Mercurial > nebulaweb3
comparison default/assets/vendors/theme-widgets/vendor/abraham/twitteroauth/src/SignatureMethod.php @ 0:1d038bc9b3d2 default tip
Up:default
| author | Liny <dev@neowd.com> |
|---|---|
| date | Sat, 31 May 2025 09:21:51 +0800 |
| parents | |
| children |
comparison
equal
deleted
inserted
replaced
| -1:000000000000 | 0:1d038bc9b3d2 |
|---|---|
| 1 <?php | |
| 2 /** | |
| 3 * The MIT License | |
| 4 * Copyright (c) 2007 Andy Smith | |
| 5 */ | |
| 6 namespace Abraham\TwitterOAuth; | |
| 7 | |
| 8 /** | |
| 9 * A class for implementing a Signature Method | |
| 10 * See section 9 ("Signing Requests") in the spec | |
| 11 */ | |
| 12 abstract class SignatureMethod | |
| 13 { | |
| 14 /** | |
| 15 * Needs to return the name of the Signature Method (ie HMAC-SHA1) | |
| 16 * | |
| 17 * @return string | |
| 18 */ | |
| 19 abstract public function getName(); | |
| 20 | |
| 21 /** | |
| 22 * Build up the signature | |
| 23 * NOTE: The output of this function MUST NOT be urlencoded. | |
| 24 * the encoding is handled in OAuthRequest when the final | |
| 25 * request is serialized | |
| 26 * | |
| 27 * @param Request $request | |
| 28 * @param Consumer $consumer | |
| 29 * @param Token $token | |
| 30 * | |
| 31 * @return string | |
| 32 */ | |
| 33 abstract public function buildSignature(Request $request, Consumer $consumer, Token $token = null); | |
| 34 | |
| 35 /** | |
| 36 * Verifies that a given signature is correct | |
| 37 * | |
| 38 * @param Request $request | |
| 39 * @param Consumer $consumer | |
| 40 * @param Token $token | |
| 41 * @param string $signature | |
| 42 * | |
| 43 * @return bool | |
| 44 */ | |
| 45 public function checkSignature(Request $request, Consumer $consumer, Token $token, $signature) | |
| 46 { | |
| 47 $built = $this->buildSignature($request, $consumer, $token); | |
| 48 | |
| 49 // Check for zero length, although unlikely here | |
| 50 if (strlen($built) == 0 || strlen($signature) == 0) { | |
| 51 return false; | |
| 52 } | |
| 53 | |
| 54 if (strlen($built) != strlen($signature)) { | |
| 55 return false; | |
| 56 } | |
| 57 | |
| 58 // Avoid a timing leak with a (hopefully) time insensitive compare | |
| 59 $result = 0; | |
| 60 for ($i = 0; $i < strlen($signature); $i++) { | |
| 61 $result |= ord($built{$i}) ^ ord($signature{$i}); | |
| 62 } | |
| 63 | |
| 64 return $result == 0; | |
| 65 } | |
| 66 } |