Edit File by line
/home/barbar84/public_h.../wp-conte.../plugins/updraftp.../vendor/eher/oauth/src/Eher/OAuth
File: Request.php
<?php
[0] Fix | Delete
[1] Fix | Delete
namespace Eher\OAuth;
[2] Fix | Delete
[3] Fix | Delete
class Request {
[4] Fix | Delete
protected $parameters;
[5] Fix | Delete
protected $http_method;
[6] Fix | Delete
protected $http_url;
[7] Fix | Delete
// for debug purposes
[8] Fix | Delete
public $base_string;
[9] Fix | Delete
public static $version = '1.0';
[10] Fix | Delete
public static $POST_INPUT = 'php://input';
[11] Fix | Delete
[12] Fix | Delete
function __construct($http_method, $http_url, $parameters=NULL) {
[13] Fix | Delete
$parameters = ($parameters) ? $parameters : array();
[14] Fix | Delete
$parameters = array_merge( Util::parse_parameters(parse_url($http_url, PHP_URL_QUERY)), $parameters);
[15] Fix | Delete
$this->parameters = $parameters;
[16] Fix | Delete
$this->http_method = $http_method;
[17] Fix | Delete
$this->http_url = $http_url;
[18] Fix | Delete
}
[19] Fix | Delete
[20] Fix | Delete
[21] Fix | Delete
/**
[22] Fix | Delete
* attempt to build up a request from what was passed to the server
[23] Fix | Delete
*/
[24] Fix | Delete
public static function from_request($http_method=NULL, $http_url=NULL, $parameters=NULL) {
[25] Fix | Delete
$scheme = (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on")
[26] Fix | Delete
? 'http'
[27] Fix | Delete
: 'https';
[28] Fix | Delete
$http_url = ($http_url) ? $http_url : $scheme .
[29] Fix | Delete
'://' . $_SERVER['HTTP_HOST'] .
[30] Fix | Delete
':' .
[31] Fix | Delete
$_SERVER['SERVER_PORT'] .
[32] Fix | Delete
$_SERVER['REQUEST_URI'];
[33] Fix | Delete
$http_method = ($http_method) ? $http_method : $_SERVER['REQUEST_METHOD'];
[34] Fix | Delete
[35] Fix | Delete
// We weren't handed any parameters, so let's find the ones relevant to
[36] Fix | Delete
// this request.
[37] Fix | Delete
// If you run XML-RPC or similar you should use this to provide your own
[38] Fix | Delete
// parsed parameter-list
[39] Fix | Delete
if (!$parameters) {
[40] Fix | Delete
// Find request headers
[41] Fix | Delete
$request_headers = Util::get_headers();
[42] Fix | Delete
[43] Fix | Delete
// Parse the query-string to find GET parameters
[44] Fix | Delete
$parameters = Util::parse_parameters($_SERVER['QUERY_STRING']);
[45] Fix | Delete
[46] Fix | Delete
// It's a POST request of the proper content-type, so parse POST
[47] Fix | Delete
// parameters and add those overriding any duplicates from GET
[48] Fix | Delete
if ($http_method == "POST"
[49] Fix | Delete
&& isset($request_headers['Content-Type'])
[50] Fix | Delete
&& strstr($request_headers['Content-Type'],
[51] Fix | Delete
'application/x-www-form-urlencoded')
[52] Fix | Delete
) {
[53] Fix | Delete
$post_data = Util::parse_parameters(
[54] Fix | Delete
file_get_contents(self::$POST_INPUT)
[55] Fix | Delete
);
[56] Fix | Delete
$parameters = array_merge($parameters, $post_data);
[57] Fix | Delete
}
[58] Fix | Delete
[59] Fix | Delete
// We have a Authorization-header with OAuth data. Parse the header
[60] Fix | Delete
// and add those overriding any duplicates from GET or POST
[61] Fix | Delete
if (isset($request_headers['Authorization']) && substr($request_headers['Authorization'], 0, 6) == 'OAuth ') {
[62] Fix | Delete
$header_parameters = Util::split_header(
[63] Fix | Delete
$request_headers['Authorization']
[64] Fix | Delete
);
[65] Fix | Delete
$parameters = array_merge($parameters, $header_parameters);
[66] Fix | Delete
}
[67] Fix | Delete
[68] Fix | Delete
}
[69] Fix | Delete
[70] Fix | Delete
return new Request($http_method, $http_url, $parameters);
[71] Fix | Delete
}
[72] Fix | Delete
[73] Fix | Delete
/**
[74] Fix | Delete
* pretty much a helper function to set up the request
[75] Fix | Delete
*/
[76] Fix | Delete
public static function from_consumer_and_token($consumer, $token, $http_method, $http_url, $parameters=NULL) {
[77] Fix | Delete
$parameters = ($parameters) ? $parameters : array();
[78] Fix | Delete
$defaults = array("oauth_version" => Request::$version,
[79] Fix | Delete
"oauth_nonce" => Request::generate_nonce(),
[80] Fix | Delete
"oauth_timestamp" => Request::generate_timestamp(),
[81] Fix | Delete
"oauth_consumer_key" => $consumer->key);
[82] Fix | Delete
if ($token)
[83] Fix | Delete
$defaults['oauth_token'] = $token->key;
[84] Fix | Delete
[85] Fix | Delete
$parameters = array_merge($defaults, $parameters);
[86] Fix | Delete
[87] Fix | Delete
return new Request($http_method, $http_url, $parameters);
[88] Fix | Delete
}
[89] Fix | Delete
[90] Fix | Delete
public function set_parameter($name, $value, $allow_duplicates = true) {
[91] Fix | Delete
if ($allow_duplicates && isset($this->parameters[$name])) {
[92] Fix | Delete
// We have already added parameter(s) with this name, so add to the list
[93] Fix | Delete
if (is_scalar($this->parameters[$name])) {
[94] Fix | Delete
// This is the first duplicate, so transform scalar (string)
[95] Fix | Delete
// into an array so we can add the duplicates
[96] Fix | Delete
$this->parameters[$name] = array($this->parameters[$name]);
[97] Fix | Delete
}
[98] Fix | Delete
[99] Fix | Delete
$this->parameters[$name][] = $value;
[100] Fix | Delete
} else {
[101] Fix | Delete
$this->parameters[$name] = $value;
[102] Fix | Delete
}
[103] Fix | Delete
}
[104] Fix | Delete
[105] Fix | Delete
public function get_parameter($name) {
[106] Fix | Delete
return isset($this->parameters[$name]) ? $this->parameters[$name] : null;
[107] Fix | Delete
}
[108] Fix | Delete
[109] Fix | Delete
public function get_parameters() {
[110] Fix | Delete
return $this->parameters;
[111] Fix | Delete
}
[112] Fix | Delete
[113] Fix | Delete
public function unset_parameter($name) {
[114] Fix | Delete
unset($this->parameters[$name]);
[115] Fix | Delete
}
[116] Fix | Delete
[117] Fix | Delete
/**
[118] Fix | Delete
* The request parameters, sorted and concatenated into a normalized string.
[119] Fix | Delete
* @return string
[120] Fix | Delete
*/
[121] Fix | Delete
public function get_signable_parameters() {
[122] Fix | Delete
// Grab all parameters
[123] Fix | Delete
$params = $this->parameters;
[124] Fix | Delete
[125] Fix | Delete
// Remove oauth_signature if present
[126] Fix | Delete
// Ref: Spec: 9.1.1 ("The oauth_signature parameter MUST be excluded.")
[127] Fix | Delete
if (isset($params['oauth_signature'])) {
[128] Fix | Delete
unset($params['oauth_signature']);
[129] Fix | Delete
}
[130] Fix | Delete
[131] Fix | Delete
return Util::build_http_query($params);
[132] Fix | Delete
}
[133] Fix | Delete
[134] Fix | Delete
/**
[135] Fix | Delete
* Returns the base string of this request
[136] Fix | Delete
*
[137] Fix | Delete
* The base string defined as the method, the url
[138] Fix | Delete
* and the parameters (normalized), each urlencoded
[139] Fix | Delete
* and the concated with &.
[140] Fix | Delete
*/
[141] Fix | Delete
public function get_signature_base_string() {
[142] Fix | Delete
$parts = array(
[143] Fix | Delete
$this->get_normalized_http_method(),
[144] Fix | Delete
$this->get_normalized_http_url(),
[145] Fix | Delete
$this->get_signable_parameters()
[146] Fix | Delete
);
[147] Fix | Delete
[148] Fix | Delete
$parts = Util::urlencode_rfc3986($parts);
[149] Fix | Delete
[150] Fix | Delete
return implode('&', $parts);
[151] Fix | Delete
}
[152] Fix | Delete
[153] Fix | Delete
/**
[154] Fix | Delete
* just uppercases the http method
[155] Fix | Delete
*/
[156] Fix | Delete
public function get_normalized_http_method() {
[157] Fix | Delete
return strtoupper($this->http_method);
[158] Fix | Delete
}
[159] Fix | Delete
[160] Fix | Delete
/**
[161] Fix | Delete
* parses the url and rebuilds it to be
[162] Fix | Delete
* scheme://host/path
[163] Fix | Delete
*/
[164] Fix | Delete
public function get_normalized_http_url() {
[165] Fix | Delete
$parts = parse_url($this->http_url);
[166] Fix | Delete
[167] Fix | Delete
$scheme = (isset($parts['scheme'])) ? $parts['scheme'] : 'http';
[168] Fix | Delete
$port = (isset($parts['port'])) ? $parts['port'] : (($scheme == 'https') ? '443' : '80');
[169] Fix | Delete
$host = (isset($parts['host'])) ? $parts['host'] : '';
[170] Fix | Delete
$path = (isset($parts['path'])) ? $parts['path'] : '';
[171] Fix | Delete
[172] Fix | Delete
if (($scheme == 'https' && $port != '443')
[173] Fix | Delete
|| ($scheme == 'http' && $port != '80')) {
[174] Fix | Delete
$host = "$host:$port";
[175] Fix | Delete
}
[176] Fix | Delete
return "$scheme://$host$path";
[177] Fix | Delete
}
[178] Fix | Delete
[179] Fix | Delete
/**
[180] Fix | Delete
* builds a url usable for a GET request
[181] Fix | Delete
*/
[182] Fix | Delete
public function to_url() {
[183] Fix | Delete
$post_data = $this->to_postdata();
[184] Fix | Delete
$out = $this->get_normalized_http_url();
[185] Fix | Delete
if ($post_data) {
[186] Fix | Delete
$out .= '?'.$post_data;
[187] Fix | Delete
}
[188] Fix | Delete
return $out;
[189] Fix | Delete
}
[190] Fix | Delete
[191] Fix | Delete
/**
[192] Fix | Delete
* builds the data one would send in a POST request
[193] Fix | Delete
*/
[194] Fix | Delete
public function to_postdata() {
[195] Fix | Delete
return Util::build_http_query($this->parameters);
[196] Fix | Delete
}
[197] Fix | Delete
[198] Fix | Delete
/**
[199] Fix | Delete
* builds the Authorization: header
[200] Fix | Delete
*/
[201] Fix | Delete
public function to_header($realm=null) {
[202] Fix | Delete
$first = true;
[203] Fix | Delete
if($realm) {
[204] Fix | Delete
$out = 'Authorization: OAuth realm="' . Util::urlencode_rfc3986($realm) . '"';
[205] Fix | Delete
$first = false;
[206] Fix | Delete
} else
[207] Fix | Delete
$out = 'Authorization: OAuth';
[208] Fix | Delete
[209] Fix | Delete
$total = array();
[210] Fix | Delete
foreach ($this->parameters as $k => $v) {
[211] Fix | Delete
if (substr($k, 0, 5) != "oauth") continue;
[212] Fix | Delete
if (is_array($v)) {
[213] Fix | Delete
throw new OAuthException('Arrays not supported in headers');
[214] Fix | Delete
}
[215] Fix | Delete
$out .= ($first) ? ' ' : ',';
[216] Fix | Delete
$out .= Util::urlencode_rfc3986($k) .
[217] Fix | Delete
'="' .
[218] Fix | Delete
Util::urlencode_rfc3986($v) .
[219] Fix | Delete
'"';
[220] Fix | Delete
$first = false;
[221] Fix | Delete
}
[222] Fix | Delete
return $out;
[223] Fix | Delete
}
[224] Fix | Delete
[225] Fix | Delete
public function __toString() {
[226] Fix | Delete
return $this->to_url();
[227] Fix | Delete
}
[228] Fix | Delete
[229] Fix | Delete
[230] Fix | Delete
public function sign_request($signature_method, $consumer, $token) {
[231] Fix | Delete
$this->set_parameter(
[232] Fix | Delete
"oauth_signature_method",
[233] Fix | Delete
$signature_method->get_name(),
[234] Fix | Delete
false
[235] Fix | Delete
);
[236] Fix | Delete
$signature = $this->build_signature($signature_method, $consumer, $token);
[237] Fix | Delete
$this->set_parameter("oauth_signature", $signature, false);
[238] Fix | Delete
}
[239] Fix | Delete
[240] Fix | Delete
public function build_signature($signature_method, $consumer, $token) {
[241] Fix | Delete
$signature = $signature_method->build_signature($this, $consumer, $token);
[242] Fix | Delete
return $signature;
[243] Fix | Delete
}
[244] Fix | Delete
[245] Fix | Delete
/**
[246] Fix | Delete
* util function: current timestamp
[247] Fix | Delete
*/
[248] Fix | Delete
private static function generate_timestamp() {
[249] Fix | Delete
return time();
[250] Fix | Delete
}
[251] Fix | Delete
[252] Fix | Delete
/**
[253] Fix | Delete
* util function: current nonce
[254] Fix | Delete
*/
[255] Fix | Delete
private static function generate_nonce() {
[256] Fix | Delete
$mt = microtime();
[257] Fix | Delete
$rand = mt_rand();
[258] Fix | Delete
[259] Fix | Delete
return md5($mt . $rand); // md5s look nicer than numbers
[260] Fix | Delete
}
[261] Fix | Delete
}
[262] Fix | Delete
[263] Fix | Delete
[264] Fix | Delete
It is recommended that you Edit text format, this type of Fix handles quite a lot in one request
Function