PageRenderTime 184ms CodeModel.GetById 101ms app.highlight 6ms RepoModel.GetById 74ms app.codeStats 1ms

/Oauth/Http/Utility.php

https://bitbucket.org/goldie/zend-framework1
PHP | 217 lines | 111 code | 18 blank | 88 comment | 10 complexity | 45cba9130585ab76801dae21b32cf261 MD5 | raw file
  1<?php
  2/**
  3 * Zend Framework
  4 *
  5 * LICENSE
  6 *
  7 * This source file is subject to the new BSD license that is bundled
  8 * with this package in the file LICENSE.txt.
  9 * It is also available through the world-wide-web at this URL:
 10 * http://framework.zend.com/license/new-bsd
 11 * If you did not receive a copy of the license and are unable to
 12 * obtain it through the world-wide-web, please send an email
 13 * to license@zend.com so we can send you a copy immediately.
 14 *
 15 * @category   Zend
 16 * @package    Zend_Oauth
 17 * @copyright  Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com)
 18 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 19 * @version    $Id: Utility.php 23775 2011-03-01 17:25:24Z ralph $
 20 */
 21
 22/** Zend_Oauth */
 23require_once 'Zend/Oauth.php';
 24
 25/** Zend_Oauth_Http */
 26require_once 'Zend/Oauth/Http.php';
 27
 28/**
 29 * @category   Zend
 30 * @package    Zend_Oauth
 31 * @copyright  Copyright (c) 2005-2011 Zend Technologies USA Inc. (http://www.zend.com)
 32 * @license    http://framework.zend.com/license/new-bsd     New BSD License
 33 */
 34class Zend_Oauth_Http_Utility
 35{
 36    /**
 37     * Assemble all parameters for a generic OAuth request - i.e. no special
 38     * params other than the defaults expected for any OAuth query.
 39     *
 40     * @param  string $url
 41     * @param  Zend_Oauth_Config_ConfigInterface $config
 42     * @param  null|array $serviceProviderParams
 43     * @return array
 44     */
 45    public function assembleParams(
 46        $url,
 47        Zend_Oauth_Config_ConfigInterface $config,
 48        array $serviceProviderParams = null
 49    ) {
 50        $params = array(
 51            'oauth_consumer_key'     => $config->getConsumerKey(),
 52            'oauth_nonce'            => $this->generateNonce(),
 53            'oauth_signature_method' => $config->getSignatureMethod(),
 54            'oauth_timestamp'        => $this->generateTimestamp(),
 55            'oauth_version'          => $config->getVersion(),
 56        );
 57
 58        if ($config->getToken()->getToken() != null) {
 59            $params['oauth_token'] = $config->getToken()->getToken();
 60        }
 61
 62
 63        if ($serviceProviderParams !== null) {
 64            $params = array_merge($params, $serviceProviderParams);
 65        }
 66
 67        $params['oauth_signature'] = $this->sign(
 68            $params,
 69            $config->getSignatureMethod(),
 70            $config->getConsumerSecret(),
 71            $config->getToken()->getTokenSecret(),
 72            $config->getRequestMethod(),
 73            $url
 74        );
 75
 76        return $params;
 77    }
 78
 79    /**
 80     * Given both OAuth parameters and any custom parametere, generate an
 81     * encoded query string. This method expects parameters to have been
 82     * assembled and signed beforehand.
 83     *
 84     * @param array $params
 85     * @param bool $customParamsOnly Ignores OAuth params e.g. for requests using OAuth Header
 86     * @return string
 87     */
 88    public function toEncodedQueryString(array $params, $customParamsOnly = false)
 89    {
 90        if ($customParamsOnly) {
 91            foreach ($params as $key=>$value) {
 92                if (preg_match("/^oauth_/", $key)) {
 93                    unset($params[$key]);
 94                }
 95            }
 96        }
 97        $encodedParams = array();
 98        foreach ($params as $key => $value) {
 99            $encodedParams[] = self::urlEncode($key)
100                             . '='
101                             . self::urlEncode($value);
102        }
103        return implode('&', $encodedParams);
104    }
105
106    /**
107     * Cast to authorization header
108     *
109     * @param  array $params
110     * @param  null|string $realm
111     * @param  bool $excludeCustomParams
112     * @return void
113     */
114    public function toAuthorizationHeader(array $params, $realm = null, $excludeCustomParams = true)
115    {
116        $headerValue = array(
117            'OAuth realm="' . $realm . '"',
118        );
119
120        foreach ($params as $key => $value) {
121            if ($excludeCustomParams) {
122                if (!preg_match("/^oauth_/", $key)) {
123                    continue;
124                }
125            }
126            $headerValue[] = self::urlEncode($key)
127                           . '="'
128                           . self::urlEncode($value) . '"';
129        }
130        return implode(",", $headerValue);
131    }
132
133    /**
134     * Sign request
135     *
136     * @param  array $params
137     * @param  string $signatureMethod
138     * @param  string $consumerSecret
139     * @param  null|string $tokenSecret
140     * @param  null|string $method
141     * @param  null|string $url
142     * @return string
143     */
144    public function sign(
145        array $params, $signatureMethod, $consumerSecret, $tokenSecret = null, $method = null, $url = null
146    ) {
147        $className = '';
148        $hashAlgo  = null;
149        $parts     = explode('-', $signatureMethod);
150        if (count($parts) > 1) {
151            $className = 'Zend_Oauth_Signature_' . ucfirst(strtolower($parts[0]));
152            $hashAlgo  = $parts[1];
153        } else {
154            $className = 'Zend_Oauth_Signature_' . ucfirst(strtolower($signatureMethod));
155        }
156
157        require_once str_replace('_', '/', $className) . '.php';
158        $signatureObject = new $className($consumerSecret, $tokenSecret, $hashAlgo);
159        return $signatureObject->sign($params, $method, $url);
160    }
161
162    /**
163     * Parse query string
164     *
165     * @param  mixed $query
166     * @return array
167     */
168    public function parseQueryString($query)
169    {
170        $params = array();
171        if (empty($query)) {
172            return array();
173        }
174
175        // Not remotely perfect but beats parse_str() which converts
176        // periods and uses urldecode, not rawurldecode.
177        $parts = explode('&', $query);
178        foreach ($parts as $pair) {
179            $kv = explode('=', $pair);
180            $params[rawurldecode($kv[0])] = rawurldecode($kv[1]);
181        }
182        return $params;
183    }
184
185    /**
186     * Generate nonce
187     *
188     * @return string
189     */
190    public function generateNonce()
191    {
192        return md5(uniqid(rand(), true));
193    }
194
195    /**
196     * Generate timestamp
197     *
198     * @return int
199     */
200    public function generateTimestamp()
201    {
202        return time();
203    }
204
205    /**
206     * urlencode a value
207     *
208     * @param  string $value
209     * @return string
210     */
211    public static function urlEncode($value)
212    {
213        $encoded = rawurlencode($value);
214        $encoded = str_replace('%7E', '~', $encoded);
215        return $encoded;
216    }
217}