|
1 <?php |
|
2 /** |
|
3 * Zend Framework |
|
4 * |
|
5 * LICENSE |
|
6 * |
|
7 * This source file is subject to the new BSD license that is bundled |
|
8 * with this package in the file LICENSE.txt. |
|
9 * It is also available through the world-wide-web at this URL: |
|
10 * http://framework.zend.com/license/new-bsd |
|
11 * If you did not receive a copy of the license and are unable to |
|
12 * obtain it through the world-wide-web, please send an email |
|
13 * to license@zend.com so we can send you a copy immediately. |
|
14 * |
|
15 * @category Zend |
|
16 * @package Zend_Oauth |
|
17 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
18 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
19 * @version $Id: Utility.php 22662 2010-07-24 17:37:36Z mabe $ |
|
20 */ |
|
21 |
|
22 /** Zend_Oauth */ |
|
23 require_once 'Zend/Oauth.php'; |
|
24 |
|
25 /** Zend_Oauth_Http */ |
|
26 require_once 'Zend/Oauth/Http.php'; |
|
27 |
|
28 /** |
|
29 * @category Zend |
|
30 * @package Zend_Oauth |
|
31 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
32 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
33 */ |
|
34 class Zend_Oauth_Http_Utility |
|
35 { |
|
36 /** |
|
37 * Assemble all parameters for a generic OAuth request - i.e. no special |
|
38 * params other than the defaults expected for any OAuth query. |
|
39 * |
|
40 * @param string $url |
|
41 * @param Zend_Oauth_Config_ConfigInterface $config |
|
42 * @param null|array $serviceProviderParams |
|
43 * @return array |
|
44 */ |
|
45 public function assembleParams( |
|
46 $url, |
|
47 Zend_Oauth_Config_ConfigInterface $config, |
|
48 array $serviceProviderParams = null |
|
49 ) { |
|
50 $params = array( |
|
51 'oauth_consumer_key' => $config->getConsumerKey(), |
|
52 'oauth_nonce' => $this->generateNonce(), |
|
53 'oauth_signature_method' => $config->getSignatureMethod(), |
|
54 'oauth_timestamp' => $this->generateTimestamp(), |
|
55 'oauth_version' => $config->getVersion(), |
|
56 ); |
|
57 |
|
58 if ($config->getToken()->getToken() != null) { |
|
59 $params['oauth_token'] = $config->getToken()->getToken(); |
|
60 } |
|
61 |
|
62 |
|
63 if ($serviceProviderParams !== null) { |
|
64 $params = array_merge($params, $serviceProviderParams); |
|
65 } |
|
66 |
|
67 $params['oauth_signature'] = $this->sign( |
|
68 $params, |
|
69 $config->getSignatureMethod(), |
|
70 $config->getConsumerSecret(), |
|
71 $config->getToken()->getTokenSecret(), |
|
72 $config->getRequestMethod(), |
|
73 $url |
|
74 ); |
|
75 |
|
76 return $params; |
|
77 } |
|
78 |
|
79 /** |
|
80 * Given both OAuth parameters and any custom parametere, generate an |
|
81 * encoded query string. This method expects parameters to have been |
|
82 * assembled and signed beforehand. |
|
83 * |
|
84 * @param array $params |
|
85 * @param bool $customParamsOnly Ignores OAuth params e.g. for requests using OAuth Header |
|
86 * @return string |
|
87 */ |
|
88 public function toEncodedQueryString(array $params, $customParamsOnly = false) |
|
89 { |
|
90 if ($customParamsOnly) { |
|
91 foreach ($params as $key=>$value) { |
|
92 if (preg_match("/^oauth_/", $key)) { |
|
93 unset($params[$key]); |
|
94 } |
|
95 } |
|
96 } |
|
97 $encodedParams = array(); |
|
98 foreach ($params as $key => $value) { |
|
99 $encodedParams[] = self::urlEncode($key) |
|
100 . '=' |
|
101 . self::urlEncode($value); |
|
102 } |
|
103 return implode('&', $encodedParams); |
|
104 } |
|
105 |
|
106 /** |
|
107 * Cast to authorization header |
|
108 * |
|
109 * @param array $params |
|
110 * @param null|string $realm |
|
111 * @param bool $excludeCustomParams |
|
112 * @return void |
|
113 */ |
|
114 public function toAuthorizationHeader(array $params, $realm = null, $excludeCustomParams = true) |
|
115 { |
|
116 $headerValue = array( |
|
117 'OAuth realm="' . $realm . '"', |
|
118 ); |
|
119 |
|
120 foreach ($params as $key => $value) { |
|
121 if ($excludeCustomParams) { |
|
122 if (!preg_match("/^oauth_/", $key)) { |
|
123 continue; |
|
124 } |
|
125 } |
|
126 $headerValue[] = self::urlEncode($key) |
|
127 . '="' |
|
128 . self::urlEncode($value) . '"'; |
|
129 } |
|
130 return implode(",", $headerValue); |
|
131 } |
|
132 |
|
133 /** |
|
134 * Sign request |
|
135 * |
|
136 * @param array $params |
|
137 * @param string $signatureMethod |
|
138 * @param string $consumerSecret |
|
139 * @param null|string $tokenSecret |
|
140 * @param null|string $method |
|
141 * @param null|string $url |
|
142 * @return string |
|
143 */ |
|
144 public function sign( |
|
145 array $params, $signatureMethod, $consumerSecret, $tokenSecret = null, $method = null, $url = null |
|
146 ) { |
|
147 $className = ''; |
|
148 $hashAlgo = null; |
|
149 $parts = explode('-', $signatureMethod); |
|
150 if (count($parts) > 1) { |
|
151 $className = 'Zend_Oauth_Signature_' . ucfirst(strtolower($parts[0])); |
|
152 $hashAlgo = $parts[1]; |
|
153 } else { |
|
154 $className = 'Zend_Oauth_Signature_' . ucfirst(strtolower($signatureMethod)); |
|
155 } |
|
156 |
|
157 require_once str_replace('_', '/', $className) . '.php'; |
|
158 $signatureObject = new $className($consumerSecret, $tokenSecret, $hashAlgo); |
|
159 return $signatureObject->sign($params, $method, $url); |
|
160 } |
|
161 |
|
162 /** |
|
163 * Parse query string |
|
164 * |
|
165 * @param mixed $query |
|
166 * @return array |
|
167 */ |
|
168 public function parseQueryString($query) |
|
169 { |
|
170 $params = array(); |
|
171 if (empty($query)) { |
|
172 return array(); |
|
173 } |
|
174 |
|
175 // Not remotely perfect but beats parse_str() which converts |
|
176 // periods and uses urldecode, not rawurldecode. |
|
177 $parts = explode('&', $query); |
|
178 foreach ($parts as $pair) { |
|
179 $kv = explode('=', $pair); |
|
180 $params[rawurldecode($kv[0])] = rawurldecode($kv[1]); |
|
181 } |
|
182 return $params; |
|
183 } |
|
184 |
|
185 /** |
|
186 * Generate nonce |
|
187 * |
|
188 * @return string |
|
189 */ |
|
190 public function generateNonce() |
|
191 { |
|
192 return md5(uniqid(rand(), true)); |
|
193 } |
|
194 |
|
195 /** |
|
196 * Generate timestamp |
|
197 * |
|
198 * @return int |
|
199 */ |
|
200 public function generateTimestamp() |
|
201 { |
|
202 return time(); |
|
203 } |
|
204 |
|
205 /** |
|
206 * urlencode a value |
|
207 * |
|
208 * @param string $value |
|
209 * @return string |
|
210 */ |
|
211 public static function urlEncode($value) |
|
212 { |
|
213 $encoded = rawurlencode($value); |
|
214 $encoded = str_replace('%7E', '~', $encoded); |
|
215 return $encoded; |
|
216 } |
|
217 } |