Refs #3115. Moved oauth_lib to oauth_api.

git-svn-id: http://code.elgg.org/elgg/trunk@8715 36083f99-b078-4883-b0ff-0f9b5a30f544

1 files changed, 95 insertions, 0 deletions

diff --git a/mod/oauth_api/vendors/oauth/library/signature_method/OAuthSignatureMethod_MD5.php b/mod/oauth_api/vendors/oauth/library/signature_method/OAuthSignatureMethod_MD5.php
new file mode 100644
index 000000000..6f593a47f
--- /dev/null
+++ b/mod/oauth_api/vendors/oauth/library/signature_method/OAuthSignatureMethod_MD5.php
@@ -0,0 +1,95 @@
+<?php
+
+/**
+ * OAuth signature implementation using MD5
+ * 
+ * @version $Id$
+ * @author Marc Worrell <marcw@pobox.com>
+ * @date  Sep 8, 2008 12:09:43 PM
+ * 
+ * The MIT License
+ * 
+ * Copyright (c) 2007-2008 Mediamatic Lab
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be included in
+ * all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+ * THE SOFTWARE.
+ */
+
+require_once dirname(__FILE__).'/OAuthSignatureMethod.class.php';
+
+
+class OAuthSignatureMethod_MD5 extends OAuthSignatureMethod
+{
+	public function name ()
+	{
+		return 'MD5';
+	}
+
+
+	/**
+	 * Calculate the signature using MD5
+	 * Binary md5 digest, as distinct from PHP's built-in hexdigest.
+	 * This function is copyright Andy Smith, 2007.
+	 * 
+	 * @param OAuthRequest request
+	 * @param string base_string
+	 * @param string consumer_secret
+	 * @param string token_secret
+	 * @return string  
+	 */
+	function signature ( $request, $base_string, $consumer_secret, $token_secret )
+	{
+		$s  .= '&'.$request->urlencode($consumer_secret).'&'.$request->urlencode($token_secret);
+		$md5 = md5($base_string);
+		$bin = '';
+		
+		for ($i = 0; $i < strlen($md5); $i += 2)
+		{
+		    $bin .= chr(hexdec($md5{$i+1}) + hexdec($md5{$i}) * 16);
+		}
+		return $request->urlencode(base64_encode($bin));
+	}
+
+
+	/**
+	 * Check if the request signature corresponds to the one calculated for the request.
+	 * 
+	 * @param OAuthRequest request
+	 * @param string base_string	data to be signed, usually the base string, can be a request body
+	 * @param string consumer_secret
+	 * @param string token_secret
+	 * @param string signature		from the request, still urlencoded
+	 * @return string
+	 */
+	public function verify ( $request, $base_string, $consumer_secret, $token_secret, $signature )
+	{
+		$a = $request->urldecode($signature);
+		$b = $request->urldecode($this->signature($request, $base_string, $consumer_secret, $token_secret));
+
+		// We have to compare the decoded values
+		$valA  = base64_decode($a);
+		$valB  = base64_decode($b);
+
+		// Crude binary comparison
+		return rawurlencode($a) == rawurlencode($b);
+	}
+}
+
+/* vi:set ts=4 sts=4 sw=4 binary noeol: */
+
+?>
\ No newline at end of file