harukin/core
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

remove the unqualified "OAuth" namespace from the project. We need to reference either OAuth1 or OAuth2.

Browse Source
This commit is contained in:
redmatrix
2015-12-13 15:35:45 -08:00
parent 395268da22
commit bb0e4044bf
8 changed files with 103 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

118
library/OAuth1.php
View File

@@ -3,11 +3,11 @@
/* Generic exception class
*/
class OAuthException extends Exception {
class OAuth1Exception extends Exception {
// pass
}
class OAuthConsumer {
class OAuth1Consumer {
public $key;
public $secret;
@@ -18,11 +18,11 @@ class OAuthConsumer {
}
function __toString() {
return "OAuthConsumer[key=$this->key,secret=$this->secret]";
return "OAuth1Consumer[key=$this->key,secret=$this->secret]";
}
}
class OAuthToken {
class OAuth1Token {
// access tokens and request tokens
public $key;
public $secret;
@@ -46,9 +46,9 @@ class OAuthToken {
*/
function to_string() {
return "oauth_token=" .
OAuthUtil::urlencode_rfc3986($this->key) .
OAuth1Util::urlencode_rfc3986($this->key) .
"&oauth_token_secret=" .
OAuthUtil::urlencode_rfc3986($this->secret);
OAuth1Util::urlencode_rfc3986($this->secret);
}
function __toString() {
@@ -60,7 +60,7 @@ class OAuthToken {
* A class for implementing a Signature Method
* See section 9 ("Signing Requests") in the spec
*/
abstract class OAuthSignatureMethod {
abstract class OAuth1SignatureMethod {
/**
* Needs to return the name of the Signature Method (ie HMAC-SHA1)
* @return string
@@ -70,20 +70,20 @@ abstract class OAuthSignatureMethod {
/**
* Build up the signature
* NOTE: The output of this function MUST NOT be urlencoded.
* the encoding is handled in OAuthRequest when the final
* the encoding is handled in OAuth1Request when the final
* request is serialized
* @param OAuthRequest $request
* @param OAuthConsumer $consumer
* @param OAuthToken $token
* @param OAuth1Request $request
* @param OAuth1Consumer $consumer
* @param OAuth1Token $token
* @return string
*/
abstract public function build_signature($request, $consumer, $token);
/**
* Verifies that a given signature is correct
* @param OAuthRequest $request
* @param OAuthConsumer $consumer
* @param OAuthToken $token
* @param OAuth1Request $request
* @param OAuth1Consumer $consumer
* @param OAuth1Token $token
* @param string $signature
* @return bool
*/
@@ -101,7 +101,7 @@ abstract class OAuthSignatureMethod {
* character (ASCII code 38) even if empty.
* - Chapter 9.2 ("HMAC-SHA1")
*/
class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
class OAuth1SignatureMethod_HMAC_SHA1 extends OAuth1SignatureMethod {
function get_name() {
return "HMAC-SHA1";
}
@@ -115,7 +115,7 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
($token) ? $token->secret : ""
);
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
$key_parts = OAuth1Util::urlencode_rfc3986($key_parts);
$key = implode('&', $key_parts);
@@ -129,7 +129,7 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
* over a secure channel such as HTTPS. It does not use the Signature Base String.
* - Chapter 9.4 ("PLAINTEXT")
*/
class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
class OAuth1SignatureMethod_PLAINTEXT extends OAuth1SignatureMethod {
public function get_name() {
return "PLAINTEXT";
}
@@ -141,7 +141,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
* - Chapter 9.4.1 ("Generating Signatures")
*
* Please note that the second encoding MUST NOT happen in the SignatureMethod, as
* OAuthRequest handles this!
* OAuth1Request handles this!
*/
public function build_signature($request, $consumer, $token) {
$key_parts = array(
@@ -149,7 +149,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
($token) ? $token->secret : ""
);
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
$key_parts = OAuth1Util::urlencode_rfc3986($key_parts);
$key = implode('&', $key_parts);
$request->base_string = $key;
@@ -165,7 +165,7 @@ class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod {
* specification.
* - Chapter 9.3 ("RSA-SHA1")
*/
abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod {
abstract class OAuth1SignatureMethod_RSA_SHA1 extends OAuth1SignatureMethod {
public function get_name() {
return "RSA-SHA1";
}
@@ -224,7 +224,7 @@ abstract class OAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod {
}
}
class OAuthRequest {
class OAuth1Request {
private $parameters;
private $http_method;
private $http_url;
@@ -235,7 +235,7 @@ class OAuthRequest {
function __construct($http_method, $http_url, $parameters=NULL) {
@$parameters or $parameters = array();
$parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
$parameters = array_merge( OAuth1Util::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
$this->parameters = $parameters;
$this->http_method = $http_method;
$this->http_url = $http_url;
@@ -262,10 +262,10 @@ class OAuthRequest {
// parsed parameter-list
if (!$parameters) {
// Find request headers
$request_headers = OAuthUtil::get_headers();
$request_headers = OAuth1Util::get_headers();
// Parse the query-string to find GET parameters
$parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
$parameters = OAuth1Util::parse_parameters($_SERVER['QUERY_STRING']);
// It's a POST request of the proper content-type, so parse POST
// parameters and add those overriding any duplicates from GET
@@ -274,7 +274,7 @@ class OAuthRequest {
"application/x-www-form-urlencoded")
) {
$post_data = OAuthUtil::parse_parameters(
$post_data = OAuth1Util::parse_parameters(
file_get_contents(self::$POST_INPUT)
);
$parameters = array_merge($parameters, $post_data);
@@ -283,7 +283,7 @@ class OAuthRequest {
// We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header(
$header_parameters = OAuth1Util::split_header(
$request_headers['Authorization']
);
$parameters = array_merge($parameters, $header_parameters);
@@ -296,7 +296,7 @@ class OAuthRequest {
$http_url = substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q']));
unset( $parameters['q'] );
return new OAuthRequest($http_method, $http_url, $parameters);
return new OAuth1Request($http_method, $http_url, $parameters);
}
/**
@@ -304,16 +304,16 @@ class OAuthRequest {
*/
public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
@$parameters or $parameters = array();
$defaults = array("oauth_version" => OAuthRequest::$version,
"oauth_nonce" => OAuthRequest::generate_nonce(),
"oauth_timestamp" => OAuthRequest::generate_timestamp(),
$defaults = array("oauth_version" => OAuth1Request::$version,
"oauth_nonce" => OAuth1Request::generate_nonce(),
"oauth_timestamp" => OAuth1Request::generate_timestamp(),
"oauth_consumer_key" => $consumer->key);
if ($token)
$defaults['oauth_token'] = $token->key;
$parameters = array_merge($defaults, $parameters);
return new OAuthRequest($http_method, $http_url, $parameters);
return new OAuth1Request($http_method, $http_url, $parameters);
}
public function set_parameter($name, $value, $allow_duplicates = true) {
@@ -357,7 +357,7 @@ class OAuthRequest {
unset($params['oauth_signature']);
}
return OAuthUtil::build_http_query($params);
return OAuth1Util::build_http_query($params);
}
/**
@@ -374,7 +374,7 @@ class OAuthRequest {
$this->get_signable_parameters()
);
$parts = OAuthUtil::urlencode_rfc3986($parts);
$parts = OAuth1Util::urlencode_rfc3986($parts);
return implode('&', $parts);
}
@@ -423,7 +423,7 @@ class OAuthRequest {
* builds the data one would send in a POST request
*/
public function to_postdata() {
return OAuthUtil::build_http_query($this->parameters);
return OAuth1Util::build_http_query($this->parameters);
}
/**
@@ -432,7 +432,7 @@ class OAuthRequest {
public function to_header($realm=null) {
$first = true;
if($realm) {
$out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"';
$out = 'Authorization: OAuth realm="' . OAuth1Util::urlencode_rfc3986($realm) . '"';
$first = false;
} else
$out = 'Authorization: OAuth';
@@ -441,12 +441,12 @@ class OAuthRequest {
foreach ($this->parameters as $k => $v) {
if (substr($k, 0, 5) != "oauth") continue;
if (is_array($v)) {
throw new OAuthException('Arrays not supported in headers');
throw new OAuth1Exception('Arrays not supported in headers');
}
$out .= ($first) ? ' ' : ',';
$out .= OAuthUtil::urlencode_rfc3986($k) .
$out .= OAuth1Util::urlencode_rfc3986($k) .
'="' .
OAuthUtil::urlencode_rfc3986($v) .
OAuth1Util::urlencode_rfc3986($v) .
'"';
$first = false;
}
@@ -491,7 +491,7 @@ class OAuthRequest {
}
}
class OAuthServer {
class OAuth1Server {
protected $timestamp_threshold = 300; // in seconds, five minutes
protected $version = '1.0'; // hi blaine
protected $signature_methods = array();
@@ -572,7 +572,7 @@ class OAuthServer {
$version = '1.0';
}
if ($version !== $this->version) {
throw new OAuthException("OAuth version '$version' not supported");
throw new OAuth1Exception("OAuth1 version '$version' not supported");
}
return $version;
}
@@ -587,12 +587,12 @@ class OAuthServer {
if (!$signature_method) {
// According to chapter 7 ("Accessing Protected Ressources") the signature-method
// parameter is required, and we can't just fallback to PLAINTEXT
throw new OAuthException('No signature method parameter. This parameter is required');
throw new OAuth1Exception('No signature method parameter. This parameter is required');
}
if (!in_array($signature_method,
array_keys($this->signature_methods))) {
throw new OAuthException(
throw new OAuth1Exception(
"Signature method '$signature_method' not supported " .
"try one of the following: " .
implode(", ", array_keys($this->signature_methods))
@@ -607,12 +607,12 @@ class OAuthServer {
private function get_consumer(&$request) {
$consumer_key = @$request->get_parameter("oauth_consumer_key");
if (!$consumer_key) {
throw new OAuthException("Invalid consumer key");
throw new OAuth1Exception("Invalid consumer key");
}
$consumer = $this->data_store->lookup_consumer($consumer_key);
if (!$consumer) {
throw new OAuthException("Invalid consumer");
throw new OAuth1Exception("Invalid consumer");
}
return $consumer;
@@ -627,7 +627,7 @@ class OAuthServer {
$consumer, $token_type, $token_field
);
if (!$token) {
throw new OAuthException("Invalid $token_type token: $token_field");
throw new OAuth1Exception("Invalid $token_type token: $token_field");
}
return $token;
}
@@ -656,7 +656,7 @@ class OAuthServer {
if (!$valid_sig) {
throw new OAuthException("Invalid signature");
throw new OAuth1Exception("Invalid signature");
}
}
@@ -665,14 +665,14 @@ class OAuthServer {
*/
private function check_timestamp($timestamp) {
if( ! $timestamp )
throw new OAuthException(
throw new OAuth1Exception(
'Missing timestamp parameter. The parameter is required'
);
// verify that timestamp is recentish
$now = time();
if (abs($now - $timestamp) > $this->timestamp_threshold) {
throw new OAuthException(
throw new OAuth1Exception(
"Expired timestamp, yours $timestamp, ours $now"
);
}
@@ -683,7 +683,7 @@ class OAuthServer {
*/
private function check_nonce($consumer, $token, $nonce, $timestamp) {
if( ! $nonce )
throw new OAuthException(
throw new OAuth1Exception(
'Missing nonce parameter. The parameter is required'
);
@@ -695,13 +695,13 @@ class OAuthServer {
$timestamp
);
if ($found) {
throw new OAuthException("Nonce already used: $nonce");
throw new OAuth1Exception("Nonce already used: $nonce");
}
}
}
class OAuthDataStore {
class OAuth1DataStore {
function lookup_consumer($consumer_key) {
// implement me
}
@@ -727,10 +727,10 @@ class OAuthDataStore {
}
class OAuthUtil {
class OAuth1Util {
public static function urlencode_rfc3986($input) {
if (is_array($input)) {
return array_map(array('OAuthUtil', 'urlencode_rfc3986'), $input);
return array_map(array('OAuth1Util', 'urlencode_rfc3986'), $input);
} else if (is_scalar($input)) {
return str_replace(
'+',
@@ -762,7 +762,7 @@ class OAuthUtil {
$header_name = $matches[2][0];
$header_content = (isset($matches[5])) ? $matches[5][0] : $matches[4][0];
if (preg_match('/^oauth_/', $header_name) || !$only_allow_oauth_parameters) {
$params[$header_name] = OAuthUtil::urldecode_rfc3986($header_content);
$params[$header_name] = OAuth1Util::urldecode_rfc3986($header_content);
}
$offset = $match[1] + strlen($match[0]);
}
@@ -834,8 +834,8 @@ class OAuthUtil {
$parsed_parameters = array();
foreach ($pairs as $pair) {
$split = explode('=', $pair, 2);
$parameter = OAuthUtil::urldecode_rfc3986($split[0]);
$value = isset($split[1]) ? OAuthUtil::urldecode_rfc3986($split[1]) : '';
$parameter = OAuth1Util::urldecode_rfc3986($split[0]);
$value = isset($split[1]) ? OAuth1Util::urldecode_rfc3986($split[1]) : '';
if (isset($parsed_parameters[$parameter])) {
// We have already recieved parameter(s) with this name, so add to the list
@@ -859,8 +859,8 @@ class OAuthUtil {
if (!$params) return '';
// Urlencode both keys and values
$keys = OAuthUtil::urlencode_rfc3986(array_keys($params));
$values = OAuthUtil::urlencode_rfc3986(array_values($params));
$keys = OAuth1Util::urlencode_rfc3986(array_keys($params));
$values = OAuth1Util::urlencode_rfc3986(array_values($params));
$params = array_combine($keys, $values);
// Parameters are sorted by name, using lexicographical byte value ordering.
@@ -885,5 +885,3 @@ class OAuthUtil {
return implode('&', $pairs);
}
}
?>