ILIAS  release_7 Revision v7.30-3-g800a261c036
Public Member Functions | Protected Member Functions
OAuthSignatureMethod_RSA_SHA1 Class Reference
+ Inheritance diagram for OAuthSignatureMethod_RSA_SHA1:
+ Collaboration diagram for OAuthSignatureMethod_RSA_SHA1:

Public Member Functions

 get_name ()
 
 build_signature (&$request, $consumer, $token)
 
 check_signature (&$request, $consumer, $token, $signature)
 
 check_signature (&$request, $consumer, $token, $signature)
 

Protected Member Functions

 fetch_public_cert (&$request)
 
 fetch_private_cert (&$request)
 

Detailed Description

Definition at line 137 of file OAuth.php.

Member Function Documentation

◆ build_signature()

OAuthSignatureMethod_RSA_SHA1::build_signature ( $request,
  $consumer,
  $token 
)

Definition at line 164 of file OAuth.php.

165 {
166 $base_string = $request->get_signature_base_string();
167 $request->base_string = $base_string;
168
169 // Fetch the private key cert based on the request
170 $cert = $this->fetch_private_cert($request);
171
172 // Pull the private key ID from the certificate
173 $privatekeyid = openssl_get_privatekey($cert);
174
175 // Sign using the key
176 $ok = openssl_sign($base_string, $signature, $privatekeyid);
177
178 // Release the key resource
179 openssl_free_key($privatekeyid);
180
181 return base64_encode($signature);
182 }
OAuthSignatureMethod_RSA_SHA1\fetch_private_cert
fetch_private_cert(&$request)
Definition: OAuth.php:155

References $ok, and fetch_private_cert().

+ Here is the call graph for this function:

◆ check_signature()

OAuthSignatureMethod_RSA_SHA1::check_signature ( $request,
  $consumer,
  $token,
  $signature 
)

Reimplemented from OAuthSignatureMethod.

Definition at line 184 of file OAuth.php.

185 {
186 $decoded_sig = base64_decode($signature);
187
188 $base_string = $request->get_signature_base_string();
189
190 // Fetch the public key cert based on the request
191 $cert = $this->fetch_public_cert($request);
192
193 // Pull the public key ID from the certificate
194 $publickeyid = openssl_get_publickey($cert);
195
196 // Check the computed signature against the one passed in the query
197 $ok = openssl_verify($base_string, $decoded_sig, $publickeyid);
198
199 // Release the key resource
200 openssl_free_key($publickeyid);
201
202 return $ok == 1;
203 }
OAuthSignatureMethod_RSA_SHA1\fetch_public_cert
fetch_public_cert(&$request)
Definition: OAuth.php:144

References $ok, and fetch_public_cert().

+ Here is the call graph for this function:

◆ fetch_private_cert()

OAuthSignatureMethod_RSA_SHA1::fetch_private_cert ( $request)
protected

Definition at line 155 of file OAuth.php.

156 {
157 // not implemented yet, ideas are:
158 // (1) do a lookup in a table of trusted certs keyed off of consumer
159 //
160 // either way should return a string representation of the certificate
161 throw Exception("fetch_private_cert not implemented");
162 }

Referenced by build_signature().

+ Here is the caller graph for this function:

◆ fetch_public_cert()

OAuthSignatureMethod_RSA_SHA1::fetch_public_cert ( $request)
protected

Definition at line 144 of file OAuth.php.

145 {
146 // not implemented yet, ideas are:
147 // (1) do a lookup in a table of trusted certs keyed off of consumer
148 // (2) fetch via http using a url provided by the requester
149 // (3) some sort of specific discovery code based on request
150 //
151 // either way should return a string representation of the certificate
152 throw Exception("fetch_public_cert not implemented");
153 }

Referenced by check_signature().

+ Here is the caller graph for this function:

◆ get_name()

OAuthSignatureMethod_RSA_SHA1::get_name ( )

Definition at line 139 of file OAuth.php.

140 {
141 return "RSA-SHA1";
142 }
The documentation for this class was generated from the following file: