oauth2-php: lib/OAuth2Client.inc Source File

Go to the documentation of this file.
00001 <?php
00002 
00003 /**
00004  * The default Cache Lifetime (in seconds).
00005  */
00006 define("OAUTH2_DEFAULT_EXPIRES_IN", 3600);
00007 
00008 /**
00009  * The default Base domain for the Cookie.
00010  */
00011 define("OAUTH2_DEFAULT_BASE_DOMAIN", '');
00012 
00013 /**
00014  * OAuth2.0 draft v10 client-side implementation.
00015  *
00016  * @author Originally written by Naitik Shah <naitik@facebook.com>.
00017  * @author Update to draft v10 by Edison Wong <hswong3i@pantarei-design.com>.
00018  *
00019  * @sa <a href="https://github.com/facebook/php-sdk">Facebook PHP SDK</a>.
00020  */
00021 abstract class OAuth2Client {
00022 
00023   /**
00024    * Array of persistent variables stored.
00025    */
00026   protected $conf = array();
00027 
00028   /**
00029    * Returns a persistent variable.
00030    *
00031    * To avoid problems, always use lower case for persistent variable names.
00032    *
00033    * @param $name
00034    *   The name of the variable to return.
00035    * @param $default
00036    *   The default value to use if this variable has never been set.
00037    *
00038    * @return
00039    *   The value of the variable.
00040    */
00041   public function getVariable($name, $default = NULL) {
00042     return isset($this->conf[$name]) ? $this->conf[$name] : $default;
00043   }
00044 
00045   /**
00046    * Sets a persistent variable.
00047    *
00048    * To avoid problems, always use lower case for persistent variable names.
00049    *
00050    * @param $name
00051    *   The name of the variable to set.
00052    * @param $value
00053    *   The value to set.
00054    */
00055   public function setVariable($name, $value) {
00056     $this->conf[$name] = $value;
00057     return $this;
00058   }
00059 
00060   // Stuff that should get overridden by subclasses.
00061   //
00062   // I don't want to make these abstract, because then subclasses would have
00063   // to implement all of them, which is too much work.
00064   //
00065   // So they're just stubs. Override the ones you need.
00066 
00067   /**
00068    * Initialize a Drupal OAuth2.0 Application.
00069    *
00070    * @param $config
00071    *   An associative array as below:
00072    *   - base_uri: The base URI for the OAuth2.0 endpoints.
00073    *   - code: (optional) The authorization code.
00074    *   - username: (optional) The username.
00075    *   - password: (optional) The password.
00076    *   - client_id: (optional) The application ID.
00077    *   - client_secret: (optional) The application secret.
00078    *   - authorize_uri: (optional) The end-user authorization endpoint URI.
00079    *   - access_token_uri: (optional) The token endpoint URI.
00080    *   - services_uri: (optional) The services endpoint URI.
00081    *   - cookie_support: (optional) TRUE to enable cookie support.
00082    *   - base_domain: (optional) The domain for the cookie.
00083    *   - file_upload_support: (optional) TRUE if file uploads are enabled.
00084    */
00085   public function __construct($config = array()) {
00086     // We must set base_uri first.
00087     $this->setVariable('base_uri', $config['base_uri']);
00088     unset($config['base_uri']);
00089 
00090     // Use predefined OAuth2.0 params, or get it from $_REQUEST.
00091     foreach (array('code', 'username', 'password') as $name) {
00092       if (isset($config[$name]))
00093         $this->setVariable($name, $config[$name]);
00094       else if (isset($_REQUEST[$name]) && !empty($_REQUEST[$name]))
00095         $this->setVariable($name, $_REQUEST[$name]);
00096       unset($config[$name]);
00097     }
00098 
00099     // Endpoint URIs.
00100     foreach (array('authorize_uri', 'access_token_uri', 'services_uri') as $name) {
00101       if (isset($config[$name]))
00102         if (substr($config[$name], 0, 4) == "http")
00103           $this->setVariable($name, $config[$name]);
00104         else
00105           $this->setVariable($name, $this->getVariable('base_uri') . $config[$name]);
00106       unset($config[$name]);
00107     }
00108 
00109     // Other else configurations.
00110     foreach ($config as $name => $value) {
00111       $this->setVariable($name, $value);
00112     }
00113   }
00114 
00115   /**
00116    * Try to get session object from custom method.
00117    *
00118    * By default we generate session object based on access_token response, or
00119    * if it is provided from server with $_REQUEST. For sure, if it is provided
00120    * by server it should follow our session object format.
00121    *
00122    * Session object provided by server can ensure the correct expirse and
00123    * base_domain setup as predefined in server, also you may get more useful
00124    * information for custom functionality, too. BTW, this may require for
00125    * additional remote call overhead.
00126    *
00127    * You may wish to override this function with your custom version due to
00128    * your own server-side implementation.
00129    *
00130    * @param $access_token
00131    *   (optional) A valid access token in associative array as below:
00132    *   - access_token: A valid access_token generated by OAuth2.0
00133    *     authorization endpoint.
00134    *   - expires_in: (optional) A valid expires_in generated by OAuth2.0
00135    *     authorization endpoint.
00136    *   - refresh_token: (optional) A valid refresh_token generated by OAuth2.0
00137    *     authorization endpoint.
00138    *   - scope: (optional) A valid scope generated by OAuth2.0
00139    *     authorization endpoint.
00140    *
00141    *  @return
00142    *    A valid session object in associative array for setup cookie, and
00143    *    NULL if not able to generate it with custom method.
00144    */
00145   protected function getSessionObject($access_token = NULL) {
00146     $session = NULL;
00147 
00148     // Try generate local version of session cookie.
00149     if (!empty($access_token) && isset($access_token['access_token'])) {
00150       $session['access_token'] = $access_token['access_token'];
00151       $session['base_domain'] = $this->getVariable('base_domain', OAUTH2_DEFAULT_BASE_DOMAIN);
00152       $session['expirse'] = isset($access_token['expires_in']) ? time() + $access_token['expires_in'] : time() + $this->getVariable('expires_in', OAUTH2_DEFAULT_EXPIRES_IN);
00153       $session['refresh_token'] = isset($access_token['refresh_token']) ? $access_token['refresh_token'] : '';
00154       $session['scope'] = isset($access_token['scope']) ? $access_token['scope'] : '';
00155       $session['secret'] = md5(base64_encode(pack('N6', mt_rand(), mt_rand(), mt_rand(), mt_rand(), mt_rand(), uniqid())));
00156 
00157       // Provide our own signature.
00158       $sig = self::generateSignature(
00159         $session,
00160         $this->getVariable('client_secret')
00161       );
00162       $session['sig'] = $sig;
00163     }
00164 
00165     // Try loading session from $_REQUEST.
00166     if (!$session && isset($_REQUEST['session'])) {
00167       $session = json_decode(
00168         get_magic_quotes_gpc()
00169           ? stripslashes($_REQUEST['session'])
00170           : $_REQUEST['session'],
00171         TRUE
00172       );
00173     }
00174 
00175     return $session;
00176   }
00177 
00178   /**
00179    * Make an API call.
00180    *
00181    * Support both OAuth2.0 or normal GET/POST API call, with relative
00182    * or absolute URI.
00183    *
00184    * If no valid OAuth2.0 access token found in session object, this function
00185    * will automatically switch as normal remote API call without "oauth_token"
00186    * parameter.
00187    *
00188    * Assume server reply in JSON object and always decode during return. If
00189    * you hope to issue a raw query, please use makeRequest().
00190    *
00191    * @param $path
00192    *   The target path, relative to base_path/service_uri or an absolute URI.
00193    * @param $method
00194    *   (optional) The HTTP method (default 'GET').
00195    * @param $params
00196    *   (optional The GET/POST parameters.
00197    *
00198    * @return
00199    *   The JSON decoded response object.
00200    *
00201    * @throws OAuth2Exception
00202    */
00203   public function api($path, $method = 'GET', $params = array()) {
00204     if (is_array($method) && empty($params)) {
00205       $params = $method;
00206       $method = 'GET';
00207     }
00208 
00209     // json_encode all params values that are not strings.
00210     foreach ($params as $key => $value) {
00211       if (!is_string($value)) {
00212         $params[$key] = json_encode($value);
00213       }
00214     }
00215 
00216     $result = json_decode($this->makeOAuth2Request(
00217       $this->getUri($path),
00218       $method,
00219       $params
00220     ), TRUE);
00221 
00222     // Results are returned, errors are thrown.
00223     if (is_array($result) && isset($result['error'])) {
00224       $e = new OAuth2Exception($result);
00225       switch ($e->getType()) {
00226         // OAuth 2.0 Draft 10 style.
00227         case 'invalid_token':
00228           $this->setSession(NULL);
00229         default:
00230           $this->setSession(NULL);
00231       }
00232       throw $e;
00233     }
00234     return $result;
00235   }
00236 
00237   // End stuff that should get overridden.
00238 
00239   /**
00240    * Default options for cURL.
00241    */
00242   public static $CURL_OPTS = array(
00243     CURLOPT_CONNECTTIMEOUT => 10,
00244     CURLOPT_RETURNTRANSFER => TRUE,
00245     CURLOPT_HEADER         => TRUE,
00246     CURLOPT_TIMEOUT        => 60,
00247     CURLOPT_USERAGENT      => 'oauth2-draft-v10',
00248     CURLOPT_HTTPHEADER     => array("Accept: application/json"),
00249   );
00250 
00251   /**
00252    * Set the Session.
00253    *
00254    * @param $session
00255    *   (optional) The session object to be set. NULL if hope to frush existing
00256    *   session object.
00257    * @param $write_cookie
00258    *   (optional) TRUE if a cookie should be written. This value is ignored
00259    *   if cookie support has been disabled.
00260    *
00261    * @return
00262    *   The current OAuth2.0 client-side instance.
00263    */
00264   public function setSession($session = NULL, $write_cookie = TRUE) {
00265     $this->setVariable('_session', $this->validateSessionObject($session));
00266     $this->setVariable('_session_loaded', TRUE);
00267     if ($write_cookie) {
00268       $this->setCookieFromSession($this->getVariable('_session'));
00269     }
00270     return $this;
00271   }
00272 
00273   /**
00274    * Get the session object.
00275    *
00276    * This will automatically look for a signed session via custom method,
00277    * OAuth2.0 grant type with authorization_code, OAuth2.0 grant type with
00278    * password, or cookie that we had already setup.
00279    *
00280    * @return
00281    *   The valid session object with OAuth2.0 infomration, and NULL if not
00282    *   able to discover any cases.
00283    */
00284   public function getSession() {
00285     if (!$this->getVariable('_session_loaded')) {
00286       $session = NULL;
00287       $write_cookie = TRUE;
00288 
00289       // Try obtain login session by custom method.
00290       $session = $this->getSessionObject(NULL);
00291       $session = $this->validateSessionObject($session);
00292 
00293       // grant_type == authorization_code.
00294       if (!$session && $this->getVariable('code')) {
00295         $access_token = $this->getAccessTokenFromAuthorizationCode($this->getVariable('code'));
00296         $session = $this->getSessionObject($access_token);
00297         $session = $this->validateSessionObject($session);
00298       }
00299 
00300       // grant_type == password.
00301       if (!$session && $this->getVariable('username') && $this->getVariable('password')) {
00302         $access_token = $this->getAccessTokenFromPassword($this->getVariable('username'), $this->getVariable('password'));
00303         $session = $this->getSessionObject($access_token);
00304         $session = $this->validateSessionObject($session);
00305       }
00306 
00307       // Try loading session from cookie if necessary.
00308       if (!$session && $this->getVariable('cookie_support')) {
00309         $cookie_name = $this->getSessionCookieName();
00310         if (isset($_COOKIE[$cookie_name])) {
00311           $session = array();
00312           parse_str(trim(
00313             get_magic_quotes_gpc()
00314               ? stripslashes($_COOKIE[$cookie_name])
00315               : $_COOKIE[$cookie_name],
00316             '"'
00317           ), $session);
00318           $session = $this->validateSessionObject($session);
00319           // Write only if we need to delete a invalid session cookie.
00320           $write_cookie = empty($session);
00321         }
00322       }
00323 
00324       $this->setSession($session, $write_cookie);
00325     }
00326 
00327     return $this->getVariable('_session');
00328   }
00329 
00330   /**
00331    * Gets an OAuth2.0 access token from session.
00332    *
00333    * This will trigger getSession() and so we MUST initialize with required
00334    * configuration.
00335    *
00336    * @return
00337    *   The valid OAuth2.0 access token, and NULL if not exists in session.
00338    */
00339   public function getAccessToken() {
00340     $session = $this->getSession();
00341     return isset($session['access_token']) ? $session['access_token'] : NULL;
00342   }
00343 
00344   /**
00345    * Get access token from OAuth2.0 token endpoint with authorization code.
00346    *
00347    * This function will only be activated if both access token URI, client
00348    * identifier and client secret are setup correctly.
00349    *
00350    * @param $code
00351    *   Authorization code issued by authorization server's authorization
00352    *   endpoint.
00353    *
00354    * @return
00355    *   A valid OAuth2.0 JSON decoded access token in associative array, and
00356    *   NULL if not enough parameters or JSON decode failed.
00357    */
00358   private function getAccessTokenFromAuthorizationCode($code) {
00359     if ($this->getVariable('access_token_uri') && $this->getVariable('client_id') && $this->getVariable('client_secret')) {
00360       return json_decode($this->makeRequest(
00361         $this->getVariable('access_token_uri'),
00362         'POST',
00363         array(
00364           'grant_type' => 'authorization_code',
00365           'client_id' => $this->getVariable('client_id'),
00366           'client_secret' => $this->getVariable('client_secret'),
00367           'code' => $code,
00368           'redirect_uri' => $this->getCurrentUri(),
00369         )
00370       ), TRUE);
00371     }
00372     return NULL;
00373   }
00374 
00375   /**
00376    * Get access token from OAuth2.0 token endpoint with basic user
00377    * credentials.
00378    *
00379    * This function will only be activated if both username and password
00380    * are setup correctly.
00381    *
00382    * @param $username
00383    *   Username to be check with.
00384    * @param $password
00385    *   Password to be check with.
00386    *
00387    * @return
00388    *   A valid OAuth2.0 JSON decoded access token in associative array, and
00389    *   NULL if not enough parameters or JSON decode failed.
00390    */
00391   private function getAccessTokenFromPassword($username, $password) {
00392     if ($this->getVariable('access_token_uri') && $this->getVariable('client_id') && $this->getVariable('client_secret')) {
00393       return json_decode($this->makeRequest(
00394         $this->getVariable('access_token_uri'),
00395         'POST',
00396         array(
00397           'grant_type' => 'password',
00398           'client_id' => $this->getVariable('client_id'),
00399           'client_secret' => $this->getVariable('client_secret'),
00400           'username' => $username,
00401           'password' => $password,
00402         )
00403       ), TRUE);
00404     }
00405     return NULL;
00406   }
00407 
00408   /**
00409    * Make an OAuth2.0 Request.
00410    *
00411    * Automatically append "oauth_token" in query parameters if not yet
00412    * exists and able to discover a valid access token from session. Otherwise
00413    * just ignore setup with "oauth_token" and handle the API call AS-IS, and
00414    * so may issue a plain API call without OAuth2.0 protection.
00415    *
00416    * @param $path
00417    *   The target path, relative to base_path/service_uri or an absolute URI.
00418    * @param $method
00419    *   (optional) The HTTP method (default 'GET').
00420    * @param $params
00421    *   (optional The GET/POST parameters.
00422    *
00423    * @return
00424    *   The JSON decoded response object.
00425    *
00426    * @throws OAuth2Exception
00427    */
00428   protected function makeOAuth2Request($path, $method = 'GET', $params = array()) {
00429     if ((!isset($params['oauth_token']) || empty($params['oauth_token'])) && $oauth_token = $this->getAccessToken()) {
00430       $params['oauth_token'] = $oauth_token;
00431     }
00432     return $this->makeRequest($path, $method, $params);
00433   }
00434 
00435   /**
00436    * Makes an HTTP request.
00437    *
00438    * This method can be overriden by subclasses if developers want to do
00439    * fancier things or use something other than cURL to make the request.
00440    *
00441    * @param $path
00442    *   The target path, relative to base_path/service_uri or an absolute URI.
00443    * @param $method
00444    *   (optional) The HTTP method (default 'GET').
00445    * @param $params
00446    *   (optional The GET/POST parameters.
00447    * @param $ch
00448    *   (optional) An initialized curl handle
00449    *
00450    * @return
00451    *   The JSON decoded response object.
00452    */
00453   protected function makeRequest($path, $method = 'GET', $params = array(), $ch = NULL) {
00454     if (!$ch)
00455       $ch = curl_init();
00456 
00457     $opts = self::$CURL_OPTS;
00458     if ($params) {
00459       switch ($method) {
00460         case 'GET':
00461           $path .= '?' . http_build_query($params, NULL, '&');
00462           break;
00463         // Method override as we always do a POST.
00464         default:
00465           if ($this->getVariable('file_upload_support')) {
00466             $opts[CURLOPT_POSTFIELDS] = $params;
00467           }
00468           else {
00469             $opts[CURLOPT_POSTFIELDS] = http_build_query($params, NULL, '&');
00470           }
00471       }
00472     }
00473     $opts[CURLOPT_URL] = $path;
00474 
00475     // Disable the 'Expect: 100-continue' behaviour. This causes CURL to wait
00476     // for 2 seconds if the server does not support this header.
00477     if (isset($opts[CURLOPT_HTTPHEADER])) {
00478       $existing_headers = $opts[CURLOPT_HTTPHEADER];
00479       $existing_headers[] = 'Expect:';
00480       $opts[CURLOPT_HTTPHEADER] = $existing_headers;
00481     }
00482     else {
00483       $opts[CURLOPT_HTTPHEADER] = array('Expect:');
00484     }
00485 
00486     curl_setopt_array($ch, $opts);
00487     $result = curl_exec($ch);
00488 
00489     if (curl_errno($ch) == 60) { // CURLE_SSL_CACERT
00490       error_log('Invalid or no certificate authority found, using bundled information');
00491       curl_setopt($ch, CURLOPT_CAINFO,
00492                   dirname(__FILE__) . '/fb_ca_chain_bundle.crt');
00493       $result = curl_exec($ch);
00494     }
00495 
00496     if ($result === FALSE) {
00497       $e = new OAuth2Exception(array(
00498         'code' => curl_errno($ch),
00499         'message' => curl_error($ch),
00500       ));
00501       curl_close($ch);
00502       throw $e;
00503     }
00504     curl_close($ch);
00505 
00506     // Split the HTTP response into header and body.
00507     list($headers, $body) = explode("\r\n\r\n", $result);
00508     $headers = explode("\r\n", $headers);
00509 
00510     // We catch HTTP/1.1 4xx or HTTP/1.1 5xx error response.
00511     if (strpos($headers[0], 'HTTP/1.1 4') !== FALSE || strpos($headers[0], 'HTTP/1.1 5') !== FALSE) {
00512       $result = array(
00513         'code' => 0,
00514         'message' => '',
00515       );
00516 
00517       if (preg_match('/^HTTP\/1.1 ([0-9]{3,3}) (.*)$/', $headers[0], $matches)) {
00518         $result['code'] = $matches[1];
00519         $result['message'] = $matches[2];
00520       }
00521 
00522       // In case retrun with WWW-Authenticate replace the description.
00523       foreach ($headers as $header) {
00524         if (preg_match("/^WWW-Authenticate:.*error='(.*)'/", $header, $matches)) {
00525           $result['error'] = $matches[1];
00526         }
00527       }
00528 
00529       return json_encode($result);
00530     }
00531 
00532     return $body;
00533   }
00534 
00535   /**
00536    * The name of the cookie that contains the session object.
00537    *
00538    * @return
00539    *   The cookie name.
00540    */
00541   private function getSessionCookieName() {
00542     return 'oauth2_' . $this->getVariable('client_id');
00543   }
00544 
00545   /**
00546    * Set a JS Cookie based on the _passed in_ session.
00547    *
00548    * It does not use the currently stored session - you need to explicitly
00549    * pass it in.
00550    *
00551    * @param $session
00552    *   The session to use for setting the cookie.
00553    */
00554   protected function setCookieFromSession($session = NULL) {
00555     if (!$this->getVariable('cookie_support'))
00556       return;
00557 
00558     $cookie_name = $this->getSessionCookieName();
00559     $value = 'deleted';
00560     $expires = time() - 3600;
00561     $base_domain = $this->getVariable('base_domain', OAUTH2_DEFAULT_BASE_DOMAIN);
00562     if ($session) {
00563       $value = '"' . http_build_query($session, NULL, '&') . '"';
00564       $base_domain = isset($session['base_domain']) ? $session['base_domain'] : $base_domain;
00565       $expires = isset($session['expires']) ? $session['expires'] : time() + $this->getVariable('expires_in', OAUTH2_DEFAULT_EXPIRES_IN);
00566     }
00567 
00568     // Prepend dot if a domain is found.
00569     if ($base_domain)
00570       $base_domain = '.' . $base_domain;
00571 
00572     // If an existing cookie is not set, we dont need to delete it.
00573     if ($value == 'deleted' && empty($_COOKIE[$cookie_name]))
00574       return;
00575 
00576     if (headers_sent())
00577       error_log('Could not set cookie. Headers already sent.');
00578     else
00579       setcookie($cookie_name, $value, $expires, '/', $base_domain);
00580   }
00581 
00582   /**
00583    * Validates a session_version = 3 style session object.
00584    *
00585    * @param $session
00586    *   The session object.
00587    *
00588    * @return
00589    *   The session object if it validates, NULL otherwise.
00590    */
00591   protected function validateSessionObject($session) {
00592     // Make sure some essential fields exist.
00593     if (is_array($session) && isset($session['access_token']) && isset($session['sig'])) {
00594       // Validate the signature.
00595       $session_without_sig = $session;
00596       unset($session_without_sig['sig']);
00597 
00598       $expected_sig = self::generateSignature(
00599         $session_without_sig,
00600         $this->getVariable('client_secret')
00601       );
00602 
00603       if ($session['sig'] != $expected_sig) {
00604         error_log('Got invalid session signature in cookie.');
00605         $session = NULL;
00606       }
00607     }
00608     else {
00609       $session = NULL;
00610     }
00611     return $session;
00612   }
00613 
00614   /**
00615    * Since $_SERVER['REQUEST_URI'] is only available on Apache, we
00616    * generate an equivalent using other environment variables.
00617    */
00618   function getRequestUri() {
00619     if (isset($_SERVER['REQUEST_URI'])) {
00620       $uri = $_SERVER['REQUEST_URI'];
00621     }
00622     else {
00623       if (isset($_SERVER['argv'])) {
00624         $uri = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['argv'][0];
00625       }
00626       elseif (isset($_SERVER['QUERY_STRING'])) {
00627         $uri = $_SERVER['SCRIPT_NAME'] . '?' . $_SERVER['QUERY_STRING'];
00628       }
00629       else {
00630         $uri = $_SERVER['SCRIPT_NAME'];
00631       }
00632     }
00633     // Prevent multiple slashes to avoid cross site requests via the Form API.
00634     $uri = '/' . ltrim($uri, '/');
00635 
00636     return $uri;
00637   }
00638 
00639   /**
00640    * Returns the Current URL.
00641    *
00642    * @return
00643    *   The current URL.
00644    */
00645   protected function getCurrentUri() {
00646     $protocol = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on'
00647       ? 'https://'
00648       : 'http://';
00649     $current_uri = $protocol . $_SERVER['HTTP_HOST'] . $this->getRequestUri();
00650     $parts = parse_url($current_uri);
00651 
00652     $query = '';
00653     if (!empty($parts['query'])) {
00654       $params = array();
00655       parse_str($parts['query'], $params);
00656       $params = array_filter($params);
00657       if (!empty($params)) {
00658         $query = '?' . http_build_query($params, NULL, '&');
00659       }
00660     }
00661 
00662     // Use port if non default.
00663     $port = isset($parts['port']) &&
00664       (($protocol === 'http://' && $parts['port'] !== 80) || ($protocol === 'https://' && $parts['port'] !== 443))
00665       ? ':' . $parts['port'] : '';
00666 
00667     // Rebuild.
00668     return $protocol . $parts['host'] . $port . $parts['path'] . $query;
00669   }
00670 
00671   /**
00672    * Build the URL for given path and parameters.
00673    *
00674    * @param $path
00675    *   (optional) The path.
00676    * @param $params
00677    *   (optional) The query parameters in associative array.
00678    *
00679    * @return
00680    *   The URL for the given parameters.
00681    */
00682   protected function getUri($path = '', $params = array()) {
00683     $url = $this->getVariable('services_uri') ? $this->getVariable('services_uri') : $this->getVariable('base_uri');
00684 
00685     if (!empty($path))
00686       if (substr($path, 0, 4) == "http")
00687         $url = $path;
00688       else
00689         $url = rtrim($url, '/') . '/' . ltrim($path, '/');
00690 
00691     if (!empty($params))
00692       $url .= '?' . http_build_query($params, NULL, '&');
00693 
00694     return $url;
00695   }
00696 
00697   /**
00698    * Generate a signature for the given params and secret.
00699    *
00700    * @param $params
00701    *   The parameters to sign.
00702    * @param $secret
00703    *   The secret to sign with.
00704    *
00705    * @return
00706    *   The generated signature
00707    */
00708   protected function generateSignature($params, $secret) {
00709     // Work with sorted data.
00710     ksort($params);
00711 
00712     // Generate the base string.
00713     $base_string = '';
00714     foreach ($params as $key => $value) {
00715       $base_string .= $key . '=' . $value;
00716     }
00717     $base_string .= $secret;
00718 
00719     return md5($base_string);
00720   }
00721 }
���Ŵ�����

lib/OAuth2Client.inc

��Ŵ��
