LTI Integration Library 4.10.3
PHP class library for building LTI integrations
 
Loading...
Searching...
No Matches
OAuthUtil.php
1<?php
2
3namespace ceLTIc\LTI\OAuth;
4
12class OAuthUtil
13{
14
22 public static function urlencode_rfc3986($input)
23 {
24 if (is_array($input)) {
25 return array_map(array('ceLTIc\LTI\OAuth\OAuthUtil', 'urlencode_rfc3986'), $input);
26 } elseif (is_scalar($input)) {
27 return str_replace('+', ' ', str_replace('%7E', '~', rawurlencode($input)));
28 } else {
29 return '';
30 }
31 }
32
44 public static function urldecode_rfc3986($string)
45 {
46 return urldecode($string);
47 }
48
62 public static function split_header($header, $only_allow_oauth_parameters = true)
63 {
64 $params = array();
65 if (preg_match_all('/(' . ($only_allow_oauth_parameters ? 'oauth_' : '') . '[a-z_-]*)=(:?"([^"]*)"|([^,]*))/', $header,
66 $matches)) {
67 foreach ($matches[1] as $i => $h) {
68 $params[$h] = OAuthUtil::urldecode_rfc3986(empty($matches[3][$i]) ? $matches[4][$i] : $matches[3][$i]);
69 }
70 if (isset($params['realm'])) {
71 unset($params['realm']);
72 }
73 }
74
75 return $params;
76 }
77
83 public static function get_headers()
84 {
85 if (function_exists('apache_request_headers')) {
86 // we need this to get the actual Authorization: header
87 // because apache tends to tell us it doesn't exist
88 $headers = apache_request_headers();
89
90 // sanitize the output of apache_request_headers because
91 // we always want the keys to be Cased-Like-This and arh()
92 // returns the headers in the same case as they are in the
93 // request
94 $out = array();
95 foreach ($headers AS $key => $value) {
96 $key = str_replace(" ", "-", ucwords(strtolower(str_replace("-", " ", $key))));
97 $out[$key] = $value;
98 }
99 } else {
100 // otherwise we don't have apache and are just going to have to hope
101 // that $_SERVER actually contains what we need
102 $out = array();
103 if (isset($_SERVER['CONTENT_TYPE']))
104 $out['Content-Type'] = $_SERVER['CONTENT_TYPE'];
105 if (isset($_ENV['CONTENT_TYPE']))
106 $out['Content-Type'] = $_ENV['CONTENT_TYPE'];
107
108 foreach ($_SERVER as $key => $value) {
109 if (substr($key, 0, 5) == 'HTTP_') {
110 // this is chaos, basically it is just there to capitalize the first
111 // letter of every word that is not an initial HTTP and strip HTTP
112 // code from przemek
113 $key = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($key, 5)))));
114 $out[$key] = $value;
115 }
116 }
117 }
118 return $out;
119 }
120
132 public static function parse_parameters($input)
133 {
134 if (!isset($input) || !$input)
135 return array();
136
137 $pairs = explode('&', $input);
138
139 $parsed_parameters = array();
140 foreach ($pairs as $pair) {
141 $split = explode('=', $pair, 2);
142 $parameter = self::urldecode_rfc3986($split[0]);
143 $value = isset($split[1]) ? self::urldecode_rfc3986($split[1]) : '';
144
145 if (isset($parsed_parameters[$parameter])) {
146 // We have already recieved parameter(s) with this name, so add to the list
147 // of parameters with this name
148
149 if (is_scalar($parsed_parameters[$parameter])) {
150 // This is the first duplicate, so transform scalar (string) into an array
151 // so we can add the duplicates
152 $parsed_parameters[$parameter] = array($parsed_parameters[$parameter]);
153 }
154
155 $parsed_parameters[$parameter][] = $value;
156 } else {
157 $parsed_parameters[$parameter] = $value;
158 }
159 }
160
161 return $parsed_parameters;
162 }
163
171 public static function build_http_query($params)
172 {
173 if (!$params)
174 return '';
175
176 // Urlencode both keys and values
177 $keys = OAuthUtil::urlencode_rfc3986(array_keys($params));
178 $values = OAuthUtil::urlencode_rfc3986(array_values($params));
179 $params = array_combine($keys, $values);
180
181 // Parameters are sorted by name, using lexicographical byte value ordering.
182 // Ref: Spec: 9.1.1 (1)
183 uksort($params, 'strcmp');
184
185 $pairs = array();
186 foreach ($params as $parameter => $value) {
187 if (is_array($value)) {
188 // If two or more parameters share the same name, they are sorted by their value
189 // Ref: Spec: 9.1.1 (1)
190 // June 12th, 2010 - changed to sort because of issue 164 by hidetaka
191 sort($value, SORT_STRING);
192 foreach ($value as $duplicate_value) {
193 $pairs[] = $parameter . '=' . $duplicate_value;
194 }
195 } else {
196 $pairs[] = $parameter . '=' . $value;
197 }
198 }
199
200 // For each parameter, the name is separated from the corresponding value by an '=' character (ASCII code 61)
201 // Each name-value pair is separated by an '&' character (ASCII code 38)
202 return implode('&', $pairs);
203 }
204
205}
ceLTIc\LTI\OAuth\OAuthUtil
Class to provide OAuth utility methods.
Definition OAuthUtil.php:13
ceLTIc\LTI\OAuth\OAuthUtil\build_http_query
static build_http_query($params)
Build HTTP query string.
Definition OAuthUtil.php:171
ceLTIc\LTI\OAuth\OAuthUtil\split_header
static split_header($header, $only_allow_oauth_parameters=true)
Utility function for turning the Authorization: header into parameters, has to do some unescaping.
Definition OAuthUtil.php:62
ceLTIc\LTI\OAuth\OAuthUtil\urldecode_rfc3986
static urldecode_rfc3986($string)
URL decode.
Definition OAuthUtil.php:44
ceLTIc\LTI\OAuth\OAuthUtil\urlencode_rfc3986
static urlencode_rfc3986($input)
URL encode.
Definition OAuthUtil.php:22
ceLTIc\LTI\OAuth\OAuthUtil\parse_parameters
static parse_parameters($input)
Parse parameters.
Definition OAuthUtil.php:132
ceLTIc\LTI\OAuth\OAuthUtil\get_headers
static get_headers()
Helper to try to sort out headers for people who aren't running apache.
Definition OAuthUtil.php:83