1
|
|
|
<?php |
2
|
|
|
|
3
|
|
|
namespace CMPayments\GuzzlePSPAuthenticationMiddleware; |
4
|
|
|
|
5
|
|
|
use Psr\Http\Message\RequestInterface; |
6
|
|
|
|
7
|
|
|
/** |
8
|
|
|
* Class ConnectionMiddleware |
9
|
|
|
* |
10
|
|
|
* @package CMPayments\GuzzlePSPAuthenticationMiddleware |
11
|
|
|
*/ |
12
|
|
|
class AuthenticationMiddleware |
13
|
|
|
{ |
14
|
|
|
/** |
15
|
|
|
* @var string |
16
|
|
|
*/ |
17
|
|
|
private $key; |
18
|
|
|
|
19
|
|
|
/** |
20
|
|
|
* @var string |
21
|
|
|
*/ |
22
|
|
|
private $secret; |
23
|
|
|
|
24
|
|
|
/** |
25
|
|
|
* @var NonceGeneratorInterface |
26
|
|
|
*/ |
27
|
|
|
private $nonceGenerator; |
28
|
|
|
|
29
|
|
|
/** |
30
|
|
|
* @var TimestampGeneratorInterface |
31
|
|
|
*/ |
32
|
|
|
private $timestampGenerator; |
33
|
|
|
|
34
|
|
|
/** |
35
|
|
|
* AuthenticationMiddleware constructor. |
36
|
|
|
* |
37
|
|
|
* @param string $key OAuth-Consumer-Key |
38
|
|
|
* @param string $secret OAuth-Consumer-Secret |
39
|
|
|
*/ |
40
|
2 |
|
public function __construct($key, $secret) |
41
|
|
|
{ |
42
|
2 |
|
$this->key = $key; |
43
|
2 |
|
$this->secret = $secret; |
44
|
|
|
|
45
|
2 |
|
$this->nonceGenerator = new RandomNonceGenerator(); |
46
|
2 |
|
$this->timestampGenerator = new RandomTimestampGenerator(); |
47
|
2 |
|
} |
48
|
|
|
|
49
|
|
|
/** |
50
|
|
|
* Overwrite the nonceGenerator-class. Used for the unit-test |
51
|
|
|
* |
52
|
|
|
* @param NonceGeneratorInterface $nonceGenerator |
53
|
|
|
*/ |
54
|
2 |
|
public function setNonceGenerator($nonceGenerator) |
55
|
|
|
{ |
56
|
2 |
|
$this->nonceGenerator = $nonceGenerator; |
57
|
2 |
|
} |
58
|
|
|
|
59
|
|
|
/** |
60
|
|
|
* Overwrite the timestampGenerator-class. Used for the unit-test |
61
|
|
|
* |
62
|
|
|
* @param TimestampGeneratorInterface $timestampGenerator |
63
|
|
|
*/ |
64
|
2 |
|
public function setTimestampGenerator($timestampGenerator) |
65
|
|
|
{ |
66
|
2 |
|
$this->timestampGenerator = $timestampGenerator; |
67
|
2 |
|
} |
68
|
|
|
|
69
|
|
|
|
70
|
|
|
/** |
71
|
|
|
* This function is called by Guzzle in order to initiate the middleware. |
72
|
|
|
* |
73
|
|
|
* @param callable $handler Representation of an outgoing, client-side request. |
74
|
|
|
* |
75
|
|
|
* @return \Closure |
76
|
|
|
*/ |
77
|
|
|
public function __invoke($handler) |
78
|
|
|
{ |
79
|
2 |
|
return function ($request, array $options) use ($handler) { |
80
|
2 |
|
$request = $this->onBefore($request); |
81
|
|
|
|
82
|
2 |
|
return $handler($request, $options); |
83
|
2 |
|
}; |
84
|
|
|
} |
85
|
|
|
|
86
|
|
|
/** |
87
|
|
|
* Before executing the request, add the extra headers |
88
|
|
|
* |
89
|
|
|
* @param RequestInterface $request |
90
|
|
|
* |
91
|
|
|
* @return RequestInterface |
92
|
|
|
*/ |
93
|
2 |
|
private function onBefore(RequestInterface $request) |
94
|
|
|
{ |
95
|
2 |
|
$headers = $this->createHeaders($request); |
96
|
2 |
|
foreach ($headers as $headerKey => $headerValue) { |
97
|
2 |
|
$request = $request->withHeader($headerKey, $headerValue); |
98
|
2 |
|
} |
99
|
|
|
|
100
|
2 |
|
return $request; |
101
|
|
|
} |
102
|
|
|
|
103
|
|
|
/** |
104
|
|
|
* Calculate/determine the required headers for the request. |
105
|
|
|
* |
106
|
|
|
* @param RequestInterface $request |
107
|
|
|
* |
108
|
|
|
* @return string[] The headers for the request |
|
|
|
|
109
|
|
|
*/ |
110
|
2 |
|
private function createHeaders(RequestInterface $request) |
111
|
|
|
{ |
112
|
2 |
|
$nonce = $this->nonceGenerator->generate(); |
113
|
2 |
|
$timestamp = $this->timestampGenerator->generate(); |
114
|
2 |
|
|
115
|
2 |
|
/** @var array $data */ |
116
|
1 |
|
$data = $this->createDataElement($request, $nonce, $timestamp); |
117
|
1 |
|
|
118
|
2 |
|
$payload = $request->getMethod() . |
119
|
2 |
|
'&' . rawurlencode((string)$request->getUri()) . |
120
|
2 |
|
'&' . implode(rawurlencode('&'), $data); |
121
|
2 |
|
|
122
|
2 |
|
$signkey = rawurlencode($this->key) . '&' . rawurlencode($this->secret); |
123
|
|
|
$hash = rawurlencode(base64_encode(hash_hmac('sha256', $payload, $signkey))); |
124
|
2 |
|
|
125
|
2 |
|
/** @var array $oauth_header */ |
126
|
2 |
|
$oauth_header = $this->createOAuthHeaders($nonce, $timestamp, $hash); |
127
|
|
|
|
128
|
2 |
|
$header = []; |
129
|
2 |
|
$header['Content-type'] = 'application/json'; |
130
|
|
|
$header['Authorization'] = 'OAuth ' . implode(', ', $oauth_header); |
131
|
2 |
|
|
132
|
2 |
|
return $header; |
133
|
2 |
|
} |
134
|
2 |
|
|
135
|
2 |
|
/** |
136
|
2 |
|
* Create the data array for the payload |
137
|
2 |
|
* |
138
|
|
|
* @param RequestInterface $request |
139
|
2 |
|
* @param string $nonce The none which is generated |
140
|
2 |
|
* @param int $timestamp The timestamp which is generated |
141
|
2 |
|
* |
142
|
|
|
* @return array The data-array |
|
|
|
|
143
|
2 |
|
*/ |
144
|
|
|
private function createDataElement(RequestInterface $request, string $nonce, int $timestamp) |
145
|
|
|
{ |
146
|
|
|
$data = []; |
147
|
|
|
if ($request->getMethod() === 'POST') { |
148
|
|
|
$data[] = rawurlencode($request->getBody()->getContents()); |
149
|
|
|
} |
150
|
|
|
$data[] = rawurlencode('oauth_consumer_key=' . $this->key); |
151
|
|
|
$data[] = rawurlencode('oauth_nonce=' . $nonce); |
152
|
|
|
$data[] = rawurlencode('oauth_signature_method=HMAC-SHA256'); |
153
|
|
|
$data[] = rawurlencode('oauth_timestamp=' . $timestamp); |
154
|
|
|
$data[] = rawurlencode('oauth_version=1.0'); |
155
|
|
|
|
156
|
|
|
return $data; |
157
|
|
|
} |
158
|
|
|
|
159
|
|
|
/** |
160
|
|
|
* Create the oAuth headers |
161
|
|
|
* |
162
|
|
|
* @param string $nonce The generated nonce |
163
|
|
|
* @param int $timestamp The generated timestamp |
164
|
|
|
* @param string $hash The created hash |
165
|
|
|
* |
166
|
|
|
* @return array The headers for the request |
|
|
|
|
167
|
|
|
*/ |
168
|
|
|
private function createOAuthHeaders(string $nonce, int $timestamp, string $hash) |
169
|
|
|
{ |
170
|
|
|
$oauth_header = []; |
171
|
|
|
$oauth_header[] = 'oauth_consumer_key="' . $this->key . '"'; |
172
|
|
|
$oauth_header[] = 'oauth_nonce="' . $nonce . '"'; |
173
|
|
|
$oauth_header[] = 'oauth_signature="' . $hash . '"'; |
174
|
|
|
$oauth_header[] = 'oauth_signature_method="HMAC-SHA256"'; |
175
|
|
|
$oauth_header[] = 'oauth_timestamp="' . $timestamp . '"'; |
176
|
|
|
$oauth_header[] = 'oauth_version="1.0"'; |
177
|
|
|
return $oauth_header; |
178
|
|
|
} |
179
|
|
|
} |
180
|
|
|
|
This check compares the return type specified in the
@return
annotation of a function or method doc comment with the types returned by the function and raises an issue if they mismatch.