1
|
|
|
<?php |
2
|
|
|
/** |
3
|
|
|
* SocialConnect project |
4
|
|
|
* @author: Andreas Heigl https://github.com/heiglandreas <[email protected]> |
5
|
|
|
*/ |
6
|
|
|
|
7
|
|
|
namespace SocialConnect\OAuth1\Signature; |
8
|
|
|
|
9
|
|
|
use SocialConnect\Provider\Consumer; |
10
|
|
|
use SocialConnect\OAuth1\Request; |
11
|
|
|
use SocialConnect\OAuth1\Token; |
12
|
|
|
use SocialConnect\OAuth1\Util; |
13
|
|
|
|
14
|
|
|
class MethodRSASHA1 extends AbstractSignatureMethod |
15
|
|
|
{ |
16
|
|
|
/** |
17
|
|
|
* @var string Path to the private key used for signing |
18
|
|
|
*/ |
19
|
|
|
private $privateKey; |
20
|
|
|
|
21
|
|
|
/** |
22
|
|
|
* MethodRSASHA1 constructor. |
23
|
|
|
* |
24
|
|
|
* @param string $privateKey The path to the private key used for signing |
25
|
|
|
*/ |
26
|
6 |
|
public function __construct($privateKey) |
27
|
|
|
{ |
28
|
6 |
|
if (!is_readable($privateKey)) { |
29
|
1 |
|
throw new \InvalidArgumentException('The private key is not readable'); |
30
|
|
|
} |
31
|
|
|
|
32
|
5 |
|
if (!function_exists('openssl_pkey_get_private')) { |
33
|
|
|
throw new \InvalidArgumentException('The OpenSSL-Extension seems not to be available. That is necessary to handle RSA-SHA1'); |
34
|
|
|
} |
35
|
|
|
|
36
|
5 |
|
$this->privateKey = $privateKey; |
37
|
5 |
|
} |
38
|
|
|
|
39
|
|
|
/** |
40
|
|
|
* @return string |
41
|
|
|
*/ |
42
|
1 |
|
public function getName() |
43
|
|
|
{ |
44
|
1 |
|
return 'RSA-SHA1'; |
45
|
|
|
} |
46
|
|
|
|
47
|
|
|
/** |
48
|
|
|
* @param Request $request |
49
|
|
|
* @param Consumer $consumer |
50
|
|
|
* @param Token $token |
51
|
|
|
* @return string |
52
|
|
|
*/ |
53
|
1 |
|
public function buildSignature(Request $request, Consumer $consumer, Token $token) |
54
|
|
|
{ |
55
|
1 |
|
$signatureBase = $request->getSignatureBaseString(); |
56
|
1 |
|
$parts = [$consumer->getSecret(), null !== $token ? $token->getSecret() : '']; |
57
|
|
|
|
58
|
1 |
|
$parts = Util::urlencodeRFC3986($parts); |
59
|
1 |
|
$key = implode('&', $parts); |
|
|
|
|
60
|
|
|
|
61
|
1 |
|
$certificate = openssl_pkey_get_private('file://' . $this->privateKey); |
62
|
1 |
|
$privateKeyId = openssl_get_privatekey($certificate); |
63
|
1 |
|
$signature = null; |
64
|
1 |
|
openssl_sign($signatureBase, $signature, $privateKeyId); |
65
|
1 |
|
openssl_free_key($privateKeyId); |
66
|
|
|
|
67
|
1 |
|
return base64_encode($signature); |
68
|
|
|
} |
69
|
|
|
} |
70
|
|
|
|
This check looks for variable assignements that are either overwritten by other assignments or where the variable is not used subsequently.
Both the
$myVar
assignment in line 1 and the$higher
assignment in line 2 are dead. The first because$myVar
is never used and the second because$higher
is always overwritten for every possible time line.