingotekOAuthRequestSigner

1 string reference to 'LingotekOAuthRequestSigner'
LingotekOAuthRequestLogger::flush in lib/oauth-php/library/LingotekOAuthRequestLogger.php
* Logs the request to the database, sends any cached output. * Also called on shutdown, to make sure we always log the request being handled.

File

lib/oauth-php/library/LingotekOAuthRequestSigner.php, line 39

View source
class LingotekOAuthRequestSigner extends LingotekOAuthRequest {
  protected $request;
  protected $store;
  protected $usr_id = 0;
  private $signed = false;

  /**
   * Construct the request to be signed.  Parses or appends the parameters in the params url.
   * When you supply an params array, then the params should not be urlencoded.
   * When you supply a string, then it is assumed it is of the type application/x-www-form-urlencoded
   *
   * @param string request	url
   * @param string method		PUT, GET, POST etc.
   * @param mixed params 		string (for urlencoded data, or array with name/value pairs)
   * @param string body		optional body for PUT and/or POST requests
   */
  function __construct($request, $method = null, $params = null, $body = null) {
    $this->store = OAuthStore::instance();
    if (is_string($params)) {
      parent::__construct($request, $method, $params);
    }
    else {
      parent::__construct($request, $method);
      if (is_array($params)) {
        foreach ($params as $name => $value) {
          $this
            ->setParam($name, $value);
        }
      }
    }

    // With put/ post we might have a body (not for application/x-www-form-urlencoded requests)
    if (strcasecmp($method, 'PUT') == 0 || strcasecmp($method, 'POST') == 0) {
      $this
        ->setBody($body);
    }
  }

  /**
   * Reset the 'signed' flag, so that any changes in the parameters force a recalculation
   * of the signature.
   */
  function setUnsigned() {
    $this->signed = false;
  }

  /**
   * Sign our message in the way the server understands.
   * Set the needed oauth_xxxx parameters.
   *
   * @param int usr_id		(optional) user that wants to sign this request
   * @param array secrets		secrets used for signing, when empty then secrets will be fetched from the token registry
   * @param string name		name of the token to be used for signing
   * @exception OAuthException2 when there is no oauth relation with the server
   * @exception OAuthException2 when we don't support the signing methods of the server
   */
  function sign($usr_id = 0, $secrets = null, $name = '', $token_type = null) {
    $url = $this
      ->getRequestUrl();
    if (empty($secrets)) {

      // get the access tokens for the site (on an user by user basis)
      $secrets = $this->store
        ->getSecretsForSignature($url, $usr_id, $name);
    }
    if (empty($secrets)) {
      throw new OAuthException2('No OAuth relation with the server for at "' . $url . '"');
    }
    $signature_method = $this
      ->selectSignatureMethod($secrets['signature_methods']);
    $token = isset($secrets['token']) ? $secrets['token'] : '';
    $token_secret = isset($secrets['token_secret']) ? $secrets['token_secret'] : '';
    if (!$token) {
      $token = $this
        ->getParam('oauth_token');
    }
    $this
      ->setParam('oauth_signature_method', $signature_method);
    $this
      ->setParam('oauth_signature', '');
    $this
      ->setParam('oauth_nonce', !empty($secrets['nonce']) ? $secrets['nonce'] : uniqid(''));
    $this
      ->setParam('oauth_timestamp', !empty($secrets['timestamp']) ? $secrets['timestamp'] : time());
    if ($token_type != 'requestToken') {
      $this
        ->setParam('oauth_token', $token);
    }
    $this
      ->setParam('oauth_consumer_key', $secrets['consumer_key']);
    $this
      ->setParam('oauth_version', '1.0');
    $body = $this
      ->getBody();
    if (!is_null($body)) {

      // We also need to sign the body, use the default signature method
      $body_signature = $this
        ->calculateDataSignature($body, $secrets['consumer_secret'], $token_secret, $signature_method);
      $this
        ->setParam('xoauth_body_signature', $body_signature, true);
    }
    $signature = $this
      ->calculateSignature($secrets['consumer_secret'], $token_secret, $token_type);
    $this
      ->setParam('oauth_signature', $signature, true);

    // $this->setParam('oauth_signature',		 urldecode($signature), true);
    $this->signed = true;
    $this->usr_id = $usr_id;
  }

  /**
   * Builds the Authorization header for the request.
   * Adds all oauth_ and xoauth_ parameters to the Authorization header.
   *
   * @return string
   */
  function getAuthorizationHeader() {
    if (!$this->signed) {
      $this
        ->sign($this->usr_id);
    }
    $h = array();
    $h[] = 'Authorization: OAuth realm=""';
    foreach ($this->param as $name => $value) {
      if (strncmp($name, 'oauth_', 6) == 0 || strncmp($name, 'xoauth_', 7) == 0) {
        $h[] = $name . '="' . $value . '"';
      }
    }
    $hs = implode(', ', $h);
    return $hs;
  }

  /**
   * Builds the application/x-www-form-urlencoded parameter string.  Can be appended as
   * the query part to a GET or inside the request body for a POST.
   *
   * @param boolean oauth_as_header		(optional) set to false to include oauth parameters
   * @return string
   */
  function getQueryString($oauth_as_header = true) {
    $parms = array();
    foreach ($this->param as $name => $value) {
      if (!$oauth_as_header || strncmp($name, 'oauth_', 6) != 0 && strncmp($name, 'xoauth_', 7) != 0) {
        if (is_array($value)) {
          foreach ($value as $v) {
            $parms[] = $name . '=' . $v;
          }
        }
        else {
          $parms[] = $name . '=' . $value;
        }
      }
    }
    return implode('&', $parms);
  }

}

Members

Namesort descending Modifiers Type Description Overrides
LingotekOAuthRequest::$body protected property
LingotekOAuthRequest::$headers protected property
LingotekOAuthRequest::$method protected property
LingotekOAuthRequest::$param protected property
LingotekOAuthRequest::$realm protected property
LingotekOAuthRequest::$uri protected property
LingotekOAuthRequest::$uri_parts protected property
LingotekOAuthRequest::calculateDataSignature function * Calculate the signature of a string. * Uses the signature method from the current parameters. * *
LingotekOAuthRequest::calculateSignature function * Calculate the signature of the request, using the method in oauth_signature_method. * The signature is returned encoded in the form as used in the url. So the base64 and * urlencoding has been done. * *
LingotekOAuthRequest::checks function * Perform some sanity checks. * * @exception OAuthException2 thrown when sanity checks failed
LingotekOAuthRequest::defaultPortForScheme protected function * Return the default port for a scheme * *
LingotekOAuthRequest::getBody function * Return the body of the OAuth request. * *
LingotekOAuthRequest::getMethod function * Return the request method * *
LingotekOAuthRequest::getNormalizedParams function * Return the complete parameter string for the signature check. * All parameters are correctly urlencoded and sorted on name and value * *
LingotekOAuthRequest::getParam function * Get a parameter, value is always urlencoded * *
LingotekOAuthRequest::getRequestBody private function * Get the body of a POST or PUT. * * Used for fetching the post parameters and to calculate the body signature. * *
LingotekOAuthRequest::getRequestBodyOfMultipart private function * Get the body of a POST with multipart/form-data by Edison tsai on 16:52 2010/09/16 * * Used for fetching the post parameters and to calculate the body signature. * *
LingotekOAuthRequest::getRequestContentType private function * Fetch the content type of the current request * *
LingotekOAuthRequest::getRequestUrl function * Return the normalised url for signature checks
LingotekOAuthRequest::getSignatureMethod function * Fetch the signature object used for calculating and checking the signature base string * *
LingotekOAuthRequest::parseHeaders private function * Parse the oauth parameters from the request headers * Looks for something like: * Authorization: OAuth…
LingotekOAuthRequest::parseUri protected function * Parse the uri into its parts. Fill in the missing parts. * *
LingotekOAuthRequest::redirect public function * Simple function to perform a redirect (GET). * Redirects the User-Agent, does not return. * *
LingotekOAuthRequest::selectSignatureMethod public function * Select a signature method from the list of available methods. * We try to check the most secure methods first. * * @todo Let the signature method tell us how secure it is *
LingotekOAuthRequest::setBody function * Return the body of the OAuth request. * *
LingotekOAuthRequest::setParam function * Set a parameter * *
LingotekOAuthRequest::signatureBaseString function * Return the signature base string. * Note that we can't use rawurlencode due to specified use of RFC3986. * *
LingotekOAuthRequest::transcodeParams protected function * Re-encode all parameters so that they are encoded using RFC3986. * Updates the $this->param attribute.
LingotekOAuthRequest::urldecode function * Decode a string according to RFC3986. * Also correctly decodes RFC1738 urls. * *
LingotekOAuthRequest::urlencode function * Encode a string according to the RFC3986 * *
LingotekOAuthRequest::urltranscode function * urltranscode - make sure that a value is encoded using RFC3986. * We use a basic urldecode() function so that any use of '+' as the * encoding of the space character is correctly handled. * *
LingotekOAuthRequestSigner::$request protected property
LingotekOAuthRequestSigner::$signed private property
LingotekOAuthRequestSigner::$store protected property
LingotekOAuthRequestSigner::$usr_id protected property
LingotekOAuthRequestSigner::getAuthorizationHeader function * Builds the Authorization header for the request. * Adds all oauth_ and xoauth_ parameters to the Authorization header. * *
LingotekOAuthRequestSigner::getQueryString function * Builds the application/x-www-form-urlencoded parameter string. Can be appended as * the query part to a GET or inside the request body for a POST. * *
LingotekOAuthRequestSigner::setUnsigned function * Reset the 'signed' flag, so that any changes in the parameters force a recalculation * of the signature.
LingotekOAuthRequestSigner::sign function * Sign our message in the way the server understands. * Set the needed oauth_xxxx parameters. * *
LingotekOAuthRequestSigner::__construct function * Construct the request to be signed. Parses or appends the parameters in the params url. * When you supply an params array, then the params should not be urlencoded. * When you supply a string, then it is assumed it is of the type… Overrides LingotekOAuthRequest::__construct 1