Code Coverage |
||||||||||
Lines |
Functions and Methods |
Classes and Traits |
||||||||
Total | |
100.00% |
12 / 12 |
|
100.00% |
2 / 2 |
CRAP | |
100.00% |
1 / 1 |
OAuthSignatureMethod_HMAC_SHA1 | |
100.00% |
12 / 12 |
|
100.00% |
2 / 2 |
3 | |
100.00% |
1 / 1 |
get_name | |
100.00% |
1 / 1 |
|
100.00% |
1 / 1 |
1 | |||
build_signature | |
100.00% |
11 / 11 |
|
100.00% |
1 / 1 |
2 |
1 | <?php |
2 | // vim: foldmethod=marker |
3 | /** |
4 | * The MIT License |
5 | * |
6 | * Copyright (c) 2007 Andy Smith |
7 | * |
8 | * Permission is hereby granted, free of charge, to any person obtaining a copy |
9 | * of this software and associated documentation files ( the "Software" ), to deal |
10 | * in the Software without restriction, including without limitation the rights |
11 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell |
12 | * copies of the Software, and to permit persons to whom the Software is |
13 | * furnished to do so, subject to the following conditions: |
14 | * |
15 | * The above copyright notice and this permission notice shall be included in |
16 | * all copies or substantial portions of the Software. |
17 | * |
18 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
19 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
20 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
21 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
22 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, |
23 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN |
24 | * THE SOFTWARE. |
25 | */ |
26 | |
27 | namespace MediaWiki\Extension\OAuth\Lib; |
28 | |
29 | /** |
30 | * The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104] |
31 | * where the Signature Base String is the text and the key is the concatenated values ( each first |
32 | * encoded per Parameter Encoding ) of the Consumer Secret and Token Secret, separated by an '&' |
33 | * character ( ASCII code 38 ) even if empty. |
34 | * - Chapter 9.2 ( "HMAC-SHA1" ) |
35 | */ |
36 | class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { |
37 | function get_name() { |
38 | return "HMAC-SHA1"; |
39 | } |
40 | |
41 | public function build_signature( $request, $consumer, $token ) { |
42 | $base_string = $request->get_signature_base_string(); |
43 | $this->logger->debug( __METHOD__ . ": Base string: '$base_string'" ); |
44 | $request->base_string = $base_string; |
45 | |
46 | $key_parts = array( |
47 | $consumer->secret, |
48 | ( $token ) ? $token->secret : "" |
49 | ); |
50 | |
51 | $key_parts = OAuthUtil::urlencode_rfc3986( $key_parts ); |
52 | $key = implode( '&', $key_parts ); |
53 | $this->logger->debug( __METHOD__ . ": HMAC Key: '$key'" ); |
54 | |
55 | return base64_encode( hash_hmac( 'sha1', $base_string, $key, true ) ); |
56 | } |
57 | } |