Added RequestInterface to make integration easier.
Since now only a RequestInterface is needed instead of a Request object, it becomes easier to use the Server component with a different Request object, such as the Symfony or Zend Framework Request objects. This will now only need a small wrapper, instead of extending and rewriting the existing Request object.
This commit is contained in:
parent
c471cd2b8d
commit
be09ba0216
@ -54,7 +54,7 @@ class HmacSha1 extends SignatureMethod
|
|||||||
*/
|
*/
|
||||||
public function buildSignature(Request $request, Client $client, Token $token = null)
|
public function buildSignature(Request $request, Client $client, Token $token = null)
|
||||||
{
|
{
|
||||||
$base_string = $request->getSignatureBaseString();
|
$base_string = $request->getOAuthSignatureBaseString();
|
||||||
$key = $this->getSignatureKey($client, $token);
|
$key = $this->getSignatureKey($client, $token);
|
||||||
|
|
||||||
return base64_encode(hash_hmac('sha1', $base_string, $key, true));
|
return base64_encode(hash_hmac('sha1', $base_string, $key, true));
|
||||||
|
@ -17,7 +17,7 @@ namespace JacobKiers\OAuth;
|
|||||||
* @package OAuth
|
* @package OAuth
|
||||||
* @author Andy Smith
|
* @author Andy Smith
|
||||||
*/
|
*/
|
||||||
class Request
|
class Request implements RequestInterface
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* HTTP parameters.
|
* HTTP parameters.
|
||||||
@ -241,8 +241,10 @@ class Request
|
|||||||
* The base string defined as the method, the url
|
* The base string defined as the method, the url
|
||||||
* and the parameters (normalized), each urlencoded
|
* and the parameters (normalized), each urlencoded
|
||||||
* and the concated with &.
|
* and the concated with &.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
*/
|
*/
|
||||||
public function getSignatureBaseString()
|
public function getOAuthSignatureBaseString()
|
||||||
{
|
{
|
||||||
$parts = array(
|
$parts = array(
|
||||||
$this->getNormalizedHttpMethod(),
|
$this->getNormalizedHttpMethod(),
|
||||||
@ -397,6 +399,79 @@ class Request
|
|||||||
return $signature_method->buildSignature($this, $client, $token);
|
return $signature_method->buildSignature($this, $client, $token);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function getOAuthCallback()
|
||||||
|
{
|
||||||
|
return $this->getParameter('oauth_callback');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function getOAuthConsumerKey()
|
||||||
|
{
|
||||||
|
return $this->getParameter('oauth_consumer_key');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function getOAuthNonce()
|
||||||
|
{
|
||||||
|
return $this->getParameter('oauth_nonce');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function getOAuthSignature()
|
||||||
|
{
|
||||||
|
return $this->getParameter('oauth_signature');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function getOAuthSignatureMethod()
|
||||||
|
{
|
||||||
|
return $this->getParameter('oauth_signature_method');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function getOAuthTimestamp()
|
||||||
|
{
|
||||||
|
return $this->getParameter('oauth_timestamp');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function getOAuthToken()
|
||||||
|
{
|
||||||
|
return $this->getParameter('oauth_token');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function getOAuthVerifier()
|
||||||
|
{
|
||||||
|
return $this->getParameter('oauth_verifier');
|
||||||
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* {@inheritdoc}
|
||||||
|
*/
|
||||||
|
public function getOAuthVersion()
|
||||||
|
{
|
||||||
|
return $this->getParameter('oauth_version');
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Get current time.
|
* Get current time.
|
||||||
*
|
*
|
||||||
|
97
src/JacobKiers/OAuth/RequestInterface.php
Normal file
97
src/JacobKiers/OAuth/RequestInterface.php
Normal file
@ -0,0 +1,97 @@
|
|||||||
|
<?php
|
||||||
|
/**
|
||||||
|
* OAuth
|
||||||
|
*
|
||||||
|
* @package OAuth
|
||||||
|
* @author Jacob Kiers <jacob@alphacomm.nl>
|
||||||
|
* @license https://raw.github.com/jacobkiers/OAuth/master/LICENSE MIT
|
||||||
|
* @link https://github.com/jacobkiers/OAuth
|
||||||
|
*/
|
||||||
|
|
||||||
|
namespace JacobKiers\OAuth;
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Interface providing the necessary methods to handle an OAuth request.
|
||||||
|
*
|
||||||
|
* @package OAuth
|
||||||
|
* @author Jacob Kiers <jacob@alphacomm.nl>
|
||||||
|
*/
|
||||||
|
interface RequestInterface
|
||||||
|
{
|
||||||
|
/**
|
||||||
|
* Returns the OAuth Callback parameter.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getOAuthCallback();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the Consumer Key.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getOAuthConsumerKey();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the Nonce.
|
||||||
|
*
|
||||||
|
* In combination with the timestamp and the token, the nonce is
|
||||||
|
* used to prevent replay and side-channel attacks.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getOAuthNonce();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the request signature.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getOAuthSignature();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the base string of this request.
|
||||||
|
*
|
||||||
|
* The base string defined as the method, the url
|
||||||
|
* and the parameters (normalized), each urlencoded
|
||||||
|
* and the concated with &.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getOAuthSignatureBaseString();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the signature method with which this signature is signed.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getOAuthSignatureMethod();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the timestamp of the request.
|
||||||
|
*
|
||||||
|
* @return integer
|
||||||
|
*/
|
||||||
|
public function getOAuthTimestamp();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the token.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getOAuthToken();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the verifier.
|
||||||
|
*
|
||||||
|
* @return string
|
||||||
|
*/
|
||||||
|
public function getOAuthVerifier();
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Returns the OAuth version used in this request.
|
||||||
|
*
|
||||||
|
* @var string
|
||||||
|
*/
|
||||||
|
public function getOAuthVersion();
|
||||||
|
}
|
@ -66,7 +66,7 @@ abstract class RsaSha1 extends SignatureMethod
|
|||||||
*/
|
*/
|
||||||
public function buildSignature(Request $request, Client $client, Token $token = null)
|
public function buildSignature(Request $request, Client $client, Token $token = null)
|
||||||
{
|
{
|
||||||
$base_string = $request->getSignatureBaseString();
|
$base_string = $request->getOAuthSignatureBaseString();
|
||||||
|
|
||||||
// Fetch the private key cert based on the request
|
// Fetch the private key cert based on the request
|
||||||
$cert = $this->fetchPrivateCert($request);
|
$cert = $this->fetchPrivateCert($request);
|
||||||
@ -95,7 +95,7 @@ abstract class RsaSha1 extends SignatureMethod
|
|||||||
*/
|
*/
|
||||||
public function checkSignature(Request $request, Client $client, Token $token, $signature)
|
public function checkSignature(Request $request, Client $client, Token $token, $signature)
|
||||||
{
|
{
|
||||||
$base_string = $request->getSignatureBaseString();
|
$base_string = $request->getOAuthSignatureBaseString();
|
||||||
|
|
||||||
$decoded_sig = base64_decode($signature);
|
$decoded_sig = base64_decode($signature);
|
||||||
|
|
||||||
|
@ -77,7 +77,7 @@ class Server
|
|||||||
*
|
*
|
||||||
* Returns the request token on success
|
* Returns the request token on success
|
||||||
*
|
*
|
||||||
* @param JacobKiers\OAuth\Request $request
|
* @param JacobKiers\OAuth\RequestInterface $request
|
||||||
*
|
*
|
||||||
* @return JacobKiers\OAuth\Token
|
* @return JacobKiers\OAuth\Token
|
||||||
*/
|
*/
|
||||||
@ -93,7 +93,7 @@ class Server
|
|||||||
$this->checkSignature($request, $client, $token);
|
$this->checkSignature($request, $client, $token);
|
||||||
|
|
||||||
// Rev A change
|
// Rev A change
|
||||||
$callback = $request->getParameter('oauth_callback');
|
$callback = $request->getOAuthCallback();
|
||||||
|
|
||||||
return $this->data_store->newRequestToken($client, $callback);
|
return $this->data_store->newRequestToken($client, $callback);
|
||||||
}
|
}
|
||||||
@ -103,7 +103,7 @@ class Server
|
|||||||
*
|
*
|
||||||
* Returns the access token on success.
|
* Returns the access token on success.
|
||||||
*
|
*
|
||||||
* @param JacobKiers\OAuth\Request $request
|
* @param JacobKiers\OAuth\RequestInterface $request
|
||||||
*
|
*
|
||||||
* @return JacobKiers\OAuth\Token
|
* @return JacobKiers\OAuth\Token
|
||||||
*/
|
*/
|
||||||
@ -119,7 +119,7 @@ class Server
|
|||||||
$this->checkSignature($request, $client, $token);
|
$this->checkSignature($request, $client, $token);
|
||||||
|
|
||||||
// Rev A change
|
// Rev A change
|
||||||
$verifier = $request->getParameter('oauth_verifier');
|
$verifier = $request->getOAuthVerifier();
|
||||||
|
|
||||||
return $this->data_store->newAccessToken($token, $client, $verifier);
|
return $this->data_store->newAccessToken($token, $client, $verifier);
|
||||||
}
|
}
|
||||||
@ -127,7 +127,7 @@ class Server
|
|||||||
/**
|
/**
|
||||||
* Verify an api call, checks all the parameters.
|
* Verify an api call, checks all the parameters.
|
||||||
*
|
*
|
||||||
* @param JacobKiers\OAuth\Request $request
|
* @param JacobKiers\OAuth\RequestInterface $request
|
||||||
*
|
*
|
||||||
* @return array Client and Token
|
* @return array Client and Token
|
||||||
*/
|
*/
|
||||||
@ -145,7 +145,7 @@ class Server
|
|||||||
/**
|
/**
|
||||||
* Check that version is 1.0.
|
* Check that version is 1.0.
|
||||||
*
|
*
|
||||||
* @param JacobKiers\OAuth\Request $request
|
* @param JacobKiers\OAuth\RequestInterface $request
|
||||||
*
|
*
|
||||||
* @return string
|
* @return string
|
||||||
*
|
*
|
||||||
@ -153,7 +153,7 @@ class Server
|
|||||||
*/
|
*/
|
||||||
private function getVersion(Request &$request)
|
private function getVersion(Request &$request)
|
||||||
{
|
{
|
||||||
$version = $request->getParameter('oauth_version');
|
$version = $request->getOAuthVersion();
|
||||||
if (!$version) {
|
if (!$version) {
|
||||||
// Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present.
|
// Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present.
|
||||||
// Chapter 7.0 ("Accessing Protected Ressources")
|
// Chapter 7.0 ("Accessing Protected Ressources")
|
||||||
@ -168,15 +168,15 @@ class Server
|
|||||||
/**
|
/**
|
||||||
* Get the signature method name, and if it is supported.
|
* Get the signature method name, and if it is supported.
|
||||||
*
|
*
|
||||||
* @param JacobKiers\OAuth\Request $request
|
* @param JacobKiers\OAuth\RequestInterface $request
|
||||||
*
|
*
|
||||||
* @return string Signature method name.
|
* @return string Signature method name.
|
||||||
*
|
*
|
||||||
* @throws JacobKiers\OAuth\OAuthException
|
* @throws JacobKiers\OAuth\OAuthException
|
||||||
*/
|
*/
|
||||||
private function getSignatureMethod(Request $request)
|
private function getSignatureMethod(RequestInterface $request)
|
||||||
{
|
{
|
||||||
$signature_method = $request instanceof Request ? $request->getParameter('oauth_signature_method') : null;
|
$signature_method = $request instanceof Request ? $request->getOAuthSignatureMethod() : null;
|
||||||
|
|
||||||
if (!$signature_method) {
|
if (!$signature_method) {
|
||||||
// According to chapter 7 ("Accessing Protected Resources") the signature-method
|
// According to chapter 7 ("Accessing Protected Resources") the signature-method
|
||||||
@ -196,15 +196,15 @@ class Server
|
|||||||
/**
|
/**
|
||||||
* Try to find the client for the provided request's client key.
|
* Try to find the client for the provided request's client key.
|
||||||
*
|
*
|
||||||
* @param JacobKiers\OAuth\Request $request
|
* @param JacobKiers\OAuth\RequestInterface $request
|
||||||
*
|
*
|
||||||
* @return JacobKiers\OAuth\Client
|
* @return JacobKiers\OAuth\Client
|
||||||
*
|
*
|
||||||
* @throws JacobKiers\OAuth\OAuthException
|
* @throws JacobKiers\OAuth\OAuthException
|
||||||
*/
|
*/
|
||||||
private function getClient(Request $request)
|
private function getClient(RequestInterface $request)
|
||||||
{
|
{
|
||||||
$client_key = $request instanceof Request ? $request->getParameter('oauth_consumer_key') : null;
|
$client_key = $request instanceof Request ? $request->getOAuthConsumerKey() : null;
|
||||||
|
|
||||||
if (!$client_key) {
|
if (!$client_key) {
|
||||||
throw new OAuthException('Invalid client key');
|
throw new OAuthException('Invalid client key');
|
||||||
@ -221,7 +221,7 @@ class Server
|
|||||||
/**
|
/**
|
||||||
* Try to find the token for the provided request's token key.
|
* Try to find the token for the provided request's token key.
|
||||||
*
|
*
|
||||||
* @param JacobKiers\OAuth\Request $request
|
* @param JacobKiers\OAuth\RequestInterface $request
|
||||||
* @param JacobKiers\OAuth\Client $client
|
* @param JacobKiers\OAuth\Client $client
|
||||||
* @param string $token_type
|
* @param string $token_type
|
||||||
*
|
*
|
||||||
@ -229,9 +229,9 @@ class Server
|
|||||||
*
|
*
|
||||||
* @throws JacobKiers\OAuth\OAuthException
|
* @throws JacobKiers\OAuth\OAuthException
|
||||||
*/
|
*/
|
||||||
private function getToken(Request $request, Client $client, $token_type = 'access')
|
private function getToken(RequestInterface $request, Client $client, $token_type = 'access')
|
||||||
{
|
{
|
||||||
$token_field = $request instanceof Request ? $request->getParameter('oauth_token') : null;
|
$token_field = $request instanceof Request ? $request->getOAuthToken() : null;
|
||||||
|
|
||||||
$token = $this->data_store->lookupToken($client, $token_type, $token_field);
|
$token = $this->data_store->lookupToken($client, $token_type, $token_field);
|
||||||
if (!$token) {
|
if (!$token) {
|
||||||
@ -245,24 +245,24 @@ class Server
|
|||||||
*
|
*
|
||||||
* Should determine the signature method appropriately
|
* Should determine the signature method appropriately
|
||||||
*
|
*
|
||||||
* @param JacobKiers\OAuth\Request $request
|
* @param JacobKiers\OAuth\RequestInterface $request
|
||||||
* @param JacobKiers\OAuth\Client $client
|
* @param JacobKiers\OAuth\Client $client
|
||||||
* @param JacobKiers\OAuth\Token $token
|
* @param JacobKiers\OAuth\Token $token
|
||||||
*
|
*
|
||||||
* @throws JacobKiers\OAuth\OAuthException
|
* @throws JacobKiers\OAuth\OAuthException
|
||||||
*/
|
*/
|
||||||
private function checkSignature(Request $request, Client $client, Token $token)
|
private function checkSignature(RequestInterface $request, Client $client, Token $token)
|
||||||
{
|
{
|
||||||
// this should probably be in a different method
|
// this should probably be in a different method
|
||||||
$timestamp = $request instanceof Request ? $request->getParameter('oauth_timestamp') : null;
|
$timestamp = $request instanceof Request ? $request->getOAuthTimestamp() : null;
|
||||||
$nonce = $request instanceof Request ? $request->getParameter('oauth_nonce') : null;
|
$nonce = $request instanceof Request ? $request->getOAuthNonce() : null;
|
||||||
|
|
||||||
$this->checkTimestamp($timestamp);
|
$this->checkTimestamp($timestamp);
|
||||||
$this->checkNonce($client, $token, $nonce, $timestamp);
|
$this->checkNonce($client, $token, $nonce, $timestamp);
|
||||||
|
|
||||||
$signature_method = $this->getSignatureMethod($request);
|
$signature_method = $this->getSignatureMethod($request);
|
||||||
|
|
||||||
$signature = $request->getParameter('oauth_signature');
|
$signature = $request->getOAuthSignature();
|
||||||
$valid_sig = $signature_method->checkSignature($request, $client, $token, $signature);
|
$valid_sig = $signature_method->checkSignature($request, $client, $token, $signature);
|
||||||
|
|
||||||
if (!$valid_sig) {
|
if (!$valid_sig) {
|
||||||
|
@ -57,7 +57,7 @@ class HmacSha1Test extends PHPUnit_Framework_TestCase
|
|||||||
private function getRequest()
|
private function getRequest()
|
||||||
{
|
{
|
||||||
return m::mock('JacobKiers\OAuth\Request', function ($mock) {
|
return m::mock('JacobKiers\OAuth\Request', function ($mock) {
|
||||||
$mock->shouldReceive('getSignatureBaseString')
|
$mock->shouldReceive('getOAuthSignatureBaseString')
|
||||||
->withNoArgs()
|
->withNoArgs()
|
||||||
->andReturn('POST&http%3A%2F%2Fexample.com%2Ffoobar&oauth_signature_method%3DHMAC-SHA1')->once();
|
->andReturn('POST&http%3A%2F%2Fexample.com%2Ffoobar&oauth_signature_method%3DHMAC-SHA1')->once();
|
||||||
});
|
});
|
||||||
|
Loading…
Reference in New Issue
Block a user