10000 Update signature generation · carlpoole/codebird-php@17d6599 · GitHub
[go: up one dir, main page]
Skip to content

Commit 17d6599

Browse files
mynetxmynetx
committed
Update signature generation
1 parent 697cef7 commit 17d6599

File tree

1 file changed

+40
-32
lines changed

1 file changed

+40
-32
lines changed

src/codebird.php

Lines changed: 40 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -549,22 +549,23 @@ protected function _nonce($length = 8)
549549
/**
550550
* Generates an OAuth signature
551551
*
552-
* @param string $httpmethod Usually either 'GET' or 'POST' or 'DELETE'
553-
* @param string $method The API method to call
554-
* @param array optional $params The API call parameters, associative
552+
* @param string $httpmethod Usually either 'GET' or 'POST' or 'DELETE'
553+
* @param string $method The API method to call
554+
* @param array optional $params The API call parameters, associative
555+
* @param bool optional append_to_get Whether to append the OAuth params to GET
555556
*
556557
* @return string Authorization HTTP header
557558
*/
558-
protected function _sign($httpmethod, $method, $params = array())
559+
protected function _sign($httpmethod, $method, $params = array(), $append_to_get = false)
559560
{
560561
if (self::$_oauth_consumer_key === null) {
561562
throw new \Exception('To generate a signature, the consumer key must be set.');
562563
}
563564
$sign_params = array(
564-
'consumer_key' => self::$_oauth_consumer_key,
565-
'version' => '1.0',
566-
'timestamp' => time(),
567-
'nonce' => $this->_nonce(),
565+
'consumer_key' => self::$_oauth_consumer_key,
566+
'version' => '1.0',
567+
'timestamp' => time(),
568+
'nonce' => $this->_nonce(),
568569
'signature_method' => 'HMAC-SHA1'
569570
);
570571
$sign_base_params = array();
@@ -586,13 +587,20 @@ protected function _sign($httpmethod, $method, $params = array())
586587
$sign_base_string = substr($sign_base_string, 0, -1);
587588
$signature = $this->_sha1($httpmethod . '&' . $this->_url($method) . '&' . $this->_url($sign_base_string));
588589

589-
$params = array_merge($oauth_params, array(
590-
'oauth_signature' => $signature
591-
));
592-
ksort($params);
593-
$authorization = 'Authorization: OAuth ';
594-
foreach ($params as $key => $value) {
595-
$authorization .= $key . '="' . $this->_url($value) . '", ';
590+
$params = $append_to_get ? $sign_base_params : $oauth_params;
591+
$params['oauth_signature'] = $signature;
592+
$keys = $params;
593+
ksort($keys);
594+
if ($append_to_get) {
595+
$authorization = '';
596+
foreach ($keys as $key => $value) {
597+
$authorization .= $key . '="' . $this->_url($value) . '", ';
598+
}
599+
return authorization.substring(0, authorization.length - 1);
600+
}
601+
$authorization = 'OAuth ';
602+
foreach ($keys as $key => $value) {
603+
$authorization .= $key . "=\"" . $this->_url($value) . "\", ";
596604
}
597605
return substr($authorization, 0, -2);
598606
}
@@ -1007,49 +1015,49 @@ protected function _callApi($httpmethod, $method, $method_template, $params = ar
10071015
$params['application_id'] = 333903271;
10081016
}
10091017

1010-
$url = $this->_getEndpoint($method, $method_template);
1018+
$url = $this->_getEndpoint($method, $method_template);
1019+
$authorization = null;
10111020
$ch = false;
1012-
if ($httpmethod == 'GET') {
1021+
$request_headers = array();
1022+
if ($httpmethod === 'GET') {
10131023
$url_with_params = $url;
1014-
if (count($params) > 0) {
1024+
if (json_encode($params) !== '{}') {
10151025
$url_with_params .= '?' . http_build_query($params);
10161026
}
10171027
$authorization = $this->_sign($httpmethod, $url, $params);
10181028
$ch = curl_init($url_with_params);
10191029
} else {
10201030
if ($multipart) {
10211031
$authorization = $this->_sign($httpmethod, $url, array());
1022-
$params = $this->_buildMultipart($method_template, $params);
1032+
$params = $this->_buildMultipart($method, $params);
10231033
} else {
10241034
$authorization = $this->_sign($httpmethod, $url, $params);
10251035
$params = http_build_query($params);
10261036
}
10271037
$ch = curl_init($url);
1038+
if ($multipart) {
1039+
$first_newline = strpos($params, "\r\n");
1040+
$multipart_boundary = substr($params, 2, $first_newline - 2);
1041+
$request_headers[] = 'Content-Type: multipart/form-data; boundary='
1042+
. $multipart_boundary;
1043+
}
10281044
curl_setopt($ch, CURLOPT_POST, 1);
10291045
curl_setopt($ch, CURLOPT_POSTFIELDS, $params);
10301046
}
10311047
if ($app_only_auth) {
1032-
if (self::$_oauth_consumer_key == null) {
1048+
if (self::$_oauth_consumer_key === null) {
10331049
throw new \Exception('To make an app-only auth API request, the consumer key must be set.');
10341050
}
10351051
// automatically fetch bearer token, if necessary
1036-
if (self::$_oauth_bearer_token == null) {
1052+
if (self::$_oauth_bearer_token === null) {
10371053
$this->oauth2_token();
10381054
}
1039-
$authorization = 'Authorization: Bearer ' . self::$_oauth_bearer_token;
1055+
$authorization = 'Bearer ' . self::$_oauth_bearer_token;
10401056
}
1041-
$request_headers = array();
1042-
if (isset($authorization)) {
1043-
$request_headers[] = $authorization;
1057+
if ($authorization !== null) {
1058+
$request_headers[] = 'Authorization: ' . $authorization;
10441059
$request_headers[] = 'Expect:';
10451060
}
1046-
if ($multipart) {
1047-
$first_newline = strpos($params, "\r\n");
1048-
$multipart_boundary = substr($params, 2, $first_newline - 2);
1049-
$request_headers[] = 'Content-Length: ' . strlen($params);
1050-
$request_headers[] = 'Content-Type: multipart/form-data; boundary='
1051-
. $multipart_boundary;
1052-
}
10531061

10541062
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
10551063
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 0);

0 commit comments

Comments
 (0)
0