88 lines
2.6 KiB
PHP
Executable File
88 lines
2.6 KiB
PHP
Executable File
<?php
|
|
|
|
if ( !class_exists('Puc_v4p1_OAuthSignature', false) ):
|
|
|
|
/**
|
|
* A basic signature generator for zero-legged OAuth 1.0.
|
|
*/
|
|
class Puc_v4p1_OAuthSignature {
|
|
private $consumerKey = '';
|
|
private $consumerSecret = '';
|
|
|
|
public function __construct($consumerKey, $consumerSecret) {
|
|
$this->consumerKey = $consumerKey;
|
|
$this->consumerSecret = $consumerSecret;
|
|
}
|
|
|
|
/**
|
|
* Sign a URL using OAuth 1.0.
|
|
*
|
|
* @param string $url The URL to be signed. It may contain query parameters.
|
|
* @param string $method HTTP method such as "GET", "POST" and so on.
|
|
* @return string The signed URL.
|
|
*/
|
|
public function sign($url, $method = 'GET') {
|
|
$parameters = array();
|
|
|
|
//Parse query parameters.
|
|
$query = @parse_url($url, PHP_URL_QUERY);
|
|
if ( !empty($query) ) {
|
|
parse_str($query, $parsedParams);
|
|
if ( is_array($parameters) ) {
|
|
$parameters = $parsedParams;
|
|
}
|
|
//Remove the query string from the URL. We'll replace it later.
|
|
$url = substr($url, 0, strpos($url, '?'));
|
|
}
|
|
|
|
$parameters = array_merge(
|
|
$parameters,
|
|
array(
|
|
'oauth_consumer_key' => $this->consumerKey,
|
|
'oauth_nonce' => $this->nonce(),
|
|
'oauth_signature_method' => 'HMAC-SHA1',
|
|
'oauth_timestamp' => time(),
|
|
'oauth_version' => '1.0',
|
|
)
|
|
);
|
|
unset($parameters['oauth_signature']);
|
|
|
|
//Parameters must be sorted alphabetically before signing.
|
|
ksort($parameters);
|
|
|
|
//The most complicated part of the request - generating the signature.
|
|
//The string to sign contains the HTTP method, the URL path, and all of
|
|
//our query parameters. Everything is URL encoded. Then we concatenate
|
|
//them with ampersands into a single string to hash.
|
|
$encodedVerb = urlencode($method);
|
|
$encodedUrl = urlencode($url);
|
|
$encodedParams = urlencode(http_build_query($parameters, '', '&'));
|
|
|
|
$stringToSign = $encodedVerb . '&' . $encodedUrl . '&' . $encodedParams;
|
|
|
|
//Since we only have one OAuth token (the consumer secret) we only have
|
|
//to use it as our HMAC key. However, we still have to append an & to it
|
|
//as if we were using it with additional tokens.
|
|
$secret = urlencode($this->consumerSecret) . '&';
|
|
|
|
//The signature is a hash of the consumer key and the base string. Note
|
|
//that we have to get the raw output from hash_hmac and base64 encode
|
|
//the binary data result.
|
|
$parameters['oauth_signature'] = base64_encode(hash_hmac('sha1', $stringToSign, $secret, true));
|
|
|
|
return ($url . '?' . http_build_query($parameters));
|
|
}
|
|
|
|
/**
|
|
* Generate a random nonce.
|
|
*
|
|
* @return string
|
|
*/
|
|
private function nonce() {
|
|
$mt = microtime();
|
|
$rand = mt_rand();
|
|
return md5($mt . '_' . $rand);
|
|
}
|
|
}
|
|
|
|
endif; |