jjkiers
/
OAuth
1
0
Fork 0
Code Issues 2 Pull Requests 1 Packages Projects Releases 1 Wiki Activity

Change all references to consumer to client, as per RFC 5849.

This commit is contained in:
Gary Jones 2012-11-18 02:33:29 +00:00
parent 4d5cfee737
commit 12afd40c6e
9 changed files with 95 additions and 72 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/GaryJones/OAuth/Consumer.php → src/GaryJones/OAuth/Client.php
View File

@ -1,10 +1,10 @@
<?php
namespace GaryJones\OAuth;
class Consumer
class Client
{
public $key;
public $secret;
protected $key;
protected $secret;
public function __construct($key, $secret, $callback_url = null)
{
@ -13,8 +13,18 @@ class Consumer
$this->callback_url = $callback_url;
}
public function getKey()
{
return $this->key;
}
public function getSecret()
{
return $this->secret;
}
public function __toString()
{
return "OAuthConsumer[key=$this->key,secret=$this->secret]";
return "OAuthClient[key=$this->key,secret=$this->secret]";
}
}

6
src/GaryJones/OAuth/HmacSha1.php
View File

@ -15,14 +15,14 @@ class HmacSha1 extends SignatureMethod
return 'HMAC-SHA1';
}
public function buildSignature($request, $consumer, $token)
public function buildSignature($request, $client, $token)
{
$base_string = $request->getSignatureBaseString();
$request->base_string = $base_string;
$key_parts = array(
$consumer->secret,
($token) ? $token->secret : ''
$client->getSecret(),
($token) ? $token->getSecret() : ''
);
$key_parts = Util::urlencodeRfc3986($key_parts);

16
src/GaryJones/OAuth/OAuthDataStore.php
View File

@ -12,28 +12,28 @@ interface OAuthDataStore
/**
*
* @param type $consumer
* @param type $client
* @param type $token_type
* @param type $token
*/
public function lookupToken($consumer, $token_type, $token);
public function lookupToken($client, $token_type, $token);
/**
*
* @param type $consumer
* @param type $client
* @param type $token
* @param type $nonce
* @param type $timestamp
*/
public function lookupNonce($consumer, $token, $nonce, $timestamp);
public function lookupNonce($client, $token, $nonce, $timestamp);
/**
* Return a new token attached to this consumer.
*
* @param type $consumer
* @param type $client
* @param type $callback
*/
public function newRequestToken($consumer, $callback = null);
public function newRequestToken($client, $callback = null);
/**
* Return a new access token attached to this consumer for the user
@ -42,8 +42,8 @@ interface OAuthDataStore
* Should also invalidate the request token.
*
* @param type $token
* @param type $consumer
* @param type $client
* @param type $verifier
*/
public function newAccessToken($token, $consumer, $verifier = null);
public function newAccessToken($token, $client, $verifier = null);
}

14
src/GaryJones/OAuth/OAuthRequest.php
View File

@ -72,15 +72,15 @@ class OAuthRequest
/**
* pretty much a helper function to set up the request
*/
public static function fromConsumerAndToken($consumer, $token, $http_method, $http_url, $parameters = null)
public static function fromClientAndToken($client, $token, $http_method, $http_url, $parameters = null)
{
$parameters = ($parameters) ? $parameters : array();
$defaults = array("oauth_version" => OAuthRequest::$version,
"oauth_nonce" => OAuthRequest::generateNonce(),
"oauth_timestamp" => OAuthRequest::generateTimestamp(),
"oauth_consumer_key" => $consumer->key);
"oauth_consumer_key" => $client->getKey());
if ($token) {
$defaults['oauth_token'] = $token->key;
$defaults['oauth_token'] = $token->getKey();
}
$parameters = array_merge($defaults, $parameters);
@ -250,16 +250,16 @@ class OAuthRequest
return $this->toUrl();
}
public function signRequest($signature_method, $consumer, $token)
public function signRequest($signature_method, $client, $token)
{
$this->setParameter('oauth_signature_method', $signature_method->getName(), false);
$signature = $this->buildSignature($signature_method, $consumer, $token);
$signature = $this->buildSignature($signature_method, $client, $token);
$this->setParameter('oauth_signature', $signature, false);
}
public function buildSignature($signature_method, $consumer, $token)
public function buildSignature($signature_method, $client, $token)
{
$signature = $signature_method->buildSignature($this, $consumer, $token);
$signature = $signature_method->buildSignature($this, $client, $token);
return $signature;
}

54
src/GaryJones/OAuth/OAuthServer.php
View File

@ -29,16 +29,16 @@ class OAuthServer
{
$this->getVersion($request);
$consumer = $this->getConsumer($request);
$client = $this->getClient($request);
// no token required for the initial token request
$token = null;
$this->checkSignature($request, $consumer, $token);
$this->checkSignature($request, $client, $token);
// Rev A change
$callback = $request->getParameter('oauth_callback');
$new_token = $this->data_store->newRequestToken($consumer, $callback);
$new_token = $this->data_store->newRequestToken($client, $callback);
return $new_token;
}
@ -51,16 +51,16 @@ class OAuthServer
{
$this->getVersion($request);
$consumer = $this->getConsumer($request);
$client = $this->getClient($request);
// requires authorized request token
$token = $this->getToken($request, $consumer, 'request');
$token = $this->getToken($request, $client, 'request');
$this->checkSignature($request, $consumer, $token);
$this->checkSignature($request, $client, $token);
// Rev A change
$verifier = $request->getParameter('oauth_verifier');
$new_token = $this->data_store->newAccessToken($token, $consumer, $verifier);
$new_token = $this->data_store->newAccessToken($token, $client, $verifier);
return $new_token;
}
@ -71,10 +71,10 @@ class OAuthServer
public function verifyRequest(&$request)
{
$this->getVersion($request);
$consumer = $this->getConsumer($request);
$token = $this->getToken($request, $consumer, 'access');
$this->checkSignature($request, $consumer, $token);
return array($consumer, $token);
$client = $this->getClient($request);
$token = $this->getToken($request, $client, 'access');
$this->checkSignature($request, $client, $token);
return array($client, $token);
}
// Internals from here
@ -118,32 +118,32 @@ class OAuthServer
}
/**
* try to find the consumer for the provided request's consumer key
* try to find the client for the provided request's client key
*/
private function getConsumer($request)
private function getClient($request)
{
$consumer_key = $request instanceof OAuthRequest ? $request->getParameter('oauth_consumer_key') : null;
$client_key = $request instanceof OAuthRequest ? $request->getParameter('oauth_consumer_key') : null;
if (!$consumer_key) {
throw new OAuthException('Invalid consumer key');
if (!$client_key) {
throw new OAuthException('Invalid client key');
}
$consumer = $this->data_store->lookupClient($consumer_key);
if (!$consumer) {
throw new OAuthException('Invalid consumer');
$client = $this->data_store->lookupClient($client_key);
if (!$client) {
throw new OAuthException('Invalid client');
}
return $consumer;
return $client;
}
/**
* try to find the token for the provided request's token key
*/
private function getToken($request, $consumer, $token_type = 'access')
private function getToken($request, $client, $token_type = 'access')
{
$token_field = $request instanceof OAuthRequest ? $request->getParameter('oauth_token') : null;
$token = $this->data_store->lookupToken($consumer, $token_type, $token_field);
$token = $this->data_store->lookupToken($client, $token_type, $token_field);
if (!$token) {
throw new OAuthException("Invalid $token_type token: $token_field");
}
@ -154,19 +154,19 @@ class OAuthServer
* all-in-one function to check the signature on a request
* should guess the signature method appropriately
*/
private function checkSignature($request, $consumer, $token)
private function checkSignature($request, $client, $token)
{
// this should probably be in a different method
$timestamp = $request instanceof OAuthRequest ? $request->getParameter('oauth_timestamp') : null;
$nonce = $request instanceof OAuthRequest ? $request->getParameter('oauth_nonce') : null;
$this->checkTimestamp($timestamp);
$this->checkNonce($consumer, $token, $nonce, $timestamp);
$this->checkNonce($client, $token, $nonce, $timestamp);
$signature_method = $this->getSignatureMethod($request);
$signature = $request->getParameter('oauth_signature');
$valid_sig = $signature_method->checkSignature($request, $consumer, $token, $signature);
$valid_sig = $signature_method->checkSignature($request, $client, $token, $signature);
if (!$valid_sig) {
throw new OAuthException('Invalid signature');
@ -192,14 +192,14 @@ class OAuthServer
/**
* check that the nonce is not repeated
*/
private function checkNonce($consumer, $token, $nonce, $timestamp)
private function checkNonce($client, $token, $nonce, $timestamp)
{
if (!$nonce) {
throw new OAuthException('Missing nonce parameter. The parameter is required');
}
// verify that the nonce is uniqueish
$found = $this->data_store->lookupNonce($consumer, $token, $nonce, $timestamp);
$found = $this->data_store->lookupNonce($client, $token, $nonce, $timestamp);
if ($found) {
throw new OAuthException('Nonce already used: ' . $nonce);
}

8
src/GaryJones/OAuth/PlainText.php
View File

@ -14,7 +14,7 @@ class PlainText extends SignatureMethod
}
/**
* oauth_signature is set to the concatenated encoded values of the Consumer Secret and
* oauth_signature is set to the concatenated encoded values of the Client Secret and
* Token Secret, separated by a '&' character (ASCII code 38), even if either secret is
* empty. The result MUST be encoded again.
* - Chapter 9.4.1 ("Generating Signatures")
@ -22,11 +22,11 @@ class PlainText extends SignatureMethod
* Please note that the second encoding MUST NOT happen in the SignatureMethod, as
* OAuthRequest handles this!
*/
public function buildSignature($request, $consumer, $token)
public function buildSignature($request, $client, $token)
{
$key_parts = array(
$consumer->secret,
($token) ? $token->secret : ''
$client->getSecret(),
($token) ? $token->getSecret() : ''
);
$key_parts = Util::urlencodeRfc3986($key_parts);

10
src/GaryJones/OAuth/RsaSha1.php
View File

@ -4,7 +4,7 @@ namespace GaryJones\OAuth;
/**
* The RSA-SHA1 signature method uses the RSASSA-PKCS1-v1_5 signature algorithm as defined in
* [RFC3447] section 8.2 (more simply known as PKCS#1), using SHA-1 as the hash function for
* EMSA-PKCS1-v1_5. It is assumed that the Consumer has provided its RSA public key in a
* EMSA-PKCS1-v1_5. It is assumed that the Client has provided its RSA public key in a
* verified way to the Service Provider, in a manner which is beyond the scope of this
* specification.
* - Chapter 9.3 ("RSA-SHA1")
@ -17,7 +17,7 @@ abstract class RsaSha1 extends SignatureMethod
}
// Up to the SP to implement this lookup of keys. Possible ideas are:
// (1) do a lookup in a table of trusted certs keyed off of consumer
// (1) do a lookup in a table of trusted certs keyed off of client
// (2) fetch via http using a url provided by the requester
// (3) some sort of specific discovery code based on request
//
@ -25,12 +25,12 @@ abstract class RsaSha1 extends SignatureMethod
abstract protected function fetchPublicCert(&$request);
// Up to the SP to implement this lookup of keys. Possible ideas are:
// (1) do a lookup in a table of trusted certs keyed off of consumer
// (1) do a lookup in a table of trusted certs keyed off of client
//
// Either way should return a string representation of the certificate
abstract protected function fetchPrivateCert(&$request);
public function buildSignature($request, $consumer, $token)
public function buildSignature($request, $client, $token)
{
$base_string = $request->getSignatureBaseString();
$request->base_string = $base_string;
@ -50,7 +50,7 @@ abstract class RsaSha1 extends SignatureMethod
return base64_encode($signature);
}
public function checkSignature($request, $consumer, $token, $signature)
public function checkSignature($request, $client, $token, $signature)
{
$decoded_sig = base64_decode($signature);

27
src/GaryJones/OAuth/SignatureMethod.php
View File

@ -14,28 +14,31 @@ abstract class SignatureMethod
abstract public function getName();
/**
* Build up the signature
* Build up the signature.
*
* NOTE: The output of this function MUST NOT be urlencoded.
* the encoding is handled in OAuthRequest when the final
* request is serialized
* @param OAuthRequest $request
* @param OAuthConsumer $consumer
* @param OAuthToken $token
* request is serialized.
*
* @param GaryJones\OAuth\OAuthRequest $request
* @param GaryJones\OAuth\Client $client
* @param GaryJones\OAuth\Token $token
* @return string
*/
abstract public function buildSignature($request, $consumer, $token);
abstract public function buildSignature($request, $client, $token);
/**
* Verifies that a given signature is correct
* @param OAuthRequest $request
* @param OAuthConsumer $consumer
* @param OAuthToken $token
* Verifies that a given signature is correct.
*
* @param GaryJones\OAuth\OAuthRequest $request
* @param GaryJones\OAuth\Consumer $client
* @param GaryJones\OAuth\Token $token
* @param string $signature
* @return bool
*/
public function checkSignature($request, $consumer, $token, $signature)
public function checkSignature($request, $client, $token, $signature)
{
$built = $this->buildSignature($request, $consumer, $token);
$built = $this->buildSignature($request, $client, $token);
return $built == $signature;
}
}

14
src/GaryJones/OAuth/Token.php
View File

@ -4,8 +4,8 @@ namespace GaryJones\OAuth;
class Token
{
// access tokens and request tokens
public $key;
public $secret;
protected $key;
protected $secret;
/**
* key = the token
@ -17,6 +17,16 @@ class Token
$this->secret = $secret;
}
public function getKey()
{
return $this->key;
}
public function getSecret()
{
return $this->secret;
}
/**
* generates the basic string serialization of a token that a server
* would respond to request_token and access_token calls with