diff options
author | Haakon Meland Eriksen <haakon.eriksen@far.no> | 2015-12-14 18:55:43 +0100 |
---|---|---|
committer | Haakon Meland Eriksen <haakon.eriksen@far.no> | 2015-12-14 18:55:43 +0100 |
commit | 3b1ab5e79cbbf2a8f65cb4dc388e2257a3e857af (patch) | |
tree | 84b87fb47a27035afd2a354d11c36e8259f4c18e /library/OAuth1.php | |
parent | 565126a888d70dce853a2351b698bbc0695f0ba9 (diff) | |
parent | dcf7946673fd57325fc848df8f8cea7a84cc35b6 (diff) | |
download | volse-hubzilla-3b1ab5e79cbbf2a8f65cb4dc388e2257a3e857af.tar.gz volse-hubzilla-3b1ab5e79cbbf2a8f65cb4dc388e2257a3e857af.tar.bz2 volse-hubzilla-3b1ab5e79cbbf2a8f65cb4dc388e2257a3e857af.zip |
Merge remote-tracking branch 'upstream/master'
Diffstat (limited to 'library/OAuth1.php')
-rw-r--r-- | library/OAuth1.php | 118 |
1 files changed, 58 insertions, 60 deletions
diff --git a/library/OAuth1.php b/library/OAuth1.php index b790655af..0a6b20b0a 100644 --- a/library/OAuth1.php +++ b/library/OAuth1.php @@ -3,11 +3,11 @@ /* Generic exception class */ -class OAuthException extends Exception { +class OAuth1Exception extends Exception { // pass } -class OAuthConsumer { +class OAuth1Consumer { public $key; public $secret; @@ -18,11 +18,11 @@ class OAuthConsumer { } function __toString() { - return "OAuthConsumer[key=$this->key,secret=$this->secret]"; + return "OAuth1Consumer[key=$this->key,secret=$this->secret]"; } } -class OAuthToken { +class OAuth1Token { // access tokens and request tokens public $key; public $secret; @@ -46,9 +46,9 @@ class OAuthToken { */ function to_string() { return "oauth_token=" . - OAuthUtil::urlencode_rfc3986($this->key) . + OAuth1Util::urlencode_rfc3986($this->key) . "&oauth_token_secret=" . - OAuthUtil::urlencode_rfc3986($this->secret); + OAuth1Util::urlencode_rfc3986($this->secret); } function __toString() { @@ -60,7 +60,7 @@ class OAuthToken { * A class for implementing a Signature Method * See section 9 ("Signing Requests") in the spec */ -abstract class OAuthSignatureMethod { +abstract class OAuth1SignatureMethod { /** * Needs to return the name of the Signature Method (ie HMAC-SHA1) * @return string @@ -70,20 +70,20 @@ abstract class OAuthSignatureMethod { /** * Build up the signature * NOTE: The output of this function MUST NOT be urlencoded. - * the encoding is handled in OAuthRequest when the final + * the encoding is handled in OAuth1Request when the final * request is serialized - * @param OAuthRequest $request - * @param OAuthConsumer $consumer - * @param OAuthToken $token + * @param OAuth1Request $request + * @param OAuth1Consumer $consumer + * @param OAuth1Token $token * @return string */ abstract public function build_signature($request, $consumer, $token); /** * Verifies that a given signature is correct - * @param OAuthRequest $request - * @param OAuthConsumer $consumer - * @param OAuthToken $token + * @param OAuth1Request $request + * @param OAuth1Consumer $consumer + * @param OAuth1Token $token * @param string $signature * @return bool */ @@ -101,7 +101,7 @@ abstract class OAuthSignatureMethod { * character (ASCII code 38) even if empty. * - Chapter 9.2 ("HMAC-SHA1") */ -class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { +class OAuth1SignatureMethod_HMAC_SHA1 extends OAuth1SignatureMethod { function get_name() { return "HMAC-SHA1"; } @@ -115,7 +115,7 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { ($token) ? $token->secret : "" ); - $key_parts = OAuthUtil::urlencode_rfc3986($key_parts); + $key_parts = OAuth1Util::urlencode_rfc3986($key_parts); $key = implode('&', $key_parts); @@ -129,7 +129,7 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { * over a secure channel such as HTTPS. It does not use the Signature Base String. * - Chapter 9.4 ("PLAINTEXT") */ -class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod { +class OAuth1SignatureMethod_PLAINTEXT extends OAuth1SignatureMethod { public function get_name() { return "PLAINTEXT"; } @@ -141,7 +141,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod { * - Chapter 9.4.1 ("Generating Signatures") * * Please note that the second encoding MUST NOT happen in the SignatureMethod, as - * OAuthRequest handles this! + * OAuth1Request handles this! */ public function build_signature($request, $consumer, $token) { $key_parts = array( @@ -149,7 +149,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod { ($token) ? $token->secret : "" ); - $key_parts = OAuthUtil::urlencode_rfc3986($key_parts); + $key_parts = OAuth1Util::urlencode_rfc3986($key_parts); $key = implode('&', $key_parts); $request->base_string = $key; @@ -165,7 +165,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod { * specification. * - Chapter 9.3 ("RSA-SHA1") */ -abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod { +abstract class OAuth1SignatureMethod_RSA_SHA1 extends OAuth1SignatureMethod { public function get_name() { return "RSA-SHA1"; } @@ -224,7 +224,7 @@ abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod { } } -class OAuthRequest { +class OAuth1Request { private $parameters; private $http_method; private $http_url; @@ -235,7 +235,7 @@ class OAuthRequest { function __construct($http_method, $http_url, $parameters=NULL) { @$parameters or $parameters = array(); - $parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters); + $parameters = array_merge( OAuth1Util::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters); $this->parameters = $parameters; $this->http_method = $http_method; $this->http_url = $http_url; @@ -262,10 +262,10 @@ class OAuthRequest { // parsed parameter-list if (!$parameters) { // Find request headers - $request_headers = OAuthUtil::get_headers(); + $request_headers = OAuth1Util::get_headers(); // Parse the query-string to find GET parameters - $parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']); + $parameters = OAuth1Util::parse_parameters($_SERVER['QUERY_STRING']); // It's a POST request of the proper content-type, so parse POST // parameters and add those overriding any duplicates from GET @@ -274,7 +274,7 @@ class OAuthRequest { "application/x-www-form-urlencoded") ) { - $post_data = OAuthUtil::parse_parameters( + $post_data = OAuth1Util::parse_parameters( file_get_contents(self::$POST_INPUT) ); $parameters = array_merge($parameters, $post_data); @@ -283,7 +283,7 @@ class OAuthRequest { // We have a Authorization-header with OAuth data. Parse the header // and add those overriding any duplicates from GET or POST if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") { - $header_parameters = OAuthUtil::split_header( + $header_parameters = OAuth1Util::split_header( $request_headers['Authorization'] ); $parameters = array_merge($parameters, $header_parameters); @@ -296,7 +296,7 @@ class OAuthRequest { $http_url = substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q'])); unset( $parameters['q'] ); - return new OAuthRequest($http_method, $http_url, $parameters); + return new OAuth1Request($http_method, $http_url, $parameters); } /** @@ -304,16 +304,16 @@ class OAuthRequest { */ public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) { @$parameters or $parameters = array(); - $defaults = array("oauth_version" => OAuthRequest::$version, - "oauth_nonce" => OAuthRequest::generate_nonce(), - "oauth_timestamp" => OAuthRequest::generate_timestamp(), + $defaults = array("oauth_version" => OAuth1Request::$version, + "oauth_nonce" => OAuth1Request::generate_nonce(), + "oauth_timestamp" => OAuth1Request::generate_timestamp(), "oauth_consumer_key" => $consumer->key); if ($token) $defaults['oauth_token'] = $token->key; $parameters = array_merge($defaults, $parameters); - return new OAuthRequest($http_method, $http_url, $parameters); + return new OAuth1Request($http_method, $http_url, $parameters); } public function set_parameter($name, $value, $allow_duplicates = true) { @@ -357,7 +357,7 @@ class OAuthRequest { unset($params['oauth_signature']); } - return OAuthUtil::build_http_query($params); + return OAuth1Util::build_http_query($params); } /** @@ -374,7 +374,7 @@ class OAuthRequest { $this->get_signable_parameters() ); - $parts = OAuthUtil::urlencode_rfc3986($parts); + $parts = OAuth1Util::urlencode_rfc3986($parts); return implode('&', $parts); } @@ -423,7 +423,7 @@ class OAuthRequest { * builds the data one would send in a POST request */ public function to_postdata() { - return OAuthUtil::build_http_query($this->parameters); + return OAuth1Util::build_http_query($this->parameters); } /** @@ -432,7 +432,7 @@ class OAuthRequest { public function to_header($realm=null) { $first = true; if($realm) { - $out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"'; + $out = 'Authorization: OAuth realm="' . OAuth1Util::urlencode_rfc3986($realm) . '"'; $first = false; } else $out = 'Authorization: OAuth'; @@ -441,12 +441,12 @@ class OAuthRequest { foreach ($this->parameters as $k => $v) { if (substr($k, 0, 5) != "oauth") continue; if (is_array($v)) { - throw new OAuthException('Arrays not supported in headers'); + throw new OAuth1Exception('Arrays not supported in headers'); } $out .= ($first) ? ' ' : ','; - $out .= OAuthUtil::urlencode_rfc3986($k) . + $out .= OAuth1Util::urlencode_rfc3986($k) . '="' . - OAuthUtil::urlencode_rfc3986($v) . + OAuth1Util::urlencode_rfc3986($v) . '"'; $first = false; } @@ -491,7 +491,7 @@ class OAuthRequest { } } -class OAuthServer { +class OAuth1Server { protected $timestamp_threshold = 300; // in seconds, five minutes protected $version = '1.0'; // hi blaine protected $signature_methods = array(); @@ -572,7 +572,7 @@ class OAuthServer { $version = '1.0'; } if ($version !== $this->version) { - throw new OAuthException("OAuth version '$version' not supported"); + throw new OAuth1Exception("OAuth1 version '$version' not supported"); } return $version; } @@ -587,12 +587,12 @@ class OAuthServer { if (!$signature_method) { // According to chapter 7 ("Accessing Protected Ressources") the signature-method // parameter is required, and we can't just fallback to PLAINTEXT - throw new OAuthException('No signature method parameter. This parameter is required'); + throw new OAuth1Exception('No signature method parameter. This parameter is required'); } if (!in_array($signature_method, array_keys($this->signature_methods))) { - throw new OAuthException( + throw new OAuth1Exception( "Signature method '$signature_method' not supported " . "try one of the following: " . implode(", ", array_keys($this->signature_methods)) @@ -607,12 +607,12 @@ class OAuthServer { private function get_consumer(&$request) { $consumer_key = @$request->get_parameter("oauth_consumer_key"); if (!$consumer_key) { - throw new OAuthException("Invalid consumer key"); + throw new OAuth1Exception("Invalid consumer key"); } $consumer = $this->data_store->lookup_consumer($consumer_key); if (!$consumer) { - throw new OAuthException("Invalid consumer"); + throw new OAuth1Exception("Invalid consumer"); } return $consumer; @@ -627,7 +627,7 @@ class OAuthServer { $consumer, $token_type, $token_field ); if (!$token) { - throw new OAuthException("Invalid $token_type token: $token_field"); + throw new OAuth1Exception("Invalid $token_type token: $token_field"); } return $token; } @@ -656,7 +656,7 @@ class OAuthServer { if (!$valid_sig) { - throw new OAuthException("Invalid signature"); + throw new OAuth1Exception("Invalid signature"); } } @@ -665,14 +665,14 @@ class OAuthServer { */ private function check_timestamp($timestamp) { if( ! $timestamp ) - throw new OAuthException( + throw new OAuth1Exception( 'Missing timestamp parameter. The parameter is required' ); // verify that timestamp is recentish $now = time(); if (abs($now - $timestamp) > $this->timestamp_threshold) { - throw new OAuthException( + throw new OAuth1Exception( "Expired timestamp, yours $timestamp, ours $now" ); } @@ -683,7 +683,7 @@ class OAuthServer { */ private function check_nonce($consumer, $token, $nonce, $timestamp) { if( ! $nonce ) - throw new OAuthException( + throw new OAuth1Exception( 'Missing nonce parameter. The parameter is required' ); @@ -695,13 +695,13 @@ class OAuthServer { $timestamp ); if ($found) { - throw new OAuthException("Nonce already used: $nonce"); + throw new OAuth1Exception("Nonce already used: $nonce"); } } } -class OAuthDataStore { +class OAuth1DataStore { function lookup_consumer($consumer_key) { // implement me } @@ -727,10 +727,10 @@ class OAuthDataStore { } -class OAuthUtil { +class OAuth1Util { public static function urlencode_rfc3986($input) { if (is_array($input)) { - return array_map(array('OAuthUtil', 'urlencode_rfc3986'), $input); + return array_map(array('OAuth1Util', 'urlencode_rfc3986'), $input); } else if (is_scalar($input)) { return str_replace( '+', @@ -762,7 +762,7 @@ class OAuthUtil { $header_name = $matches[2][0]; $header_content = (isset($matches[5])) ? $matches[5][0] : $matches[4][0]; if (preg_match('/^oauth_/', $header_name) || !$only_allow_oauth_parameters) { - $params[$header_name] = OAuthUtil::urldecode_rfc3986($header_content); + $params[$header_name] = OAuth1Util::urldecode_rfc3986($header_content); } $offset = $match[1] + strlen($match[0]); } @@ -834,8 +834,8 @@ class OAuthUtil { $parsed_parameters = array(); foreach ($pairs as $pair) { $split = explode('=', $pair, 2); - $parameter = OAuthUtil::urldecode_rfc3986($split[0]); - $value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : ''; + $parameter = OAuth1Util::urldecode_rfc3986($split[0]); + $value = isset($split[1]) ? OAuth1Util::urldecode_rfc3986($split[1]) : ''; if (isset($parsed_parameters[$parameter])) { // We have already recieved parameter(s) with this name, so add to the list @@ -859,8 +859,8 @@ class OAuthUtil { if (!$params) return ''; // Urlencode both keys and values - $keys = OAuthUtil::urlencode_rfc3986(array_keys($params)); - $values = OAuthUtil::urlencode_rfc3986(array_values($params)); + $keys = OAuth1Util::urlencode_rfc3986(array_keys($params)); + $values = OAuth1Util::urlencode_rfc3986(array_values($params)); $params = array_combine($keys, $values); // Parameters are sorted by name, using lexicographical byte value ordering. @@ -885,5 +885,3 @@ class OAuthUtil { return implode('&', $pairs); } } - -?> |