function services_get_hash in Services 6.2
Same name and namespace in other branches
- 7 auth/services_keyauth/services_keyauth.module \services_get_hash()
Given the necessary data, create a unique hash for key authentication.
This hash is compared to the hash passed in by the client to verify that the two match.
Parameters
$timestamp: Current time in Unix timestamp format.
$domain: A unique value to identify this request. This typically matches the client's domain, but does not have to.
$nonce: A random value.
$method: The services method being called.
$args: An array of argument for the method.
Return value
A sha256 hash of the above data, plus the API key.
See also
_services_keyauth_authenticate_call()
2 calls to services_get_hash()
- _services_keyauth_alter_browse_form_submit in auth/
services_keyauth/ services_keyauth.inc - Submit callback for services browse form.
- _services_keyauth_authenticate_call in auth/
services_keyauth/ services_keyauth.inc - Authenticate a services method call with key authentication.
File
- auth/
services_keyauth/ services_keyauth.module, line 112 - Provides a key based validation system.
Code
function services_get_hash($timestamp, $domain, $nonce, $method, $args) {
$hash_parameters = array(
$timestamp,
$domain,
$nonce,
$method['method'],
);
foreach ($method['args'] as $key => $arg) {
if (isset($arg['signed']) && $arg['signed'] == TRUE) {
if (is_numeric($args[$key]) || !empty($args[$key])) {
if (is_array($args[$key]) || is_object($args[$key])) {
$hash_parameters[] = serialize($args[$key]);
}
else {
$hash_parameters[] = $args[$key];
}
}
else {
$hash_parameters[] = '';
}
}
}
$api_key = db_result(db_query("SELECT kid FROM {services_keys} WHERE domain = '%s'", $domain));
// Store Key ID so service has ability to later identify caller if this call
// is successfully authenticated.
_services_keyauth_set_kid($api_key);
return hash_hmac("sha256", implode(';', $hash_parameters), $api_key);
}