/zf/library/Zend/Service/WindowsAzure/Credentials/SharedKeyLite.php
PHP | 166 lines | 73 code | 16 blank | 77 comment | 11 complexity | a9193fdb3f82a136d7c62d6449af1548 MD5 | raw file
Possible License(s): MIT, BSD-3-Clause, Apache-2.0, LGPL-2.1, LGPL-3.0, BSD-2-Clause
1<?php 2/** 3 * Zend Framework 4 * 5 * LICENSE 6 * 7 * This source file is subject to the new BSD license that is bundled 8 * with this package in the file LICENSE.txt. 9 * It is also available through the world-wide-web at this URL: 10 * http://framework.zend.com/license/new-bsd 11 * If you did not receive a copy of the license and are unable to 12 * obtain it through the world-wide-web, please send an email 13 * to license@zend.com so we can send you a copy immediately. 14 * 15 * @category Zend 16 * @package Zend_Service_WindowsAzure 17 * @copyright Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com) 18 * @license http://framework.zend.com/license/new-bsd New BSD License 19 * @version $Id: SharedKeyLite.php 23775 2011-03-01 17:25:24Z ralph $ 20 */ 21 22/** 23 * @see Zend_Service_WindowsAzure_Credentials_CredentialsAbstract 24 */ 25require_once 'Zend/Service/WindowsAzure/Credentials/CredentialsAbstract.php'; 26 27/** 28 * @see Zend_Service_WindowsAzure_Storage 29 */ 30require_once 'Zend/Service/WindowsAzure/Storage.php'; 31 32/** 33 * @see Zend_Service_WindowsAzure_Credentials_SharedKey 34 */ 35require_once 'Zend/Service/WindowsAzure/Credentials/SharedKey.php'; 36 37/** 38 * @see Zend_Service_WindowsAzure_Credentials_Exception 39 */ 40require_once 'Zend/Service/WindowsAzure/Credentials/Exception.php'; 41 42/** 43 * @category Zend 44 * @package Zend_Service_WindowsAzure 45 * @copyright Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com) 46 * @license http://framework.zend.com/license/new-bsd New BSD License 47 */ 48class Zend_Service_WindowsAzure_Credentials_SharedKeyLite 49 extends Zend_Service_WindowsAzure_Credentials_CredentialsAbstract 50{ 51 /** 52 * Sign request URL with credentials 53 * 54 * @param string $requestUrl Request URL 55 * @param string $resourceType Resource type 56 * @param string $requiredPermission Required permission 57 * @return string Signed request URL 58 */ 59 public function signRequestUrl( 60 $requestUrl = '', 61 $resourceType = Zend_Service_WindowsAzure_Storage::RESOURCE_UNKNOWN, 62 $requiredPermission = Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PERMISSION_READ 63 ) { 64 return $requestUrl; 65 } 66 67 /** 68 * Sign request headers with credentials 69 * 70 * @param string $httpVerb HTTP verb the request will use 71 * @param string $path Path for the request 72 * @param string $queryString Query string for the request 73 * @param array $headers x-ms headers to add 74 * @param boolean $forTableStorage Is the request for table storage? 75 * @param string $resourceType Resource type 76 * @param string $requiredPermission Required permission 77 * @param mixed $rawData Raw post data 78 * @return array Array of headers 79 */ 80 public function signRequestHeaders( 81 $httpVerb = Zend_Http_Client::GET, 82 $path = '/', 83 $queryString = '', 84 $headers = null, 85 $forTableStorage = false, 86 $resourceType = Zend_Service_WindowsAzure_Storage::RESOURCE_UNKNOWN, 87 $requiredPermission = Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PERMISSION_READ, 88 $rawData = null 89 ) { 90 // Table storage? 91 if (!$forTableStorage) { 92 throw new Zend_Service_WindowsAzure_Credentials_Exception('The Windows Azure SDK for PHP does not support SharedKeyLite authentication on blob or queue storage. Use SharedKey authentication instead.'); 93 } 94 95 // Determine path 96 if ($this->_usePathStyleUri) { 97 $path = substr($path, strpos($path, '/')); 98 } 99 100 // Determine query 101 $queryString = $this->_prepareQueryStringForSigning($queryString); 102 103 // Build canonicalized resource string 104 $canonicalizedResource = '/' . $this->_accountName; 105 if ($this->_usePathStyleUri) { 106 $canonicalizedResource .= '/' . $this->_accountName; 107 } 108 $canonicalizedResource .= $path; 109 if ($queryString !== '') { 110 $canonicalizedResource .= $queryString; 111 } 112 113 // Request date 114 $requestDate = ''; 115 if (isset($headers[Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PREFIX_STORAGE_HEADER . 'date'])) { 116 $requestDate = $headers[Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PREFIX_STORAGE_HEADER . 'date']; 117 } else { 118 $requestDate = gmdate('D, d M Y H:i:s', time()) . ' GMT'; // RFC 1123 119 } 120 121 // Create string to sign 122 $stringToSign = array(); 123 $stringToSign[] = $requestDate; // Date 124 $stringToSign[] = $canonicalizedResource; // Canonicalized resource 125 $stringToSign = implode("\n", $stringToSign); 126 $signString = base64_encode(hash_hmac('sha256', $stringToSign, $this->_accountKey, true)); 127 128 // Sign request 129 $headers[Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PREFIX_STORAGE_HEADER . 'date'] = $requestDate; 130 $headers['Authorization'] = 'SharedKeyLite ' . $this->_accountName . ':' . $signString; 131 132 // Return headers 133 return $headers; 134 } 135 136 /** 137 * Prepare query string for signing 138 * 139 * @param string $value Original query string 140 * @return string Query string for signing 141 */ 142 protected function _prepareQueryStringForSigning($value) 143 { 144 // Check for 'comp=' 145 if (strpos($value, 'comp=') === false) { 146 // If not found, no query string needed 147 return ''; 148 } else { 149 // If found, make sure it is the only parameter being used 150 if (strlen($value) > 0 && strpos($value, '?') === 0) { 151 $value = substr($value, 1); 152 } 153 154 // Split parts 155 $queryParts = explode('&', $value); 156 foreach ($queryParts as $queryPart) { 157 if (strpos($queryPart, 'comp=') !== false) { 158 return '?' . $queryPart; 159 } 160 } 161 162 // Should never happen... 163 return ''; 164 } 165 } 166}