|
1 <?php |
|
2 /** |
|
3 * Zend Framework |
|
4 * |
|
5 * LICENSE |
|
6 * |
|
7 * This source file is subject to the new BSD license that is bundled |
|
8 * with this package in the file LICENSE.txt. |
|
9 * It is also available through the world-wide-web at this URL: |
|
10 * http://framework.zend.com/license/new-bsd |
|
11 * If you did not receive a copy of the license and are unable to |
|
12 * obtain it through the world-wide-web, please send an email |
|
13 * to license@zend.com so we can send you a copy immediately. |
|
14 * |
|
15 * @category Zend |
|
16 * @package Zend_Service_WindowsAzure |
|
17 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
18 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
19 * @version $Id: SharedKey.php 23167 2010-10-19 17:53:31Z mabe $ |
|
20 */ |
|
21 |
|
22 /** |
|
23 * @see Zend_Service_WindowsAzure_Credentials_CredentialsAbstract |
|
24 */ |
|
25 require_once 'Zend/Service/WindowsAzure/Credentials/CredentialsAbstract.php'; |
|
26 |
|
27 /** |
|
28 * @see Zend_Service_WindowsAzure_Storage |
|
29 */ |
|
30 require_once 'Zend/Service/WindowsAzure/Storage.php'; |
|
31 |
|
32 /** |
|
33 * @see Zend_Http_Client |
|
34 */ |
|
35 require_once 'Zend/Http/Client.php'; |
|
36 |
|
37 /** |
|
38 * @see Zend_Service_WindowsAzure_Credentials_Exception |
|
39 */ |
|
40 require_once 'Zend/Service/WindowsAzure/Credentials/Exception.php'; |
|
41 |
|
42 /** |
|
43 * @category Zend |
|
44 * @package Zend_Service_WindowsAzure |
|
45 * @copyright Copyright (c) 2005-2010 Zend Technologies USA Inc. (http://www.zend.com) |
|
46 * @license http://framework.zend.com/license/new-bsd New BSD License |
|
47 */ |
|
48 class Zend_Service_WindowsAzure_Credentials_SharedKey |
|
49 extends Zend_Service_WindowsAzure_Credentials_CredentialsAbstract |
|
50 { |
|
51 /** |
|
52 * Sign request URL with credentials |
|
53 * |
|
54 * @param string $requestUrl Request URL |
|
55 * @param string $resourceType Resource type |
|
56 * @param string $requiredPermission Required permission |
|
57 * @return string Signed request URL |
|
58 */ |
|
59 public function signRequestUrl( |
|
60 $requestUrl = '', |
|
61 $resourceType = Zend_Service_WindowsAzure_Storage::RESOURCE_UNKNOWN, |
|
62 $requiredPermission = Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PERMISSION_READ |
|
63 ) { |
|
64 return $requestUrl; |
|
65 } |
|
66 |
|
67 /** |
|
68 * Sign request headers with credentials |
|
69 * |
|
70 * @param string $httpVerb HTTP verb the request will use |
|
71 * @param string $path Path for the request |
|
72 * @param string $queryString Query string for the request |
|
73 * @param array $headers x-ms headers to add |
|
74 * @param boolean $forTableStorage Is the request for table storage? |
|
75 * @param string $resourceType Resource type |
|
76 * @param string $requiredPermission Required permission |
|
77 * @param mixed $rawData Raw post data |
|
78 * @return array Array of headers |
|
79 */ |
|
80 public function signRequestHeaders( |
|
81 $httpVerb = Zend_Http_Client::GET, |
|
82 $path = '/', |
|
83 $queryString = '', |
|
84 $headers = null, |
|
85 $forTableStorage = false, |
|
86 $resourceType = Zend_Service_WindowsAzure_Storage::RESOURCE_UNKNOWN, |
|
87 $requiredPermission = Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PERMISSION_READ, |
|
88 $rawData = null |
|
89 ) { |
|
90 // http://github.com/sriramk/winazurestorage/blob/214010a2f8931bac9c96dfeb337d56fe084ca63b/winazurestorage.py |
|
91 |
|
92 // Table storage? |
|
93 if ($forTableStorage) { |
|
94 throw new Zend_Service_WindowsAzure_Credentials_Exception('The Windows Azure SDK for PHP does not support SharedKey authentication on table storage. Use SharedKeyLite authentication instead.'); |
|
95 } |
|
96 |
|
97 // Determine path |
|
98 if ($this->_usePathStyleUri) { |
|
99 $path = substr($path, strpos($path, '/')); |
|
100 } |
|
101 |
|
102 // Determine query |
|
103 $queryString = $this->_prepareQueryStringForSigning($queryString); |
|
104 |
|
105 // Canonicalized headers |
|
106 $canonicalizedHeaders = array(); |
|
107 |
|
108 // Request date |
|
109 $requestDate = ''; |
|
110 if (isset($headers[Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PREFIX_STORAGE_HEADER . 'date'])) { |
|
111 $requestDate = $headers[Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PREFIX_STORAGE_HEADER . 'date']; |
|
112 } else { |
|
113 $requestDate = gmdate('D, d M Y H:i:s', time()) . ' GMT'; // RFC 1123 |
|
114 $canonicalizedHeaders[] = Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PREFIX_STORAGE_HEADER . 'date:' . $requestDate; |
|
115 } |
|
116 |
|
117 // Build canonicalized headers |
|
118 if ($headers !== null) { |
|
119 foreach ($headers as $header => $value) { |
|
120 if (is_bool($value)) { |
|
121 $value = $value === true ? 'True' : 'False'; |
|
122 } |
|
123 |
|
124 $headers[$header] = $value; |
|
125 if (substr($header, 0, strlen(Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PREFIX_STORAGE_HEADER)) == Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PREFIX_STORAGE_HEADER) { |
|
126 $canonicalizedHeaders[] = strtolower($header) . ':' . $value; |
|
127 } |
|
128 } |
|
129 } |
|
130 sort($canonicalizedHeaders); |
|
131 |
|
132 // Build canonicalized resource string |
|
133 $canonicalizedResource = '/' . $this->_accountName; |
|
134 if ($this->_usePathStyleUri) { |
|
135 $canonicalizedResource .= '/' . $this->_accountName; |
|
136 } |
|
137 $canonicalizedResource .= $path; |
|
138 if ($queryString !== '') { |
|
139 $queryStringItems = $this->_makeArrayOfQueryString($queryString); |
|
140 foreach ($queryStringItems as $key => $value) { |
|
141 $canonicalizedResource .= "\n" . strtolower($key) . ':' . $value; |
|
142 } |
|
143 } |
|
144 |
|
145 // Content-Length header |
|
146 $contentLength = ''; |
|
147 if (strtoupper($httpVerb) != Zend_Http_Client::GET |
|
148 && strtoupper($httpVerb) != Zend_Http_Client::DELETE |
|
149 && strtoupper($httpVerb) != Zend_Http_Client::HEAD) { |
|
150 $contentLength = 0; |
|
151 |
|
152 if ($rawData !== null) { |
|
153 $contentLength = strlen($rawData); |
|
154 } |
|
155 } |
|
156 |
|
157 // Create string to sign |
|
158 $stringToSign = array(); |
|
159 $stringToSign[] = strtoupper($httpVerb); // VERB |
|
160 $stringToSign[] = $this->_issetOr($headers, 'Content-Encoding', ''); // Content-Encoding |
|
161 $stringToSign[] = $this->_issetOr($headers, 'Content-Language', ''); // Content-Language |
|
162 $stringToSign[] = $contentLength; // Content-Length |
|
163 $stringToSign[] = $this->_issetOr($headers, 'Content-MD5', ''); // Content-MD5 |
|
164 $stringToSign[] = $this->_issetOr($headers, 'Content-Type', ''); // Content-Type |
|
165 $stringToSign[] = ""; // Date |
|
166 $stringToSign[] = $this->_issetOr($headers, 'If-Modified-Since', ''); // If-Modified-Since |
|
167 $stringToSign[] = $this->_issetOr($headers, 'If-Match', ''); // If-Match |
|
168 $stringToSign[] = $this->_issetOr($headers, 'If-None-Match', ''); // If-None-Match |
|
169 $stringToSign[] = $this->_issetOr($headers, 'If-Unmodified-Since', ''); // If-Unmodified-Since |
|
170 $stringToSign[] = $this->_issetOr($headers, 'Range', ''); // Range |
|
171 |
|
172 if (!$forTableStorage && count($canonicalizedHeaders) > 0) { |
|
173 $stringToSign[] = implode("\n", $canonicalizedHeaders); // Canonicalized headers |
|
174 } |
|
175 |
|
176 $stringToSign[] = $canonicalizedResource; // Canonicalized resource |
|
177 $stringToSign = implode("\n", $stringToSign); |
|
178 $signString = base64_encode(hash_hmac('sha256', $stringToSign, $this->_accountKey, true)); |
|
179 |
|
180 // Sign request |
|
181 $headers[Zend_Service_WindowsAzure_Credentials_CredentialsAbstract::PREFIX_STORAGE_HEADER . 'date'] = $requestDate; |
|
182 $headers['Authorization'] = 'SharedKey ' . $this->_accountName . ':' . $signString; |
|
183 |
|
184 // Return headers |
|
185 return $headers; |
|
186 } |
|
187 } |