You are here

class OAuthSignatureMethod_HMAC_SHA1 in OAuth 1.0 6.3

Same name and namespace in other branches
  1. 6 OAuth.php \OAuthSignatureMethod_HMAC_SHA1
  2. 7.3 lib/OAuth.php \OAuthSignatureMethod_HMAC_SHA1

The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104] where the Signature Base String is the text and the key is the concatenated values (each first encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&' character (ASCII code 38) even if empty.

  • Chapter 9.2 ("HMAC-SHA1")

Hierarchy

Expanded class hierarchy of OAuthSignatureMethod_HMAC_SHA1

File

lib/OAuth.php, line 126
OAuth 1.0 server and client library.

View source
class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
  function get_name() {
    return "HMAC-SHA1";
  }
  public function build_signature($request, $consumer, $token) {
    $base_string = $request
      ->get_signature_base_string();
    $request->base_string = $base_string;
    $key_parts = array(
      $consumer->secret,
      $token ? $token->secret : "",
    );
    $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
    $key = implode('&', $key_parts);
    return base64_encode(hash_hmac('sha1', $base_string, $key, true));
  }

}

Members

Namesort descending Modifiers Type Description Overrides
OAuthSignatureMethod::check_signature public function Verifies that a given signature is correct 1
OAuthSignatureMethod_HMAC_SHA1::build_signature public function Build up the signature NOTE: The output of this function MUST NOT be urlencoded. the encoding is handled in OAuthRequest when the final request is serialized Overrides OAuthSignatureMethod::build_signature
OAuthSignatureMethod_HMAC_SHA1::get_name function Needs to return the name of the Signature Method (ie HMAC-SHA1) Overrides OAuthSignatureMethod::get_name