diff --git a/src/GaryJones/OAuth/Consumer.php b/src/GaryJones/OAuth/Client.php similarity index 50% rename from src/GaryJones/OAuth/Consumer.php rename to src/GaryJones/OAuth/Client.php index 19a30d0..8634c65 100644 --- a/src/GaryJones/OAuth/Consumer.php +++ b/src/GaryJones/OAuth/Client.php @@ -1,10 +1,10 @@ callback_url = $callback_url; } + public function getKey() + { + return $this->key; + } + + public function getSecret() + { + return $this->secret; + } + public function __toString() { - return "OAuthConsumer[key=$this->key,secret=$this->secret]"; + return "OAuthClient[key=$this->key,secret=$this->secret]"; } } diff --git a/src/GaryJones/OAuth/HmacSha1.php b/src/GaryJones/OAuth/HmacSha1.php index 3978dfb..8cf67c9 100644 --- a/src/GaryJones/OAuth/HmacSha1.php +++ b/src/GaryJones/OAuth/HmacSha1.php @@ -15,14 +15,14 @@ class HmacSha1 extends SignatureMethod return 'HMAC-SHA1'; } - public function buildSignature($request, $consumer, $token) + public function buildSignature($request, $client, $token) { $base_string = $request->getSignatureBaseString(); $request->base_string = $base_string; $key_parts = array( - $consumer->secret, - ($token) ? $token->secret : '' + $client->getSecret(), + ($token) ? $token->getSecret() : '' ); $key_parts = Util::urlencodeRfc3986($key_parts); diff --git a/src/GaryJones/OAuth/OAuthDataStore.php b/src/GaryJones/OAuth/OAuthDataStore.php index 3cbaafc..3d2c044 100644 --- a/src/GaryJones/OAuth/OAuthDataStore.php +++ b/src/GaryJones/OAuth/OAuthDataStore.php @@ -12,28 +12,28 @@ interface OAuthDataStore /** * - * @param type $consumer + * @param type $client * @param type $token_type * @param type $token */ - public function lookupToken($consumer, $token_type, $token); + public function lookupToken($client, $token_type, $token); /** * - * @param type $consumer + * @param type $client * @param type $token * @param type $nonce * @param type $timestamp */ - public function lookupNonce($consumer, $token, $nonce, $timestamp); + public function lookupNonce($client, $token, $nonce, $timestamp); /** * Return a new token attached to this consumer. * - * @param type $consumer + * @param type $client * @param type $callback */ - public function newRequestToken($consumer, $callback = null); + public function newRequestToken($client, $callback = null); /** * Return a new access token attached to this consumer for the user @@ -42,8 +42,8 @@ interface OAuthDataStore * Should also invalidate the request token. * * @param type $token - * @param type $consumer + * @param type $client * @param type $verifier */ - public function newAccessToken($token, $consumer, $verifier = null); + public function newAccessToken($token, $client, $verifier = null); } diff --git a/src/GaryJones/OAuth/OAuthRequest.php b/src/GaryJones/OAuth/OAuthRequest.php index 37391ae..ea9eec9 100644 --- a/src/GaryJones/OAuth/OAuthRequest.php +++ b/src/GaryJones/OAuth/OAuthRequest.php @@ -72,15 +72,15 @@ class OAuthRequest /** * pretty much a helper function to set up the request */ - public static function fromConsumerAndToken($consumer, $token, $http_method, $http_url, $parameters = null) + public static function fromClientAndToken($client, $token, $http_method, $http_url, $parameters = null) { $parameters = ($parameters) ? $parameters : array(); $defaults = array("oauth_version" => OAuthRequest::$version, "oauth_nonce" => OAuthRequest::generateNonce(), "oauth_timestamp" => OAuthRequest::generateTimestamp(), - "oauth_consumer_key" => $consumer->key); + "oauth_consumer_key" => $client->getKey()); if ($token) { - $defaults['oauth_token'] = $token->key; + $defaults['oauth_token'] = $token->getKey(); } $parameters = array_merge($defaults, $parameters); @@ -250,16 +250,16 @@ class OAuthRequest return $this->toUrl(); } - public function signRequest($signature_method, $consumer, $token) + public function signRequest($signature_method, $client, $token) { $this->setParameter('oauth_signature_method', $signature_method->getName(), false); - $signature = $this->buildSignature($signature_method, $consumer, $token); + $signature = $this->buildSignature($signature_method, $client, $token); $this->setParameter('oauth_signature', $signature, false); } - public function buildSignature($signature_method, $consumer, $token) + public function buildSignature($signature_method, $client, $token) { - $signature = $signature_method->buildSignature($this, $consumer, $token); + $signature = $signature_method->buildSignature($this, $client, $token); return $signature; } diff --git a/src/GaryJones/OAuth/OAuthServer.php b/src/GaryJones/OAuth/OAuthServer.php index 326d668..b0a46d7 100644 --- a/src/GaryJones/OAuth/OAuthServer.php +++ b/src/GaryJones/OAuth/OAuthServer.php @@ -29,16 +29,16 @@ class OAuthServer { $this->getVersion($request); - $consumer = $this->getConsumer($request); + $client = $this->getClient($request); // no token required for the initial token request $token = null; - $this->checkSignature($request, $consumer, $token); + $this->checkSignature($request, $client, $token); // Rev A change $callback = $request->getParameter('oauth_callback'); - $new_token = $this->data_store->newRequestToken($consumer, $callback); + $new_token = $this->data_store->newRequestToken($client, $callback); return $new_token; } @@ -51,16 +51,16 @@ class OAuthServer { $this->getVersion($request); - $consumer = $this->getConsumer($request); + $client = $this->getClient($request); // requires authorized request token - $token = $this->getToken($request, $consumer, 'request'); + $token = $this->getToken($request, $client, 'request'); - $this->checkSignature($request, $consumer, $token); + $this->checkSignature($request, $client, $token); // Rev A change $verifier = $request->getParameter('oauth_verifier'); - $new_token = $this->data_store->newAccessToken($token, $consumer, $verifier); + $new_token = $this->data_store->newAccessToken($token, $client, $verifier); return $new_token; } @@ -71,10 +71,10 @@ class OAuthServer public function verifyRequest(&$request) { $this->getVersion($request); - $consumer = $this->getConsumer($request); - $token = $this->getToken($request, $consumer, 'access'); - $this->checkSignature($request, $consumer, $token); - return array($consumer, $token); + $client = $this->getClient($request); + $token = $this->getToken($request, $client, 'access'); + $this->checkSignature($request, $client, $token); + return array($client, $token); } // Internals from here @@ -118,32 +118,32 @@ class OAuthServer } /** - * try to find the consumer for the provided request's consumer key + * try to find the client for the provided request's client key */ - private function getConsumer($request) + private function getClient($request) { - $consumer_key = $request instanceof OAuthRequest ? $request->getParameter('oauth_consumer_key') : null; + $client_key = $request instanceof OAuthRequest ? $request->getParameter('oauth_consumer_key') : null; - if (!$consumer_key) { - throw new OAuthException('Invalid consumer key'); + if (!$client_key) { + throw new OAuthException('Invalid client key'); } - $consumer = $this->data_store->lookupClient($consumer_key); - if (!$consumer) { - throw new OAuthException('Invalid consumer'); + $client = $this->data_store->lookupClient($client_key); + if (!$client) { + throw new OAuthException('Invalid client'); } - return $consumer; + return $client; } /** * try to find the token for the provided request's token key */ - private function getToken($request, $consumer, $token_type = 'access') + private function getToken($request, $client, $token_type = 'access') { $token_field = $request instanceof OAuthRequest ? $request->getParameter('oauth_token') : null; - $token = $this->data_store->lookupToken($consumer, $token_type, $token_field); + $token = $this->data_store->lookupToken($client, $token_type, $token_field); if (!$token) { throw new OAuthException("Invalid $token_type token: $token_field"); } @@ -154,19 +154,19 @@ class OAuthServer * all-in-one function to check the signature on a request * should guess the signature method appropriately */ - private function checkSignature($request, $consumer, $token) + private function checkSignature($request, $client, $token) { // this should probably be in a different method $timestamp = $request instanceof OAuthRequest ? $request->getParameter('oauth_timestamp') : null; $nonce = $request instanceof OAuthRequest ? $request->getParameter('oauth_nonce') : null; $this->checkTimestamp($timestamp); - $this->checkNonce($consumer, $token, $nonce, $timestamp); + $this->checkNonce($client, $token, $nonce, $timestamp); $signature_method = $this->getSignatureMethod($request); $signature = $request->getParameter('oauth_signature'); - $valid_sig = $signature_method->checkSignature($request, $consumer, $token, $signature); + $valid_sig = $signature_method->checkSignature($request, $client, $token, $signature); if (!$valid_sig) { throw new OAuthException('Invalid signature'); @@ -192,14 +192,14 @@ class OAuthServer /** * check that the nonce is not repeated */ - private function checkNonce($consumer, $token, $nonce, $timestamp) + private function checkNonce($client, $token, $nonce, $timestamp) { if (!$nonce) { throw new OAuthException('Missing nonce parameter. The parameter is required'); } // verify that the nonce is uniqueish - $found = $this->data_store->lookupNonce($consumer, $token, $nonce, $timestamp); + $found = $this->data_store->lookupNonce($client, $token, $nonce, $timestamp); if ($found) { throw new OAuthException('Nonce already used: ' . $nonce); } diff --git a/src/GaryJones/OAuth/PlainText.php b/src/GaryJones/OAuth/PlainText.php index ceb8be3..dea18e1 100644 --- a/src/GaryJones/OAuth/PlainText.php +++ b/src/GaryJones/OAuth/PlainText.php @@ -14,7 +14,7 @@ class PlainText extends SignatureMethod } /** - * oauth_signature is set to the concatenated encoded values of the Consumer Secret and + * oauth_signature is set to the concatenated encoded values of the Client Secret and * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is * empty. The result MUST be encoded again. * - Chapter 9.4.1 ("Generating Signatures") @@ -22,11 +22,11 @@ class PlainText extends SignatureMethod * Please note that the second encoding MUST NOT happen in the SignatureMethod, as * OAuthRequest handles this! */ - public function buildSignature($request, $consumer, $token) + public function buildSignature($request, $client, $token) { $key_parts = array( - $consumer->secret, - ($token) ? $token->secret : '' + $client->getSecret(), + ($token) ? $token->getSecret() : '' ); $key_parts = Util::urlencodeRfc3986($key_parts); diff --git a/src/GaryJones/OAuth/RsaSha1.php b/src/GaryJones/OAuth/RsaSha1.php index 7153413..5c3b67b 100644 --- a/src/GaryJones/OAuth/RsaSha1.php +++ b/src/GaryJones/OAuth/RsaSha1.php @@ -4,7 +4,7 @@ namespace GaryJones\OAuth; /** * The RSA-SHA1 signature method uses the RSASSA-PKCS1-v1_5 signature algorithm as defined in * [RFC3447] section 8.2 (more simply known as PKCS#1), using SHA-1 as the hash function for - * EMSA-PKCS1-v1_5. It is assumed that the Consumer has provided its RSA public key in a + * EMSA-PKCS1-v1_5. It is assumed that the Client has provided its RSA public key in a * verified way to the Service Provider, in a manner which is beyond the scope of this * specification. * - Chapter 9.3 ("RSA-SHA1") @@ -17,7 +17,7 @@ abstract class RsaSha1 extends SignatureMethod } // Up to the SP to implement this lookup of keys. Possible ideas are: - // (1) do a lookup in a table of trusted certs keyed off of consumer + // (1) do a lookup in a table of trusted certs keyed off of client // (2) fetch via http using a url provided by the requester // (3) some sort of specific discovery code based on request // @@ -25,12 +25,12 @@ abstract class RsaSha1 extends SignatureMethod abstract protected function fetchPublicCert(&$request); // Up to the SP to implement this lookup of keys. Possible ideas are: - // (1) do a lookup in a table of trusted certs keyed off of consumer + // (1) do a lookup in a table of trusted certs keyed off of client // // Either way should return a string representation of the certificate abstract protected function fetchPrivateCert(&$request); - public function buildSignature($request, $consumer, $token) + public function buildSignature($request, $client, $token) { $base_string = $request->getSignatureBaseString(); $request->base_string = $base_string; @@ -50,7 +50,7 @@ abstract class RsaSha1 extends SignatureMethod return base64_encode($signature); } - public function checkSignature($request, $consumer, $token, $signature) + public function checkSignature($request, $client, $token, $signature) { $decoded_sig = base64_decode($signature); diff --git a/src/GaryJones/OAuth/SignatureMethod.php b/src/GaryJones/OAuth/SignatureMethod.php index 8ef4522..0843b8e 100644 --- a/src/GaryJones/OAuth/SignatureMethod.php +++ b/src/GaryJones/OAuth/SignatureMethod.php @@ -14,28 +14,31 @@ abstract class SignatureMethod abstract public function getName(); /** - * Build up the signature + * Build up the signature. + * * NOTE: The output of this function MUST NOT be urlencoded. * the encoding is handled in OAuthRequest when the final - * request is serialized - * @param OAuthRequest $request - * @param OAuthConsumer $consumer - * @param OAuthToken $token + * request is serialized. + * + * @param GaryJones\OAuth\OAuthRequest $request + * @param GaryJones\OAuth\Client $client + * @param GaryJones\OAuth\Token $token * @return string */ - abstract public function buildSignature($request, $consumer, $token); + abstract public function buildSignature($request, $client, $token); /** - * Verifies that a given signature is correct - * @param OAuthRequest $request - * @param OAuthConsumer $consumer - * @param OAuthToken $token + * Verifies that a given signature is correct. + * + * @param GaryJones\OAuth\OAuthRequest $request + * @param GaryJones\OAuth\Consumer $client + * @param GaryJones\OAuth\Token $token * @param string $signature * @return bool */ - public function checkSignature($request, $consumer, $token, $signature) + public function checkSignature($request, $client, $token, $signature) { - $built = $this->buildSignature($request, $consumer, $token); + $built = $this->buildSignature($request, $client, $token); return $built == $signature; } } diff --git a/src/GaryJones/OAuth/Token.php b/src/GaryJones/OAuth/Token.php index 3701e36..a24a416 100644 --- a/src/GaryJones/OAuth/Token.php +++ b/src/GaryJones/OAuth/Token.php @@ -4,8 +4,8 @@ namespace GaryJones\OAuth; class Token { // access tokens and request tokens - public $key; - public $secret; + protected $key; + protected $secret; /** * key = the token @@ -17,6 +17,16 @@ class Token $this->secret = $secret; } + public function getKey() + { + return $this->key; + } + + public function getSecret() + { + return $this->secret; + } + /** * generates the basic string serialization of a token that a server * would respond to request_token and access_token calls with