Current Path : C:/xampp/htdocs/moodle/lib/ltiprovider/src/OAuth/ |
Current File : C:/xampp/htdocs/moodle/lib/ltiprovider/src/OAuth/OAuthSignatureMethod.php |
<?php namespace IMSGlobal\LTI\OAuth; /** * Class to represent an %OAuth Signature Method * * @copyright Andy Smith * @version 2008-08-04 * @license https://opensource.org/licenses/MIT The MIT License */ /** * A class for implementing a Signature Method * See section 9 ("Signing Requests") in the spec */ abstract class OAuthSignatureMethod { /** * Needs to return the name of the Signature Method (ie HMAC-SHA1) * @return string */ abstract public function get_name(); /** * Build up the signature * NOTE: The output of this function MUST NOT be urlencoded. * the encoding is handled in OAuthRequest when the final * request is serialized * @param OAuthRequest $request * @param OAuthConsumer $consumer * @param OAuthToken $token * @return string */ abstract public function build_signature($request, $consumer, $token); /** * Verifies that a given signature is correct * @param OAuthRequest $request * @param OAuthConsumer $consumer * @param OAuthToken $token * @param string $signature * @return bool */ public function check_signature($request, $consumer, $token, $signature) { $built = $this->build_signature($request, $consumer, $token); // Check for zero length, although unlikely here if (strlen($built) == 0 || strlen($signature) == 0) { return false; } if (strlen($built) != strlen($signature)) { return false; } // Avoid a timing leak with a (hopefully) time insensitive compare $result = 0; for ($i = 0; $i < strlen($signature); $i++) { $result |= ord($built[$i]) ^ ord($signature[$i]); } return $result == 0; } }