Compare commits
22 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
935c1f7709 | ||
|
|
79300e5a58 | ||
|
|
9d2d8b0c1e | ||
|
|
15df1e0e0d | ||
|
|
b37f971fd7 | ||
|
|
b24d52eb34 | ||
|
|
e3aea01134 | ||
|
|
663f81f35b | ||
|
|
6a15224e34 | ||
|
|
c434283f5f | ||
|
|
815a86af6e | ||
|
|
26a92abbdc | ||
|
|
2feec37a98 | ||
|
|
17ca454bb8 | ||
|
|
4344315960 | ||
|
|
0849d47418 | ||
|
|
b1cea0857a | ||
|
|
9d62ccdb86 | ||
|
|
0efb3a5dfa | ||
|
|
9cc377d653 | ||
|
|
67680e1564 | ||
|
|
2187cd8b44 |
4
.gitignore
vendored
Normal file
4
.gitignore
vendored
Normal file
@@ -0,0 +1,4 @@
|
||||
*.swp
|
||||
composer.phar
|
||||
composer.lock
|
||||
vendor
|
||||
9
.travis.yml
Normal file
9
.travis.yml
Normal file
@@ -0,0 +1,9 @@
|
||||
language: php
|
||||
|
||||
php:
|
||||
- 5.3
|
||||
- 5.4
|
||||
|
||||
before_script:
|
||||
- wget -c http://getcomposer.org/composer.phar
|
||||
- php composer.phar install
|
||||
@@ -1,3 +1,3 @@
|
||||
#OAuth 1 PHP Library
|
||||
#OAuth 1 PHP Library[](http://travis-ci.org/EHER/OAuth)
|
||||
|
||||
Based on [Andy Smith's](http://term.ie/) [basic php library](http://oauth.googlecode.com/svn/code/php/) for OAuth.
|
||||
|
||||
@@ -1,18 +1,17 @@
|
||||
{
|
||||
"name": "Eher/OAuth",
|
||||
"name": "eher/oauth",
|
||||
"type": "library",
|
||||
"license": "BSD-3-Clause",
|
||||
"description": "OAuth 1 PHP Library",
|
||||
"keywords": ["oauth"],
|
||||
"homepage": "https://github.com/EHER/OAuth",
|
||||
"psr-0": {
|
||||
"OAuth": "src/"
|
||||
},
|
||||
"authors":
|
||||
{
|
||||
"name": "Andy Smith",
|
||||
"homepage": "http://term.ie/"
|
||||
},
|
||||
"require": {
|
||||
"php": ">=5.3.0"
|
||||
},
|
||||
"autoload": {
|
||||
"psr-0": {
|
||||
"Eher\\OAuth": "src"
|
||||
}
|
||||
},
|
||||
"require-dev": {
|
||||
"eher/phpunit": "1.6"
|
||||
}
|
||||
}
|
||||
|
||||
7
phpunit.xml.dist
Normal file
7
phpunit.xml.dist
Normal file
@@ -0,0 +1,7 @@
|
||||
<phpunit bootstrap="vendor/autoload.php" colors="true">
|
||||
<testsuites>
|
||||
<testsuite name="Test Suite">
|
||||
<directory>test</directory>
|
||||
</testsuite>
|
||||
</testsuites>
|
||||
</phpunit>
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
namespace Eher\OAuth;
|
||||
|
||||
class OAuthConsumer {
|
||||
class Consumer {
|
||||
public $key;
|
||||
public $secret;
|
||||
|
||||
@@ -13,7 +13,7 @@ function __construct($key, $secret, $callback_url=NULL) {
|
||||
}
|
||||
|
||||
function __toString() {
|
||||
return "OAuthConsumer[key=$this->key,secret=$this->secret]";
|
||||
return "Consumer[key=$this->key,secret=$this->secret]";
|
||||
}
|
||||
}
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
namespace Eher\OAuth\SignatureMethod;
|
||||
namespace Eher\OAuth;
|
||||
|
||||
/**
|
||||
* The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104]
|
||||
@@ -23,7 +23,7 @@ public function build_signature($request, $consumer, $token) {
|
||||
($token) ? $token->secret : ""
|
||||
);
|
||||
|
||||
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
|
||||
$key_parts = Util::urlencode_rfc3986($key_parts);
|
||||
$key = implode('&', $key_parts);
|
||||
|
||||
return base64_encode(hash_hmac('sha1', $base_string, $key, true));
|
||||
@@ -94,7 +94,7 @@ private function get_version(&$request) {
|
||||
* figure out the signature with some defaults
|
||||
*/
|
||||
private function get_signature_method($request) {
|
||||
$signature_method = $request instanceof OAuthRequest
|
||||
$signature_method = $request instanceof Request
|
||||
? $request->get_parameter("oauth_signature_method")
|
||||
: NULL;
|
||||
|
||||
@@ -119,7 +119,7 @@ private function get_signature_method($request) {
|
||||
* try to find the consumer for the provided request's consumer key
|
||||
*/
|
||||
private function get_consumer($request) {
|
||||
$consumer_key = $request instanceof OAuthRequest
|
||||
$consumer_key = $request instanceof Request
|
||||
? $request->get_parameter("oauth_consumer_key")
|
||||
: NULL;
|
||||
|
||||
@@ -139,7 +139,7 @@ private function get_consumer($request) {
|
||||
* try to find the token for the provided request's token key
|
||||
*/
|
||||
private function get_token($request, $consumer, $token_type="access") {
|
||||
$token_field = $request instanceof OAuthRequest
|
||||
$token_field = $request instanceof Request
|
||||
? $request->get_parameter('oauth_token')
|
||||
: NULL;
|
||||
|
||||
@@ -158,10 +158,10 @@ private function get_token($request, $consumer, $token_type="access") {
|
||||
*/
|
||||
private function check_signature($request, $consumer, $token) {
|
||||
// this should probably be in a different method
|
||||
$timestamp = $request instanceof OAuthRequest
|
||||
$timestamp = $request instanceof Request
|
||||
? $request->get_parameter('oauth_timestamp')
|
||||
: NULL;
|
||||
$nonce = $request instanceof OAuthRequest
|
||||
$nonce = $request instanceof Request
|
||||
? $request->get_parameter('oauth_nonce')
|
||||
: NULL;
|
||||
|
||||
@@ -175,7 +175,7 @@ private function check_signature($request, $consumer, $token) {
|
||||
$request,
|
||||
$consumer,
|
||||
$token,
|
||||
$signature
|
||||
Util::urldecode_rfc3986($signature)
|
||||
);
|
||||
|
||||
if (!$valid_sig) {
|
||||
|
||||
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
namespace Eher\OAuth\SignatureMethod;
|
||||
namespace Eher\OAuth;
|
||||
|
||||
/**
|
||||
* The PLAINTEXT method does not provide any security protection and SHOULD only be used
|
||||
@@ -19,7 +19,7 @@ public function get_name() {
|
||||
* - Chapter 9.4.1 ("Generating Signatures")
|
||||
*
|
||||
* Please note that the second encoding MUST NOT happen in the SignatureMethod, as
|
||||
* OAuthRequest handles this!
|
||||
* Request handles this!
|
||||
*/
|
||||
public function build_signature($request, $consumer, $token) {
|
||||
$key_parts = array(
|
||||
@@ -27,7 +27,7 @@ public function build_signature($request, $consumer, $token) {
|
||||
($token) ? $token->secret : ""
|
||||
);
|
||||
|
||||
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
|
||||
$key_parts = Util::urlencode_rfc3986($key_parts);
|
||||
$key = implode('&', $key_parts);
|
||||
$request->base_string = $key;
|
||||
|
||||
@@ -2,7 +2,7 @@
|
||||
|
||||
namespace Eher\OAuth;
|
||||
|
||||
class OAuthRequest {
|
||||
class Request {
|
||||
protected $parameters;
|
||||
protected $http_method;
|
||||
protected $http_url;
|
||||
@@ -13,7 +13,7 @@ class OAuthRequest {
|
||||
|
||||
function __construct($http_method, $http_url, $parameters=NULL) {
|
||||
$parameters = ($parameters) ? $parameters : array();
|
||||
$parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
|
||||
$parameters = array_merge( Util::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
|
||||
$this->parameters = $parameters;
|
||||
$this->http_method = $http_method;
|
||||
$this->http_url = $http_url;
|
||||
@@ -40,10 +40,10 @@ public static function from_request($http_method=NULL, $http_url=NULL, $paramete
|
||||
// parsed parameter-list
|
||||
if (!$parameters) {
|
||||
// Find request headers
|
||||
$request_headers = OAuthUtil::get_headers();
|
||||
$request_headers = Util::get_headers();
|
||||
|
||||
// Parse the query-string to find GET parameters
|
||||
$parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
|
||||
$parameters = Util::parse_parameters($_SERVER['QUERY_STRING']);
|
||||
|
||||
// It's a POST request of the proper content-type, so parse POST
|
||||
// parameters and add those overriding any duplicates from GET
|
||||
@@ -52,7 +52,7 @@ public static function from_request($http_method=NULL, $http_url=NULL, $paramete
|
||||
&& strstr($request_headers['Content-Type'],
|
||||
'application/x-www-form-urlencoded')
|
||||
) {
|
||||
$post_data = OAuthUtil::parse_parameters(
|
||||
$post_data = Util::parse_parameters(
|
||||
file_get_contents(self::$POST_INPUT)
|
||||
);
|
||||
$parameters = array_merge($parameters, $post_data);
|
||||
@@ -61,7 +61,7 @@ public static function from_request($http_method=NULL, $http_url=NULL, $paramete
|
||||
// We have a Authorization-header with OAuth data. Parse the header
|
||||
// and add those overriding any duplicates from GET or POST
|
||||
if (isset($request_headers['Authorization']) && substr($request_headers['Authorization'], 0, 6) == 'OAuth ') {
|
||||
$header_parameters = OAuthUtil::split_header(
|
||||
$header_parameters = Util::split_header(
|
||||
$request_headers['Authorization']
|
||||
);
|
||||
$parameters = array_merge($parameters, $header_parameters);
|
||||
@@ -69,7 +69,7 @@ public static function from_request($http_method=NULL, $http_url=NULL, $paramete
|
||||
|
||||
}
|
||||
|
||||
return new OAuthRequest($http_method, $http_url, $parameters);
|
||||
return new Request($http_method, $http_url, $parameters);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -77,16 +77,16 @@ public static function from_request($http_method=NULL, $http_url=NULL, $paramete
|
||||
*/
|
||||
public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
|
||||
$parameters = ($parameters) ? $parameters : array();
|
||||
$defaults = array("oauth_version" => OAuthRequest::$version,
|
||||
"oauth_nonce" => OAuthRequest::generate_nonce(),
|
||||
"oauth_timestamp" => OAuthRequest::generate_timestamp(),
|
||||
$defaults = array("oauth_version" => Request::$version,
|
||||
"oauth_nonce" => Request::generate_nonce(),
|
||||
"oauth_timestamp" => Request::generate_timestamp(),
|
||||
"oauth_consumer_key" => $consumer->key);
|
||||
if ($token)
|
||||
$defaults['oauth_token'] = $token->key;
|
||||
|
||||
$parameters = array_merge($defaults, $parameters);
|
||||
|
||||
return new OAuthRequest($http_method, $http_url, $parameters);
|
||||
return new Request($http_method, $http_url, $parameters);
|
||||
}
|
||||
|
||||
public function set_parameter($name, $value, $allow_duplicates = true) {
|
||||
@@ -130,7 +130,7 @@ public function get_signable_parameters() {
|
||||
unset($params['oauth_signature']);
|
||||
}
|
||||
|
||||
return OAuthUtil::build_http_query($params);
|
||||
return Util::build_http_query($params);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -147,7 +147,7 @@ public function get_signature_base_string() {
|
||||
$this->get_signable_parameters()
|
||||
);
|
||||
|
||||
$parts = OAuthUtil::urlencode_rfc3986($parts);
|
||||
$parts = Util::urlencode_rfc3986($parts);
|
||||
|
||||
return implode('&', $parts);
|
||||
}
|
||||
@@ -194,7 +194,7 @@ public function to_url() {
|
||||
* builds the data one would send in a POST request
|
||||
*/
|
||||
public function to_postdata() {
|
||||
return OAuthUtil::build_http_query($this->parameters);
|
||||
return Util::build_http_query($this->parameters);
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -203,7 +203,7 @@ public function to_postdata() {
|
||||
public function to_header($realm=null) {
|
||||
$first = true;
|
||||
if($realm) {
|
||||
$out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"';
|
||||
$out = 'Authorization: OAuth realm="' . Util::urlencode_rfc3986($realm) . '"';
|
||||
$first = false;
|
||||
} else
|
||||
$out = 'Authorization: OAuth';
|
||||
@@ -215,9 +215,9 @@ public function to_header($realm=null) {
|
||||
throw new OAuthException('Arrays not supported in headers');
|
||||
}
|
||||
$out .= ($first) ? ' ' : ',';
|
||||
$out .= OAuthUtil::urlencode_rfc3986($k) .
|
||||
$out .= Util::urlencode_rfc3986($k) .
|
||||
'="' .
|
||||
OAuthUtil::urlencode_rfc3986($v) .
|
||||
Util::urlencode_rfc3986($v) .
|
||||
'"';
|
||||
$first = false;
|
||||
}
|
||||
@@ -1,6 +1,6 @@
|
||||
<?php
|
||||
|
||||
namespace Eher\OAuth\SignatureMethod;
|
||||
namespace Eher\OAuth;
|
||||
|
||||
/**
|
||||
* A class for implementing a Signature Method
|
||||
@@ -16,10 +16,10 @@ abstract public function get_name();
|
||||
/**
|
||||
* Build up the signature
|
||||
* NOTE: The output of this function MUST NOT be urlencoded.
|
||||
* the encoding is handled in OAuthRequest when the final
|
||||
* the encoding is handled in Request when the final
|
||||
* request is serialized
|
||||
* @param OAuthRequest $request
|
||||
* @param OAuthConsumer $consumer
|
||||
* @param Request $request
|
||||
* @param Consumer $consumer
|
||||
* @param OAuthToken $token
|
||||
* @return string
|
||||
*/
|
||||
@@ -27,8 +27,8 @@ abstract public function build_signature($request, $consumer, $token);
|
||||
|
||||
/**
|
||||
* Verifies that a given signature is correct
|
||||
* @param OAuthRequest $request
|
||||
* @param OAuthConsumer $consumer
|
||||
* @param Request $request
|
||||
* @param Consumer $consumer
|
||||
* @param OAuthToken $token
|
||||
* @param string $signature
|
||||
* @return bool
|
||||
@@ -1,8 +1,8 @@
|
||||
<?php
|
||||
|
||||
namespace OAuth;
|
||||
namespace Eher\OAuth;
|
||||
|
||||
class OAuthToken {
|
||||
class Token {
|
||||
// access tokens and request tokens
|
||||
public $key;
|
||||
public $secret;
|
||||
@@ -22,9 +22,9 @@ function __construct($key, $secret) {
|
||||
*/
|
||||
function to_string() {
|
||||
return "oauth_token=" .
|
||||
OAuthUtil::urlencode_rfc3986($this->key) .
|
||||
Util::urlencode_rfc3986($this->key) .
|
||||
"&oauth_token_secret=" .
|
||||
OAuthUtil::urlencode_rfc3986($this->secret);
|
||||
Util::urlencode_rfc3986($this->secret);
|
||||
}
|
||||
|
||||
function __toString() {
|
||||
@@ -1,11 +1,11 @@
|
||||
<?php
|
||||
|
||||
namespace OAuth;
|
||||
namespace Eher\OAuth;
|
||||
|
||||
class OAuthUtil {
|
||||
class Util {
|
||||
public static function urlencode_rfc3986($input) {
|
||||
if (is_array($input)) {
|
||||
return array_map(array('app\models\oauth\OAuthUtil', 'urlencode_rfc3986'), $input);
|
||||
return array_map(array('Eher\OAuth\Util', 'urlencode_rfc3986'), $input);
|
||||
} else if (is_scalar($input)) {
|
||||
return str_replace(
|
||||
'+',
|
||||
@@ -34,7 +34,7 @@ public static function split_header($header, $only_allow_oauth_parameters = true
|
||||
$params = array();
|
||||
if (preg_match_all('/('.($only_allow_oauth_parameters ? 'oauth_' : '').'[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $header, $matches)) {
|
||||
foreach ($matches[1] as $i => $h) {
|
||||
$params[$h] = OAuthUtil::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]);
|
||||
$params[$h] = Util::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]);
|
||||
}
|
||||
if (isset($params['realm'])) {
|
||||
unset($params['realm']);
|
||||
@@ -100,8 +100,8 @@ public static function parse_parameters( $input ) {
|
||||
$parsed_parameters = array();
|
||||
foreach ($pairs as $pair) {
|
||||
$split = explode('=', $pair, 2);
|
||||
$parameter = OAuthUtil::urldecode_rfc3986($split[0]);
|
||||
$value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
|
||||
$parameter = Util::urldecode_rfc3986($split[0]);
|
||||
$value = isset($split[1]) ? Util::urldecode_rfc3986($split[1]) : '';
|
||||
|
||||
if (isset($parsed_parameters[$parameter])) {
|
||||
// We have already recieved parameter(s) with this name, so add to the list
|
||||
@@ -125,8 +125,8 @@ public static function build_http_query($params) {
|
||||
if (!$params) return '';
|
||||
|
||||
// Urlencode both keys and values
|
||||
$keys = OAuthUtil::urlencode_rfc3986(array_keys($params));
|
||||
$values = OAuthUtil::urlencode_rfc3986(array_values($params));
|
||||
$keys = Util::urlencode_rfc3986(array_keys($params));
|
||||
$values = Util::urlencode_rfc3986(array_values($params));
|
||||
$params = array_combine($keys, $values);
|
||||
|
||||
// Parameters are sorted by name, using lexicographical byte value ordering.
|
||||
18
test/Eher/OAuth/ConsumerTest.php
Normal file
18
test/Eher/OAuth/ConsumerTest.php
Normal file
@@ -0,0 +1,18 @@
|
||||
<?php
|
||||
|
||||
namespace Eher\OAuth;
|
||||
|
||||
class ConsumerTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
public function testConsumer()
|
||||
{
|
||||
$consumer = null;
|
||||
|
||||
$consumer = new Consumer("ConsumerKey", "ConsumerSecret");
|
||||
|
||||
$this->assertEquals(
|
||||
'Consumer[key=ConsumerKey,secret=ConsumerSecret]',
|
||||
(string) $consumer
|
||||
);
|
||||
}
|
||||
}
|
||||
40
test/Eher/OAuth/RequestTest.php
Normal file
40
test/Eher/OAuth/RequestTest.php
Normal file
@@ -0,0 +1,40 @@
|
||||
<?php
|
||||
|
||||
namespace Eher\OAuth;
|
||||
|
||||
class RequestTest extends \PHPUnit_Framework_TestCase
|
||||
{
|
||||
public function testRequestToUrl()
|
||||
{
|
||||
$consumer = null;
|
||||
$signatureMethod = null;
|
||||
$request = null;
|
||||
$once = "";
|
||||
$timestamp = "";
|
||||
$signature = "";
|
||||
$expectedUrl = "";
|
||||
|
||||
$consumer = new Consumer('ConsumerKey', 'ConsumerSecret');
|
||||
$signatureMethod = new HmacSha1();
|
||||
$request = Request::from_consumer_and_token(
|
||||
$consumer,
|
||||
null,
|
||||
"GET",
|
||||
"http://www.endpoint.url/",
|
||||
array()
|
||||
);
|
||||
$request->sign_request($signatureMethod, $consumer, null);
|
||||
|
||||
$once = $request->get_parameter('oauth_nonce');
|
||||
$timestamp = $request->get_parameter('oauth_timestamp');
|
||||
$signature = $request->get_parameter('oauth_signature');
|
||||
$expectedUrl = "http://www.endpoint.url/?"
|
||||
. "oauth_consumer_key=ConsumerKey"
|
||||
. "&oauth_nonce=" . $once
|
||||
. "&oauth_signature=" . Util::urlencode_rfc3986($signature)
|
||||
. "&oauth_signature_method=HMAC-SHA1"
|
||||
. "&oauth_timestamp=" . $timestamp
|
||||
. "&oauth_version=1.0";
|
||||
$this->assertEquals( $expectedUrl, (string) $request);
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user