blob: 46e7b63fa800b9896986c512afd2909c81411f49 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
|
<?php
namespace MediaWiki\Extensions\OAuth\Backend;
use MediaWiki\Extensions\OAuth\Lib\OAuthDataStore;
use MediaWiki\Extensions\OAuth\Lib\OAuthException;
use MediaWiki\Extensions\OAuth\Lib\OAuthRequest;
use MediaWiki\Extensions\OAuth\Lib\OAuthSignatureMethod_RSA_SHA1;
class MWOAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod_RSA_SHA1 {
/** @var MWOAuthDataStore */
protected $store;
/** @var string PEM encoded RSA private key */
private $privateKey;
/**
* @param OAuthDataStore $store
* @param string|null $privateKey RSA private key, passed to openssl_get_privatekey
*/
public function __construct( OAuthDataStore $store, $privateKey = null ) {
$this->store = $store;
$this->privateKey = $privateKey;
if ( $privateKey !== null ) {
$key = openssl_pkey_get_private( $privateKey );
if ( !$key ) {
throw new OAuthException( "Invalid private key given" );
}
$details = openssl_pkey_get_details( $key );
if ( $details['type'] !== OPENSSL_KEYTYPE_RSA ) {
throw new OAuthException( "Key is not an RSA key" );
}
openssl_pkey_free( $key );
}
}
/**
* Get the public certificate, used to verify the request. In our case, we get
* the Consumer's key, and lookup the registered cert from the datastore.
* @param OAuthRequest &$request request recieved by the server, that we're going to verify
* @return string representing the public certificate
*/
protected function fetch_public_cert( &$request ) {
$consumerKey = $request->get_parameter( 'oauth_consumer_key' );
return $this->store->getRSAKey( $consumerKey );
}
/**
* If you want to reuse this code to write your Consumer, implement
* this function to get your private key, so you can sign the request.
* @param OAuthRequest &$request
* @return string
* @throws OAuthException
*/
protected function fetch_private_cert( &$request ) {
if ( $this->privateKey === null ) {
throw new OAuthException( "No private key was set" );
}
return $this->privateKey;
}
}
|