Enabled OAuth/OAuth2 logins
This commit is contained in:
Deon George
68
modules/oauth/classes/Kohana/OAuth/Signature/HMAC/SHA1.php
Normal file
68
modules/oauth/classes/Kohana/OAuth/Signature/HMAC/SHA1.php
Normal file
@@ -0,0 +1,68 @@
|
||||
<?php defined('SYSPATH') or die('No direct script access.');
|
||||
/**
|
||||
* The HMAC-SHA1 signature provides secure signing using the HMAC-SHA1
|
||||
* algorithm as defined by [RFC2104](http://tools.ietf.org/html/rfc2104).
|
||||
* It uses [OAuth_Request::base_string] as the text and [OAuth_Signature::key]
|
||||
* as the signing key.
|
||||
*
|
||||
* @package Kohana/OAuth
|
||||
* @category Signature
|
||||
* @author Kohana Team
|
||||
* @copyright (c) 2010 Kohana Team
|
||||
* @license http://kohanaframework.org/license
|
||||
* @since 3.0.7
|
||||
*/
|
||||
class Kohana_OAuth_Signature_HMAC_SHA1 extends OAuth_Signature {
|
||||
|
||||
protected $name = 'HMAC-SHA1';
|
||||
|
||||
/**
|
||||
* Generate a signed hash of the base string using the consumer and token
|
||||
* as the signing key.
|
||||
*
|
||||
* $sig = $signature->sign($request, $consumer, $token);
|
||||
*
|
||||
* [!!] This method implements [OAuth 1.0 Spec 9.2.1](http://oauth.net/core/1.0/#rfc.section.9.2.1).
|
||||
*
|
||||
* @param OAuth_Request request
|
||||
* @param OAuth_Consumer consumer
|
||||
* @param OAuth_Token token
|
||||
* @return string
|
||||
* @uses OAuth_Signature::key
|
||||
* @uses OAuth_Request::base_string
|
||||
*/
|
||||
public function sign(OAuth_Request $request, OAuth_Consumer $consumer, OAuth_Token $token = NULL)
|
||||
{
|
||||
// Get the signing key
|
||||
$key = $this->key($consumer, $token);
|
||||
|
||||
// Get the base string for the signature
|
||||
$base_string = $request->base_string();
|
||||
|
||||
// Sign the base string using the key
|
||||
return base64_encode(hash_hmac('sha1', $base_string, $key, TRUE));
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify a HMAC-SHA1 signature.
|
||||
*
|
||||
* if ( ! $signature->verify($signature, $request, $consumer, $token))
|
||||
* {
|
||||
* throw new Kohana_OAuth_Exception('Failed to verify signature');
|
||||
* }
|
||||
*
|
||||
* [!!] This method implements [OAuth 1.0 Spec 9.2.2](http://oauth.net/core/1.0/#rfc.section.9.2.2).
|
||||
*
|
||||
* @param string signature to verify
|
||||
* @param OAuth_Request request
|
||||
* @param OAuth_Consumer consumer
|
||||
* @param OAuth_Token token
|
||||
* @return boolean
|
||||
* @uses OAuth_Signature_HMAC_SHA1::sign
|
||||
*/
|
||||
public function verify($signature, OAuth_Request $request, OAuth_Consumer $consumer, OAuth_Token $token = NULL)
|
||||
{
|
||||
return $signature === $this->sign($request, $consumer, $token);
|
||||
}
|
||||
|
||||
} // End OAuth_Signature_HMAC_SHA1
|
||||
57
modules/oauth/classes/Kohana/OAuth/Signature/Plaintext.php
Normal file
57
modules/oauth/classes/Kohana/OAuth/Signature/Plaintext.php
Normal file
@@ -0,0 +1,57 @@
|
||||
<?php defined('SYSPATH') or die('No direct script access.');
|
||||
/**
|
||||
* The PLAINTEXT signature does not provide any security protection and should
|
||||
* only be used over a secure channel such as HTTPS.
|
||||
*
|
||||
* @package Kohana/OAuth
|
||||
* @category Signature
|
||||
* @author Kohana Team
|
||||
* @copyright (c) 2010 Kohana Team
|
||||
* @license http://kohanaframework.org/license
|
||||
* @since 3.0.7
|
||||
*/
|
||||
class Kohana_OAuth_Signature_PLAINTEXT extends OAuth_Signature {
|
||||
|
||||
protected $name = 'PLAINTEXT';
|
||||
|
||||
/**
|
||||
* Generate a plaintext signature for the request _without_ the base string.
|
||||
*
|
||||
* $sig = $signature->sign($request, $consumer, $token);
|
||||
*
|
||||
* [!!] This method implements [OAuth 1.0 Spec 9.4.1](http://oauth.net/core/1.0/#rfc.section.9.4.1).
|
||||
*
|
||||
* @param OAuth_Request request
|
||||
* @param OAuth_Consumer consumer
|
||||
* @param OAuth_Token token
|
||||
* @return $this
|
||||
*/
|
||||
public function sign(OAuth_Request $request, OAuth_Consumer $consumer, OAuth_Token $token = NULL)
|
||||
{
|
||||
// Use the signing key as the signature
|
||||
return $this->key($consumer, $token);
|
||||
}
|
||||
|
||||
/**
|
||||
* Verify a plaintext signature.
|
||||
*
|
||||
* if ( ! $signature->verify($signature, $request, $consumer, $token))
|
||||
* {
|
||||
* throw new Kohana_OAuth_Exception('Failed to verify signature');
|
||||
* }
|
||||
*
|
||||
* [!!] This method implements [OAuth 1.0 Spec 9.4.2](http://oauth.net/core/1.0/#rfc.section.9.4.2).
|
||||
*
|
||||
* @param string signature to verify
|
||||
* @param OAuth_Request request
|
||||
* @param OAuth_Consumer consumer
|
||||
* @param OAuth_Token token
|
||||
* @return boolean
|
||||
* @uses OAuth_Signature_PLAINTEXT::sign
|
||||
*/
|
||||
public function verify($signature, OAuth_Request $request, OAuth_Consumer $consumer, OAuth_Token $token = NULL)
|
||||
{
|
||||
return $signature === $this->key($consumer, $token);
|
||||
}
|
||||
|
||||
} // End OAuth_Signature_PLAINTEXT
|
||||
Reference in New Issue
Block a user