mexon/friendica
1
0
Fork 0
Code Pull requests Activity

Cleanup OAuth1 library

Browse source
This commit is contained in:
Philipp Holzer 2020-09-30 11:26:52 +02:00
parent fe653b652a
commit c1708fe54c
No known key found for this signature in database
GPG key ID: 9A28B7D4FF5667BD
8 changed files with 50 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/Security/FKOAuth1.php
View file

@ -25,8 +25,8 @@ use Friendica\Core\Logger;
use Friendica\Database\DBA; use Friendica\Database\DBA;
use Friendica\DI; use Friendica\DI;
use Friendica\Security\OAuth1\OAuthServer; use Friendica\Security\OAuth1\OAuthServer;
use Friendica\Security\OAuth1\OAuthSignatureMethod_HMAC_SHA1; use Friendica\Security\OAuth1\Signature\OAuthSignatureMethod_HMAC_SHA1;
use Friendica\Security\OAuth1\OAuthSignatureMethod_PLAINTEXT; use Friendica\Security\OAuth1\Signature\OAuthSignatureMethod_PLAINTEXT;
/** /**
* OAuth protocol * OAuth protocol

27
src/Security/OAuth1/OAuthRequest.php
View file

@ -2,8 +2,7 @@
namespace Friendica\Security\OAuth1; namespace Friendica\Security\OAuth1;
use Friendica; use Friendica\Util\Strings;
use Friendica\Security\OAuth1\OAuthUtil;
class OAuthRequest class OAuthRequest
{ {
@ -92,15 +91,15 @@ class OAuthRequest
/** /**
* pretty much a helper function to set up the request * pretty much a helper function to set up the request
* *
* @param \Friendica\Security\OAuth1\OAuthConsumer $consumer * @param OAuthConsumer $consumer
* @param \Friendica\Security\OAuth1\OAuthToken $token * @param OAuthToken $token
* @param string $http_method * @param string $http_method
* @param string $http_url * @param string $http_url
* @param array|null $parameters * @param array|null $parameters
* *
* @return OAuthRequest * @return OAuthRequest
*/ */
public static function from_consumer_and_token(\Friendica\Security\OAuth1\OAuthConsumer $consumer, $http_method, $http_url, array $parameters = null, \Friendica\Security\OAuth1\OAuthToken $token = null) public static function from_consumer_and_token(OAuthConsumer $consumer, $http_method, $http_url, array $parameters = null, OAuthToken $token = null)
{ {
@$parameters or $parameters = []; @$parameters or $parameters = [];
$defaults = [ $defaults = [
@ -252,7 +251,7 @@ class OAuthRequest
* @param string|null $realm * @param string|null $realm
* *
* @return string * @return string
* @throws \Friendica\Security\OAuth1\OAuthException * @throws OAuthException
*/ */
public function to_header($realm = null) public function to_header($realm = null)
{ {
@ -266,7 +265,7 @@ class OAuthRequest
foreach ($this->parameters as $k => $v) { foreach ($this->parameters as $k => $v) {
if (substr($k, 0, 5) != "oauth") continue; if (substr($k, 0, 5) != "oauth") continue;
if (is_array($v)) { if (is_array($v)) {
throw new \Friendica\Security\OAuth1\OAuthException('Arrays not supported in headers'); throw new OAuthException('Arrays not supported in headers');
} }
$out .= ($first) ? ' ' : ','; $out .= ($first) ? ' ' : ',';
$out .= OAuthUtil::urlencode_rfc3986($k) . $out .= OAuthUtil::urlencode_rfc3986($k) .
@ -284,7 +283,7 @@ class OAuthRequest
} }
public function sign_request(\Friendica\Security\OAuth1\OAuthSignatureMethod $signature_method, $consumer, $token) public function sign_request(Signature\OAuthSignatureMethod $signature_method, $consumer, $token)
{ {
$this->set_parameter( $this->set_parameter(
"oauth_signature_method", "oauth_signature_method",
@ -295,7 +294,7 @@ class OAuthRequest
$this->set_parameter("oauth_signature", $signature, false); $this->set_parameter("oauth_signature", $signature, false);
} }
public function build_signature(\Friendica\Security\OAuth1\OAuthSignatureMethod $signature_method, $consumer, $token) public function build_signature(Signature\OAuthSignatureMethod $signature_method, $consumer, $token)
{ {
$signature = $signature_method->build_signature($this, $consumer, $token); $signature = $signature_method->build_signature($this, $consumer, $token);
return $signature; return $signature;
@ -314,6 +313,6 @@ class OAuthRequest
*/ */
private static function generate_nonce() private static function generate_nonce()
{ {
return Friendica\Util\Strings::getRandomHex(32); return Strings::getRandomHex(32);
} }
} }

63
src/Security/OAuth1/OAuthServer.php
View file

@ -3,16 +3,13 @@
namespace Friendica\Security\OAuth1; namespace Friendica\Security\OAuth1;
use Friendica\Security\FKOAuthDataStore; use Friendica\Security\FKOAuthDataStore;
use OAuthConsumer; use Friendica\Security\OAuth1\Signature;
use OAuthRequest;
use OAuthSignatureMethod;
use OAuthToken;
class OAuthServer class OAuthServer
{ {
protected $timestamp_threshold = 300; // in seconds, five minutes protected $timestamp_threshold = 300; // in seconds, five minutes
protected $version = '1.0'; // hi blaine protected $version = '1.0'; // hi blaine
/** @var \Friendica\Security\OAuth1\OAuthSignatureMethod[] */ /** @var Signature\OAuthSignatureMethod[] */
protected $signature_methods = []; protected $signature_methods = [];
/** @var FKOAuthDataStore */ /** @var FKOAuthDataStore */
@ -23,7 +20,7 @@ class OAuthServer
$this->data_store = $data_store; $this->data_store = $data_store;
} }
public function add_signature_method(\Friendica\Security\OAuth1\OAuthSignatureMethod $signature_method) public function add_signature_method(Signature\OAuthSignatureMethod $signature_method)
{ {
$this->signature_methods[$signature_method->get_name()] = $this->signature_methods[$signature_method->get_name()] =
$signature_method; $signature_method;
@ -35,12 +32,12 @@ class OAuthServer
* process a request_token request * process a request_token request
* returns the request token on success * returns the request token on success
* *
* @param \Friendica\Security\OAuth1\OAuthRequest $request * @param OAuthRequest $request
* *
* @return \Friendica\Security\OAuth1\OAuthToken|null * @return OAuthToken|null
* @throws OAuthException * @throws OAuthException
*/ */
public function fetch_request_token(\Friendica\Security\OAuth1\OAuthRequest $request) public function fetch_request_token(OAuthRequest $request)
{ {
$this->get_version($request); $this->get_version($request);
@ -62,12 +59,12 @@ class OAuthServer
* process an access_token request * process an access_token request
* returns the access token on success * returns the access token on success
* *
* @param \Friendica\Security\OAuth1\OAuthRequest $request * @param OAuthRequest $request
* *
* @return object * @return object
* @throws OAuthException * @throws OAuthException
*/ */
public function fetch_access_token(\Friendica\Security\OAuth1\OAuthRequest $request) public function fetch_access_token(OAuthRequest $request)
{ {
$this->get_version($request); $this->get_version($request);
@ -88,12 +85,12 @@ class OAuthServer
/** /**
* verify an api call, checks all the parameters * verify an api call, checks all the parameters
* *
* @param \Friendica\Security\OAuth1\OAuthRequest $request * @param OAuthRequest $request
* *
* @return array * @return array
* @throws OAuthException * @throws OAuthException
*/ */
public function verify_request(\Friendica\Security\OAuth1\OAuthRequest $request) public function verify_request(OAuthRequest $request)
{ {
$this->get_version($request); $this->get_version($request);
$consumer = $this->get_consumer($request); $consumer = $this->get_consumer($request);
@ -107,12 +104,12 @@ class OAuthServer
/** /**
* version 1 * version 1
* *
* @param \Friendica\Security\OAuth1\OAuthRequest $request * @param OAuthRequest $request
* *
* @return string * @return string
* @throws OAuthException * @throws OAuthException
*/ */
private function get_version(\Friendica\Security\OAuth1\OAuthRequest $request) private function get_version(OAuthRequest $request)
{ {
$version = $request->get_parameter("oauth_version"); $version = $request->get_parameter("oauth_version");
if (!$version) { if (!$version) {
@ -129,12 +126,12 @@ class OAuthServer
/** /**
* figure out the signature with some defaults * figure out the signature with some defaults
* *
* @param \Friendica\Security\OAuth1\OAuthRequest $request * @param OAuthRequest $request
* *
* @return \Friendica\Security\OAuth1\OAuthSignatureMethod * @return Signature\OAuthSignatureMethod
* @throws OAuthException * @throws OAuthException
*/ */
private function get_signature_method(\Friendica\Security\OAuth1\OAuthRequest $request) private function get_signature_method(OAuthRequest $request)
{ {
$signature_method = $signature_method =
@$request->get_parameter("oauth_signature_method"); @$request->get_parameter("oauth_signature_method");
@ -161,12 +158,12 @@ class OAuthServer
/** /**
* try to find the consumer for the provided request's consumer key * try to find the consumer for the provided request's consumer key
* *
* @param \Friendica\Security\OAuth1\OAuthRequest $request * @param OAuthRequest $request
* *
* @return \Friendica\Security\OAuth1\OAuthConsumer * @return OAuthConsumer
* @throws OAuthException * @throws OAuthException
*/ */
private function get_consumer(\Friendica\Security\OAuth1\OAuthRequest $request) private function get_consumer(OAuthRequest $request)
{ {
$consumer_key = @$request->get_parameter("oauth_consumer_key"); $consumer_key = @$request->get_parameter("oauth_consumer_key");
if (!$consumer_key) { if (!$consumer_key) {
@ -184,14 +181,14 @@ class OAuthServer
/** /**
* try to find the token for the provided request's token key * try to find the token for the provided request's token key
* *
* @param \Friendica\Security\OAuth1\OAuthRequest $request * @param OAuthRequest $request
* @param $consumer * @param $consumer
* @param string $token_type * @param string $token_type
* *
* @return \Friendica\Security\OAuth1\OAuthToken|null * @return OAuthToken|null
* @throws OAuthException * @throws OAuthException
*/ */
private function get_token(\Friendica\Security\OAuth1\OAuthRequest &$request, $consumer, $token_type = "access") private function get_token(OAuthRequest &$request, $consumer, $token_type = "access")
{ {
$token_field = @$request->get_parameter('oauth_token'); $token_field = @$request->get_parameter('oauth_token');
$token = $this->data_store->lookup_token( $token = $this->data_store->lookup_token(
@ -209,13 +206,13 @@ class OAuthServer
* all-in-one function to check the signature on a request * all-in-one function to check the signature on a request
* should guess the signature method appropriately * should guess the signature method appropriately
* *
* @param \Friendica\Security\OAuth1\OAuthRequest $request * @param OAuthRequest $request
* @param \Friendica\Security\OAuth1\OAuthConsumer $consumer * @param OAuthConsumer $consumer
* @param \Friendica\Security\OAuth1\OAuthToken|null $token * @param OAuthToken|null $token
* *
* @throws OAuthException * @throws OAuthException
*/ */
private function check_signature(\Friendica\Security\OAuth1\OAuthRequest $request, \Friendica\Security\OAuth1\OAuthConsumer $consumer, \Friendica\Security\OAuth1\OAuthToken $token = null) private function check_signature(OAuthRequest $request, OAuthConsumer $consumer, OAuthToken $token = null)
{ {
// this should probably be in a different method // this should probably be in a different method
$timestamp = @$request->get_parameter('oauth_timestamp'); $timestamp = @$request->get_parameter('oauth_timestamp');
@ -265,14 +262,14 @@ class OAuthServer
/** /**
* check that the nonce is not repeated * check that the nonce is not repeated
* *
* @param \Friendica\Security\OAuth1\OAuthConsumer $consumer * @param OAuthConsumer $consumer
* @param \Friendica\Security\OAuth1\OAuthToken $token * @param OAuthToken $token
* @param string $nonce * @param string $nonce
* @param int $timestamp * @param int $timestamp
* *
* @throws OAuthException * @throws OAuthException
*/ */
private function check_nonce(\Friendica\Security\OAuth1\OAuthConsumer $consumer, \Friendica\Security\OAuth1\OAuthToken $token, $nonce, int $timestamp) private function check_nonce(OAuthConsumer $consumer, OAuthToken $token, $nonce, int $timestamp)
{ {
if (!$nonce) if (!$nonce)
throw new OAuthException( throw new OAuthException(

2
src/Security/OAuth1/OAuthToken.php
View file

@ -2,8 +2,6 @@
namespace Friendica\Security\OAuth1; namespace Friendica\Security\OAuth1;
use Friendica\Security\OAuth1\OAuthUtil;
class OAuthToken class OAuthToken
{ {
// access tokens and request tokens // access tokens and request tokens

2
src/Security/OAuth1/OAuthSignatureMethod.php → src/Security/OAuth1/Signature/OAuthSignatureMethod.php
View file

@ -1,6 +1,6 @@
<?php <?php
namespace Friendica\Security\OAuth1; namespace Friendica\Security\OAuth1\Signature;
use Friendica\Security\OAuth1\OAuthRequest; use Friendica\Security\OAuth1\OAuthRequest;

4
src/Security/OAuth1/OAuthSignatureMethod_HMAC_SHA1.php → src/Security/OAuth1/Signature/OAuthSignatureMethod_HMAC_SHA1.php
View file

@ -1,6 +1,6 @@
<?php <?php
namespace Friendica\Security\OAuth1; namespace Friendica\Security\OAuth1\Signature;
use Friendica\Security\OAuth1\OAuthRequest; use Friendica\Security\OAuth1\OAuthRequest;
use Friendica\Security\OAuth1\OAuthUtil; use Friendica\Security\OAuth1\OAuthUtil;
@ -12,7 +12,7 @@ use Friendica\Security\OAuth1\OAuthUtil;
* character (ASCII code 38) even if empty. * character (ASCII code 38) even if empty.
* - Chapter 9.2 ("HMAC-SHA1") * - Chapter 9.2 ("HMAC-SHA1")
*/ */
class OAuthSignatureMethod_HMAC_SHA1 extends \Friendica\Security\OAuth1\OAuthSignatureMethod class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod
{ {
function get_name() function get_name()
{ {

2
src/Security/OAuth1/OAuthSignatureMethod_PLAINTEXT.php → src/Security/OAuth1/Signature/OAuthSignatureMethod_PLAINTEXT.php
View file

@ -1,6 +1,6 @@
<?php <?php
namespace Friendica\Security\OAuth1; namespace Friendica\Security\OAuth1\Signature;
use Friendica\Security\OAuth1\OAuthRequest; use Friendica\Security\OAuth1\OAuthRequest;
use Friendica\Security\OAuth1\OAuthUtil; use Friendica\Security\OAuth1\OAuthUtil;

2
src/Security/OAuth1/OAuthSignatureMethod_RSA_SHA1.php → src/Security/OAuth1/Signature/OAuthSignatureMethod_RSA_SHA1.php
View file

@ -1,6 +1,6 @@
<?php <?php
namespace Friendica\Security\OAuth1; namespace Friendica\Security\OAuth1\Signature;
use Friendica\Security\OAuth1\OAuthRequest; use Friendica\Security\OAuth1\OAuthRequest;