Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/OAuth/src/Backend/MWOAuthSignatureMethod_RSA_SHA1.php
diff options
context:
space:
mode:
Diffstat (limited to 'OAuth/src/Backend/MWOAuthSignatureMethod_RSA_SHA1.php')
-rw-r--r--OAuth/src/Backend/MWOAuthSignatureMethod_RSA_SHA1.php61
1 files changed, 61 insertions, 0 deletions
diff --git a/OAuth/src/Backend/MWOAuthSignatureMethod_RSA_SHA1.php b/OAuth/src/Backend/MWOAuthSignatureMethod_RSA_SHA1.php
new file mode 100644
index 00000000..46e7b63f
--- /dev/null
+++ b/OAuth/src/Backend/MWOAuthSignatureMethod_RSA_SHA1.php
@@ -0,0 +1,61 @@
+<?php
+
+namespace MediaWiki\Extensions\OAuth\Backend;
+
+use MediaWiki\Extensions\OAuth\Lib\OAuthDataStore;
+use MediaWiki\Extensions\OAuth\Lib\OAuthException;
+use MediaWiki\Extensions\OAuth\Lib\OAuthRequest;
+use MediaWiki\Extensions\OAuth\Lib\OAuthSignatureMethod_RSA_SHA1;
+
+class MWOAuthSignatureMethod_RSA_SHA1 extends OAuthSignatureMethod_RSA_SHA1 {
+ /** @var MWOAuthDataStore */
+ protected $store;
+ /** @var string PEM encoded RSA private key */
+ private $privateKey;
+
+ /**
+ * @param OAuthDataStore $store
+ * @param string|null $privateKey RSA private key, passed to openssl_get_privatekey
+ */
+ public function __construct( OAuthDataStore $store, $privateKey = null ) {
+ $this->store = $store;
+ $this->privateKey = $privateKey;
+
+ if ( $privateKey !== null ) {
+ $key = openssl_pkey_get_private( $privateKey );
+ if ( !$key ) {
+ throw new OAuthException( "Invalid private key given" );
+ }
+ $details = openssl_pkey_get_details( $key );
+ if ( $details['type'] !== OPENSSL_KEYTYPE_RSA ) {
+ throw new OAuthException( "Key is not an RSA key" );
+ }
+ openssl_pkey_free( $key );
+ }
+ }
+
+ /**
+ * Get the public certificate, used to verify the request. In our case, we get
+ * the Consumer's key, and lookup the registered cert from the datastore.
+ * @param OAuthRequest &$request request recieved by the server, that we're going to verify
+ * @return string representing the public certificate
+ */
+ protected function fetch_public_cert( &$request ) {
+ $consumerKey = $request->get_parameter( 'oauth_consumer_key' );
+ return $this->store->getRSAKey( $consumerKey );
+ }
+
+ /**
+ * If you want to reuse this code to write your Consumer, implement
+ * this function to get your private key, so you can sign the request.
+ * @param OAuthRequest &$request
+ * @return string
+ * @throws OAuthException
+ */
+ protected function fetch_private_cert( &$request ) {
+ if ( $this->privateKey === null ) {
+ throw new OAuthException( "No private key was set" );
+ }
+ return $this->privateKey;
+ }
+}