ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
OAuthSignatureMethod.php
Go to the documentation of this file.
1<?php
2
3namespace IMSGlobal\LTI\OAuth;
4
16abstract class OAuthSignatureMethod {
21 abstract public function get_name();
22
33 abstract public function build_signature($request, $consumer, $token);
34
43 public function check_signature($request, $consumer, $token, $signature) {
44
45 $built = $this->build_signature($request, $consumer, $token);
46
47 // Check for zero length, although unlikely here
48 if (strlen($built) == 0 || strlen($signature) == 0) {
49 return false;
50 }
51
52 if (strlen($built) != strlen($signature)) {
53 return false;
54 }
55
56 // Avoid a timing leak with a (hopefully) time insensitive compare
57 $result = 0;
58 for ($i = 0; $i < strlen($signature); $i++) {
59 $result |= ord($built{$i}) ^ ord($signature{$i});
60 }
61
62 return $result == 0;
63
64 }
65
66}
$result
An exception for terminatinating execution or to throw for unit testing.
Class to represent an OAuth Signature Method.
get_name()
Needs to return the name of the Signature Method (ie HMAC-SHA1)
build_signature($request, $consumer, $token)
Build up the signature NOTE: The output of this function MUST NOT be urlencoded.
check_signature($request, $consumer, $token, $signature)
Verifies that a given signature is correct.
$consumer
Definition: demo.php:30
$i
Definition: disco.tpl.php:19