ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Static Public Member Functions | Data Fields | Static Public Attributes | Protected Attributes | Static Private Member Functions
IMSGlobal\LTI\OAuth\OAuthRequest Class Reference

Class to represent an OAuth Request. More...

+ Collaboration diagram for IMSGlobal\LTI\OAuth\OAuthRequest:

Public Member Functions

 __construct ($http_method, $http_url, $parameters=null)
 
 set_parameter ($name, $value, $allow_duplicates=true)
 
 get_parameter ($name)
 
 get_parameters ()
 
 unset_parameter ($name)
 
 get_signable_parameters ()
 The request parameters, sorted and concatenated into a normalized string. More...
 
 get_signature_base_string ()
 Returns the base string of this request. More...
 
 get_normalized_http_method ()
 just uppercases the http method More...
 
 get_normalized_http_url ()
 parses the url and rebuilds it to be scheme://host/path More...
 
 to_url ()
 builds a url usable for a GET request More...
 
 to_postdata ()
 builds the data one would send in a POST request More...
 
 to_header ($realm=null)
 builds the Authorization: header More...
 
 __toString ()
 
 sign_request ($signature_method, $consumer, $token)
 
 build_signature ($signature_method, $consumer, $token)
 

Static Public Member Functions

static from_request ($http_method=null, $http_url=null, $parameters=null)
 attempt to build up a request from what was passed to the server More...
 
static from_consumer_and_token ($consumer, $token, $http_method, $http_url, $parameters=null)
 pretty much a helper function to set up the request More...
 

Data Fields

 $base_string
 

Static Public Attributes

static $version = '1.0'
 
static $POST_INPUT = 'php://input'
 

Protected Attributes

 $parameters
 
 $http_method
 
 $http_url
 

Static Private Member Functions

static generate_timestamp ()
 util function: current timestamp More...
 
static generate_nonce ()
 util function: current nonce More...
 

Detailed Description

Class to represent an OAuth Request.

Copyright
Andy Smith
Version
2008-08-04 https://opensource.org/licenses/MIT The MIT License

Definition at line 12 of file OAuthRequest.php.

Constructor & Destructor Documentation

◆ __construct()

IMSGlobal\LTI\OAuth\OAuthRequest::__construct (   $http_method,
  $http_url,
  $parameters = null 
)

Definition at line 22 of file OAuthRequest.php.

References IMSGlobal\LTI\OAuth\OAuthRequest\$http_method, IMSGlobal\LTI\OAuth\OAuthRequest\$http_url, IMSGlobal\LTI\OAuth\OAuthRequest\$parameters, and IMSGlobal\LTI\OAuth\OAuthUtil\parse_parameters().

22  {
23 
24  $parameters = ($parameters) ? $parameters : array();
25  $parameters = array_merge( OAuthUtil::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
26  $this->parameters = $parameters;
27  $this->http_method = $http_method;
28  $this->http_url = $http_url;
29 
30  }
IMSGlobal\LTI\OAuth\OAuthUtil\parse_parameters
static parse_parameters( $input)
Definition: OAuthUtil.php:95
+ Here is the call graph for this function:

Member Function Documentation

◆ __toString()

IMSGlobal\LTI\OAuth\OAuthRequest::__toString ( )

Definition at line 251 of file OAuthRequest.php.

References IMSGlobal\LTI\OAuth\OAuthRequest\to_url().

251  {
252  return $this->to_url();
253  }
IMSGlobal\LTI\OAuth\OAuthRequest\to_url
to_url()
builds a url usable for a GET request
Definition: OAuthRequest.php:202
+ Here is the call graph for this function:

◆ build_signature()

IMSGlobal\LTI\OAuth\OAuthRequest::build_signature (   $signature_method,
  $consumer,
  $token 
)

Definition at line 268 of file OAuthRequest.php.

References PHPMailer\PHPMailer\$token.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\sign_request().

268  {
269  $signature = $signature_method->build_signature($this, $consumer, $token);
270  return $signature;
271  }
+ Here is the caller graph for this function:

◆ from_consumer_and_token()

static IMSGlobal\LTI\OAuth\OAuthRequest::from_consumer_and_token (   $consumer,
  $token,
  $http_method,
  $http_url,
  $parameters = null 
)
static

pretty much a helper function to set up the request

Definition at line 87 of file OAuthRequest.php.

References IMSGlobal\LTI\OAuth\OAuthRequest\$http_method, IMSGlobal\LTI\OAuth\OAuthRequest\$http_url, IMSGlobal\LTI\OAuth\OAuthRequest\$parameters, PHPMailer\PHPMailer\$token, IMSGlobal\LTI\OAuth\OAuthRequest\$version, IMSGlobal\LTI\OAuth\OAuthRequest\generate_nonce(), and IMSGlobal\LTI\OAuth\OAuthRequest\generate_timestamp().

Referenced by IMSGlobal\LTI\ToolProvider\ToolConsumer\addSignature(), IMSGlobal\LTI\ToolProvider\ResourceLink\doLTI11Service(), and IMSGlobal\LTI\ToolProvider\ToolConsumer\signParameters().

87  {
88 
89  $parameters = ($parameters) ? $parameters : array();
90  $defaults = array('oauth_version' => OAuthRequest::$version,
91  'oauth_nonce' => OAuthRequest::generate_nonce(),
92  'oauth_timestamp' => OAuthRequest::generate_timestamp(),
93  'oauth_consumer_key' => $consumer->key);
94  if ($token)
95  $defaults['oauth_token'] = $token->key;
96 
97  $parameters = array_merge($defaults, $parameters);
98 
99  return new OAuthRequest($http_method, $http_url, $parameters);
100 
101  }
IMSGlobal\LTI\OAuth\OAuthRequest\generate_timestamp
static generate_timestamp()
util function: current timestamp
Definition: OAuthRequest.php:276
IMSGlobal\LTI\OAuth\OAuthRequest\generate_nonce
static generate_nonce()
util function: current nonce
Definition: OAuthRequest.php:283
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ from_request()

static IMSGlobal\LTI\OAuth\OAuthRequest::from_request (   $http_method = null,
  $http_url = null,
  $parameters = null 
)
static

attempt to build up a request from what was passed to the server

Definition at line 36 of file OAuthRequest.php.

References $_SERVER, IMSGlobal\LTI\OAuth\OAuthRequest\$http_method, IMSGlobal\LTI\OAuth\OAuthRequest\$http_url, IMSGlobal\LTI\OAuth\OAuthRequest\$parameters, IMSGlobal\LTI\OAuth\OAuthUtil\get_headers(), IMSGlobal\LTI\OAuth\OAuthUtil\parse_parameters(), and IMSGlobal\LTI\OAuth\OAuthUtil\split_header().

Referenced by IMSGlobal\LTI\ToolProvider\ToolProvider\authenticate().

36  {
37 
38  $scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on")
39  ? 'http'
40  : 'https';
41  $http_url = ($http_url) ? $http_url : $scheme .
42  '://' . $_SERVER['SERVER_NAME'] .
43  ':' .
44  $_SERVER['SERVER_PORT'] .
45  $_SERVER['REQUEST_URI'];
46  $http_method = ($http_method) ? $http_method : $_SERVER['REQUEST_METHOD'];
47 
48  // We weren't handed any parameters, so let's find the ones relevant to
49  // this request.
50  // If you run XML-RPC or similar you should use this to provide your own
51  // parsed parameter-list
52  if (!$parameters) {
53  // Find request headers
54  $request_headers = OAuthUtil::get_headers();
55 
56  // Parse the query-string to find GET parameters
57  if (isset($_SERVER['QUERY_STRING'])) {
58  $parameters = OAuthUtil::parse_parameters($_SERVER['QUERY_STRING']);
59  } else {
60  $parameters = array();
61  }
62 
63  // It's a POST request of the proper content-type, so parse POST
64  // parameters and add those overriding any duplicates from GET
65  if ($http_method == "POST"
66  && isset($request_headers['Content-Type'])
67  && strstr($request_headers['Content-Type'], 'application/x-www-form-urlencoded')) {
68  $post_data = OAuthUtil::parse_parameters(file_get_contents(self::$POST_INPUT));
69  $parameters = array_merge($parameters, $post_data);
70  }
71 
72  // We have a Authorization-header with OAuth data. Parse the header
73  // and add those overriding any duplicates from GET or POST
74  if (isset($request_headers['Authorization']) && substr($request_headers['Authorization'], 0, 6) == 'OAuth ') {
75  $header_parameters = OAuthUtil::split_header($request_headers['Authorization']);
76  $parameters = array_merge($parameters, $header_parameters);
77  }
78 
79  }
80 
81  return new OAuthRequest($http_method, $http_url, $parameters);
82  }
$_SERVER
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
Definition: tcpdf_autoconfig.php:54
IMSGlobal\LTI\OAuth\OAuthUtil\split_header
static split_header($header, $only_allow_oauth_parameters=true)
Definition: OAuthUtil.php:37
IMSGlobal\LTI\OAuth\OAuthUtil\parse_parameters
static parse_parameters( $input)
Definition: OAuthUtil.php:95
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ generate_nonce()

static IMSGlobal\LTI\OAuth\OAuthRequest::generate_nonce ( )
staticprivate

util function: current nonce

Definition at line 283 of file OAuthRequest.php.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\from_consumer_and_token().

283  {
284  $mt = microtime();
285  $rand = mt_rand();
286 
287  return md5($mt . $rand); // md5s look nicer than numbers
288  }
+ Here is the caller graph for this function:

◆ generate_timestamp()

static IMSGlobal\LTI\OAuth\OAuthRequest::generate_timestamp ( )
staticprivate

util function: current timestamp

Definition at line 276 of file OAuthRequest.php.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\from_consumer_and_token().

276  {
277  return time();
278  }
+ Here is the caller graph for this function:

◆ get_normalized_http_method()

IMSGlobal\LTI\OAuth\OAuthRequest::get_normalized_http_method ( )

just uppercases the http method

Definition at line 173 of file OAuthRequest.php.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\get_signature_base_string().

173  {
174  return strtoupper($this->http_method);
175  }
+ Here is the caller graph for this function:

◆ get_normalized_http_url()

IMSGlobal\LTI\OAuth\OAuthRequest::get_normalized_http_url ( )

parses the url and rebuilds it to be scheme://host/path

Definition at line 181 of file OAuthRequest.php.

References $path.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\get_signature_base_string(), and IMSGlobal\LTI\OAuth\OAuthRequest\to_url().

181  {
182 
183  $parts = parse_url($this->http_url);
184 
185  $scheme = (isset($parts['scheme'])) ? $parts['scheme'] : 'http';
186  $port = (isset($parts['port'])) ? $parts['port'] : (($scheme == 'https') ? '443' : '80');
187  $host = (isset($parts['host'])) ? strtolower($parts['host']) : '';
188  $path = (isset($parts['path'])) ? $parts['path'] : '';
189 
190  if (($scheme == 'https' && $port != '443')
191  || ($scheme == 'http' && $port != '80')) {
192  $host = "$host:$port";
193  }
194 
195  return "$scheme://$host$path";
196 
197  }
$path
$path
Definition: aliased.php:25
+ Here is the caller graph for this function:

◆ get_parameter()

IMSGlobal\LTI\OAuth\OAuthRequest::get_parameter (   $name)

Definition at line 119 of file OAuthRequest.php.

References $name.

119  {
120  return isset($this->parameters[$name]) ? $this->parameters[$name] : null;
121  }
$name
$name
Definition: client_example.php:35

◆ get_parameters()

IMSGlobal\LTI\OAuth\OAuthRequest::get_parameters ( )

Definition at line 123 of file OAuthRequest.php.

References IMSGlobal\LTI\OAuth\OAuthRequest\$parameters.

123  {
124  return $this->parameters;
125  }

◆ get_signable_parameters()

IMSGlobal\LTI\OAuth\OAuthRequest::get_signable_parameters ( )

The request parameters, sorted and concatenated into a normalized string.

Returns
string

Definition at line 135 of file OAuthRequest.php.

References IMSGlobal\LTI\OAuth\OAuthRequest\$parameters, PHPMailer\PHPMailer\$params, and IMSGlobal\LTI\OAuth\OAuthUtil\build_http_query().

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\get_signature_base_string().

135  {
136 
137  // Grab all parameters
138  $params = $this->parameters;
139 
140  // Remove oauth_signature if present
141  // Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.")
142  if (isset($params['oauth_signature'])) {
143  unset($params['oauth_signature']);
144  }
145 
146  return OAuthUtil::build_http_query($params);
147 
148  }
IMSGlobal\LTI\OAuth\OAuthUtil\build_http_query
static build_http_query($params)
Definition: OAuthUtil.php:127
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ get_signature_base_string()

IMSGlobal\LTI\OAuth\OAuthRequest::get_signature_base_string ( )

Returns the base string of this request.

The base string defined as the method, the url and the parameters (normalized), each urlencoded and the concated with &.

Definition at line 157 of file OAuthRequest.php.

References IMSGlobal\LTI\OAuth\OAuthRequest\get_normalized_http_method(), IMSGlobal\LTI\OAuth\OAuthRequest\get_normalized_http_url(), IMSGlobal\LTI\OAuth\OAuthRequest\get_signable_parameters(), and IMSGlobal\LTI\OAuth\OAuthUtil\urlencode_rfc3986().

157  {
158  $parts = array(
159  $this->get_normalized_http_method(),
160  $this->get_normalized_http_url(),
161  $this->get_signable_parameters()
162  );
163 
164  $parts = OAuthUtil::urlencode_rfc3986($parts);
165 
166  return implode('&', $parts);
167 
168  }
IMSGlobal\LTI\OAuth\OAuthRequest\get_normalized_http_url
get_normalized_http_url()
parses the url and rebuilds it to be scheme://host/path
Definition: OAuthRequest.php:181
IMSGlobal\LTI\OAuth\OAuthUtil\urlencode_rfc3986
static urlencode_rfc3986($input)
Definition: OAuthUtil.php:14
IMSGlobal\LTI\OAuth\OAuthRequest\get_normalized_http_method
get_normalized_http_method()
just uppercases the http method
Definition: OAuthRequest.php:173
IMSGlobal\LTI\OAuth\OAuthRequest\get_signable_parameters
get_signable_parameters()
The request parameters, sorted and concatenated into a normalized string.
Definition: OAuthRequest.php:135
+ Here is the call graph for this function:

◆ set_parameter()

IMSGlobal\LTI\OAuth\OAuthRequest::set_parameter (   $name,
  $value,
  $allow_duplicates = true 
)

Definition at line 103 of file OAuthRequest.php.

References $name.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\sign_request().

103  {
104 
105  if ($allow_duplicates && isset($this->parameters[$name])) {
106  // We have already added parameter(s) with this name, so add to the list
107  if (is_scalar($this->parameters[$name])) {
108  // This is the first duplicate, so transform scalar (string)
109  // into an array so we can add the duplicates
110  $this->parameters[$name] = array($this->parameters[$name]);
111  }
112 
113  $this->parameters[$name][] = $value;
114  } else {
115  $this->parameters[$name] = $value;
116  }
117  }
$name
$name
Definition: client_example.php:35
+ Here is the caller graph for this function:

◆ sign_request()

IMSGlobal\LTI\OAuth\OAuthRequest::sign_request (   $signature_method,
  $consumer,
  $token 
)

Definition at line 256 of file OAuthRequest.php.

References PHPMailer\PHPMailer\$token, IMSGlobal\LTI\OAuth\OAuthRequest\build_signature(), and IMSGlobal\LTI\OAuth\OAuthRequest\set_parameter().

256  {
257 
258  $this->set_parameter(
259  "oauth_signature_method",
260  $signature_method->get_name(),
261  false
262  );
263  $signature = $this->build_signature($signature_method, $consumer, $token);
264  $this->set_parameter("oauth_signature", $signature, false);
265 
266  }
IMSGlobal\LTI\OAuth\OAuthRequest\build_signature
build_signature($signature_method, $consumer, $token)
Definition: OAuthRequest.php:268
IMSGlobal\LTI\OAuth\OAuthRequest\set_parameter
set_parameter($name, $value, $allow_duplicates=true)
Definition: OAuthRequest.php:103
+ Here is the call graph for this function:

◆ to_header()

IMSGlobal\LTI\OAuth\OAuthRequest::to_header (   $realm = null)

builds the Authorization: header

Definition at line 224 of file OAuthRequest.php.

References $out, $total, and IMSGlobal\LTI\OAuth\OAuthUtil\urlencode_rfc3986().

224  {
225 
226  $first = true;
227  if($realm) {
228  $out = 'Authorization: OAuth realm="' . OAuthUtil::urlencode_rfc3986($realm) . '"';
229  $first = false;
230  } else
231  $out = 'Authorization: OAuth';
232 
233  $total = array();
234  foreach ($this->parameters as $k => $v) {
235  if (substr($k, 0, 5) != "oauth") continue;
236  if (is_array($v)) {
237  throw new OAuthException('Arrays not supported in headers');
238  }
239  $out .= ($first) ? ' ' : ',';
240  $out .= OAuthUtil::urlencode_rfc3986($k) .
241  '="' .
242  OAuthUtil::urlencode_rfc3986($v) .
243  '"';
244  $first = false;
245  }
246 
247  return $out;
248 
249  }
$total
$total
Definition: Utf8Test.php:87
IMSGlobal\LTI\OAuth\OAuthUtil\urlencode_rfc3986
static urlencode_rfc3986($input)
Definition: OAuthUtil.php:14
+ Here is the call graph for this function:

◆ to_postdata()

IMSGlobal\LTI\OAuth\OAuthRequest::to_postdata ( )

builds the data one would send in a POST request

Definition at line 217 of file OAuthRequest.php.

References IMSGlobal\LTI\OAuth\OAuthUtil\build_http_query().

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\to_url().

217  {
218  return OAuthUtil::build_http_query($this->parameters);
219  }
IMSGlobal\LTI\OAuth\OAuthUtil\build_http_query
static build_http_query($params)
Definition: OAuthUtil.php:127
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ to_url()

IMSGlobal\LTI\OAuth\OAuthRequest::to_url ( )

builds a url usable for a GET request

Definition at line 202 of file OAuthRequest.php.

References $out, IMSGlobal\LTI\OAuth\OAuthRequest\get_normalized_http_url(), and IMSGlobal\LTI\OAuth\OAuthRequest\to_postdata().

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\__toString().

202  {
203 
204  $post_data = $this->to_postdata();
205  $out = $this->get_normalized_http_url();
206  if ($post_data) {
207  $out .= '?'.$post_data;
208  }
209 
210  return $out;
211 
212  }
IMSGlobal\LTI\OAuth\OAuthRequest\get_normalized_http_url
get_normalized_http_url()
parses the url and rebuilds it to be scheme://host/path
Definition: OAuthRequest.php:181
IMSGlobal\LTI\OAuth\OAuthRequest\to_postdata
to_postdata()
builds the data one would send in a POST request
Definition: OAuthRequest.php:217
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ unset_parameter()

IMSGlobal\LTI\OAuth\OAuthRequest::unset_parameter (   $name)

Definition at line 127 of file OAuthRequest.php.

References $name.

127  {
128  unset($this->parameters[$name]);
129  }
$name
$name
Definition: client_example.php:35

Field Documentation

◆ $base_string

IMSGlobal\LTI\OAuth\OAuthRequest::$base_string

Definition at line 18 of file OAuthRequest.php.

◆ $http_method

IMSGlobal\LTI\OAuth\OAuthRequest::$http_method
protected

Definition at line 15 of file OAuthRequest.php.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\__construct(), IMSGlobal\LTI\OAuth\OAuthRequest\from_consumer_and_token(), and IMSGlobal\LTI\OAuth\OAuthRequest\from_request().

◆ $http_url

IMSGlobal\LTI\OAuth\OAuthRequest::$http_url
protected

Definition at line 16 of file OAuthRequest.php.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\__construct(), IMSGlobal\LTI\OAuth\OAuthRequest\from_consumer_and_token(), and IMSGlobal\LTI\OAuth\OAuthRequest\from_request().

◆ $parameters

IMSGlobal\LTI\OAuth\OAuthRequest::$parameters
protected

Definition at line 14 of file OAuthRequest.php.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\__construct(), IMSGlobal\LTI\OAuth\OAuthRequest\from_consumer_and_token(), IMSGlobal\LTI\OAuth\OAuthRequest\from_request(), IMSGlobal\LTI\OAuth\OAuthRequest\get_parameters(), and IMSGlobal\LTI\OAuth\OAuthRequest\get_signable_parameters().

◆ $POST_INPUT

IMSGlobal\LTI\OAuth\OAuthRequest::$POST_INPUT = 'php://input'
static

Definition at line 20 of file OAuthRequest.php.

◆ $version

IMSGlobal\LTI\OAuth\OAuthRequest::$version = '1.0'
static

Definition at line 19 of file OAuthRequest.php.

Referenced by IMSGlobal\LTI\OAuth\OAuthRequest\from_consumer_and_token().

The documentation for this class was generated from the following file: