Oauth Class Reference

Inheritance diagram for Oauth:

Public Member Functions
	__construct (Helper\Oauth $oauthHelper, NonceGeneratorInterface $nonceGenerator, TokenProviderInterface $tokenProvider, \Zend_Oauth_Http_Utility $httpUtility=null)
	getRequestToken ($params, $requestUrl, $httpMethod='POST')
	getAccessToken ($params, $requestUrl, $httpMethod='POST')
	validateAccessTokenRequest ($params, $requestUrl, $httpMethod='POST')
	validateAccessToken ($accessToken)
	buildAuthorizationHeader ( $params, $requestUrl, $signatureMethod=self::SIGNATURE_SHA1, $httpMethod='POST')

Static Public Member Functions
static	getSupportedSignatureMethods ()

Protected Member Functions
	_validateSignature ($params, $consumerSecret, $httpMethod, $requestUrl, $tokenSecret=null)
	_validateVersionParam ($version)
	_validateProtocolParams ($protocolParams, $requiredParams=[])
	_checkRequiredParams ($protocolParams, $requiredParams)

Protected Attributes
	$_oauthHelper
	$_httpUtility
	$_nonceGenerator
	$_tokenProvider

Additional Inherited Members
Data Fields inherited from OauthInterface
const	ERR_OK = 0
const	ERR_VERSION_REJECTED = 1
const	ERR_PARAMETER_ABSENT = 2
const	ERR_PARAMETER_REJECTED = 3
const	ERR_TIMESTAMP_REFUSED = 4
const	ERR_NONCE_USED = 5
const	ERR_SIGNATURE_METHOD_REJECTED = 6
const	ERR_SIGNATURE_INVALID = 7
const	ERR_CONSUMER_KEY_REJECTED = 8
const	ERR_TOKEN_USED = 9
const	ERR_TOKEN_EXPIRED = 10
const	ERR_TOKEN_REVOKED = 11
const	ERR_TOKEN_REJECTED = 12
const	ERR_VERIFIER_INVALID = 13
const	ERR_PERMISSION_UNKNOWN = 14
const	ERR_PERMISSION_DENIED = 15
const	ERR_METHOD_NOT_ALLOWED = 16
const	ERR_CONSUMER_KEY_INVALID = 17
const	SIGNATURE_SHA1 = 'HMAC-SHA1'
const	SIGNATURE_SHA256 = 'HMAC-SHA256'

Detailed Description

Definition at line 12 of file Oauth.php.

Constructor & Destructor Documentation

__construct()

__construct	(	Helper\Oauth	$oauthHelper,
		NonceGeneratorInterface	$nonceGenerator,
		TokenProviderInterface	$tokenProvider,
		\Zend_Oauth_Http_Utility	$httpUtility = null
	)

Parameters

Helper\Oauth	$oauthHelper
NonceGeneratorInterface	$nonceGenerator
TokenProviderInterface	$tokenProvider
\Zend_Oauth_Http_Utility	$httpUtility

Definition at line 40 of file Oauth.php.

      {
        $this->_oauthHelper = $oauthHelper;
        $this->_nonceGenerator = $nonceGenerator;
        $this->_tokenProvider = $tokenProvider;
        // null default to prevent ObjectManagerFactory from injecting, see MAGETWO-30809
        $this->_httpUtility = $httpUtility ?: new \Zend_Oauth_Http_Utility();
    }

Member Function Documentation

_checkRequiredParams()

_checkRequiredParams (   $protocolParams,   $requiredParams  )

protected

Check if mandatory OAuth parameters are present.

Parameters

array	$protocolParams
array	$requiredParams

Returns

void

Exceptions

OauthInputException

Definition at line 283 of file Oauth.php.

    {
        $exception = new OauthInputException();
        foreach ($requiredParams as $param) {
            if (!isset($protocolParams[$param])) {
                $exception->addError(
                    new Phrase('"%fieldName" is required. Enter and try again.', ['fieldName' => $param])
                );
            }
        }
        if ($exception->wasErrorAdded()) {
            throw $exception;
        }
    }

_validateProtocolParams()

_validateProtocolParams (   $protocolParams,   $requiredParams = []  )

protected

Validate request and header parameters.

Parameters

array	$protocolParams
array	$requiredParams

Returns

void

Exceptions

OauthInputException

Definition at line 229 of file Oauth.php.

    {
        // validate version if specified.
        if (isset($protocolParams['oauth_version'])) {
            $this->_validateVersionParam($protocolParams['oauth_version']);
        }

        // Required parameters validation. Default to minimum required params if not provided.
        if (empty($requiredParams)) {
            $requiredParams = [
                "oauth_consumer_key",
                "oauth_signature",
                "oauth_signature_method",
                "oauth_nonce",
                "oauth_timestamp",
            ];
        }
        $this->_checkRequiredParams($protocolParams, $requiredParams);

        if (isset(
            $protocolParams['oauth_token']
        ) && !$this->_tokenProvider->validateOauthToken(
            $protocolParams['oauth_token']
        )
        ) {
            throw new OauthInputException(new Phrase('The token length is invalid. Check the length and try again.'));
        }

        // Validate signature method.
        if (!in_array($protocolParams['oauth_signature_method'], self::getSupportedSignatureMethods())) {
            throw new OauthInputException(
                new Phrase(
                    'Signature method %1 is not supported',
                    [$protocolParams['oauth_signature_method']]
                )
            );
        }

        $consumer = $this->_tokenProvider->getConsumerByKey($protocolParams['oauth_consumer_key']);
        $this->_nonceGenerator->validateNonce(
            $consumer,
            $protocolParams['oauth_nonce'],
            $protocolParams['oauth_timestamp']
        );
    }

_validateSignature()

_validateSignature (   $params,   $consumerSecret,   $httpMethod,   $requestUrl,   $tokenSecret = null  )

protected

Validate signature based on the signature method used.

Parameters

array	$params
string	$consumerSecret
string	$httpMethod
string	$requestUrl
string	$tokenSecret

Returns

void

Exceptions

Exception|OauthInputException

Definition at line 178 of file Oauth.php.

    {
        if (!in_array($params['oauth_signature_method'], self::getSupportedSignatureMethods())) {
            throw new OauthInputException(
                new Phrase(
                    'Signature method %1 is not supported',
                    [$params['oauth_signature_method']]
                )
            );
        }

        $allowedSignParams = $params;
        unset($allowedSignParams['oauth_signature']);

        $calculatedSign = $this->_httpUtility->sign(
            $allowedSignParams,
            $params['oauth_signature_method'],
            $consumerSecret,
            $tokenSecret,
            $httpMethod,
            $requestUrl
        );

        if (!Security::compareStrings($calculatedSign, $params['oauth_signature'])) {
            throw new Exception(new Phrase('The signatire is invalid. Verify and try again.'));
        }
    }

_validateVersionParam()

_validateVersionParam (   $version )

protected

Validate oauth version.

Parameters

string

$version

Returns

void

Exceptions

OauthInputException

Definition at line 213 of file Oauth.php.

    {
        // validate version if specified
        if ('1.0' != $version) {
            throw new OauthInputException(new Phrase('The "%1" Oauth version isn\'t supported.', [$version]));
        }
    }

buildAuthorizationHeader()

buildAuthorizationHeader	(		$params,
			$requestUrl,
			$signatureMethod = self::SIGNATURE_SHA1,
			$httpMethod = 'POST'
	)

{}

Definition at line 138 of file Oauth.php.

      {
        $required = ["oauth_consumer_key", "oauth_consumer_secret", "oauth_token", "oauth_token_secret"];
        $this->_checkRequiredParams($params, $required);
        $consumer = $this->_tokenProvider->getConsumerByKey($params['oauth_consumer_key']);
        $headerParameters = [
            'oauth_nonce' => $this->_nonceGenerator->generateNonce($consumer),
            'oauth_timestamp' => $this->_nonceGenerator->generateTimestamp(),
            'oauth_version' => '1.0',
        ];
        $headerParameters = array_merge($headerParameters, $params);
        $headerParameters['oauth_signature'] = $this->_httpUtility->sign(
            $params,
            $signatureMethod,
            $headerParameters['oauth_consumer_secret'],
            $headerParameters['oauth_token_secret'],
            $httpMethod,
            $requestUrl
        );
        $authorizationHeader = $this->_httpUtility->toAuthorizationHeader($headerParameters);
        // toAuthorizationHeader adds an optional realm="" which is not required for now.
        // http://tools.ietf.org/html/rfc2617#section-1.2
        return str_replace('realm="",', '', $authorizationHeader);
    }

getAccessToken()

getAccessToken	(		$params,
			$requestUrl,
			$httpMethod = 'POST'
	)

{Get access token for a pre-authorized request token.

Parameters

array	$params	- Array containing parameters necessary for requesting Access Token. array ( 'oauth_version' => '1.0', 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_token' => 'a6aa81cc3e65e2960a487939244sssss', 'oauth_nonce' => 'rI7PSWxTZRHWU3R', 'oauth_timestamp' => '1377183099', 'oauth_consumer_key' => 'a6aa81cc3e65e2960a4879392445e718', 'oauth_signature' => 'VNg4mhFlXk7%2FvsxMqqUd5DWIj9s%3D', 'oauth_verifier' => 'a6aa81cc3e65e2960a487939244vvvvv' )
string	$requestUrl	- The request Url.
string	$httpMethod	- (default: 'POST')

Returns

array - The access token/secret pair.

array (
        'oauth_token' => 'gshsjkndtyhwjhdbutfgbsnhtrequikf',
        'oauth_token_secret' => 'gshsjkndtyhwjhdbutfgbsnhtrequikf'
)

Exceptions

}

Implements OauthInterface.

Definition at line 79 of file Oauth.php.

    {
        $required = [
            'oauth_consumer_key',
            'oauth_signature',
            'oauth_signature_method',
            'oauth_nonce',
            'oauth_timestamp',
            'oauth_token',
            'oauth_verifier',
        ];

        $this->_validateProtocolParams($params, $required);
        $consumer = $this->_tokenProvider->getConsumerByKey($params['oauth_consumer_key']);
        $tokenSecret = $this->_tokenProvider->validateRequestToken(
            $params['oauth_token'],
            $consumer,
            $params['oauth_verifier']
        );

        $this->_validateSignature($params, $consumer->getSecret(), $httpMethod, $requestUrl, $tokenSecret);

        return $this->_tokenProvider->getAccessToken($consumer);
    }

getRequestToken()

getRequestToken	(		$params,
			$requestUrl,
			$httpMethod = 'POST'
	)

{#- Issue a pre-authorization request token to the caller.

Parameters

array	$params	- Array containing parameters necessary for requesting Request Token. array ( 'oauth_version' => '1.0', 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_nonce' => 'rI7PSWxTZRHWU3R', 'oauth_timestamp' => '1377183099', 'oauth_consumer_key' => 'a6aa81cc3e65e2960a4879392445e718', 'oauth_signature' => 'VNg4mhFlXk7%2FvsxMqqUd5DWIj9s%3D' )
string	$requestUrl	- The request Url.
string	$httpMethod	- (default: 'POST')

Returns

array - The request token/secret pair.

array (
        'oauth_token' => 'gshsjkndtyhwjhdbutfgbsnhtrequikf',
        'oauth_token_secret' => 'gshsjkndtyhwjhdbutfgbsnhtrequikf'
)

Exceptions

}

Implements OauthInterface.

Definition at line 66 of file Oauth.php.

    {
        $this->_validateProtocolParams($params);
        $consumer = $this->_tokenProvider->getConsumerByKey($params['oauth_consumer_key']);
        $this->_tokenProvider->validateConsumer($consumer);
        $this->_validateSignature($params, $consumer->getSecret(), $httpMethod, $requestUrl);

        return $this->_tokenProvider->createRequestToken($consumer);
    }

getSupportedSignatureMethods()

static getSupportedSignatureMethods ( )

static

Retrieve array of supported signature methods.

Returns

string[] - Supported HMAC-SHA1 and HMAC-SHA256 signature methods.

Definition at line 58 of file Oauth.php.

    {
        return [self::SIGNATURE_SHA1, self::SIGNATURE_SHA256];
    }

validateAccessToken()

validateAccessToken

(

$accessToken

)

{Validate an access token string.

Parameters

string

$accessToken

- The access token.

Returns

int - Consumer ID if the access token is valid.

Exceptions

}

Implements OauthInterface.

Definition at line 130 of file Oauth.php.

    {
        return $this->_tokenProvider->validateAccessToken($accessToken);
    }

validateAccessTokenRequest()

validateAccessTokenRequest	(		$params,
			$requestUrl,
			$httpMethod = 'POST'
	)

{Validate an access token request.

Parameters

array	$params	- Array containing parameters necessary for validating Access Token. array ( 'oauth_version' => '1.0', 'oauth_signature_method' => 'HMAC-SHA1', 'oauth_token' => 'a6aa81cc3e65e2960a487939244sssss', 'oauth_nonce' => 'rI7PSWxTZRHWU3R', 'oauth_timestamp' => '1377183099', 'oauth_consumer_key' => 'a6aa81cc3e65e2960a4879392445e718', 'oauth_signature' => 'VNg4mhFlXk7%2FvsxMqqUd5DWIj9s%3D' )
string	$requestUrl	- The request Url.
string	$httpMethod	- (default: 'POST')

Returns

int Consumer ID.

Exceptions

}

Implements OauthInterface.

Definition at line 107 of file Oauth.php.

    {
        $required = [
            'oauth_consumer_key',
            'oauth_signature',
            'oauth_signature_method',
            'oauth_nonce',
            'oauth_timestamp',
            'oauth_token',
        ];

        $this->_validateProtocolParams($params, $required);
        $consumer = $this->_tokenProvider->getConsumerByKey($params['oauth_consumer_key']);
        $tokenSecret = $this->_tokenProvider->validateAccessTokenRequest($params['oauth_token'], $consumer);

        $this->_validateSignature($params, $consumer->getSecret(), $httpMethod, $requestUrl, $tokenSecret);

        return $consumer->getId();
    }

Field Documentation

$_httpUtility

$_httpUtility

protected

Definition at line 22 of file Oauth.php.

$_nonceGenerator

$_nonceGenerator

protected

Definition at line 27 of file Oauth.php.

$_oauthHelper

$_oauthHelper

protected

Definition at line 17 of file Oauth.php.

$_tokenProvider

$_tokenProvider

protected

Definition at line 32 of file Oauth.php.

---

The documentation for this class was generated from the following file:

• vendor/magento/framework/Oauth/Oauth.php