X-Git-Url: https://git.mxchange.org/?a=blobdiff_plain;f=library%2FOAuth1.php;h=0db6fabcbe8c490f06885e3213d465712ee642e8;hb=4fd1a17f0662d089d2d729aabdf04a883464ab05;hp=67a94c4790b0648888ad630563c1284987faebef;hpb=5f2f64406407839d0a9d906e0ad165067d90d130;p=friendica.git diff --git a/library/OAuth1.php b/library/OAuth1.php index 67a94c4790..0db6fabcbe 100644 --- a/library/OAuth1.php +++ b/library/OAuth1.php @@ -27,6 +27,10 @@ class OAuthToken { public $key; public $secret; + public $expires; + public $scope; + public $uid; + /** * key = the token * secret = the token secret @@ -85,7 +89,8 @@ abstract class OAuthSignatureMethod { */ public function check_signature($request, $consumer, $token, $signature) { $built = $this->build_signature($request, $consumer, $token); - return $built == $signature; + //echo "
"; var_dump($signature, $built, ($built == $signature)); killme(); + return ($built == $signature); } } @@ -113,7 +118,9 @@ class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod { $key_parts = OAuthUtil::urlencode_rfc3986($key_parts); $key = implode('&', $key_parts); - return base64_encode(hash_hmac('sha1', $base_string, $key, true)); + + $r = base64_encode(hash_hmac('sha1', $base_string, $key, true)); + return $r; } } @@ -282,7 +289,12 @@ class OAuthRequest { } } - + // fix for friendica redirect system + + $http_url = substr($http_url, 0, strpos($http_url,$parameters['q'])+strlen($parameters['q'])); + unset( $parameters['q'] ); + + //echo "".__function__."\n"; var_dump($http_method, $http_url, $parameters, $_SERVER['REQUEST_URI']); killme(); return new OAuthRequest($http_method, $http_url, $parameters); } @@ -544,6 +556,7 @@ class OAuthServer { public function verify_request(&$request) { $this->get_version($request); $consumer = $this->get_consumer($request); + //echo __file__.__line__.__function__.""; var_dump($consumer); die(); $token = $this->get_token($request, $consumer, "access"); $this->check_signature($request, $consumer, $token); return array($consumer, $token); @@ -642,6 +655,7 @@ class OAuthServer { $token, $signature ); + if (!$valid_sig) { throw new OAuthException("Invalid signature");