Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Updated tmhOAuth.php to support RSA-SHA1 Signing. #179

Open
wants to merge 2 commits into
base: dev
Choose a base branch
from
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
79 changes: 68 additions & 11 deletions tmhOAuth.php
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,10 @@ public function reconfigure($config=array()) {
'consumer_secret' => '',
'token' => '',
'secret' => '',

// File paths to public/private keys, for RSA signing
'rsa_public_key' => '',
'rsa_private_key' => '',

// OAuth2 bearer token. This should already be URL encoded
'bearer' => '',
Expand Down Expand Up @@ -207,6 +211,8 @@ private function prepare_oauth1_params() {
'oauth_version' => $this->config['oauth_version'],
'oauth_consumer_key' => $this->config['consumer_key'],
'oauth_signature_method' => $this->config['oauth_signature_method'],
'oauth_rsa_public_key' => $this->config['rsa_public_key'],
'oauth_rsa_private_key' => $this->config['rsa_private_key'],
);

// include the user token if it exists
Expand Down Expand Up @@ -448,17 +454,68 @@ private function prepare_base_string() {
}

/**
* Signs the OAuth 1 request
*
* @return void oauth_signature is added to the parameters in the class array variable '$this->request_settings'
*/
private function prepare_oauth_signature() {
$this->request_settings['oauth1_params']['oauth_signature'] = $this->safe_encode(
base64_encode(
hash_hmac(
'sha1', $this->request_settings['basestring'], $this->request_settings['signing_key'], true
)));
}
* Signs the OAuth 1 request
*
* @return void oauth_signature is added to the parameters in the class array variable '$this->request_settings'
*/
private function prepare_oauth_signature() {

switch($this->request_settings['oauth1_params']['oauth_signature_method'])
{

// Sign the request using HMAC
case 'HMAC-SHA1':
$this->request_settings['oauth1_params']['oauth_signature'] = $this->safe_encode(
base64_encode(
hash_hmac(
'sha1', $this->request_settings['basestring'], $this->request_settings['signing_key'], true
)));

break;

// Sign the request using RSA
case 'RSA-SHA1':

// Fetch the public & private key
$publickey = openssl_get_publickey($this->_read_file(realpath($this->settings->config['rsa_public_key'])));
$privatekey = openssl_pkey_get_private($this->_read_file(realpath($this->settings->config['rsa_private_key'])));

// Sign the request
openssl_sign($this->request_settings['basestring'], $this->request_settings['signing_key'], $privatekey);

// Release the key resource
openssl_free_key($privatekey);

// Store the encoded, signed request into the oauth1_params array
$this->request_settings['oauth1_params']['oauth_signature'] = $this->safe_encode(base64_encode($this->request_settings['signing_key']));

break;
}
}

/**
* Reads in a certificate file
* @param string $filepath : Path to the certificate file, relative to this file
* @return string
*/
private function _read_file($filepath = null)
{
// Return false, if filepath isn't given
if( empty($filepath) ){
return false;
}

// Open file as read only
$fp = fopen($filepath, 'r');

// Read up to 8192 bytes
$file_contents = fread($fp, 8192);

// Close the file
fclose($fp);

return $file_contents;
}

/**
* Prepares the Authorization header
Expand Down