Magento 2 Documentation  2.3
Documentation for Magento 2 CMS v2.3 (December 2018)
Public Member Functions | Static Public Member Functions | Protected Member Functions | Protected Attributes
Oauth Class Reference
Inheritance diagram for Oauth:
OauthInterface

Public Member Functions

 __construct (Helper\Oauth $oauthHelper, NonceGeneratorInterface $nonceGenerator, TokenProviderInterface $tokenProvider, \Zend_Oauth_Http_Utility $httpUtility=null)
 
 getRequestToken ($params, $requestUrl, $httpMethod='POST')
 
 getAccessToken ($params, $requestUrl, $httpMethod='POST')
 
 validateAccessTokenRequest ($params, $requestUrl, $httpMethod='POST')
 
 validateAccessToken ($accessToken)
 
 buildAuthorizationHeader ( $params, $requestUrl, $signatureMethod=self::SIGNATURE_SHA1, $httpMethod='POST')
 

Static Public Member Functions

static getSupportedSignatureMethods ()
 

Protected Member Functions

 _validateSignature ($params, $consumerSecret, $httpMethod, $requestUrl, $tokenSecret=null)
 
 _validateVersionParam ($version)
 
 _validateProtocolParams ($protocolParams, $requiredParams=[])
 
 _checkRequiredParams ($protocolParams, $requiredParams)
 

Protected Attributes

 $_oauthHelper
 
 $_httpUtility
 
 $_nonceGenerator
 
 $_tokenProvider
 

Additional Inherited Members

- Data Fields inherited from OauthInterface
const ERR_OK = 0
 
const ERR_VERSION_REJECTED = 1
 
const ERR_PARAMETER_ABSENT = 2
 
const ERR_PARAMETER_REJECTED = 3
 
const ERR_TIMESTAMP_REFUSED = 4
 
const ERR_NONCE_USED = 5
 
const ERR_SIGNATURE_METHOD_REJECTED = 6
 
const ERR_SIGNATURE_INVALID = 7
 
const ERR_CONSUMER_KEY_REJECTED = 8
 
const ERR_TOKEN_USED = 9
 
const ERR_TOKEN_EXPIRED = 10
 
const ERR_TOKEN_REVOKED = 11
 
const ERR_TOKEN_REJECTED = 12
 
const ERR_VERIFIER_INVALID = 13
 
const ERR_PERMISSION_UNKNOWN = 14
 
const ERR_PERMISSION_DENIED = 15
 
const ERR_METHOD_NOT_ALLOWED = 16
 
const ERR_CONSUMER_KEY_INVALID = 17
 
const SIGNATURE_SHA1 = 'HMAC-SHA1'
 
const SIGNATURE_SHA256 = 'HMAC-SHA256'
 

Detailed Description

Definition at line 12 of file Oauth.php.

Constructor & Destructor Documentation

◆ __construct()

__construct ( Helper\Oauth  $oauthHelper,
NonceGeneratorInterface  $nonceGenerator,
TokenProviderInterface  $tokenProvider,
\Zend_Oauth_Http_Utility  $httpUtility = null 
)
Parameters
Helper\Oauth$oauthHelper
NonceGeneratorInterface$nonceGenerator
TokenProviderInterface$tokenProvider
\Zend_Oauth_Http_Utility$httpUtility

Definition at line 40 of file Oauth.php.

45  {
46  $this->_oauthHelper = $oauthHelper;
47  $this->_nonceGenerator = $nonceGenerator;
48  $this->_tokenProvider = $tokenProvider;
49  // null default to prevent ObjectManagerFactory from injecting, see MAGETWO-30809
50  $this->_httpUtility = $httpUtility ?: new \Zend_Oauth_Http_Utility();
51  }

Member Function Documentation

◆ _checkRequiredParams()

_checkRequiredParams (   $protocolParams,
  $requiredParams 
)
protected

Check if mandatory OAuth parameters are present.

Parameters
array$protocolParams
array$requiredParams
Returns
void
Exceptions
OauthInputException

Definition at line 283 of file Oauth.php.

284  {
285  $exception = new OauthInputException();
286  foreach ($requiredParams as $param) {
287  if (!isset($protocolParams[$param])) {
288  $exception->addError(
289  new Phrase('"%fieldName" is required. Enter and try again.', ['fieldName' => $param])
290  );
291  }
292  }
293  if ($exception->wasErrorAdded()) {
294  throw $exception;
295  }
296  }

◆ _validateProtocolParams()

_validateProtocolParams (   $protocolParams,
  $requiredParams = [] 
)
protected

Validate request and header parameters.

Parameters
array$protocolParams
array$requiredParams
Returns
void
Exceptions
OauthInputException

Definition at line 229 of file Oauth.php.

230  {
231  // validate version if specified.
232  if (isset($protocolParams['oauth_version'])) {
233  $this->_validateVersionParam($protocolParams['oauth_version']);
234  }
235 
236  // Required parameters validation. Default to minimum required params if not provided.
237  if (empty($requiredParams)) {
238  $requiredParams = [
239  "oauth_consumer_key",
240  "oauth_signature",
241  "oauth_signature_method",
242  "oauth_nonce",
243  "oauth_timestamp",
244  ];
245  }
246  $this->_checkRequiredParams($protocolParams, $requiredParams);
247 
248  if (isset(
249  $protocolParams['oauth_token']
250  ) && !$this->_tokenProvider->validateOauthToken(
251  $protocolParams['oauth_token']
252  )
253  ) {
254  throw new OauthInputException(new Phrase('The token length is invalid. Check the length and try again.'));
255  }
256 
257  // Validate signature method.
258  if (!in_array($protocolParams['oauth_signature_method'], self::getSupportedSignatureMethods())) {
259  throw new OauthInputException(
260  new Phrase(
261  'Signature method %1 is not supported',
262  [$protocolParams['oauth_signature_method']]
263  )
264  );
265  }
266 
267  $consumer = $this->_tokenProvider->getConsumerByKey($protocolParams['oauth_consumer_key']);
268  $this->_nonceGenerator->validateNonce(
269  $consumer,
270  $protocolParams['oauth_nonce'],
271  $protocolParams['oauth_timestamp']
272  );
273  }
_checkRequiredParams($protocolParams, $requiredParams)
Definition: Oauth.php:283
_validateVersionParam($version)
Definition: Oauth.php:213

◆ _validateSignature()

_validateSignature (   $params,
  $consumerSecret,
  $httpMethod,
  $requestUrl,
  $tokenSecret = null 
)
protected

Validate signature based on the signature method used.

Parameters
array$params
string$consumerSecret
string$httpMethod
string$requestUrl
string$tokenSecret
Returns
void
Exceptions
Exception|OauthInputException

Definition at line 178 of file Oauth.php.

179  {
180  if (!in_array($params['oauth_signature_method'], self::getSupportedSignatureMethods())) {
181  throw new OauthInputException(
182  new Phrase(
183  'Signature method %1 is not supported',
184  [$params['oauth_signature_method']]
185  )
186  );
187  }
188 
189  $allowedSignParams = $params;
190  unset($allowedSignParams['oauth_signature']);
191 
192  $calculatedSign = $this->_httpUtility->sign(
193  $allowedSignParams,
194  $params['oauth_signature_method'],
195  $consumerSecret,
196  $tokenSecret,
197  $httpMethod,
198  $requestUrl
199  );
200 
201  if (!Security::compareStrings($calculatedSign, $params['oauth_signature'])) {
202  throw new Exception(new Phrase('The signatire is invalid. Verify and try again.'));
203  }
204  }
static compareStrings($expected, $actual)
Definition: Security.php:26
$params[\Magento\Store\Model\StoreManager::PARAM_RUN_CODE]
Definition: website.php:18

◆ _validateVersionParam()

_validateVersionParam (   $version)
protected

Validate oauth version.

Parameters
string$version
Returns
void
Exceptions
OauthInputException

Definition at line 213 of file Oauth.php.

214  {
215  // validate version if specified
216  if ('1.0' != $version) {
217  throw new OauthInputException(new Phrase('The "%1" Oauth version isn\'t supported.', [$version]));
218  }
219  }

◆ buildAuthorizationHeader()

buildAuthorizationHeader (   $params,
  $requestUrl,
  $signatureMethod = self::SIGNATURE_SHA1,
  $httpMethod = 'POST' 
)

{}

Definition at line 138 of file Oauth.php.

143  {
144  $required = ["oauth_consumer_key", "oauth_consumer_secret", "oauth_token", "oauth_token_secret"];
146  $consumer = $this->_tokenProvider->getConsumerByKey($params['oauth_consumer_key']);
147  $headerParameters = [
148  'oauth_nonce' => $this->_nonceGenerator->generateNonce($consumer),
149  'oauth_timestamp' => $this->_nonceGenerator->generateTimestamp(),
150  'oauth_version' => '1.0',
151  ];
152  $headerParameters = array_merge($headerParameters, $params);
153  $headerParameters['oauth_signature'] = $this->_httpUtility->sign(
154  $params,
155  $signatureMethod,
156  $headerParameters['oauth_consumer_secret'],
157  $headerParameters['oauth_token_secret'],
158  $httpMethod,
159  $requestUrl
160  );
161  $authorizationHeader = $this->_httpUtility->toAuthorizationHeader($headerParameters);
162  // toAuthorizationHeader adds an optional realm="" which is not required for now.
163  // http://tools.ietf.org/html/rfc2617#section-1.2
164  return str_replace('realm="",', '', $authorizationHeader);
165  }
_checkRequiredParams($protocolParams, $requiredParams)
Definition: Oauth.php:283
$params[\Magento\Store\Model\StoreManager::PARAM_RUN_CODE]
Definition: website.php:18
$required
Definition: wrapper.phtml:8

◆ getAccessToken()

getAccessToken (   $params,
  $requestUrl,
  $httpMethod = 'POST' 
)

{Get access token for a pre-authorized request token.

Parameters
array$params- Array containing parameters necessary for requesting Access Token.
array (
        'oauth_version' => '1.0',
        'oauth_signature_method' => 'HMAC-SHA1',
        'oauth_token' => 'a6aa81cc3e65e2960a487939244sssss',
        'oauth_nonce' => 'rI7PSWxTZRHWU3R',
        'oauth_timestamp' => '1377183099',
        'oauth_consumer_key' => 'a6aa81cc3e65e2960a4879392445e718',
        'oauth_signature' => 'VNg4mhFlXk7%2FvsxMqqUd5DWIj9s%3D',
        'oauth_verifier' => 'a6aa81cc3e65e2960a487939244vvvvv'
)
string$requestUrl- The request Url.
string$httpMethod- (default: 'POST')
Returns
array - The access token/secret pair.
array (
        'oauth_token' => 'gshsjkndtyhwjhdbutfgbsnhtrequikf',
        'oauth_token_secret' => 'gshsjkndtyhwjhdbutfgbsnhtrequikf'
)
Exceptions
}

Implements OauthInterface.

Definition at line 79 of file Oauth.php.

80  {
81  $required = [
82  'oauth_consumer_key',
83  'oauth_signature',
84  'oauth_signature_method',
85  'oauth_nonce',
86  'oauth_timestamp',
87  'oauth_token',
88  'oauth_verifier',
89  ];
90 
92  $consumer = $this->_tokenProvider->getConsumerByKey($params['oauth_consumer_key']);
93  $tokenSecret = $this->_tokenProvider->validateRequestToken(
94  $params['oauth_token'],
95  $consumer,
96  $params['oauth_verifier']
97  );
98 
99  $this->_validateSignature($params, $consumer->getSecret(), $httpMethod, $requestUrl, $tokenSecret);
100 
101  return $this->_tokenProvider->getAccessToken($consumer);
102  }
$params[\Magento\Store\Model\StoreManager::PARAM_RUN_CODE]
Definition: website.php:18
_validateSignature($params, $consumerSecret, $httpMethod, $requestUrl, $tokenSecret=null)
Definition: Oauth.php:178
_validateProtocolParams($protocolParams, $requiredParams=[])
Definition: Oauth.php:229
$required
Definition: wrapper.phtml:8

◆ getRequestToken()

getRequestToken (   $params,
  $requestUrl,
  $httpMethod = 'POST' 
)

{#- Issue a pre-authorization request token to the caller.

Parameters
array$params- Array containing parameters necessary for requesting Request Token.
array (
        'oauth_version' => '1.0',
        'oauth_signature_method' => 'HMAC-SHA1',
        'oauth_nonce' => 'rI7PSWxTZRHWU3R',
        'oauth_timestamp' => '1377183099',
        'oauth_consumer_key' => 'a6aa81cc3e65e2960a4879392445e718',
        'oauth_signature' => 'VNg4mhFlXk7%2FvsxMqqUd5DWIj9s%3D'
)
string$requestUrl- The request Url.
string$httpMethod- (default: 'POST')
Returns
array - The request token/secret pair.
array (
        'oauth_token' => 'gshsjkndtyhwjhdbutfgbsnhtrequikf',
        'oauth_token_secret' => 'gshsjkndtyhwjhdbutfgbsnhtrequikf'
)
Exceptions
}

Implements OauthInterface.

Definition at line 66 of file Oauth.php.

67  {
69  $consumer = $this->_tokenProvider->getConsumerByKey($params['oauth_consumer_key']);
70  $this->_tokenProvider->validateConsumer($consumer);
71  $this->_validateSignature($params, $consumer->getSecret(), $httpMethod, $requestUrl);
72 
73  return $this->_tokenProvider->createRequestToken($consumer);
74  }
$params[\Magento\Store\Model\StoreManager::PARAM_RUN_CODE]
Definition: website.php:18
_validateSignature($params, $consumerSecret, $httpMethod, $requestUrl, $tokenSecret=null)
Definition: Oauth.php:178
_validateProtocolParams($protocolParams, $requiredParams=[])
Definition: Oauth.php:229

◆ getSupportedSignatureMethods()

static getSupportedSignatureMethods ( )
static

Retrieve array of supported signature methods.

Returns
string[] - Supported HMAC-SHA1 and HMAC-SHA256 signature methods.

Definition at line 58 of file Oauth.php.

◆ validateAccessToken()

validateAccessToken (   $accessToken)

{Validate an access token string.

Parameters
string$accessToken- The access token.
Returns
int - Consumer ID if the access token is valid.
Exceptions
}

Implements OauthInterface.

Definition at line 130 of file Oauth.php.

131  {
132  return $this->_tokenProvider->validateAccessToken($accessToken);
133  }

◆ validateAccessTokenRequest()

validateAccessTokenRequest (   $params,
  $requestUrl,
  $httpMethod = 'POST' 
)

{Validate an access token request.

Parameters
array$params- Array containing parameters necessary for validating Access Token.
array (
        'oauth_version' => '1.0',
        'oauth_signature_method' => 'HMAC-SHA1',
        'oauth_token' => 'a6aa81cc3e65e2960a487939244sssss',
        'oauth_nonce' => 'rI7PSWxTZRHWU3R',
        'oauth_timestamp' => '1377183099',
        'oauth_consumer_key' => 'a6aa81cc3e65e2960a4879392445e718',
        'oauth_signature' => 'VNg4mhFlXk7%2FvsxMqqUd5DWIj9s%3D'
)
string$requestUrl- The request Url.
string$httpMethod- (default: 'POST')
Returns
int Consumer ID.
Exceptions
}

Implements OauthInterface.

Definition at line 107 of file Oauth.php.

108  {
109  $required = [
110  'oauth_consumer_key',
111  'oauth_signature',
112  'oauth_signature_method',
113  'oauth_nonce',
114  'oauth_timestamp',
115  'oauth_token',
116  ];
117 
119  $consumer = $this->_tokenProvider->getConsumerByKey($params['oauth_consumer_key']);
120  $tokenSecret = $this->_tokenProvider->validateAccessTokenRequest($params['oauth_token'], $consumer);
121 
122  $this->_validateSignature($params, $consumer->getSecret(), $httpMethod, $requestUrl, $tokenSecret);
123 
124  return $consumer->getId();
125  }
$params[\Magento\Store\Model\StoreManager::PARAM_RUN_CODE]
Definition: website.php:18
_validateSignature($params, $consumerSecret, $httpMethod, $requestUrl, $tokenSecret=null)
Definition: Oauth.php:178
_validateProtocolParams($protocolParams, $requiredParams=[])
Definition: Oauth.php:229
$required
Definition: wrapper.phtml:8

Field Documentation

◆ $_httpUtility

$_httpUtility
protected

Definition at line 22 of file Oauth.php.

◆ $_nonceGenerator

$_nonceGenerator
protected

Definition at line 27 of file Oauth.php.

◆ $_oauthHelper

$_oauthHelper
protected

Definition at line 17 of file Oauth.php.

◆ $_tokenProvider

$_tokenProvider
protected

Definition at line 32 of file Oauth.php.


The documentation for this class was generated from the following file: