You are here

public function OAuthSignatureMethod_PLAINTEXT::build_signature in OAuth 1.0 6.3

Same name and namespace in other branches
  1. 6 OAuth.php \OAuthSignatureMethod_PLAINTEXT::build_signature()
  2. 7.3 lib/OAuth.php \OAuthSignatureMethod_PLAINTEXT::build_signature()

oauth_signature is set to the concatenated encoded values of the Consumer Secret and Token Secret, separated by a '&' character (ASCII code 38), even if either secret is empty. The result MUST be encoded again.

  • Chapter 9.4.1 ("Generating Signatures")

Please note that the second encoding MUST NOT happen in the SignatureMethod, as OAuthRequest handles this!

Overrides OAuthSignatureMethod::build_signature

File

lib/OAuth.php, line 166
OAuth 1.0 server and client library.

Class

OAuthSignatureMethod_PLAINTEXT
The PLAINTEXT method does not provide any security protection and SHOULD only be used over a secure channel such as HTTPS. It does not use the Signature Base String.

Code

public function build_signature($request, $consumer, $token) {
  $key_parts = array(
    $consumer->secret,
    $token ? $token->secret : "",
  );
  $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
  $key = implode('&', $key_parts);
  $request->base_string = $key;
  return $key;
}