friendica/src/Security/OAuth1/Signature/OAuthSignatureMethod_PLAINT...

<?php
/**
 * @copyright Copyright (C) 2010-2022, the Friendica project
 *
 * @license GNU AGPL version 3 or any later version
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU Affero General Public License as
 * published by the Free Software Foundation, either version 3 of the
 * License, or (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU Affero General Public License for more details.
 *
 * You should have received a copy of the GNU Affero General Public License
 * along with this program.  If not, see <https://www.gnu.org/licenses/>.
 *
 */

namespace Friendica\Security\OAuth1\Signature;

use Friendica\Security\OAuth1\OAuthRequest;
use Friendica\Security\OAuth1\OAuthUtil;

/**
 * The PLAINTEXT method does not provide any security protection and SHOULD only be used
 * over a secure channel such as HTTPS. It does not use the Signature Base String.
 *   - Chapter 9.4 ("PLAINTEXT")
 */
class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod
{
	public function get_name()
	{
		return "PLAINTEXT";
	}

	/**
	 * oauth_signature is set to the concatenated encoded values of the Consumer Secret and
	 * Token Secret, separated by a '&' character (ASCII code 38), even if either secret is
	 * empty. The result MUST be encoded again.
	 *   - Chapter 9.4.1 ("Generating Signatures")
	 *
	 * Please note that the second encoding MUST NOT happen in the SignatureMethod, as
	 * OAuthRequest handles this!
	 *
	 * @param $request
	 * @param $consumer
	 * @param $token
	 *
	 * @return string
	 */
	public function build_signature(OAuthRequest $request, \Friendica\Security\OAuth1\OAuthConsumer $consumer, \Friendica\Security\OAuth1\OAuthToken $token = null)
	{
		$key_parts = [
			$consumer->secret,
			($token) ? $token->secret : "",
		];

		$key_parts            = OAuthUtil::urlencode_rfc3986($key_parts);
		$key                  = implode('&', $key_parts);
		$request->base_string = $key;

		return $key;
	}
}
Move library\OAuth1.php to class structure Friendica\Security\OAuth1 2020-09-30 11:21:58 +02:00			`<?php`
Add missing copyright text 2022-01-02 10:49:50 +01:00			`/**`
			`* @copyright Copyright (C) 2010-2022, the Friendica project`
			`*`
			`* @license GNU AGPL version 3 or any later version`
			`*`
			`* This program is free software: you can redistribute it and/or modify`
			`* it under the terms of the GNU Affero General Public License as`
			`* published by the Free Software Foundation, either version 3 of the`
			`* License, or (at your option) any later version.`
			`*`
			`* This program is distributed in the hope that it will be useful,`
			`* but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`* GNU Affero General Public License for more details.`
			`*`
			`* You should have received a copy of the GNU Affero General Public License`
			`* along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`*`
			`*/`
Move library\OAuth1.php to class structure Friendica\Security\OAuth1 2020-09-30 11:21:58 +02:00
Cleanup OAuth1 library 2020-09-30 11:26:52 +02:00			`namespace Friendica\Security\OAuth1\Signature;`
Move library\OAuth1.php to class structure Friendica\Security\OAuth1 2020-09-30 11:21:58 +02:00
			`use Friendica\Security\OAuth1\OAuthRequest;`
			`use Friendica\Security\OAuth1\OAuthUtil;`

			`/**`
			`* The PLAINTEXT method does not provide any security protection and SHOULD only be used`
			`* over a secure channel such as HTTPS. It does not use the Signature Base String.`
			`* - Chapter 9.4 ("PLAINTEXT")`
			`*/`
			`class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod`
			`{`
			`public function get_name()`
			`{`
			`return "PLAINTEXT";`
			`}`

			`/**`
			`* oauth_signature is set to the concatenated encoded values of the Consumer Secret and`
			`* Token Secret, separated by a '&' character (ASCII code 38), even if either secret is`
			`* empty. The result MUST be encoded again.`
			`* - Chapter 9.4.1 ("Generating Signatures")`
			`*`
			`* Please note that the second encoding MUST NOT happen in the SignatureMethod, as`
			`* OAuthRequest handles this!`
			`*`
			`* @param $request`
			`* @param $consumer`
			`* @param $token`
			`*`
			`* @return string`
			`*/`
			`public function build_signature(OAuthRequest $request, \Friendica\Security\OAuth1\OAuthConsumer $consumer, \Friendica\Security\OAuth1\OAuthToken $token = null)`
			`{`
			`$key_parts = [`
			`$consumer->secret,`
			`($token) ? $token->secret : "",`
			`];`

			`$key_parts = OAuthUtil::urlencode_rfc3986($key_parts);`
			`$key = implode('&', $key_parts);`
			`$request->base_string = $key;`

			`return $key;`
			`}`
			`}`