本文整理汇总了PHP中OAuthUtil::split_header方法的典型用法代码示例。如果您正苦于以下问题:PHP OAuthUtil::split_header方法的具体用法?PHP OAuthUtil::split_header怎么用?PHP OAuthUtil::split_header使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类OAuthUtil
的用法示例。
在下文中一共展示了OAuthUtil::split_header方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: from_request
/**
* attempt to build up a request from what was passed to the server
*/
public static function from_request($http_method = NULL, $http_url = NULL, $parameters = NULL)
{
$scheme = !isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ? 'http' : 'https';
$http_url = $http_url ? $http_url : $scheme . '://' . $_SERVER['SERVER_NAME'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['REQUEST_URI'];
$http_method = $http_method ? $http_method : $_SERVER['REQUEST_METHOD'];
// We weren't handed any parameters, so let's find the ones relevant to
// this request.
// If you run XML-RPC or similar you should use this to provide your own
// parsed parameter-list
if (!$parameters) {
// Find request headers
$request_headers = OAuthUtil::get_headers();
// Parse the query-string to find GET parameters
$parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
// It's a POST request of the proper content-type, so parse POST
// parameters and add those overriding any duplicates from GET
if ($http_method == "POST" && isset($request_headers['Content-Type']) && strstr($request_headers['Content-Type'], 'application/x-www-form-urlencoded')) {
$post_data = OAuthUtil::parse_parameters(file_get_contents(self::$POST_INPUT));
$parameters = array_merge($parameters, $post_data);
}
// We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST
if (isset($request_headers['Authorization']) && substr($request_headers['Authorization'], 0, 6) == 'OAuth ') {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
$parameters = array_merge($parameters, $header_parameters);
}
}
return new OAuthRequest($http_method, $http_url, $parameters);
}
示例2: testSplitHeader
public function testSplitHeader()
{
$this->assertEquals(array('oauth_foo' => 'bar', 'oauth_baz' => 'bla,rgh'), OAuthUtil::split_header('OAuth realm="",oauth_foo=bar,oauth_baz="bla,rgh"'));
$this->assertEquals(array(), OAuthUtil::split_header('OAuth realm="",foo=bar,baz="bla,rgh"'));
$this->assertEquals(array('foo' => 'bar', 'baz' => 'bla,rgh'), OAuthUtil::split_header('OAuth realm="",foo=bar,baz="bla,rgh"', false));
$this->assertEquals(array('oauth_foo' => 'hi there'), OAuthUtil::split_header('OAuth realm="",oauth_foo=hi+there,foo=bar,baz="bla,rgh"'));
}
示例3: handleOAuthBodyPOST
function handleOAuthBodyPOST($oauth_consumer_key, $oauth_consumer_secret)
{
$request_headers = OAuthUtil::get_headers();
// print_r($request_headers);
// Must reject application/x-www-form-urlencoded
if ($request_headers['Content-type'] == 'application/x-www-form-urlencoded' ) {
throw new Exception("OAuth request body signing must not use application/x-www-form-urlencoded");
}
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
// echo("HEADER PARMS=\n");
// print_r($header_parameters);
$oauth_body_hash = $header_parameters['oauth_body_hash'];
// echo("OBH=".$oauth_body_hash."\n");
}
if ( ! isset($oauth_body_hash) ) {
throw new Exception("OAuth request body signing requires oauth_body_hash body");
}
// Verify the message signature
$store = new TrivialOAuthDataStore();
$store->add_consumer($oauth_consumer_key, $oauth_consumer_secret);
$server = new OAuthServer($store);
$method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($method);
$request = OAuthRequest::from_request();
global $LastOAuthBodyBaseString;
$LastOAuthBodyBaseString = $request->get_signature_base_string();
// echo($LastOAuthBodyBaseString."\n");
try {
$server->verify_request($request);
} catch (Exception $e) {
$message = $e->getMessage();
throw new Exception("OAuth signature failed: " . $message);
}
$postdata = file_get_contents('php://input');
// echo($postdata);
$hash = base64_encode(sha1($postdata, TRUE));
if ( $hash != $oauth_body_hash ) {
throw new Exception("OAuth oauth_body_hash mismatch");
}
return $postdata;
}
示例4: from_request
/**
* attempt to build up a request from what was passed to the server
*/
public static function from_request($http_method = NULL, $http_url = NULL, $parameters = NULL)
{
$scheme = !isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ? 'http' : 'https';
$port = "";
if ($_SERVER['SERVER_PORT'] != "80" && $_SERVER['SERVER_PORT'] != "443" && strpos(':', $_SERVER['HTTP_HOST']) < 0) {
$port = ':' . $_SERVER['SERVER_PORT'];
}
@$http_url or $http_url = $scheme . '://' . $_SERVER['HTTP_HOST'] . $port . $_SERVER['REQUEST_URI'];
@$http_method or $http_method = $_SERVER['REQUEST_METHOD'];
// We weren't handed any parameters, so let's find the ones relevant to
// this request.
// If you run XML-RPC or similar you should use this to provide your own
// parsed parameter-list
if (!$parameters) {
// Find request headers
$request_headers = OAuthUtil::get_headers();
// Parse the query-string to find GET parameters
$parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
$ourpost = $_POST;
// Deal with magic_quotes
// http://www.php.net/manual/en/security.magicquotes.disabling.php
if (get_magic_quotes_gpc()) {
$outpost = array();
foreach ($_POST as $k => $v) {
$v = stripslashes($v);
$ourpost[$k] = $v;
}
}
// Add POST Parameters if they exist
$parameters = array_merge($parameters, $ourpost);
// We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
$parameters = array_merge($parameters, $header_parameters);
}
}
return new OAuthRequest($http_method, $http_url, $parameters);
}
示例5: handle_oauth_body_post
function handle_oauth_body_post($oauthconsumerkey, $oauthconsumersecret, $body, $requestheaders = null)
{
if ($requestheaders == null) {
$requestheaders = OAuthUtil::get_headers();
}
// Must reject application/x-www-form-urlencoded.
if (isset($requestheaders['Content-type'])) {
if ($requestheaders['Content-type'] == 'application/x-www-form-urlencoded') {
throw new OAuthException("OAuth request body signing must not use application/x-www-form-urlencoded");
}
}
if (@substr($requestheaders['Authorization'], 0, 6) == "OAuth ") {
$headerparameters = OAuthUtil::split_header($requestheaders['Authorization']);
$oauthbodyhash = $headerparameters['oauth_body_hash'];
}
if (!isset($oauthbodyhash)) {
throw new OAuthException("OAuth request body signing requires oauth_body_hash body");
}
// Verify the message signature.
$store = new TrivialOAuthDataStore();
$store->add_consumer($oauthconsumerkey, $oauthconsumersecret);
$server = new OAuthServer($store);
$method = new OAuthSignatureMethod_HMAC_SHA1();
$server->add_signature_method($method);
$request = OAuthRequest::from_request();
try {
$server->verify_request($request);
} catch (\Exception $e) {
$message = $e->getMessage();
throw new OAuthException("OAuth signature failed: " . $message);
}
$postdata = $body;
$hash = base64_encode(sha1($postdata, true));
if ($hash != $oauthbodyhash) {
throw new OAuthException("OAuth oauth_body_hash mismatch");
}
return $postdata;
}
示例6: from_request
/**
* attempt to build up a request from what was passed to the server
*/
public static function from_request($http_method = NULL, $http_url = NULL, $parameters = NULL)
{
$scheme = !isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ? 'http' : 'https';
@$http_url or $http_url = $scheme . '://' . $_SERVER['HTTP_HOST'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['REQUEST_URI'];
@$http_method or $http_method = $_SERVER['REQUEST_METHOD'];
if (!$parameters) {
$request_headers = OAuthUtil::get_headers();
// Parse the query-string to find GET parameters
$parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
// It's a POST request of the proper content-type, so parse POST
// parameters and add those overriding any duplicates from GET
if ($http_method == "POST" and @strstr($request_headers["Content-Type"], "application/x-www-form-urlencoded")) {
$post_data = OAuthUtil::parse_parameters(file_get_contents(self::$POST_INPUT));
$parameters = array_merge($parameters, $post_data);
}
// We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
$parameters = array_merge($parameters, $header_parameters);
}
}
return new OAuthRequest($http_method, $http_url, $parameters);
}
示例7: from_request
public static function from_request($http_method = null, $http_url = null, $parameters = null)
{
$scheme = !isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ? 'http' : 'https';
@$http_url or $http_url = $scheme . '://' . $_SERVER['HTTP_HOST'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['REQUEST_URI'];
@$http_method or $http_method = $_SERVER['REQUEST_METHOD'];
if (!$parameters) {
$request_headers = OAuthUtil::get_headers();
$parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
if ($http_method == "POST" && @strstr($request_headers["Content-Type"], "application/x-www-form-urlencoded")) {
$post_data = OAuthUtil::parse_parameters(file_get_contents(self::$POST_INPUT));
$parameters = array_merge($parameters, $post_data);
}
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
$parameters = array_merge($parameters, $header_parameters);
}
}
return new OAuthRequest($http_method, $http_url, $parameters);
}
示例8: from_request
/**
* attempt to build up a request from what was passed to the server
*/
public static function from_request($http_method = NULL, $http_url = NULL, $parameters = NULL)
{
$scheme = !isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ? 'http' : 'https';
@$http_url or $http_url = $scheme . '://' . $_SERVER['HTTP_HOST'] . ':' . $_SERVER['SERVER_PORT'] . $_SERVER['REQUEST_URI'];
@$http_method or $http_method = $_SERVER['REQUEST_METHOD'];
// We weren't handed any parameters, so let's find the ones relevant to
// this request.
// If you run XML-RPC or similar you should use this to provide your own
// parsed parameter-list
if (!$parameters) {
// Find request headers
$request_headers = OAuthUtil::get_headers();
// Parse the query-string to find GET parameters
$parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
// It's a POST request of the proper content-type, so parse POST
// parameters and add those overriding any duplicates from GET
if ($http_method == "POST" && @strstr($request_headers["Content-Type"], "application/x-www-form-urlencoded")) {
$post_data = OAuthUtil::parse_parameters(file_get_contents(self::$POST_INPUT));
$parameters = array_merge($parameters, $post_data);
}
// We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
$parameters = array_merge($parameters, $header_parameters);
}
}
// fix for friendica redirect system
// FIXME or don't, but figure out if this is absolutely necessary and act accordingly
$http_url = substr($http_url, 0, strpos($http_url, $parameters['q']) + strlen($parameters['q']));
unset($parameters['q']);
return new OAuthRequest($http_method, $http_url, $parameters);
}
示例9: oauth_get_params
function oauth_get_params()
{
global $CONFIG;
// Find request headers
$request_headers = OAuthUtil::get_headers();
// start with an empty array
$parameters = array();
/***
*** This next part is a hack. This ignores the QUERY_STRING because it
*** gets messed up by the apache mod_rewrite rules for page views, and
*** you end up with 'handler' and 'request' variables on the parameters
*** stack. This in turn messes up OAuth's signature base string
*** generation algorithm, causing things to fail. I have a feeling
*** that this is going to bite me back some day, but I'm not sure
*** how or where, especially if this pam module gets called from
*** somewhere other than the API chain in a way that makes any sense.
***/
// parse query parameters
$querystr = '';
if ($_SERVER['REQUEST_URI']) {
$qparts = explode('?', $_SERVER['REQUEST_URI'], 2);
// split on the question mark to get the real query parameters before Apache mangles them
if (count($qparts) == 2) {
$querystr = $qparts[1];
}
}
$parameters = OAuthUtil::parse_parameters($querystr);
/***
***
***/
// It's a POST request of the proper content-type, so parse POST
// parameters and add those overriding any duplicates from GET
if (@strstr($request_headers["Content-Type"], "application/x-www-form-urlencoded")) {
$post_data = OAuthUtil::parse_parameters(file_get_contents(OAuthRequest::$POST_INPUT));
$parameters = array_merge($parameters, $post_data);
}
// We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
$parameters = array_merge($parameters, $header_parameters);
}
return $parameters;
}
示例10: isAuthorized
/**
* HTTP リクエストが mixi から送信された正当なものであるかどうかを検証します。
* mixi モバイルアプリを実装する上で、このメソッドはリクエスト毎に必ず実行して下さい。
*
* @param int $type 署名方式。Mars_OAuthProvider::SIGNATURE_* 定数を指定。
* @throws Mars_UnsupportedException サポートされていない署名形式が指定された場合に発生。
* @link http://developer.mixi.co.jp/appli/spec/mob/validate-oauth-signature OAuth Signature の検証方法について
* @link http://developer.mixi.co.jp/appli/spec/mob/for_partners/photo_upload_api アプリからフォトアップロード機能について
* @link http://developer.mixi.co.jp/appli/spec/mob/for_partners/lifecycle_event ライフサイクルイベントについて
* @see Mars_OAuthProvider::isAuthorizaed()
* @author Naomichi Yamakita <yamakita@dtx.co.jp>
*/
public function isAuthorized($type = self::SIGNATURE_HMAC)
{
$result = FALSE;
switch ($type) {
case self::SIGNATURE_HMAC:
$authorization = $this->request->getHeader('Authorization');
// Authorization ヘッダに含まれるパラメータを連想配列に変換
preg_match_all('/([a-z_]+)="([^"]+)"/', $authorization, $matches);
if (sizeof($matches[0])) {
$attributes = array_combine($matches[1], $matches[2]);
$parameters = array();
$parameters['oauth_nonce'] = $attributes['oauth_nonce'];
$parameters['oauth_signature_method'] = $attributes['oauth_signature_method'];
$parameters['oauth_timestamp'] = $attributes['oauth_timestamp'];
$parameters['oauth_version'] = $attributes['oauth_version'];
$parameters['opensocial_app_id'] = Mars_MixiMobileApp::getApplicationId();
$parameters['opensocial_owner_id'] = Mars_MixiMobileApp::getOwnerId();
$parameters += $this->request->getQuery();
$method = $this->request->getRequestMethod();
$uri = $this->request->getURL(FALSE);
$request = OAuthRequest::from_consumer_and_token($this->_consumer, NULL, $method, $uri, $parameters);
$request->sign_request(new OAuthSignatureMethod_HMAC_SHA1(), $this->_consumer, NULL);
$buildSignature = @$request->get_parameter('oauth_signature');
$requestSignature = urldecode($attributes['oauth_signature']);
if ($buildSignature === $requestSignature) {
$result = TRUE;
}
}
break;
case self::SIGNATURE_RSA_PC:
$request = OAuthRequest::from_request(NULL, NULL, array_merge($_GET, $_POST));
// 不正なリクエスト時に 'Undefined index: oauth_signature' エラーが起こる不具合 (r525 で確認済み) があるため、エラー制御演算子を付けておく
$signature = @$request->get_parameter('oauth_signature');
if (!is_null($signature)) {
$signatureMethod = new Mars_MixiPCSignature();
$result = $signatureMethod->check_signature($request, NULL, NULL, $signature);
}
break;
case self::SIGNATURE_RSA_TOUCH:
$request = OAuthRequest::from_request(NULL, NULL, array_merge($_GET, $_POST));
$signature = @$request->get_parameter('oauth_signature');
if (!is_null($signature)) {
$signatureMethod = new Mars_MixiTouchSignature();
$result = $signatureMethod->check_signature($request, NULL, NULL, $signature);
}
break;
case self::SIGNATURE_RSA_PHOTO_UPLOAD:
$request = OAuthRequest::from_request();
$signature = @$request->get_parameter('oauth_signature');
if (!is_null($signature)) {
$signatureMethod = new Mars_MixiFileUploadSignature();
$result = $signatureMethod->check_signature($request, NULL, NULL, $signature);
}
break;
case self::SIGNATURE_RSA_LIFECYCLE_EVENT:
if ($this->request->getParameter('opensocial_owner_id') !== NULL) {
break;
}
if ($this->request->getParameter('opensocial_viewer_id') !== NULL) {
break;
}
// ライフサイクルイベントは mixi から POST リクエストが送信される
// (OAuth の仕様上は POST データを署名生成のアルゴリズムに使用することが規定されているが、mixi アプリが仕様に準拠していないため QueryString のみを使用する)
$requestHeaders = OAuthUtil::get_headers();
$parameters = OAuthUtil::parse_parameters($this->request->getEnvironment('QUERY_STRING'));
if (isset($requestHeaders['Authorization']) && substr($requestHeaders['Authorization'], 0, 6) == 'OAuth ') {
$headerParameters = OAuthUtil::split_header($requestHeaders['Authorization'], FALSE);
$parameters = array_merge($parameters, $headerParameters);
$request = OAuthRequest::from_request(NULL, NULL, $parameters);
$signature = $request->get_parameter('oauth_signature');
if (!is_null($signature)) {
$signatureMethod = new Mars_MixiLifecycleEventSignature();
$result = $signatureMethod->check_signature($request, NULL, NULL, $signature);
}
}
break;
default:
$message = sprintf('Signature format is not supported. [%s]', $type);
throw new Mars_UnsupportedException($message);
break;
}
return $result;
}
示例11: from_request
/**
* attempt to build up a request from what was passed to the server
*/
public static function from_request($http_method = NULL, $http_url = NULL, $parameters = NULL)
{
$scheme = !isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on" ? 'http' : 'https';
// $port = "";
// if ( $_SERVER['SERVER_PORT'] != "80" && $_SERVER['SERVER_PORT'] != "443" ) {
// $port = ':' . $_SERVER['SERVER_PORT'] ;
// }
@$http_url or $http_url = $scheme . '://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
@$http_method or $http_method = $_SERVER['REQUEST_METHOD'];
// We weren't handed any parameters, so let's find the ones relevant to
// this request.
// If you run XML-RPC or similar you should use this to provide your own
// parsed parameter-list
if (!$parameters) {
// Find request headers
$request_headers = OAuthUtil::get_headers();
// Parse the query-string to find GET parameters
$parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
// Add POST Parameters if they exist
$parameters = array_merge($parameters, $_POST);
// We have a Authorization-header with OAuth data. Parse the header
// and add those overriding any duplicates from GET or POST
if (@substr($request_headers['Authorization'], 0, 6) == "OAuth ") {
$header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
$parameters = array_merge($parameters, $header_parameters);
}
}
return new OAuthRequest($http_method, $http_url, $parameters);
}