abstract class OAuthSignatureMethod in OAuth 1.0 7.3
Same name and namespace in other branches
- 6.3 lib/OAuth.php \OAuthSignatureMethod
- 6 OAuth.php \OAuthSignatureMethod
A class for implementing a Signature Method See section 9 ("Signing Requests") in the spec
Hierarchy
- class \OAuthSignatureMethod
Expanded class hierarchy of OAuthSignatureMethod
File
- lib/
OAuth.php, line 72 - OAuth 1.0 server and client library.
View source
abstract class OAuthSignatureMethod {
/**
* Needs to return the name of the Signature Method (ie HMAC-SHA1)
* @return string
*/
public abstract function get_name();
/**
* Build up the signature
* NOTE: The output of this function MUST NOT be urlencoded.
* the encoding is handled in OAuthRequest when the final
* request is serialized
* @param OAuthRequest $request
* @param OAuthConsumer $consumer
* @param OAuthToken $token
* @return string
*/
public abstract function build_signature($request, $consumer, $token);
/**
* Verifies that a given signature is correct
* @param OAuthRequest $request
* @param OAuthConsumer $consumer
* @param OAuthToken $token
* @param string $signature
* @return bool
*/
public function check_signature($request, $consumer, $token, $signature) {
$built = $this
->build_signature($request, $consumer, $token);
// Check for zero length, although unlikely here
if (strlen($built) == 0 || strlen($signature) == 0) {
return false;
}
if (strlen($built) != strlen($signature)) {
return false;
}
// Avoid a timing leak with a (hopefully) time insensitive compare
$result = 0;
for ($i = 0; $i < strlen($signature); $i++) {
$result |= ord($built[$i]) ^ ord($signature[$i]);
}
return $result == 0;
}
}
Members
Name | Modifiers | Type | Description | Overrides |
---|---|---|---|---|
OAuthSignatureMethod:: |
abstract public | function | Build up the signature NOTE: The output of this function MUST NOT be urlencoded. the encoding is handled in OAuthRequest when the final request is serialized | 4 |
OAuthSignatureMethod:: |
public | function | Verifies that a given signature is correct | 1 |
OAuthSignatureMethod:: |
abstract public | function | Needs to return the name of the Signature Method (ie HMAC-SHA1) | 4 |