mirror of https://github.com/friendica/friendica
68 lines
2.1 KiB
PHP
68 lines
2.1 KiB
PHP
<?php
|
|
/**
|
|
* @copyright Copyright (C) 2010-2022, the Friendica project
|
|
*
|
|
* @license GNU AGPL version 3 or any later version
|
|
*
|
|
* This program is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Affero General Public License as
|
|
* published by the Free Software Foundation, either version 3 of the
|
|
* License, or (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Affero General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU Affero General Public License
|
|
* along with this program. If not, see <https://www.gnu.org/licenses/>.
|
|
*
|
|
*/
|
|
|
|
namespace Friendica\Security\OAuth1\Signature;
|
|
|
|
use Friendica\Security\OAuth1\OAuthRequest;
|
|
use Friendica\Security\OAuth1\OAuthUtil;
|
|
|
|
/**
|
|
* The PLAINTEXT method does not provide any security protection and SHOULD only be used
|
|
* over a secure channel such as HTTPS. It does not use the Signature Base String.
|
|
* - Chapter 9.4 ("PLAINTEXT")
|
|
*/
|
|
class OAuthSignatureMethod_PLAINTEXT extends OAuthSignatureMethod
|
|
{
|
|
public function get_name()
|
|
{
|
|
return "PLAINTEXT";
|
|
}
|
|
|
|
/**
|
|
* oauth_signature is set to the concatenated encoded values of the Consumer Secret and
|
|
* Token Secret, separated by a '&' character (ASCII code 38), even if either secret is
|
|
* empty. The result MUST be encoded again.
|
|
* - Chapter 9.4.1 ("Generating Signatures")
|
|
*
|
|
* Please note that the second encoding MUST NOT happen in the SignatureMethod, as
|
|
* OAuthRequest handles this!
|
|
*
|
|
* @param $request
|
|
* @param $consumer
|
|
* @param $token
|
|
*
|
|
* @return string
|
|
*/
|
|
public function build_signature(OAuthRequest $request, \Friendica\Security\OAuth1\OAuthConsumer $consumer, \Friendica\Security\OAuth1\OAuthToken $token = null)
|
|
{
|
|
$key_parts = [
|
|
$consumer->secret,
|
|
($token) ? $token->secret : "",
|
|
];
|
|
|
|
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
|
|
$key = implode('&', $key_parts);
|
|
$request->base_string = $key;
|
|
|
|
return $key;
|
|
}
|
|
}
|