/common/libraries/plugin/pear/OAuth/Signature/hmac_sha1.php
PHP | 130 lines | 38 code | 12 blank | 80 comment | 2 complexity | 456536dc42004f027a4c8c4f89d5bde5 MD5 | raw file
Possible License(s): GPL-2.0, BSD-3-Clause, LGPL-2.1, LGPL-3.0, GPL-3.0, MIT
- <?php
- /**
- * OAuth Request Signing
- *
- * Adapted from Andy Smith's OAuth library for PHP
- *
- * @link http://oauth.net/core/1.0
- * @link http://oauth.googlecode.com/svn/code/php/
- * @link http://term.ie/oauth/example/
- *
- * @package OAuth
- * @subpackage Signature
- *
- * @author jhart
- * @copyright Copyright (c) 2008, Photobucket, Inc.
- * @license http://www.opensource.org/licenses/mit-license.php The MIT License
- */
- /**
- * interface
- */
- require_once('OAuth/Signature/Interface.php');
- /**
- * OAuth HMAC-SHA1 implementation
- *
- * @package OAuth
- * @subpackage Signature
- */
- class OAuth_Signature_hmac_sha1 implements OAuth_Signature_Interface {
-
- /**
- * Representation string
- *
- */
- const OAUTH_SIGNATURE_METHOD = 'HMAC-SHA1';
-
- /**
- * Sign a request
- *
- * @param OAuth_Request $request request to sign
- * @param string $consumer_secret consumer secret key
- * @param string $token_secret token secret key
- * @return string calculated hash for request, secrets
- */
- public function signRequest(OAuth_Request $request, $consumer_secret, $token_secret = '') {
- $basestr = self::generateBaseString(
- $request->getHttpMethod(),
- $request->getHttpUrl(),
- OAuth_Utils::normalizeKeyValueParameters(OAuth_Utils::getFilteredBaseStringParams($request->getParameters()))
- );
- //for debug purposes
- $request->base_string = $basestr;
-
- $keystr = self::generateKeyString($consumer_secret, $token_secret);
- //for debug purposes
- $request->key_string = $keystr;
-
- return self::calculateHash($basestr, $keystr);
- }
-
- /**
- * Get the OAuth official string representation for this method
- *
- * @return string oauth method name
- */
- public function getMethodName() {
- return self::OAUTH_SIGNATURE_METHOD;
- }
-
- /**
- * Creates the basestring needed for signing per oAuth Section 9.1.2
- * All strings are latin1
- *
- * @todo could be in a base class for hmac
- * @uses urlencodeRFC3986_UTF8()
- * @param string $http_method one of the http methods GET, POST, etc.
- * @param string $uri the uri; the url without querystring
- * @param string $params normalized parameters as returned from OAuthUtil::normalizeParameters
- * @return string concatenation of the encoded parts of the basestring
- */
- protected static function generateBaseString($http_method, $uri, $params) {
- return OAuth_Utils::urlencodeRFC3986($http_method)
- . '&' . OAuth_Utils::urlencodeRFC3986($uri)
- . '&' . OAuth_Utils::urlencodeRFC3986_UTF8($params);
- }
-
- /**
- * Generate a key string
- *
- * @todo could be in a base class for hmac
- * @param string $consumersecret consumer secret key
- * @param string $tokensecret token secret key
- * @return string single key string
- */
- protected static function generateKeyString($consumersecret, $tokensecret = '') {
- return OAuth_Utils::urlencodeRFC3986_UTF8($consumersecret)
- . '&' . OAuth_Utils::urlencodeRFC3986_UTF8($tokensecret);
- }
-
- /**
- * Calculates the HMAC-SHA1 secret
- *
- * @uses urlencodeRFC3986_UTF8()
- * @param string $basestring gotten from generateBaseString
- * @param string $consumersecret
- * @param string $tokensecret leave empty if no token present
- * @return string base64 encoded signature
- */
- protected static function calculateHash($basestring, $key) {
- return base64_encode(self::hash_hmac_sha1($basestring, $key, true));
- }
-
- /**
- * run hash_hmac with sha1 (package independant)
- *
- * @uses php_hash_hmac
- * @param string $string string to hash
- * @param string $key key to hash against
- * @return string result of hash
- */
- protected static function hash_hmac_sha1($string, $key, $raw = true) {
- if (function_exists('hash_hmac')) {
- return hash_hmac('sha1', $string, $key, $raw);
- } else {
- return OAuth_Utils::php_hash_hmac('sha1', $string, $key, $raw);
- }
- }
-
- }