2020-09-30 11:21:58 +02:00
|
|
|
<?php
|
2022-01-02 10:49:50 +01:00
|
|
|
/**
|
|
|
|
* @copyright Copyright (C) 2010-2022, the Friendica project
|
|
|
|
*
|
|
|
|
* @license GNU AGPL version 3 or any later version
|
|
|
|
*
|
|
|
|
* This program is free software: you can redistribute it and/or modify
|
|
|
|
* it under the terms of the GNU Affero General Public License as
|
|
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
|
|
* License, or (at your option) any later version.
|
|
|
|
*
|
|
|
|
* This program is distributed in the hope that it will be useful,
|
|
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
|
|
* GNU Affero General Public License for more details.
|
|
|
|
*
|
|
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
|
|
*
|
|
|
|
*/
|
2020-09-30 11:21:58 +02:00
|
|
|
|
2020-09-30 11:26:52 +02:00
|
|
|
namespace Friendica\Security\OAuth1\Signature;
|
2020-09-30 11:21:58 +02:00
|
|
|
|
|
|
|
use Friendica\Security\OAuth1\OAuthRequest;
|
|
|
|
use Friendica\Security\OAuth1\OAuthUtil;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104]
|
|
|
|
* where the Signature Base String is the text and the key is the concatenated values (each first
|
|
|
|
* encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&'
|
|
|
|
* character (ASCII code 38) even if empty.
|
|
|
|
* - Chapter 9.2 ("HMAC-SHA1")
|
|
|
|
*/
|
2020-09-30 11:26:52 +02:00
|
|
|
class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod
|
2020-09-30 11:21:58 +02:00
|
|
|
{
|
|
|
|
function get_name()
|
|
|
|
{
|
|
|
|
return "HMAC-SHA1";
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @param OAuthRequest $request
|
|
|
|
* @param \Friendica\Security\OAuth1\OAuthConsumer $consumer
|
|
|
|
* @param \Friendica\Security\OAuth1\OAuthToken $token
|
|
|
|
*
|
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public function build_signature(OAuthRequest $request, \Friendica\Security\OAuth1\OAuthConsumer $consumer, \Friendica\Security\OAuth1\OAuthToken $token = null)
|
|
|
|
{
|
|
|
|
$base_string = $request->get_signature_base_string();
|
|
|
|
$request->base_string = $base_string;
|
|
|
|
|
|
|
|
$key_parts = [
|
|
|
|
$consumer->secret,
|
|
|
|
($token) ? $token->secret : "",
|
|
|
|
];
|
|
|
|
|
|
|
|
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
|
|
|
|
$key = implode('&', $key_parts);
|
|
|
|
|
|
|
|
|
|
|
|
$r = base64_encode(hash_hmac('sha1', $base_string, $key, true));
|
|
|
|
return $r;
|
|
|
|
}
|
|
|
|
}
|