class OAuthRequestSigner in Lingotek Translation 7.3
Same name and namespace in other branches
- 7.2 lib/oauth-php/library/OAuthRequestSigner.php \OAuthRequestSigner
Hierarchy
- class \OAuthRequest
- class \OAuthRequestSigner
Expanded class hierarchy of OAuthRequestSigner
1 string reference to 'OAuthRequestSigner'
- OAuthRequestLogger::flush in lib/
oauth-php/ library/ OAuthRequestLogger.php - * Logs the request to the database, sends any cached output. * Also called on shutdown, to make sure we always log the request being handled.
File
- lib/
oauth-php/ library/ OAuthRequestSigner.php, line 39
View source
class OAuthRequestSigner extends OAuthRequest {
protected $request;
protected $store;
protected $usr_id = 0;
private $signed = false;
/**
* Construct the request to be signed. Parses or appends the parameters in the params url.
* When you supply an params array, then the params should not be urlencoded.
* When you supply a string, then it is assumed it is of the type application/x-www-form-urlencoded
*
* @param string request url
* @param string method PUT, GET, POST etc.
* @param mixed params string (for urlencoded data, or array with name/value pairs)
* @param string body optional body for PUT and/or POST requests
*/
function __construct($request, $method = null, $params = null, $body = null) {
$this->store = OAuthStore::instance();
if (is_string($params)) {
parent::__construct($request, $method, $params);
}
else {
parent::__construct($request, $method);
if (is_array($params)) {
foreach ($params as $name => $value) {
$this
->setParam($name, $value);
}
}
}
// With put/ post we might have a body (not for application/x-www-form-urlencoded requests)
if (strcasecmp($method, 'PUT') == 0 || strcasecmp($method, 'POST') == 0) {
$this
->setBody($body);
}
}
/**
* Reset the 'signed' flag, so that any changes in the parameters force a recalculation
* of the signature.
*/
function setUnsigned() {
$this->signed = false;
}
/**
* Sign our message in the way the server understands.
* Set the needed oauth_xxxx parameters.
*
* @param int usr_id (optional) user that wants to sign this request
* @param array secrets secrets used for signing, when empty then secrets will be fetched from the token registry
* @param string name name of the token to be used for signing
* @exception OAuthException2 when there is no oauth relation with the server
* @exception OAuthException2 when we don't support the signing methods of the server
*/
function sign($usr_id = 0, $secrets = null, $name = '', $token_type = null) {
$url = $this
->getRequestUrl();
if (empty($secrets)) {
// get the access tokens for the site (on an user by user basis)
$secrets = $this->store
->getSecretsForSignature($url, $usr_id, $name);
}
if (empty($secrets)) {
throw new OAuthException2('No OAuth relation with the server for at "' . $url . '"');
}
$signature_method = $this
->selectSignatureMethod($secrets['signature_methods']);
$token = isset($secrets['token']) ? $secrets['token'] : '';
$token_secret = isset($secrets['token_secret']) ? $secrets['token_secret'] : '';
if (!$token) {
$token = $this
->getParam('oauth_token');
}
$this
->setParam('oauth_signature_method', $signature_method);
$this
->setParam('oauth_signature', '');
$this
->setParam('oauth_nonce', !empty($secrets['nonce']) ? $secrets['nonce'] : uniqid(''));
$this
->setParam('oauth_timestamp', !empty($secrets['timestamp']) ? $secrets['timestamp'] : time());
if ($token_type != 'requestToken') {
$this
->setParam('oauth_token', $token);
}
$this
->setParam('oauth_consumer_key', $secrets['consumer_key']);
$this
->setParam('oauth_version', '1.0');
$body = $this
->getBody();
if (!is_null($body)) {
// We also need to sign the body, use the default signature method
$body_signature = $this
->calculateDataSignature($body, $secrets['consumer_secret'], $token_secret, $signature_method);
$this
->setParam('xoauth_body_signature', $body_signature, true);
}
$signature = $this
->calculateSignature($secrets['consumer_secret'], $token_secret, $token_type);
$this
->setParam('oauth_signature', $signature, true);
// $this->setParam('oauth_signature', urldecode($signature), true);
$this->signed = true;
$this->usr_id = $usr_id;
}
/**
* Builds the Authorization header for the request.
* Adds all oauth_ and xoauth_ parameters to the Authorization header.
*
* @return string
*/
function getAuthorizationHeader() {
if (!$this->signed) {
$this
->sign($this->usr_id);
}
$h = array();
$h[] = 'Authorization: OAuth realm=""';
foreach ($this->param as $name => $value) {
if (strncmp($name, 'oauth_', 6) == 0 || strncmp($name, 'xoauth_', 7) == 0) {
$h[] = $name . '="' . $value . '"';
}
}
$hs = implode(', ', $h);
return $hs;
}
/**
* Builds the application/x-www-form-urlencoded parameter string. Can be appended as
* the query part to a GET or inside the request body for a POST.
*
* @param boolean oauth_as_header (optional) set to false to include oauth parameters
* @return string
*/
function getQueryString($oauth_as_header = true) {
$parms = array();
foreach ($this->param as $name => $value) {
if (!$oauth_as_header || strncmp($name, 'oauth_', 6) != 0 && strncmp($name, 'xoauth_', 7) != 0) {
if (is_array($value)) {
foreach ($value as $v) {
$parms[] = $name . '=' . $v;
}
}
else {
$parms[] = $name . '=' . $value;
}
}
}
return implode('&', $parms);
}
}Members
Name |
Modifiers | Type | Description | Overrides |
|---|---|---|---|---|
|
OAuthRequest:: |
protected | property | ||
|
OAuthRequest:: |
protected | property | ||
|
OAuthRequest:: |
protected | property | ||
|
OAuthRequest:: |
protected | property | ||
|
OAuthRequest:: |
protected | property | ||
|
OAuthRequest:: |
protected | property | ||
|
OAuthRequest:: |
protected | property | ||
|
OAuthRequest:: |
function | * Calculate the signature of a string. * Uses the signature method from the current parameters. * * | ||
|
OAuthRequest:: |
function | * Calculate the signature of the request, using the method in oauth_signature_method. * The signature is returned encoded in the form as used in the url. So the base64 and * urlencoding has been done. * * | ||
|
OAuthRequest:: |
function | * Perform some sanity checks. * * @exception OAuthException2 thrown when sanity checks failed | ||
|
OAuthRequest:: |
protected | function | * Return the default port for a scheme * * | |
|
OAuthRequest:: |
function | * Return the body of the OAuth request. * * | ||
|
OAuthRequest:: |
function | * Return the request method * * | ||
|
OAuthRequest:: |
function | * Return the complete parameter string for the signature check. * All parameters are correctly urlencoded and sorted on name and value * * | ||
|
OAuthRequest:: |
function | * Get a parameter, value is always urlencoded * * | ||
|
OAuthRequest:: |
private | function | * Get the body of a POST or PUT. * * Used for fetching the post parameters and to calculate the body signature. * * | |
|
OAuthRequest:: |
private | function | * Get the body of a POST with multipart/form-data by Edison tsai on 16:52 2010/09/16 * * Used for fetching the post parameters and to calculate the body signature. * * | |
|
OAuthRequest:: |
private | function | * Fetch the content type of the current request * * | |
|
OAuthRequest:: |
function | * Return the normalised url for signature checks | ||
|
OAuthRequest:: |
function | * Fetch the signature object used for calculating and checking the signature base string * * | ||
|
OAuthRequest:: |
private | function | * Parse the oauth parameters from the request headers * Looks for something like: * Authorization: OAuth… | |
|
OAuthRequest:: |
protected | function | * Parse the uri into its parts. Fill in the missing parts. * * | |
|
OAuthRequest:: |
public | function | * Simple function to perform a redirect (GET). * Redirects the User-Agent, does not return. * * | |
|
OAuthRequest:: |
public | function | * Select a signature method from the list of available methods. * We try to check the most secure methods first. * * @todo Let the signature method tell us how secure it is * | |
|
OAuthRequest:: |
function | * Return the body of the OAuth request. * * | ||
|
OAuthRequest:: |
function | * Set a parameter * * | ||
|
OAuthRequest:: |
function | * Return the signature base string. * Note that we can't use rawurlencode due to specified use of RFC3986. * * | ||
|
OAuthRequest:: |
protected | function | * Re-encode all parameters so that they are encoded using RFC3986. * Updates the $this->param attribute. | |
|
OAuthRequest:: |
function | * Decode a string according to RFC3986. * Also correctly decodes RFC1738 urls. * * | ||
|
OAuthRequest:: |
function | * Encode a string according to the RFC3986 * * | ||
|
OAuthRequest:: |
function | * urltranscode - make sure that a value is encoded using RFC3986. * We use a basic urldecode() function so that any use of '+' as the * encoding of the space character is correctly handled. * * | ||
|
OAuthRequestSigner:: |
protected | property | ||
|
OAuthRequestSigner:: |
private | property | ||
|
OAuthRequestSigner:: |
protected | property | ||
|
OAuthRequestSigner:: |
protected | property | ||
|
OAuthRequestSigner:: |
function | * Builds the Authorization header for the request. * Adds all oauth_ and xoauth_ parameters to the Authorization header. * * | ||
|
OAuthRequestSigner:: |
function | * Builds the application/x-www-form-urlencoded parameter string. Can be appended as * the query part to a GET or inside the request body for a POST. * * | ||
|
OAuthRequestSigner:: |
function | * Reset the 'signed' flag, so that any changes in the parameters force a recalculation * of the signature. | ||
|
OAuthRequestSigner:: |
function | * Sign our message in the way the server understands. * Set the needed oauth_xxxx parameters. * * | ||
|
OAuthRequestSigner:: |
function |
* Construct the request to be signed. Parses or appends the parameters in the params url.
* When you supply an params array, then the params should not be urlencoded.
* When you supply a string, then it is assumed it is of the type… Overrides OAuthRequest:: |
1 |