Zend_Gdata_HttpClient::filterHttpRequest PHP Méthode

Zend_Gdata_HttpClient Class Documentation Usage Examples Of Zend_Gdata_HttpClient::filterHttpRequest Afficher le fichier Open project: kimai/kimai

filterHttpRequest() public méthode

If both AuthSub and ClientLogin tokens are set, AuthSub takes precedence. If an AuthSub key is set, then secure AuthSub authentication is used, and the request is signed. Requests must be signed only with the private key corresponding to the public key registered with Google. If an AuthSub key is set, but openssl support is not enabled in the PHP installation, an exception is thrown.
public filterHttpRequest ( string $method, string $url, array $headers = [], string $body = null, string $contentType = null ) : array
$method string The HTTP method
$url string The URL
$headers array An associate array of headers to be sent with the request or null
$body string The body of the request or null
$contentType string The MIME content type of the body or null
Résultat array The processed values in an associative array, using the same names as the params 
    public function filterHttpRequest($method, $url, $headers = array(), $body = null, $contentType = null)
    {
        if ($this->getAuthSubToken() != null) {
            // AuthSub authentication
            if ($this->getAuthSubPrivateKeyId() != null) {
                // secure AuthSub
                $time = time();
                $nonce = Zend_Crypt_Math::randInteger(0, 999999999);
                $dataToSign = $method . ' ' . $url . ' ' . $time . ' ' . $nonce;
                // compute signature
                $pKeyId = $this->getAuthSubPrivateKeyId();
                $signSuccess = openssl_sign($dataToSign, $signature, $pKeyId, OPENSSL_ALGO_SHA1);
                if (!$signSuccess) {
                    require_once 'Zend/Gdata/App/Exception.php';
                    throw new Zend_Gdata_App_Exception('openssl_signing failure - returned false');
                }
                // encode signature
                $encodedSignature = base64_encode($signature);
                // final header
                $headers['authorization'] = 'AuthSub token="' . $this->getAuthSubToken() . '" ' . 'data="' . $dataToSign . '" ' . 'sig="' . $encodedSignature . '" ' . 'sigalg="rsa-sha1"';
            } else {
                // AuthSub without secure tokens
                $headers['authorization'] = 'AuthSub token="' . $this->getAuthSubToken() . '"';
            }
        } elseif ($this->getClientLoginToken() != null) {
            $headers['authorization'] = 'GoogleLogin auth=' . $this->getClientLoginToken();
        }
        return array('method' => $method, 'url' => $url, 'body' => $body, 'headers' => $headers, 'contentType' => $contentType);
    }

Usage Example

Exemple #1
0
 public function testSecureAuthSubSigning()
 {
     if (!extension_loaded('openssl')) {
         $this->markTestSkipped('The openssl extension is not available');
     } else {
         $c = new Zend_Gdata_HttpClient();
         $c->setAuthSubPrivateKeyFile("Zend/Gdata/_files/RsaKey.pem", null, true);
         $c->setAuthSubToken('abcdefg');
         $requestData = $c->filterHttpRequest('POST', 'http://www.example.com/feed', array(), 'foo bar', 'text/plain');
         $authHeaderCheckPassed = false;
         $headers = $requestData['headers'];
         foreach ($headers as $headerName => $headerValue) {
             if (strtolower($headerName) == 'authorization') {
                 preg_match('/data="([^"]*)"/', $headerValue, $matches);
                 $dataToSign = $matches[1];
                 preg_match('/sig="([^"]*)"/', $headerValue, $matches);
                 $sig = $matches[1];
                 if (function_exists('openssl_verify')) {
                     $fp = fopen('Zend/Gdata/_files/RsaCert.pem', 'r', true);
                     $cert = '';
                     while (!feof($fp)) {
                         $cert .= fread($fp, 8192);
                     }
                     fclose($fp);
                     $pubkeyid = openssl_get_publickey($cert);
                     $verified = openssl_verify($dataToSign, base64_decode($sig), $pubkeyid);
                     $this->assertEquals(1, $verified, 'The generated signature was unable ' . 'to be verified.');
                     $authHeaderCheckPassed = true;
                 }
             }
         }
         $this->assertEquals(true, $authHeaderCheckPassed, 'Auth header not found for sig verification.');
     }
 }
All Usage Examples Of Zend_Gdata_HttpClient::filterHttpRequest
Zend_Gdata_HttpClient
_prepareBody
filterHttpRequest
filterHttpResponse
getAdapter
getAuthSubPrivateKeyId
getAuthSubToken
getClientLoginToken
getStreamingRequest
resetParameters
setAdapter
setAuthSubPrivateKey
setAuthSubPrivateKeyFile
setAuthSubToken
setClientLoginToken
setRawDataStream
setStreamingRequest