Overview

Packages

  • Oauth

Classes

  • Horde_Oauth_Consumer
  • Horde_Oauth_Exception
  • Horde_Oauth_Request
  • Horde_Oauth_SignatureMethod
  • Horde_Oauth_SignatureMethod_HmacSha1
  • Horde_Oauth_SignatureMethod_Plaintext
  • Horde_Oauth_SignatureMethod_RsaSha1
  • Horde_Oauth_Token
  • Horde_Oauth_Utils
  • Overview
  • Package
  • Class
  • Tree 
  1: <?php
  2: /**
  3:  * Copyright 2008-2012 Horde LLC (http://www.horde.org/)
  4:  *
  5:  * @author   Chuck Hagenbuch <chuck@horde.org>
  6:  * @license  http://www.horde.org/licenses/bsd BSD
  7:  * @category Horde
  8:  * @package  Oauth
  9:  */
 10: 
 11: /**
 12:  * OAuth request class
 13:  *
 14:  * @author   Chuck Hagenbuch <chuck@horde.org>
 15:  * @license  http://www.horde.org/licenses/bsd BSD
 16:  * @category Horde
 17:  * @package  Oauth
 18:  */
 19: class Horde_Oauth_Request
 20: {
 21:     const VERSION = '1.0';
 22: 
 23:     protected $_params = array();
 24:     protected $_url;
 25:     protected $_method;
 26: 
 27:     function __construct($url, $params = array(), $method = 'POST')
 28:     {
 29:         if (!isset($params['oauth_version'])) {
 30:             $params['oauth_version'] = self::VERSION;
 31:         }
 32:         if (!isset($params['oauth_nonce'])) {
 33:             $params['oauth_nonce'] = self::_generateNonce();
 34:         }
 35:         if (!isset($params['oauth_timestamp'])) {
 36:             $params['oauth_timestamp'] = time();
 37:         }
 38: 
 39:         $this->_params = $params;
 40:         $this->_url = $url;
 41:         $this->_method = $method;
 42:     }
 43: 
 44:     /**
 45:      * Sign this request in accordance with OAuth
 46:      *
 47:      * @param $signatureMethod
 48:      * @param $consumer
 49:      * @param $token
 50:      * @return unknown_type
 51:      */
 52:     public function sign($signatureMethod, $consumer, $token = null)
 53:     {
 54:         if (empty($this->_params['oauth_consumer_key'])) {
 55:             $this->_params['oauth_consumer_key'] = $consumer->key;
 56:         }
 57: 
 58:         if (empty($this->_params['oauth_token']) && !empty($token)) {
 59:             $this->_params['oauth_token'] = $token->key;
 60:         }
 61: 
 62:         $this->_params['oauth_signature_method'] = $signatureMethod->getName();
 63:         $this->_params['oauth_signature'] = $signatureMethod->sign($this, $consumer, $token);
 64: 
 65:         return $this->_getNormalizedUrl() . '?' . $this->buildHttpQuery();
 66:     }
 67: 
 68:     /**
 69:      * Returns the signable string of this request
 70:      *
 71:      * The base string is defined as the method, the url and the parameters
 72:      * (normalized), each urlencoded and concatenated with &.
 73:      */
 74:     public function getSignatureBaseString()
 75:     {
 76:         $parts = array(
 77:             $this->_getNormalizedHttpMethod(),
 78:             $this->_getNormalizedUrl(),
 79:             $this->_getSignableParameters()
 80:         );
 81: 
 82:         return implode('&', array_map(array('Horde_Oauth_Utils', 'urlencodeRfc3986'), $parts));
 83:     }
 84: 
 85:     /**
 86:      * Get a query string suitable for use in a URL or as POST data.
 87:      */
 88:     public function buildHttpQuery()
 89:     {
 90:         $parts = array();
 91:         foreach ($this->_params as $k => $v) {
 92:             $parts[] = Horde_Oauth_Utils::urlencodeRfc3986($k) . '=' . Horde_Oauth_Utils::urlencodeRfc3986($v);
 93:         }
 94:         return implode('&', $parts);
 95:     }
 96: 
 97:     /**
 98:      */
 99:     public function buildAuthorizationHeader($realm = '')
100:     {
101:         $header = '';
102:         foreach ($this->_params as $k => $v) {
103:             if (strpos($k, 'oauth_') !== false) {
104:                 $header .= Horde_Oauth_Utils::urlencodeRfc3986($k) . '="' . Horde_Oauth_Utils::urlencodeRfc3986($v) . '",';
105:             }
106:         }
107:         $header = substr($header, 0, -1);
108:         if (!empty($realm)) {
109:             $header .= ',realm="' . Horde_Oauth_Utils::urlencodeRfc3986($realm) . '"';
110:         }
111:         return 'OAuth ' . $header;
112:     }
113: 
114:     /**
115:      * Generate a nonce.
116:      */
117:     protected static function _generateNonce()
118:     {
119:         $mt = microtime();
120:         $rand = mt_rand();
121: 
122:         return hash('md5', microtime() . mt_rand());
123:     }
124: 
125:     /**
126:      * Returns the normalized parameters of the request
127:      *
128:      * This will be all parameters except oauth_signature, sorted first by key,
129:      * and if there are duplicate keys, then by value.
130:      *
131:      * The returned string will be all the key=value pairs concatenated by &.
132:      *
133:      * @return string
134:      */
135:     protected function _getSignableParameters()
136:     {
137:         // Grab all parameters
138:         $params = $this->_params;
139: 
140:         // Remove oauth_signature if present
141:         if (isset($params['oauth_signature'])) {
142:             unset($params['oauth_signature']);
143:         }
144: 
145:         // Urlencode both keys and values
146:         $keys = array_map(array('Horde_Oauth_Utils', 'urlencodeRfc3986'), array_keys($params));
147:         $values = array_map(array('Horde_Oauth_Utils', 'urlencodeRfc3986'), array_values($params));
148:         $params = array_combine($keys, $values);
149: 
150:         // Sort by keys (natsort)
151:         uksort($params, 'strnatcmp');
152: 
153:         // Generate key=value pairs
154:         $pairs = array();
155:         foreach ($params as $key => $value) {
156:             if (is_array($value)) {
157:                 // If the value is an array, it's because there are multiple values
158:                 // with the same key. Sort them, then add all the pairs.
159:                 natsort($value);
160:                 foreach ($value as $v2) {
161:                     $pairs[] = $key . '=' . $v2;
162:                 }
163:             } else {
164:                 $pairs[] = $key . '=' . $value;
165:             }
166:         }
167: 
168:         // Return the pairs, concatenated with &
169:         return implode('&', $pairs);
170:     }
171: 
172:     /**
173:      * Uppercases the HTTP method
174:      */
175:     protected function _getNormalizedHttpMethod()
176:     {
177:         return strtoupper($this->_method);
178:     }
179: 
180:     /**
181:      * Parse the url and rebuilds it to be scheme://host/path
182:      */
183:     protected function _getNormalizedUrl()
184:     {
185:         $parts = parse_url($this->_url);
186:         $scheme = $parts['scheme'];
187:         $port = !empty($parts['port'])
188:             ? $parts['port']
189:             : $scheme == 'https' ? '443' : '80';
190: 
191:         $host = $parts['host'];
192:         $path = !empty($parts['path']) ? $parts['path'] : '';
193: 
194:         if (($scheme == 'https' && $port != '443') ||
195:             ($scheme == 'http' && $port != '80')) {
196:             $host = "$host:$port";
197:         }
198: 
199:         return "$scheme://$host$path";
200:     }
201: }
202:
API documentation generated by ApiGen