ILIAS  release_5-4 Revision v5.4.26-12-gabc799a52e6
OAuthUtil.php
Go to the documentation of this file.
1<?php
2
3namespace IMSGlobal\LTI\OAuth;
4
12class OAuthUtil {
13
14 public static function urlencode_rfc3986($input) {
15
16 if (is_array($input)) {
17 return array_map(array('IMSGlobal\LTI\OAuth\OAuthUtil', 'urlencode_rfc3986'), $input);
18 } else if (is_scalar($input)) {
19 return str_replace('+', ' ', str_replace('%7E', '~', rawurlencode($input)));
20 } else {
21 return '';
22 }
23 }
24
25 // This decode function isn't taking into consideration the above
26 // modifications to the encoding process. However, this method doesn't
27 // seem to be used anywhere so leaving it as is.
28 public static function urldecode_rfc3986($string) {
29 return urldecode($string);
30 }
31
32 // Utility function for turning the Authorization: header into
33 // parameters, has to do some unescaping
34 // Can filter out any non-oauth parameters if needed (default behaviour)
35 // May 28th, 2010 - method updated to tjerk.meesters for a speed improvement.
36 // see http://code.google.com/p/oauth/issues/detail?id=163
37 public static function split_header($header, $only_allow_oauth_parameters = true) {
38
39 $params = array();
40 if (preg_match_all('/('.($only_allow_oauth_parameters ? 'oauth_' : '').'[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $header, $matches)) {
41 foreach ($matches[1] as $i => $h) {
42 $params[$h] = OAuthUtil::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]);
43 }
44 if (isset($params['realm'])) {
45 unset($params['realm']);
46 }
47 }
48
49 return $params;
50
51 }
52
53 // helper to try to sort out headers for people who aren't running apache
54 public static function get_headers() {
55
56 if (function_exists('apache_request_headers')) {
57 // we need this to get the actual Authorization: header
58 // because apache tends to tell us it doesn't exist
59 $headers = apache_request_headers();
60
61 // sanitize the output of apache_request_headers because
62 // we always want the keys to be Cased-Like-This and arh()
63 // returns the headers in the same case as they are in the
64 // request
65 $out = array();
66 foreach ($headers AS $key => $value) {
67 $key = str_replace(" ", "-", ucwords(strtolower(str_replace("-", " ", $key))));
68 $out[$key] = $value;
69 }
70 } else {
71 // otherwise we don't have apache and are just going to have to hope
72 // that $_SERVER actually contains what we need
73 $out = array();
74 if( isset($_SERVER['CONTENT_TYPE']) )
75 $out['Content-Type'] = $_SERVER['CONTENT_TYPE'];
76 if( isset($_ENV['CONTENT_TYPE']) )
77 $out['Content-Type'] = $_ENV['CONTENT_TYPE'];
78
79 foreach ($_SERVER as $key => $value) {
80 if (substr($key, 0, 5) == 'HTTP_') {
81 // this is chaos, basically it is just there to capitalize the first
82 // letter of every word that is not an initial HTTP and strip HTTP
83 // code from przemek
84 $key = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($key, 5)))));
85 $out[$key] = $value;
86 }
87 }
88 }
89 return $out;
90 }
91
92 // This function takes a input like a=b&a=c&d=e and returns the parsed
93 // parameters like this
94 // array('a' => array('b','c'), 'd' => 'e')
95 public static function parse_parameters( $input ) {
96
97 if (!isset($input) || !$input) return array();
98
99 $pairs = explode('&', $input);
100
101 $parsed_parameters = array();
102 foreach ($pairs as $pair) {
103 $split = explode('=', $pair, 2);
104 $parameter = self::urldecode_rfc3986($split[0]);
105 $value = isset($split[1]) ? self::urldecode_rfc3986($split[1]) : '';
106
107 if (isset($parsed_parameters[$parameter])) {
108 // We have already recieved parameter(s) with this name, so add to the list
109 // of parameters with this name
110
111 if (is_scalar($parsed_parameters[$parameter])) {
112 // This is the first duplicate, so transform scalar (string) into an array
113 // so we can add the duplicates
114 $parsed_parameters[$parameter] = array($parsed_parameters[$parameter]);
115 }
116
117 $parsed_parameters[$parameter][] = $value;
118 } else {
119 $parsed_parameters[$parameter] = $value;
120 }
121 }
122
123 return $parsed_parameters;
124
125 }
126
127 public static function build_http_query($params) {
128
129 if (!$params) return '';
130
131 // Urlencode both keys and values
134 $params = array_combine($keys, $values);
135
136 // Parameters are sorted by name, using lexicographical byte value ordering.
137 // Ref: Spec: 9.1.1 (1)
138 uksort($params, 'strcmp');
139
140 $pairs = array();
141 foreach ($params as $parameter => $value) {
142 if (is_array($value)) {
143 // If two or more parameters share the same name, they are sorted by their value
144 // Ref: Spec: 9.1.1 (1)
145 // June 12th, 2010 - changed to sort because of issue 164 by hidetaka
146 sort($value, SORT_STRING);
147 foreach ($value as $duplicate_value) {
148 $pairs[] = $parameter . '=' . $duplicate_value;
149 }
150 } else {
151 $pairs[] = $parameter . '=' . $value;
152 }
153 }
154
155 // For each parameter, the name is separated from the corresponding value by an '=' character (ASCII code 61)
156 // Each name-value pair is separated by an '&' character (ASCII code 38)
157 return implode('&', $pairs);
158
159 }
160
161}
An exception for terminatinating execution or to throw for unit testing.
Class to provide OAuth utility methods.
Definition: OAuthUtil.php:12
static split_header($header, $only_allow_oauth_parameters=true)
Definition: OAuthUtil.php:37
static urldecode_rfc3986($string)
Definition: OAuthUtil.php:28
static urlencode_rfc3986($input)
Definition: OAuthUtil.php:14
static build_http_query($params)
Definition: OAuthUtil.php:127
static parse_parameters( $input)
Definition: OAuthUtil.php:95
$key
Definition: croninfo.php:18
$i
Definition: disco.tpl.php:19
$h
$keys
if((!isset($_SERVER['DOCUMENT_ROOT'])) OR(empty($_SERVER['DOCUMENT_ROOT']))) $_SERVER['DOCUMENT_ROOT']
$values