Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/OAuth/src/Backend/MWOAuthSignatureMethod_RSA_SHA1.php
blob: 46e7b63fa800b9896986c512afd2909c81411f49 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61

<?php

namespace MediaWiki\Extensions\OAuth\Backend;

use MediaWiki\Extensions\OAuth\Lib\OAuthDataStore;
use MediaWiki\Extensions\OAuth\Lib\OAuthException;
use MediaWiki\Extensions\OAuth\Lib\OAuthRequest;
use MediaWiki\Extensions\OAuth\Lib\OAuthSignatureMethod_RSA_SHA1;

class MWOAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod_RSA_SHA1 {
	/** @var MWOAuthDataStore */
	protected $store;
	/** @var string PEM encoded RSA private key */
	private $privateKey;

	/**
	 * @param OAuthDataStore $store
	 * @param string|null $privateKey RSA private key, passed to openssl_get_privatekey
	 */
	public function __construct( OAuthDataStore $store, $privateKey = null ) {
		$this->store = $store;
		$this->privateKey = $privateKey;

		if ( $privateKey !== null ) {
			$key = openssl_pkey_get_private( $privateKey );
			if ( !$key ) {
				throw new OAuthException( "Invalid private key given" );
			}
			$details = openssl_pkey_get_details( $key );
			if ( $details['type'] !== OPENSSL_KEYTYPE_RSA ) {
				throw new OAuthException( "Key is not an RSA key" );
			}
			openssl_pkey_free( $key );
		}
	}

	/**
	 * Get the public certificate, used to verify the request. In our case, we get
	 * the Consumer's key, and lookup the registered cert from the datastore.
	 * @param OAuthRequest &$request request recieved by the server, that we're going to verify
	 * @return string representing the public certificate
	 */
	protected function fetch_public_cert( &$request ) {
		$consumerKey = $request->get_parameter( 'oauth_consumer_key' );
		return $this->store->getRSAKey( $consumerKey );
	}

	/**
	 * If you want to reuse this code to write your Consumer, implement
	 * this function to get your private key, so you can sign the request.
	 * @param OAuthRequest &$request
	 * @return string
	 * @throws OAuthException
	 */
	protected function fetch_private_cert( &$request ) {
		if ( $this->privateKey === null ) {
			throw new OAuthException( "No private key was set" );
		}
		return $this->privateKey;
	}
}