ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
Public Member Functions | Protected Attributes | Private Member Functions
IMSGlobal\LTI\OAuth\OAuthServer Class Reference

Class to represent an OAuth Server. More...

+ Collaboration diagram for IMSGlobal\LTI\OAuth\OAuthServer:

Public Member Functions

 __construct ($data_store)
 
 add_signature_method ($signature_method)
 
 fetch_request_token (&$request)
 process a request_token request returns the request token on success More...
 
 fetch_access_token (&$request)
 process an access_token request returns the access token on success More...
 
 verify_request (&$request)
 verify an api call, checks all the parameters More...
 

Protected Attributes

 $timestamp_threshold = 300
 
 $version = '1.0'
 
 $signature_methods = array()
 
 $data_store
 

Private Member Functions

 get_version (&$request)
 version 1 More...
 
 get_signature_method ($request)
 figure out the signature with some defaults More...
 
 get_consumer ($request)
 try to find the consumer for the provided request's consumer key More...
 
 get_token ($request, $consumer, $token_type="access")
 try to find the token for the provided request's token key More...
 
 check_signature ($request, $consumer, $token)
 all-in-one function to check the signature on a request should guess the signature method appropriately More...
 
 check_timestamp ($timestamp)
 check that the timestamp is new enough More...
 
 check_nonce ($consumer, $token, $nonce, $timestamp)
 check that the nonce is not repeated More...
 

Detailed Description

Class to represent an OAuth Server.

Copyright
Andy Smith
Version
2008-08-04 https://opensource.org/licenses/MIT The MIT License

Definition at line 12 of file OAuthServer.php.

Constructor & Destructor Documentation

◆ __construct()

IMSGlobal\LTI\OAuth\OAuthServer::__construct (   $data_store)

Definition at line 20 of file OAuthServer.php.

References IMSGlobal\LTI\OAuth\OAuthServer\$data_store.

20  {
21  $this->data_store = $data_store;
22  }

Member Function Documentation

◆ add_signature_method()

IMSGlobal\LTI\OAuth\OAuthServer::add_signature_method (   $signature_method)

Definition at line 24 of file OAuthServer.php.

24  {
25  $this->signature_methods[$signature_method->get_name()] = $signature_method;
26  }

◆ check_nonce()

IMSGlobal\LTI\OAuth\OAuthServer::check_nonce (   $consumer,
  $token,
  $nonce,
  $timestamp 
)
private

check that the nonce is not repeated

Definition at line 220 of file OAuthServer.php.

References $timestamp, and PHPMailer\PHPMailer\$token.

Referenced by IMSGlobal\LTI\OAuth\OAuthServer\check_signature().

220  {
221 
222  if(!$nonce)
223  throw new OAuthException('Missing nonce parameter. The parameter is required');
224 
225  // verify that the nonce is uniqueish
226  $found = $this->data_store->lookup_nonce($consumer, $token, $nonce, $timestamp);
227  if ($found) {
228  throw new OAuthException("Nonce already used: $nonce");
229  }
230 
231  }
$timestamp
foreach($mandatory_scripts as $file) $timestamp
Definition: buildRTE.php:81
+ Here is the caller graph for this function:

◆ check_signature()

IMSGlobal\LTI\OAuth\OAuthServer::check_signature (   $request,
  $consumer,
  $token 
)
private

all-in-one function to check the signature on a request should guess the signature method appropriately

Definition at line 179 of file OAuthServer.php.

References $request, $timestamp, PHPMailer\PHPMailer\$token, IMSGlobal\LTI\OAuth\OAuthServer\check_nonce(), IMSGlobal\LTI\OAuth\OAuthServer\check_timestamp(), and IMSGlobal\LTI\OAuth\OAuthServer\get_signature_method().

Referenced by IMSGlobal\LTI\OAuth\OAuthServer\fetch_access_token(), IMSGlobal\LTI\OAuth\OAuthServer\fetch_request_token(), and IMSGlobal\LTI\OAuth\OAuthServer\verify_request().

179  {
180 
181  // this should probably be in a different method
182  $timestamp = $request instanceof OAuthRequest
183  ? $request->get_parameter('oauth_timestamp')
184  : NULL;
185  $nonce = $request instanceof OAuthRequest
186  ? $request->get_parameter('oauth_nonce')
187  : NULL;
188 
189  $this->check_timestamp($timestamp);
190  $this->check_nonce($consumer, $token, $nonce, $timestamp);
191 
192  $signature_method = $this->get_signature_method($request);
193 
194  $signature = $request->get_parameter('oauth_signature');
195  $valid_sig = $signature_method->check_signature($request, $consumer, $token, $signature);
196 
197  if (!$valid_sig) {
198  throw new OAuthException('Invalid signature');
199  }
200  }
IMSGlobal\LTI\OAuth\OAuthServer\check_timestamp
check_timestamp($timestamp)
check that the timestamp is new enough
Definition: OAuthServer.php:205
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
IMSGlobal\LTI\OAuth\OAuthServer\check_nonce
check_nonce($consumer, $token, $nonce, $timestamp)
check that the nonce is not repeated
Definition: OAuthServer.php:220
IMSGlobal\LTI\OAuth\OAuthServer\get_signature_method
get_signature_method($request)
figure out the signature with some defaults
Definition: OAuthServer.php:113
$timestamp
foreach($mandatory_scripts as $file) $timestamp
Definition: buildRTE.php:81
+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ check_timestamp()

IMSGlobal\LTI\OAuth\OAuthServer::check_timestamp (   $timestamp)
private

check that the timestamp is new enough

Definition at line 205 of file OAuthServer.php.

References $timestamp.

Referenced by IMSGlobal\LTI\OAuth\OAuthServer\check_signature().

205  {
206  if(!$timestamp)
207  throw new OAuthException('Missing timestamp parameter. The parameter is required');
208 
209  // verify that timestamp is recentish
210  $now = time();
211  if (abs($now - $timestamp) > $this->timestamp_threshold) {
212  throw new OAuthException("Expired timestamp, yours $timestamp, ours $now");
213  }
214 
215  }
$timestamp
foreach($mandatory_scripts as $file) $timestamp
Definition: buildRTE.php:81
+ Here is the caller graph for this function:

◆ fetch_access_token()

IMSGlobal\LTI\OAuth\OAuthServer::fetch_access_token ( $request)

process an access_token request returns the access token on success

Definition at line 57 of file OAuthServer.php.

References $request, PHPMailer\PHPMailer\$token, IMSGlobal\LTI\OAuth\OAuthServer\check_signature(), IMSGlobal\LTI\OAuth\OAuthServer\get_consumer(), IMSGlobal\LTI\OAuth\OAuthServer\get_token(), and IMSGlobal\LTI\OAuth\OAuthServer\get_version().

57  {
58 
59  $this->get_version($request);
60 
61  $consumer = $this->get_consumer($request);
62 
63  // requires authorized request token
64  $token = $this->get_token($request, $consumer, "request");
65 
66  $this->check_signature($request, $consumer, $token);
67 
68  // Rev A change
69  $verifier = $request->get_parameter('oauth_verifier');
70  $new_token = $this->data_store->new_access_token($token, $consumer, $verifier);
71 
72  return $new_token;
73 
74  }
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
IMSGlobal\LTI\OAuth\OAuthServer\check_signature
check_signature($request, $consumer, $token)
all-in-one function to check the signature on a request should guess the signature method appropriate...
Definition: OAuthServer.php:179
IMSGlobal\LTI\OAuth\OAuthServer\get_token
get_token($request, $consumer, $token_type="access")
try to find the token for the provided request's token key
Definition: OAuthServer.php:161
IMSGlobal\LTI\OAuth\OAuthServer\get_version
get_version(&$request)
version 1
Definition: OAuthServer.php:94
IMSGlobal\LTI\OAuth\OAuthServer\get_consumer
get_consumer($request)
try to find the consumer for the provided request's consumer key
Definition: OAuthServer.php:140
+ Here is the call graph for this function:

◆ fetch_request_token()

IMSGlobal\LTI\OAuth\OAuthServer::fetch_request_token ( $request)

process a request_token request returns the request token on success

Definition at line 34 of file OAuthServer.php.

References $request, PHPMailer\PHPMailer\$token, IMSGlobal\LTI\OAuth\OAuthServer\check_signature(), IMSGlobal\LTI\OAuth\OAuthServer\get_consumer(), and IMSGlobal\LTI\OAuth\OAuthServer\get_version().

34  {
35 
36  $this->get_version($request);
37 
38  $consumer = $this->get_consumer($request);
39 
40  // no token required for the initial token request
41  $token = NULL;
42 
43  $this->check_signature($request, $consumer, $token);
44 
45  // Rev A change
46  $callback = $request->get_parameter('oauth_callback');
47  $new_token = $this->data_store->new_request_token($consumer, $callback);
48 
49  return $new_token;
50 
51  }
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
IMSGlobal\LTI\OAuth\OAuthServer\check_signature
check_signature($request, $consumer, $token)
all-in-one function to check the signature on a request should guess the signature method appropriate...
Definition: OAuthServer.php:179
IMSGlobal\LTI\OAuth\OAuthServer\get_version
get_version(&$request)
version 1
Definition: OAuthServer.php:94
IMSGlobal\LTI\OAuth\OAuthServer\get_consumer
get_consumer($request)
try to find the consumer for the provided request's consumer key
Definition: OAuthServer.php:140
+ Here is the call graph for this function:

◆ get_consumer()

IMSGlobal\LTI\OAuth\OAuthServer::get_consumer (   $request)
private

try to find the consumer for the provided request's consumer key

Definition at line 140 of file OAuthServer.php.

References $request.

Referenced by IMSGlobal\LTI\OAuth\OAuthServer\fetch_access_token(), IMSGlobal\LTI\OAuth\OAuthServer\fetch_request_token(), and IMSGlobal\LTI\OAuth\OAuthServer\verify_request().

140  {
141 
142  $consumer_key = $request instanceof OAuthRequest
143  ? $request->get_parameter('oauth_consumer_key') : NULL;
144 
145  if (!$consumer_key) {
146  throw new OAuthException('Invalid consumer key');
147  }
148 
149  $consumer = $this->data_store->lookup_consumer($consumer_key);
150  if (!$consumer) {
151  throw new OAuthException('Invalid consumer');
152  }
153 
154  return $consumer;
155 
156  }
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
+ Here is the caller graph for this function:

◆ get_signature_method()

IMSGlobal\LTI\OAuth\OAuthServer::get_signature_method (   $request)
private

figure out the signature with some defaults

Definition at line 113 of file OAuthServer.php.

References $request.

Referenced by IMSGlobal\LTI\OAuth\OAuthServer\check_signature().

113  {
114 
115  $signature_method = $request instanceof OAuthRequest
116  ? $request->get_parameter('oauth_signature_method') : NULL;
117 
118  if (!$signature_method) {
119  // According to chapter 7 ("Accessing Protected Ressources") the signature-method
120  // parameter is required, and we can't just fallback to PLAINTEXT
121  throw new OAuthException('No signature method parameter. This parameter is required');
122  }
123 
124  if (!in_array($signature_method,
125  array_keys($this->signature_methods))) {
126  throw new OAuthException(
127  "Signature method '$signature_method' not supported " .
128  'try one of the following: ' .
129  implode(', ', array_keys($this->signature_methods))
130  );
131  }
132 
133  return $this->signature_methods[$signature_method];
134 
135  }
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
+ Here is the caller graph for this function:

◆ get_token()

IMSGlobal\LTI\OAuth\OAuthServer::get_token (   $request,
  $consumer,
  $token_type = "access" 
)
private

try to find the token for the provided request's token key

Definition at line 161 of file OAuthServer.php.

References $request, and PHPMailer\PHPMailer\$token.

Referenced by IMSGlobal\LTI\OAuth\OAuthServer\fetch_access_token(), and IMSGlobal\LTI\OAuth\OAuthServer\verify_request().

161  {
162 
163  $token_field = $request instanceof OAuthRequest
164  ? $request->get_parameter('oauth_token') : NULL;
165 
166  $token = $this->data_store->lookup_token($consumer, $token_type, $token_field);
167  if (!$token) {
168  throw new OAuthException("Invalid $token_type token: $token_field");
169  }
170 
171  return $token;
172 
173  }
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
+ Here is the caller graph for this function:

◆ get_version()

IMSGlobal\LTI\OAuth\OAuthServer::get_version ( $request)
private

version 1

Definition at line 94 of file OAuthServer.php.

References $request, and IMSGlobal\LTI\OAuth\OAuthServer\$version.

Referenced by IMSGlobal\LTI\OAuth\OAuthServer\fetch_access_token(), IMSGlobal\LTI\OAuth\OAuthServer\fetch_request_token(), and IMSGlobal\LTI\OAuth\OAuthServer\verify_request().

94  {
95 
96  $version = $request->get_parameter("oauth_version");
97  if (!$version) {
98  // Service Providers MUST assume the protocol version to be 1.0 if this parameter is not present.
99  // Chapter 7.0 ("Accessing Protected Ressources")
100  $version = '1.0';
101  }
102  if ($version !== $this->version) {
103  throw new OAuthException("OAuth version '$version' not supported");
104  }
105 
106  return $version;
107 
108  }
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
+ Here is the caller graph for this function:

◆ verify_request()

IMSGlobal\LTI\OAuth\OAuthServer::verify_request ( $request)

verify an api call, checks all the parameters

Definition at line 79 of file OAuthServer.php.

References $request, PHPMailer\PHPMailer\$token, IMSGlobal\LTI\OAuth\OAuthServer\check_signature(), IMSGlobal\LTI\OAuth\OAuthServer\get_consumer(), IMSGlobal\LTI\OAuth\OAuthServer\get_token(), and IMSGlobal\LTI\OAuth\OAuthServer\get_version().

79  {
80 
81  $this->get_version($request);
82  $consumer = $this->get_consumer($request);
83  $token = $this->get_token($request, $consumer, "access");
84  $this->check_signature($request, $consumer, $token);
85 
86  return array($consumer, $token);
87 
88  }
$request
foreach($paths as $path) $request
Definition: asyncclient.php:32
IMSGlobal\LTI\OAuth\OAuthServer\check_signature
check_signature($request, $consumer, $token)
all-in-one function to check the signature on a request should guess the signature method appropriate...
Definition: OAuthServer.php:179
IMSGlobal\LTI\OAuth\OAuthServer\get_token
get_token($request, $consumer, $token_type="access")
try to find the token for the provided request's token key
Definition: OAuthServer.php:161
IMSGlobal\LTI\OAuth\OAuthServer\get_version
get_version(&$request)
version 1
Definition: OAuthServer.php:94
IMSGlobal\LTI\OAuth\OAuthServer\get_consumer
get_consumer($request)
try to find the consumer for the provided request's consumer key
Definition: OAuthServer.php:140
+ Here is the call graph for this function:

Field Documentation

◆ $data_store

IMSGlobal\LTI\OAuth\OAuthServer::$data_store
protected

Definition at line 18 of file OAuthServer.php.

Referenced by IMSGlobal\LTI\OAuth\OAuthServer\__construct().

◆ $signature_methods

IMSGlobal\LTI\OAuth\OAuthServer::$signature_methods = array()
protected

Definition at line 16 of file OAuthServer.php.

◆ $timestamp_threshold

IMSGlobal\LTI\OAuth\OAuthServer::$timestamp_threshold = 300
protected

Definition at line 14 of file OAuthServer.php.

◆ $version

IMSGlobal\LTI\OAuth\OAuthServer::$version = '1.0'
protected

Definition at line 15 of file OAuthServer.php.

Referenced by IMSGlobal\LTI\OAuth\OAuthServer\get_version().

The documentation for this class was generated from the following file: