|
1 <?php |
|
2 /** |
|
3 * Zend Framework |
|
4 * |
|
5 * LICENSE |
|
6 * |
|
7 * This source file is subject to the new BSD license that is bundled |
|
8 * with this package in the file LICENSE.txt. |
|
9 * It is also available through the world-wide-web at this URL: |
|
10 * http://framework.zend.com/license/new-bsd |
|
11 * If you did not receive a copy of the license and are unable to |
|
12 * obtain it through the world-wide-web, please send an email |
|
13 * to license@zend.com so we can send you a copy immediately. |
|
14 * |
|
15 * @category Zend |
|
16 * @package Zend_Oauth |
|
17 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
18 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
19 * @version $Id: SignatureAbstract.php 22662 2010-07-24 17:37:36Z mabe $ |
|
20 */ |
|
21 |
|
22 /** Zend_Oauth_Http_Utility */ |
|
23 require_once 'Zend/Oauth/Http/Utility.php'; |
|
24 |
|
25 /** Zend_Uri_Http */ |
|
26 require_once 'Zend/Uri/Http.php'; |
|
27 |
|
28 /** |
|
29 * @category Zend |
|
30 * @package Zend_Oauth |
|
31 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
32 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
33 */ |
|
34 abstract class Zend_Oauth_Signature_SignatureAbstract |
|
35 { |
|
36 /** |
|
37 * Hash algorithm to use when generating signature |
|
38 * @var string |
|
39 */ |
|
40 protected $_hashAlgorithm = null; |
|
41 |
|
42 /** |
|
43 * Key to use when signing |
|
44 * @var string |
|
45 */ |
|
46 protected $_key = null; |
|
47 |
|
48 /** |
|
49 * Consumer secret |
|
50 * @var string |
|
51 */ |
|
52 protected $_consumerSecret = null; |
|
53 |
|
54 /** |
|
55 * Token secret |
|
56 * @var string |
|
57 */ |
|
58 protected $_tokenSecret = ''; |
|
59 |
|
60 /** |
|
61 * Constructor |
|
62 * |
|
63 * @param string $consumerSecret |
|
64 * @param null|string $tokenSecret |
|
65 * @param null|string $hashAlgo |
|
66 * @return void |
|
67 */ |
|
68 public function __construct($consumerSecret, $tokenSecret = null, $hashAlgo = null) |
|
69 { |
|
70 $this->_consumerSecret = $consumerSecret; |
|
71 if (isset($tokenSecret)) { |
|
72 $this->_tokenSecret = $tokenSecret; |
|
73 } |
|
74 $this->_key = $this->_assembleKey(); |
|
75 if (isset($hashAlgo)) { |
|
76 $this->_hashAlgorithm = $hashAlgo; |
|
77 } |
|
78 } |
|
79 |
|
80 /** |
|
81 * Sign a request |
|
82 * |
|
83 * @param array $params |
|
84 * @param null|string $method |
|
85 * @param null|string $url |
|
86 * @return string |
|
87 */ |
|
88 public abstract function sign(array $params, $method = null, $url = null); |
|
89 |
|
90 /** |
|
91 * Normalize the base signature URL |
|
92 * |
|
93 * @param string $url |
|
94 * @return string |
|
95 */ |
|
96 public function normaliseBaseSignatureUrl($url) |
|
97 { |
|
98 $uri = Zend_Uri_Http::fromString($url); |
|
99 if ($uri->getScheme() == 'http' && $uri->getPort() == '80') { |
|
100 $uri->setPort(''); |
|
101 } elseif ($uri->getScheme() == 'https' && $uri->getPort() == '443') { |
|
102 $uri->setPort(''); |
|
103 } |
|
104 $uri->setQuery(''); |
|
105 $uri->setFragment(''); |
|
106 $uri->setHost(strtolower($uri->getHost())); |
|
107 return $uri->getUri(true); |
|
108 } |
|
109 |
|
110 /** |
|
111 * Assemble key from consumer and token secrets |
|
112 * |
|
113 * @return string |
|
114 */ |
|
115 protected function _assembleKey() |
|
116 { |
|
117 $parts = array($this->_consumerSecret); |
|
118 if ($this->_tokenSecret !== null) { |
|
119 $parts[] = $this->_tokenSecret; |
|
120 } |
|
121 foreach ($parts as $key => $secret) { |
|
122 $parts[$key] = Zend_Oauth_Http_Utility::urlEncode($secret); |
|
123 } |
|
124 return implode('&', $parts); |
|
125 } |
|
126 |
|
127 /** |
|
128 * Get base signature string |
|
129 * |
|
130 * @param array $params |
|
131 * @param null|string $method |
|
132 * @param null|string $url |
|
133 * @return string |
|
134 */ |
|
135 protected function _getBaseSignatureString(array $params, $method = null, $url = null) |
|
136 { |
|
137 $encodedParams = array(); |
|
138 foreach ($params as $key => $value) { |
|
139 $encodedParams[Zend_Oauth_Http_Utility::urlEncode($key)] = |
|
140 Zend_Oauth_Http_Utility::urlEncode($value); |
|
141 } |
|
142 $baseStrings = array(); |
|
143 if (isset($method)) { |
|
144 $baseStrings[] = strtoupper($method); |
|
145 } |
|
146 if (isset($url)) { |
|
147 // should normalise later |
|
148 $baseStrings[] = Zend_Oauth_Http_Utility::urlEncode( |
|
149 $this->normaliseBaseSignatureUrl($url) |
|
150 ); |
|
151 } |
|
152 if (isset($encodedParams['oauth_signature'])) { |
|
153 unset($encodedParams['oauth_signature']); |
|
154 } |
|
155 $baseStrings[] = Zend_Oauth_Http_Utility::urlEncode( |
|
156 $this->_toByteValueOrderedQueryString($encodedParams) |
|
157 ); |
|
158 return implode('&', $baseStrings); |
|
159 } |
|
160 |
|
161 /** |
|
162 * Transform an array to a byte value ordered query string |
|
163 * |
|
164 * @param array $params |
|
165 * @return string |
|
166 */ |
|
167 protected function _toByteValueOrderedQueryString(array $params) |
|
168 { |
|
169 $return = array(); |
|
170 uksort($params, 'strnatcmp'); |
|
171 foreach ($params as $key => $value) { |
|
172 if (is_array($value)) { |
|
173 natsort($value); |
|
174 foreach ($value as $keyduplicate) { |
|
175 $return[] = $key . '=' . $keyduplicate; |
|
176 } |
|
177 } else { |
|
178 $return[] = $key . '=' . $value; |
|
179 } |
|
180 } |
|
181 return implode('&', $return); |
|
182 } |
|
183 } |