chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Chamilo is a learning management system focused on ease of use and accessibility
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
45032 Commits
17 Branches
107 Tags
940 MiB
 
 
 
 
 
 
Tag: Branch: Tree: 4767a90c9c
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4767a90c9c'
${ noResults }
chamilo-lms/plugin/ims_lti/OAuthSimple.php

621 lines
17 KiB
Raw Blame History

<?php
/**
* OAuthSimple - A simpler version of OAuth
*
* https://github.com/jrconlin/oauthsimple
*
* @author jr conlin <src@jrconlin.com>
* @copyright unitedHeroes.net 2011
* @version 1.3
* @license BSD licence.
*/
class OAuthSimple
{
private $_secrets;
private $_default_signature_method;
private $_action;
private $_nonce_chars;
/**
* OAuthSimple constructor.
*
* @param string $APIKey The API Key (sometimes referred to as the consumer key). This value is usually
* supplied by the site you wish to use.
* @param string $sharedSecret The shared secret. This value is also usually provided by the site you wish to use.
*
* @return OAuthSimple
*/
function __construct($APIKey = "", $sharedSecret = "")
{
if (!empty($APIKey)) {
$this->_secrets['consumer_key'] = $APIKey;
}
if (!empty($sharedSecret)) {
$this->_secrets['shared_secret'] = $sharedSecret;
}
$this->_default_signature_method = "HMAC-SHA1";
$this->_action = "GET";
$this->_nonce_chars = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz";
return $this;
}
/**
* Reset the parameters and URL.
*
* @return OAuthSimple
*/
public function reset()
{
$this->_parameters = Array();
$this->path = null;
$this->sbs = null;
return $this;
}
/**
* Set the parameters either from a hash or a string.
*
* @param array $parameters List of parameters for the call,
* this can either be a URI string (e.g."foo=bar&gorp=banana" or an object/hash)
*
* @throws OAuthSimpleException
*
* @return OAuthSimple
*/
public function setParameters($parameters = [])
{
if (is_string($parameters)) {
$parameters = $this->_parseParameterString($parameters);
}
if (empty($this->_parameters)) {
$this->_parameters = $parameters;
} elseif (!empty($parameters)) {
$this->_parameters = array_merge($this->_parameters, $parameters);
}
if (empty($this->_parameters['oauth_nonce'])) {
$this->_getNonce();
}
if (empty($this->_parameters['oauth_timestamp'])) {
$this->_getTimeStamp();
}
if (empty($this->_parameters['oauth_consumer_key'])) {
$this->_getApiKey();
}
if (empty($this->_parameters['oauth_token'])) {
$this->_getAccessToken();
}
if (empty($this->_parameters['oauth_signature_method'])) {
$this->setSignatureMethod();
}
if (empty($this->_parameters['oauth_version'])) {
$this->_parameters['oauth_version'] = "1.0";
}
return $this;
}
/**
* Convenience method for setParameters.
*
* @param array $parameters
*
* @throws OAuthSimpleException
*
* @return OAuthSimple
*/
public function setQueryString($parameters)
{
return $this->setParameters($parameters);
}
/**
* Set the target URL (does not include the parameters).
*
* @param string $path The fully qualified URI (excluding query arguments) (e.g "http://example.org/foo")
*
* @throws OAuthSimpleException
*
* @return OAuthSimple
*/
public function setURL($path)
{
if (empty($path)) {
throw new OAuthSimpleException('No path specified for OAuthSimple.setURL');
}
$this->_path = $path;
return $this;
}
/**
* Convenience method for setURL.
*
* @param string $path
*
* @return mixed
*/
public function setPath($path)
{
return $this->_path = $path;
}
/**
* Set the "action" for the url, (e.g. GET,POST, DELETE, etc.).
*
* @param string $action HTTP Action word.
*
* @throws OAuthSimpleException
*
* @return $this
*/
public function setAction($action)
{
if (empty($action)) {
$action = 'GET';
}
$action = strtoupper($action);
if (preg_match('/[^A-Z]/', $action)) {
throw new OAuthSimpleException('Invalid action specified for OAuthSimple.setAction');
}
$this->_action = $action;
return $this;
}
/**
* Set the signatures (as well as validate the ones you have).
*
* @param array $signatures object/hash of the token/signature pairs {api_key:, shared_secret:, oauth_token:
* oauth_secret:}
*
* @throws OAuthSimpleException
*
* @return $this
*/
public function signatures($signatures)
{
if (!empty($signatures) && !is_array($signatures)) {
throw new OAuthSimpleException('Must pass dictionary array to OAuthSimple.signatures');
}
if (!empty($signatures)) {
if (empty($this->_secrets)) {
$this->_secrets = Array();
}
$this->_secrets = array_merge($this->_secrets, $signatures);
}
if (isset($this->_secrets['api_key'])) {
$this->_secrets['consumer_key'] = $this->_secrets['api_key'];
}
if (isset($this->_secrets['access_token'])) {
$this->_secrets['oauth_token'] = $this->_secrets['access_token'];
}
if (isset($this->_secrets['access_secret'])) {
$this->_secrets['shared_secret'] = $this->_secrets['access_secret'];
}
if (isset($this->_secrets['oauth_token_secret'])) {
$this->_secrets['oauth_secret'] = $this->_secrets['oauth_token_secret'];
}
if (empty($this->_secrets['consumer_key'])) {
throw new OAuthSimpleException('Missing required consumer_key in OAuthSimple.signatures');
}
if (empty($this->_secrets['shared_secret'])) {
throw new OAuthSimpleException('Missing requires shared_secret in OAuthSimple.signatures');
}
if (!empty($this->_secrets['oauth_token']) && empty($this->_secrets['oauth_secret'])) {
throw new OAuthSimpleException('Missing oauth_secret for supplied oauth_token in OAuthSimple.signatures');
}
return $this;
}
/**
* @param array $signatures
*
* @throws OAuthSimpleException
*
* @return OAuthSimple
*/
public function setTokensAndSecrets($signatures)
{
return $this->signatures($signatures);
}
/**
* Set the signature method (currently only Plaintext or SHA-MAC1).
*
* @param string $method Method of signing the transaction (only PLAINTEXT and SHA-MAC1 allowed for now).
*
* @throws OAuthSimpleException
*
* @return $this
*/
public function setSignatureMethod($method = "")
{
if (empty($method)) {
$method = $this->_default_signature_method;
}
$method = strtoupper($method);
switch ($method) {
case 'PLAINTEXT':
case 'HMAC-SHA1':
$this->_parameters['oauth_signature_method'] = $method;
break;
default:
throw new OAuthSimpleException (
"Unknown signing method $method specified for OAuthSimple.setSignatureMethod"
);
break;
}
return $this;
}
/**
* Sign the request.
*
* note: all arguments are optional, provided you've set them using the
* other helper functions.
*
* @param array $args Optional.
* Hash of arguments for the call {action, path, parameters (array), method, signatures, (array)}
*
* @throws OAuthSimpleException
*
* @return array
*/
public function sign($args = array())
{
if (!empty($args['action'])) {
$this->setAction($args['action']);
}
if (!empty($args['path'])) {
$this->setPath($args['path']);
}
if (!empty($args['method'])) {
$this->setSignatureMethod($args['method']);
}
if (!empty($args['signatures'])) {
$this->signatures($args['signatures']);
}
if (empty($args['parameters'])) {
$args['parameters'] = array();
}
$this->setParameters($args['parameters']);
$normParams = $this->_normalizedParameters();
return Array(
'parameters' => $this->_parameters,
'signature' => self::_oauthEscape($this->_parameters['oauth_signature']),
'signed_url' => $this->_path.'?'.$normParams,
'header' => $this->getHeaderString(),
'sbs' => $this->sbs,
);
}
/**
* Return a formatted "header" string.
*
* NOTE: This doesn't set the "Authorization: " prefix, which is required.
* It's not set because various set header functions prefer different
* ways to do that.
*
* @param array $args
*
* @throws OAuthSimpleException
*
* @return null|string|string[]
*/
public function getHeaderString($args = array())
{
if (empty($this->_parameters['oauth_signature'])) {
$this->sign($args);
}
$result = 'OAuth ';
foreach ($this->_parameters as $pName => $pValue) {
if (strpos($pName, 'oauth_') !== 0) {
continue;
}
if (is_array($pValue)) {
foreach ($pValue as $val) {
$result .= $pName.'="'.self::_oauthEscape($val).'", ';
}
} else {
$result .= $pName.'="'.self::_oauthEscape($pValue).'", ';
}
}
return preg_replace('/, $/', '', $result);
}
/**
* @param string $paramString
*
* @return array
*/
private function _parseParameterString($paramString)
{
$elements = explode('&', $paramString);
$result = array();
foreach ($elements as $element) {
list ($key, $token) = explode('=', $element);
if ($token) {
$token = urldecode($token);
}
if (!empty($result[$key])) {
if (!is_array($result[$key])) {
$result[$key] = array($result[$key], $token);
} else {
array_push($result[$key], $token);
}
} else {
$result[$key] = $token;
}
}
return $result;
}
/**
* @param string $string
*
* @throws OAuthSimpleException
*
* @return int|mixed|string
*/
private static function _oauthEscape($string)
{
if ($string === 0) {
return 0;
}
if ($string == '0') {
return '0';
}
if (strlen($string) == 0) {
return '';
}
if (is_array($string)) {
throw new OAuthSimpleException('Array passed to _oauthEscape');
}
$string = urlencode($string);
//FIX: urlencode of ~ and '+'
$string = str_replace(
Array('%7E', '+'), // Replace these
Array('~', '%20'), // with these
$string
);
return $string;
}
/**
* @param int $length
*
* @return string
*/
private function _getNonce($length = 5)
{
$result = '';
$cLength = strlen($this->_nonce_chars);
for ($i = 0; $i < $length; $i++) {
$rnum = rand(0, $cLength - 1);
$result .= substr($this->_nonce_chars, $rnum, 1);
}
$this->_parameters['oauth_nonce'] = $result;
return $result;
}
/**
* @throws OAuthSimpleException
*
* @return mixed
*/
private function _getApiKey()
{
if (empty($this->_secrets['consumer_key'])) {
throw new OAuthSimpleException('No consumer_key set for OAuthSimple');
}
$this->_parameters['oauth_consumer_key'] = $this->_secrets['consumer_key'];
return $this->_parameters['oauth_consumer_key'];
}
/**
* @throws OAuthSimpleException
*
* @return string
*/
private function _getAccessToken()
{
if (!isset($this->_secrets['oauth_secret'])) {
return '';
}
if (!isset($this->_secrets['oauth_token'])) {
throw new OAuthSimpleException('No access token (oauth_token) set for OAuthSimple.');
}
$this->_parameters['oauth_token'] = $this->_secrets['oauth_token'];
return $this->_parameters['oauth_token'];
}
/**
* @return int
*/
private function _getTimeStamp()
{
return $this->_parameters['oauth_timestamp'] = time();
}
/**
* @throws OAuthSimpleException
*
* @return string
*/
private function _normalizedParameters()
{
$normalized_keys = array();
$return_array = array();
foreach ($this->_parameters as $paramName => $paramValue) {
if (preg_match('/w+_secret/', $paramName) OR
$paramName == "oauth_signature") {
continue;
}
// Read parameters from a file. Hope you're practicing safe PHP.
//if (strpos($paramValue, '@') !== 0 && !file_exists(substr($paramValue, 1)))
//{
if (is_array($paramValue)) {
$normalized_keys[self::_oauthEscape($paramName)] = array();
foreach ($paramValue as $item) {
array_push($normalized_keys[self::_oauthEscape($paramName)], self::_oauthEscape($item));
}
} else {
$normalized_keys[self::_oauthEscape($paramName)] = self::_oauthEscape($paramValue);
}
//}
}
ksort($normalized_keys);
foreach ($normalized_keys as $key => $val) {
if (is_array($val)) {
sort($val);
foreach ($val as $element) {
array_push($return_array, $key."=".$element);
}
} else {
array_push($return_array, $key.'='.$val);
}
}
$presig = join("&", $return_array);
$sig = $this->_generateSignature($presig);
$this->_parameters['oauth_signature'] = $sig;
array_push($return_array, "oauth_signature=$sig");
return join("&", $return_array);
}
/**
* @param string $parameters
*
* @throws OAuthSimpleException
*
* @return string
*/
private function _generateSignature($parameters = "")
{
$secretKey = '';
if (isset($this->_secrets['shared_secret'])) {
$secretKey = self::_oauthEscape($this->_secrets['shared_secret']);
}
$secretKey .= '&';
if (isset($this->_secrets['oauth_secret'])) {
$secretKey .= self::_oauthEscape($this->_secrets['oauth_secret']);
}
if (!empty($parameters)) {
$parameters = urlencode($parameters);
}
switch ($this->_parameters['oauth_signature_method']) {
case 'PLAINTEXT':
return urlencode($secretKey);;
case 'HMAC-SHA1':
$this->sbs = self::_oauthEscape($this->_action).'&'.self::_oauthEscape($this->_path).'&'.$parameters;
return base64_encode(hash_hmac('sha1', $this->sbs, $secretKey, true));
default:
throw new OAuthSimpleException('Unknown signature method for OAuthSimple');
break;
}
}
/**
* @param $string
*
* @return string
*/
public static function generateBodyHash($string)
{
$hash = sha1($string, true);
return base64_encode($hash);
}
/**
* @param string $authorizationHeader
*
* @return array
*/
public static function getAuthorizationParams($authorizationHeader)
{
if ('OAuth ' !== substr($authorizationHeader, 0, 6)) {
return [];
}
$params = [];
$authString = str_replace('OAuth ', '', $authorizationHeader);
$authParts = explode(',', $authString);
foreach ($authParts as $authPart) {
list($key, $value) = explode('=', $authPart, 2);
$key = trim($key);
$value = trim($value, " \"");
$params[$key] = urldecode($value);
}
return $params;
}
}
/**
* Class OAuthSimpleException.
*/
class OAuthSimpleException extends Exception
{
/**
* OAuthSimpleException constructor.
*
* @param string $err
* @param bool $isDebug
*/
public function __construct($err, $isDebug = false)
{
self::log_error($err);
if ($isDebug) {
self::display_error($err, true);
}
}
/**
* @param string $err
*/
public static function log_error($err)
{
error_log($err, 0);
}
/**
* @param string $err
* @param bool $kill
*/
public static function display_error($err, $kill = false)
{
print_r($err);
if ($kill === false) {
die();
}
}
}