| 1 |
efrain |
1 |
<?php
|
|
|
2 |
|
|
|
3 |
namespace IMSGlobal\LTI\OAuth;
|
|
|
4 |
|
|
|
5 |
/**
|
|
|
6 |
* Class to represent an %OAuth HMAC_SHA256 signature method
|
|
|
7 |
*
|
|
|
8 |
* @author Stephen P Vickers <svickers@imsglobal.org>
|
|
|
9 |
* @copyright IMS Global Learning Consortium Inc
|
|
|
10 |
* @date 2016
|
|
|
11 |
* @version 2015-11-30
|
|
|
12 |
* @license https://opensource.org/licenses/MIT The MIT License
|
|
|
13 |
*/
|
|
|
14 |
/**
|
|
|
15 |
* The HMAC-SHA256 signature method uses the HMAC-SHA256 signature algorithm as defined in [RFC6234]
|
|
|
16 |
* where the Signature Base String is the text and the key is the concatenated values (each first
|
|
|
17 |
* encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&'
|
|
|
18 |
* character (ASCII code 38) even if empty.
|
|
|
19 |
*/
|
|
|
20 |
#[\AllowDynamicProperties]
|
|
|
21 |
class OAuthSignatureMethod_HMAC_SHA256 extends OAuthSignatureMethod {
|
|
|
22 |
|
|
|
23 |
function get_name() {
|
|
|
24 |
return "HMAC-SHA256";
|
|
|
25 |
}
|
|
|
26 |
|
|
|
27 |
public function build_signature($request, $consumer, $token) {
|
|
|
28 |
|
|
|
29 |
$base_string = $request->get_signature_base_string();
|
|
|
30 |
$request->base_string = $base_string;
|
|
|
31 |
|
|
|
32 |
$key_parts = array(
|
|
|
33 |
$consumer->secret,
|
|
|
34 |
($token) ? $token->secret : ""
|
|
|
35 |
);
|
|
|
36 |
|
|
|
37 |
$key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
|
|
|
38 |
$key = implode('&', $key_parts);
|
|
|
39 |
|
|
|
40 |
return base64_encode(hash_hmac('sha256', $base_string, $key, true));
|
|
|
41 |
|
|
|
42 |
}
|
|
|
43 |
|
|
|
44 |
}
|