You are here

Home » API reference » OAuth 1.0 6.3 » OAuth.php » OAuthServer

private function OAuthServer::check_signature in OAuth 1.0 6.3

Same name and namespace in other branches
  1. 6 OAuth.php \OAuthServer::check_signature()
  2. 7.3 lib/OAuth.php \OAuthServer::check_signature()

all-in-one function to check the signature on a request should guess the signature method appropriately

3 calls to OAuthServer::check_signature()
OAuthServer::fetch_access_token in lib/OAuth.php
process an access_token request returns the access token on success
OAuthServer::fetch_request_token in lib/OAuth.php
process a request_token request returns the request token on success
OAuthServer::verify_request in lib/OAuth.php
verify an api call, checks all the parameters

File

lib/OAuth.php, line 666
OAuth 1.0 server and client library.

Class

OAuthServer

Code

private function check_signature($request, $consumer, $token) {

  // this should probably be in a different method
  $timestamp = $request instanceof OAuthRequest ? $request
    ->get_parameter('oauth_timestamp') : NULL;
  $nonce = $request instanceof OAuthRequest ? $request
    ->get_parameter('oauth_nonce') : NULL;
  $this
    ->check_timestamp($timestamp);
  $this
    ->check_nonce($consumer, $token, $nonce, $timestamp);
  $signature_method = $this
    ->get_signature_method($request);
  $signature = $request
    ->get_parameter('oauth_signature');
  $valid_sig = $signature_method
    ->check_signature($request, $consumer, $token, $signature);
  if (!$valid_sig) {
    throw new OAuthException("Invalid signature");
  }
}