ILIAS  release_6 Revision v6.24-5-g0c8bfefb3b8
All Data Structures Namespaces Files Functions Variables Modules Pages
Public Member Functions | Protected Member Functions
OAuthSignatureMethod_RSA_SHA1 Class Reference
+ Inheritance diagram for OAuthSignatureMethod_RSA_SHA1:
+ Collaboration diagram for OAuthSignatureMethod_RSA_SHA1:

Public Member Functions

 get_name ()
 
 build_signature (&$request, $consumer, $token)
 
 check_signature (&$request, $consumer, $token, $signature)
 
- Public Member Functions inherited from OAuthSignatureMethod
 check_signature (&$request, $consumer, $token, $signature)
 

Protected Member Functions

 fetch_public_cert (&$request)
 
 fetch_private_cert (&$request)
 

Detailed Description

Definition at line 137 of file OAuth.php.

Member Function Documentation

◆ build_signature()

OAuthSignatureMethod_RSA_SHA1::build_signature ( $request,
  $consumer,
  $token 
)

Definition at line 164 of file OAuth.php.

References $ok.

165  {
166  $base_string = $request->get_signature_base_string();
167  $request->base_string = $base_string;
168 
169  // Fetch the private key cert based on the request
170  $cert = $this->fetch_private_cert($request);
171 
172  // Pull the private key ID from the certificate
173  $privatekeyid = openssl_get_privatekey($cert);
174 
175  // Sign using the key
176  $ok = openssl_sign($base_string, $signature, $privatekeyid);
177 
178  // Release the key resource
179  openssl_free_key($privatekeyid);
180 
181  return base64_encode($signature);
182  }
OAuthSignatureMethod_RSA_SHA1\fetch_private_cert
fetch_private_cert(&$request)
Definition: OAuth.php:155

◆ check_signature()

OAuthSignatureMethod_RSA_SHA1::check_signature ( $request,
  $consumer,
  $token,
  $signature 
)

Definition at line 184 of file OAuth.php.

References $ok.

185  {
186  $decoded_sig = base64_decode($signature);
187 
188  $base_string = $request->get_signature_base_string();
189 
190  // Fetch the public key cert based on the request
191  $cert = $this->fetch_public_cert($request);
192 
193  // Pull the public key ID from the certificate
194  $publickeyid = openssl_get_publickey($cert);
195 
196  // Check the computed signature against the one passed in the query
197  $ok = openssl_verify($base_string, $decoded_sig, $publickeyid);
198 
199  // Release the key resource
200  openssl_free_key($publickeyid);
201 
202  return $ok == 1;
203  }
OAuthSignatureMethod_RSA_SHA1\fetch_public_cert
fetch_public_cert(&$request)
Definition: OAuth.php:144

◆ fetch_private_cert()

OAuthSignatureMethod_RSA_SHA1::fetch_private_cert ( $request)
protected

Definition at line 155 of file OAuth.php.

156  {
157  // not implemented yet, ideas are:
158  // (1) do a lookup in a table of trusted certs keyed off of consumer
159  //
160  // either way should return a string representation of the certificate
161  throw Exception("fetch_private_cert not implemented");
162  }

◆ fetch_public_cert()

OAuthSignatureMethod_RSA_SHA1::fetch_public_cert ( $request)
protected

Definition at line 144 of file OAuth.php.

145  {
146  // not implemented yet, ideas are:
147  // (1) do a lookup in a table of trusted certs keyed off of consumer
148  // (2) fetch via http using a url provided by the requester
149  // (3) some sort of specific discovery code based on request
150  //
151  // either way should return a string representation of the certificate
152  throw Exception("fetch_public_cert not implemented");
153  }

◆ get_name()

OAuthSignatureMethod_RSA_SHA1::get_name ( )

Definition at line 139 of file OAuth.php.

140  {
141  return "RSA-SHA1";
142  }
The documentation for this class was generated from the following file: