class LingotekOAuthRequestVerifier in Lingotek Translation 7.5
Same name and namespace in other branches
- 7.7 lib/oauth-php/library/LingotekOAuthRequestVerifier.php \LingotekOAuthRequestVerifier
- 7.4 lib/oauth-php/library/LingotekOAuthRequestVerifier.php \LingotekOAuthRequestVerifier
- 7.6 lib/oauth-php/library/LingotekOAuthRequestVerifier.php \LingotekOAuthRequestVerifier
Hierarchy
- class \LingotekOAuthRequest
- class \LingotekOAuthRequestVerifier
Expanded class hierarchy of LingotekOAuthRequestVerifier
1 string reference to 'LingotekOAuthRequestVerifier'
- LingotekOAuthRequestLogger::flush in lib/
oauth-php/ library/ LingotekOAuthRequestLogger.php - * Logs the request to the database, sends any cached output. * Also called on shutdown, to make sure we always log the request being handled.
File
- lib/
oauth-php/ library/ LingotekOAuthRequestVerifier.php, line 39
View source
class LingotekOAuthRequestVerifier extends LingotekOAuthRequest {
private $request;
private $store;
private $accepted_signatures = null;
/**
* Construct the request to be verified
*
* @param string request
* @param string method
* @param array params The request parameters
*/
function __construct($uri = null, $method = null, $params = null) {
if ($params) {
$encodedParams = array();
foreach ($params as $key => $value) {
if (preg_match("/^oauth_/", $key)) {
continue;
}
$encodedParams[rawurlencode($key)] = rawurlencode($value);
}
$this->param = array_merge($this->param, $encodedParams);
}
$this->store = OAuthStore::instance();
parent::__construct($uri, $method);
LingotekOAuthRequestLogger::start($this);
}
/**
* See if the current request is signed with OAuth
*
* @return boolean
*/
public static function requestIsSigned() {
if (isset($_REQUEST['oauth_signature'])) {
$signed = true;
}
else {
$hs = LingotekOAuthRequestLogger::getAllHeaders();
if (isset($hs['Authorization']) && strpos($hs['Authorization'], 'oauth_signature') !== false) {
$signed = true;
}
else {
$signed = false;
}
}
return $signed;
}
/**
* Verify the request if it seemed to be signed.
*
* @param string token_type the kind of token needed, defaults to 'access'
* @exception OAuthException2 thrown when the request did not verify
* @return boolean true when signed, false when not signed
*/
public function verifyIfSigned($token_type = 'access') {
if ($this
->getParam('oauth_consumer_key')) {
LingotekOAuthRequestLogger::start($this);
$this
->verify($token_type);
$signed = true;
LingotekOAuthRequestLogger::flush();
}
else {
$signed = false;
}
return $signed;
}
/**
* Verify the request
*
* @param string token_type the kind of token needed, defaults to 'access' (false, 'access', 'request')
* @exception OAuthException2 thrown when the request did not verify
* @return int user_id associated with token (false when no user associated)
*/
public function verify($token_type = 'access') {
$retval = $this
->verifyExtended($token_type);
return $retval['user_id'];
}
/**
* Verify the request
*
* @param string token_type the kind of token needed, defaults to 'access' (false, 'access', 'request')
* @exception OAuthException2 thrown when the request did not verify
* @return array ('user_id' => associated with token (false when no user associated),
* 'consumer_key' => the associated consumer_key)
*
*/
public function verifyExtended($token_type = 'access') {
$consumer_key = $this
->getParam('oauth_consumer_key');
$token = $this
->getParam('oauth_token');
$user_id = false;
$secrets = array();
if ($consumer_key && ($token_type === false || $token)) {
$secrets = $this->store
->getSecretsForVerify($this
->urldecode($consumer_key), $this
->urldecode($token), $token_type);
$this->store
->checkServerNonce($this
->urldecode($consumer_key), $this
->urldecode($token), $this
->getParam('oauth_timestamp', true), $this
->getParam('oauth_nonce', true));
$oauth_sig = $this
->getParam('oauth_signature');
if (empty($oauth_sig)) {
throw new OAuthException2('Verification of signature failed (no oauth_signature in request).');
}
try {
$this
->verifySignature($secrets['consumer_secret'], $secrets['token_secret'], $token_type);
} catch (OAuthException2 $e) {
throw new OAuthException2('Verification of signature failed (signature base string was "' . $this
->signatureBaseString() . '").' . " with " . print_r(array(
$secrets['consumer_secret'],
$secrets['token_secret'],
$token_type,
), true));
}
// Check the optional body signature
if ($this
->getParam('xoauth_body_signature')) {
$method = $this
->getParam('xoauth_body_signature_method');
if (empty($method)) {
$method = $this
->getParam('oauth_signature_method');
}
try {
$this
->verifyDataSignature($this
->getBody(), $secrets['consumer_secret'], $secrets['token_secret'], $method, $this
->getParam('xoauth_body_signature'));
} catch (OAuthException2 $e) {
throw new OAuthException2('Verification of body signature failed.');
}
}
// All ok - fetch the user associated with this request
if (isset($secrets['user_id'])) {
$user_id = $secrets['user_id'];
}
// Check if the consumer wants us to reset the ttl of this token
$ttl = $this
->getParam('xoauth_token_ttl', true);
if (is_numeric($ttl)) {
$this->store
->setConsumerAccessTokenTtl($this
->urldecode($token), $ttl);
}
}
else {
throw new OAuthException2('Can\'t verify request, missing oauth_consumer_key or oauth_token');
}
return array(
'user_id' => $user_id,
'consumer_key' => $consumer_key,
'osr_id' => $secrets['osr_id'],
);
}
/**
* Verify the signature of the request, using the method in oauth_signature_method.
* The signature is returned encoded in the form as used in the url. So the base64 and
* urlencoding has been done.
*
* @param string consumer_secret
* @param string token_secret
* @exception OAuthException2 thrown when the signature method is unknown
* @exception OAuthException2 when not all parts available
* @exception OAuthException2 when signature does not match
*/
public function verifySignature($consumer_secret, $token_secret, $token_type = 'access') {
$required = array(
'oauth_consumer_key',
'oauth_signature_method',
'oauth_timestamp',
'oauth_nonce',
'oauth_signature',
);
if ($token_type !== false) {
$required[] = 'oauth_token';
}
foreach ($required as $req) {
if (!isset($this->param[$req])) {
throw new OAuthException2('Can\'t verify request signature, missing parameter "' . $req . '"');
}
}
$this
->checks();
$base = $this
->signatureBaseString();
$this
->verifyDataSignature($base, $consumer_secret, $token_secret, $this->param['oauth_signature_method'], $this->param['oauth_signature']);
}
/**
* Verify the signature of a string.
*
* @param string data
* @param string consumer_secret
* @param string token_secret
* @param string signature_method
* @param string signature
* @exception OAuthException2 thrown when the signature method is unknown
* @exception OAuthException2 when signature does not match
*/
public function verifyDataSignature($data, $consumer_secret, $token_secret, $signature_method, $signature) {
if (is_null($data)) {
$data = '';
}
$sig = $this
->getSignatureMethod($signature_method);
if (!$sig
->verify($this, $data, $consumer_secret, $token_secret, $signature)) {
throw new OAuthException2('Signature verification failed (' . $signature_method . ')');
}
}
/**
*
* @param array $accepted The array of accepted signature methods, or if null is passed
* all supported methods are accepted and there is no filtering.
*
*/
public function setAcceptedSignatureMethods($accepted = null) {
if (is_array($accepted)) {
$this->accepted_signatures = $accepted;
}
else {
if ($accepted == null) {
$this->accepted_signatures = null;
}
}
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
LingotekOAuthRequest:: |
protected | property | ||
LingotekOAuthRequest:: |
protected | property | ||
LingotekOAuthRequest:: |
protected | property | ||
LingotekOAuthRequest:: |
protected | property | ||
LingotekOAuthRequest:: |
protected | property | ||
LingotekOAuthRequest:: |
protected | property | ||
LingotekOAuthRequest:: |
protected | property | ||
LingotekOAuthRequest:: |
function | * Calculate the signature of a string. * Uses the signature method from the current parameters. * * | ||
LingotekOAuthRequest:: |
function | * Calculate the signature of the request, using the method in oauth_signature_method. * The signature is returned encoded in the form as used in the url. So the base64 and * urlencoding has been done. * * | ||
LingotekOAuthRequest:: |
function | * Perform some sanity checks. * * @exception OAuthException2 thrown when sanity checks failed | ||
LingotekOAuthRequest:: |
protected | function | * Return the default port for a scheme * * | |
LingotekOAuthRequest:: |
function | * Return the body of the OAuth request. * * | ||
LingotekOAuthRequest:: |
function | * Return the request method * * | ||
LingotekOAuthRequest:: |
function | * Return the complete parameter string for the signature check. * All parameters are correctly urlencoded and sorted on name and value * * | ||
LingotekOAuthRequest:: |
function | * Get a parameter, value is always urlencoded * * | ||
LingotekOAuthRequest:: |
private | function | * Get the body of a POST or PUT. * * Used for fetching the post parameters and to calculate the body signature. * * | |
LingotekOAuthRequest:: |
private | function | * Get the body of a POST with multipart/form-data by Edison tsai on 16:52 2010/09/16 * * Used for fetching the post parameters and to calculate the body signature. * * | |
LingotekOAuthRequest:: |
private | function | * Fetch the content type of the current request * * | |
LingotekOAuthRequest:: |
function | * Return the normalised url for signature checks | ||
LingotekOAuthRequest:: |
function | * Fetch the signature object used for calculating and checking the signature base string * * | ||
LingotekOAuthRequest:: |
private | function | * Parse the oauth parameters from the request headers * Looks for something like: * Authorization: OAuth… | |
LingotekOAuthRequest:: |
protected | function | * Parse the uri into its parts. Fill in the missing parts. * * | |
LingotekOAuthRequest:: |
public | function | * Simple function to perform a redirect (GET). * Redirects the User-Agent, does not return. * * | |
LingotekOAuthRequest:: |
public | function | * Select a signature method from the list of available methods. * We try to check the most secure methods first. * * @todo Let the signature method tell us how secure it is * | |
LingotekOAuthRequest:: |
function | * Return the body of the OAuth request. * * | ||
LingotekOAuthRequest:: |
function | * Set a parameter * * | ||
LingotekOAuthRequest:: |
function | * Return the signature base string. * Note that we can't use rawurlencode due to specified use of RFC3986. * * | ||
LingotekOAuthRequest:: |
protected | function | * Re-encode all parameters so that they are encoded using RFC3986. * Updates the $this->param attribute. | |
LingotekOAuthRequest:: |
function | * Decode a string according to RFC3986. * Also correctly decodes RFC1738 urls. * * | ||
LingotekOAuthRequest:: |
function | * Encode a string according to the RFC3986 * * | ||
LingotekOAuthRequest:: |
function | * urltranscode - make sure that a value is encoded using RFC3986. * We use a basic urldecode() function so that any use of '+' as the * encoding of the space character is correctly handled. * * | ||
LingotekOAuthRequestVerifier:: |
private | property | ||
LingotekOAuthRequestVerifier:: |
private | property | ||
LingotekOAuthRequestVerifier:: |
private | property | ||
LingotekOAuthRequestVerifier:: |
public static | function | * See if the current request is signed with OAuth * * | |
LingotekOAuthRequestVerifier:: |
public | function | * * | |
LingotekOAuthRequestVerifier:: |
public | function | * Verify the request * * | |
LingotekOAuthRequestVerifier:: |
public | function | * Verify the signature of a string. * * | |
LingotekOAuthRequestVerifier:: |
public | function | * Verify the request * * | |
LingotekOAuthRequestVerifier:: |
public | function | * Verify the request if it seemed to be signed. * * | |
LingotekOAuthRequestVerifier:: |
public | function | * Verify the signature of the request, using the method in oauth_signature_method. * The signature is returned encoded in the form as used in the url. So the base64 and * urlencoding has been done. * * | |
LingotekOAuthRequestVerifier:: |
function |
* Construct the request to be verified
*
* Overrides LingotekOAuthRequest:: |
1 |