[44] | 1 | <?php
|
---|
| 2 | /**
|
---|
| 3 | * Zend Framework
|
---|
| 4 | *
|
---|
| 5 | * LICENSE
|
---|
| 6 | *
|
---|
| 7 | * This source file is subject to the new BSD license that is bundled
|
---|
| 8 | * with this package in the file LICENSE.txt.
|
---|
| 9 | * It is also available through the world-wide-web at this URL:
|
---|
| 10 | * http://framework.zend.com/license/new-bsd
|
---|
| 11 | * If you did not receive a copy of the license and are unable to
|
---|
| 12 | * obtain it through the world-wide-web, please send an email
|
---|
| 13 | * to license@zend.com so we can send you a copy immediately.
|
---|
| 14 | *
|
---|
| 15 | * @category Zend
|
---|
| 16 | * @package Zend_Gdata
|
---|
| 17 | * @subpackage Gdata
|
---|
| 18 | * @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
|
---|
| 19 | * @license http://framework.zend.com/license/new-bsd New BSD License
|
---|
| 20 | */
|
---|
| 21 |
|
---|
| 22 | /**
|
---|
| 23 | * Zend_Http_Client
|
---|
| 24 | */
|
---|
| 25 | require_once 'Zend/Http/Client.php';
|
---|
| 26 |
|
---|
| 27 | /**
|
---|
| 28 | * Gdata Http Client object.
|
---|
| 29 | *
|
---|
| 30 | * Class to extend the generic Zend Http Client with the ability to perform
|
---|
| 31 | * secure AuthSub requests
|
---|
| 32 | *
|
---|
| 33 | * @category Zend
|
---|
| 34 | * @package Zend_Gdata
|
---|
| 35 | * @subpackage Gdata
|
---|
| 36 | * @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
|
---|
| 37 | * @license http://framework.zend.com/license/new-bsd New BSD License
|
---|
| 38 | */
|
---|
| 39 | class Zend_Gdata_HttpClient extends Zend_Http_Client
|
---|
| 40 | {
|
---|
| 41 |
|
---|
| 42 | /**
|
---|
| 43 | * OpenSSL private key resource id
|
---|
| 44 | * This key is used for AuthSub authentication. If this value is set,
|
---|
| 45 | * it is assuemd that secure AuthSub is desired.
|
---|
| 46 | *
|
---|
| 47 | * @var resource
|
---|
| 48 | */
|
---|
| 49 | private $_authSubPrivateKeyId = null;
|
---|
| 50 |
|
---|
| 51 | /**
|
---|
| 52 | * Token for AuthSub authentication.
|
---|
| 53 | * If this token is set, AuthSub authentication is used.
|
---|
| 54 | *
|
---|
| 55 | * @var string
|
---|
| 56 | */
|
---|
| 57 | private $_authSubToken = null;
|
---|
| 58 |
|
---|
| 59 | /**
|
---|
| 60 | * Token for ClientLogin authentication.
|
---|
| 61 | * If only this token is set, ClientLogin authentication is used.
|
---|
| 62 | *
|
---|
| 63 | * @var string
|
---|
| 64 | */
|
---|
| 65 | private $_clientLoginToken = null;
|
---|
| 66 |
|
---|
| 67 | /**
|
---|
| 68 | * Token for ClientLogin authentication.
|
---|
| 69 | * If this token is set, and the AuthSub key is not set,
|
---|
| 70 | * ClientLogin authentication is used
|
---|
| 71 | *
|
---|
| 72 | * @var string
|
---|
| 73 | */
|
---|
| 74 | private $_clientLoginKey = null;
|
---|
| 75 |
|
---|
| 76 | /**
|
---|
| 77 | * True if this request is being made with data supplied by
|
---|
| 78 | * a stream object instead of a raw encoded string.
|
---|
| 79 | *
|
---|
| 80 | * @var bool
|
---|
| 81 | */
|
---|
| 82 | protected $_streamingRequest = null;
|
---|
| 83 |
|
---|
| 84 | /**
|
---|
| 85 | * Sets the PEM formatted private key, as read from a file.
|
---|
| 86 | *
|
---|
| 87 | * This method reads the file and then calls setAuthSubPrivateKey()
|
---|
| 88 | * with the file contents.
|
---|
| 89 | *
|
---|
| 90 | * @param string $file The location of the file containing the PEM key
|
---|
| 91 | * @param string $passphrase The optional private key passphrase
|
---|
| 92 | * @param bool $useIncludePath Whether to search the include_path
|
---|
| 93 | * for the file
|
---|
| 94 | * @return void
|
---|
| 95 | */
|
---|
| 96 | public function setAuthSubPrivateKeyFile($file, $passphrase = null,
|
---|
| 97 | $useIncludePath = false) {
|
---|
| 98 | $fp = fopen($file, "r", $useIncludePath);
|
---|
| 99 | $key = '';
|
---|
| 100 | while (!feof($fp)) {
|
---|
| 101 | $key .= fread($fp, 8192);
|
---|
| 102 | }
|
---|
| 103 | $this->setAuthSubPrivateKey($key, $passphrase);
|
---|
| 104 | fclose($fp);
|
---|
| 105 | }
|
---|
| 106 |
|
---|
| 107 | /**
|
---|
| 108 | * Sets the PEM formatted private key to be used for secure AuthSub auth.
|
---|
| 109 | *
|
---|
| 110 | * In order to call this method, openssl must be enabled in your PHP
|
---|
| 111 | * installation. Otherwise, a Zend_Gdata_App_InvalidArgumentException
|
---|
| 112 | * will be thrown.
|
---|
| 113 | *
|
---|
| 114 | * @param string $key The private key
|
---|
| 115 | * @param string $passphrase The optional private key passphrase
|
---|
| 116 | * @throws Zend_Gdata_App_InvalidArgumentException
|
---|
| 117 | * @return Zend_Gdata_HttpClient Provides a fluent interface
|
---|
| 118 | */
|
---|
| 119 | public function setAuthSubPrivateKey($key, $passphrase = null) {
|
---|
| 120 | if ($key != null && !function_exists('openssl_pkey_get_private')) {
|
---|
| 121 | require_once 'Zend/Gdata/App/InvalidArgumentException.php';
|
---|
| 122 | throw new Zend_Gdata_App_InvalidArgumentException(
|
---|
| 123 | 'You cannot enable secure AuthSub if the openssl module ' .
|
---|
| 124 | 'is not enabled in your PHP installation.');
|
---|
| 125 | }
|
---|
| 126 | $this->_authSubPrivateKeyId = openssl_pkey_get_private(
|
---|
| 127 | $key, $passphrase);
|
---|
| 128 | return $this;
|
---|
| 129 | }
|
---|
| 130 |
|
---|
| 131 | /**
|
---|
| 132 | * Gets the openssl private key id
|
---|
| 133 | *
|
---|
| 134 | * @return string The private key
|
---|
| 135 | */
|
---|
| 136 | public function getAuthSubPrivateKeyId() {
|
---|
| 137 | return $this->_authSubPrivateKeyId;
|
---|
| 138 | }
|
---|
| 139 |
|
---|
| 140 | /**
|
---|
| 141 | * Gets the AuthSub token used for authentication
|
---|
| 142 | *
|
---|
| 143 | * @return string The token
|
---|
| 144 | */
|
---|
| 145 | public function getAuthSubToken() {
|
---|
| 146 | return $this->_authSubToken;
|
---|
| 147 | }
|
---|
| 148 |
|
---|
| 149 | /**
|
---|
| 150 | * Sets the AuthSub token used for authentication
|
---|
| 151 | *
|
---|
| 152 | * @param string $token The token
|
---|
| 153 | * @return Zend_Gdata_HttpClient Provides a fluent interface
|
---|
| 154 | */
|
---|
| 155 | public function setAuthSubToken($token) {
|
---|
| 156 | $this->_authSubToken = $token;
|
---|
| 157 | return $this;
|
---|
| 158 | }
|
---|
| 159 |
|
---|
| 160 | /**
|
---|
| 161 | * Gets the ClientLogin token used for authentication
|
---|
| 162 | *
|
---|
| 163 | * @return string The token
|
---|
| 164 | */
|
---|
| 165 | public function getClientLoginToken() {
|
---|
| 166 | return $this->_clientLoginToken;
|
---|
| 167 | }
|
---|
| 168 |
|
---|
| 169 | /**
|
---|
| 170 | * Sets the ClientLogin token used for authentication
|
---|
| 171 | *
|
---|
| 172 | * @param string $token The token
|
---|
| 173 | * @return Zend_Gdata_HttpClient Provides a fluent interface
|
---|
| 174 | */
|
---|
| 175 | public function setClientLoginToken($token) {
|
---|
| 176 | $this->_clientLoginToken = $token;
|
---|
| 177 | return $this;
|
---|
| 178 | }
|
---|
| 179 |
|
---|
| 180 | /**
|
---|
| 181 | * Filters the HTTP requests being sent to add the Authorization header.
|
---|
| 182 | *
|
---|
| 183 | * If both AuthSub and ClientLogin tokens are set,
|
---|
| 184 | * AuthSub takes precedence. If an AuthSub key is set, then
|
---|
| 185 | * secure AuthSub authentication is used, and the request is signed.
|
---|
| 186 | * Requests must be signed only with the private key corresponding to the
|
---|
| 187 | * public key registered with Google. If an AuthSub key is set, but
|
---|
| 188 | * openssl support is not enabled in the PHP installation, an exception is
|
---|
| 189 | * thrown.
|
---|
| 190 | *
|
---|
| 191 | * @param string $method The HTTP method
|
---|
| 192 | * @param string $url The URL
|
---|
| 193 | * @param array $headers An associate array of headers to be
|
---|
| 194 | * sent with the request or null
|
---|
| 195 | * @param string $body The body of the request or null
|
---|
| 196 | * @param string $contentType The MIME content type of the body or null
|
---|
| 197 | * @throws Zend_Gdata_App_Exception if there was a signing failure
|
---|
| 198 | * @return array The processed values in an associative array,
|
---|
| 199 | * using the same names as the params
|
---|
| 200 | */
|
---|
| 201 | public function filterHttpRequest($method, $url, $headers = array(), $body = null, $contentType = null) {
|
---|
| 202 | if ($this->getAuthSubToken() != null) {
|
---|
| 203 | // AuthSub authentication
|
---|
| 204 | if ($this->getAuthSubPrivateKeyId() != null) {
|
---|
| 205 | // secure AuthSub
|
---|
| 206 | $time = time();
|
---|
| 207 | $nonce = mt_rand(0, 999999999);
|
---|
| 208 | $dataToSign = $method . ' ' . $url . ' ' . $time . ' ' . $nonce;
|
---|
| 209 |
|
---|
| 210 | // compute signature
|
---|
| 211 | $pKeyId = $this->getAuthSubPrivateKeyId();
|
---|
| 212 | $signSuccess = openssl_sign($dataToSign, $signature, $pKeyId,
|
---|
| 213 | OPENSSL_ALGO_SHA1);
|
---|
| 214 | if (!$signSuccess) {
|
---|
| 215 | require_once 'Zend/Gdata/App/Exception.php';
|
---|
| 216 | throw new Zend_Gdata_App_Exception(
|
---|
| 217 | 'openssl_signing failure - returned false');
|
---|
| 218 | }
|
---|
| 219 | // encode signature
|
---|
| 220 | $encodedSignature = base64_encode($signature);
|
---|
| 221 |
|
---|
| 222 | // final header
|
---|
| 223 | $headers['authorization'] = 'AuthSub token="' . $this->getAuthSubToken() . '" ' .
|
---|
| 224 | 'data="' . $dataToSign . '" ' .
|
---|
| 225 | 'sig="' . $encodedSignature . '" ' .
|
---|
| 226 | 'sigalg="rsa-sha1"';
|
---|
| 227 | } else {
|
---|
| 228 | // AuthSub without secure tokens
|
---|
| 229 | $headers['authorization'] = 'AuthSub token="' . $this->getAuthSubToken() . '"';
|
---|
| 230 | }
|
---|
| 231 | } elseif ($this->getClientLoginToken() != null) {
|
---|
| 232 | $headers['authorization'] = 'GoogleLogin auth=' . $this->getClientLoginToken();
|
---|
| 233 | }
|
---|
| 234 | return array('method' => $method, 'url' => $url, 'body' => $body, 'headers' => $headers, 'contentType' => $contentType);
|
---|
| 235 | }
|
---|
| 236 |
|
---|
| 237 | /**
|
---|
| 238 | * Method for filtering the HTTP response, though no filtering is
|
---|
| 239 | * currently done.
|
---|
| 240 | *
|
---|
| 241 | * @param Zend_Http_Response $response The response object to filter
|
---|
| 242 | * @return Zend_Http_Response The filterd response object
|
---|
| 243 | */
|
---|
| 244 | public function filterHttpResponse($response) {
|
---|
| 245 | return $response;
|
---|
| 246 | }
|
---|
| 247 |
|
---|
| 248 | /**
|
---|
| 249 | * Return the current connection adapter
|
---|
| 250 | *
|
---|
| 251 | * @return Zend_Http_Client_Adapter_Interface|string $adapter
|
---|
| 252 | */
|
---|
| 253 | public function getAdapter()
|
---|
| 254 | {
|
---|
| 255 | return $this->adapter;
|
---|
| 256 | }
|
---|
| 257 |
|
---|
| 258 | /**
|
---|
| 259 | * Load the connection adapter
|
---|
| 260 | *
|
---|
| 261 | * @param Zend_Http_Client_Adapter_Interface $adapter
|
---|
| 262 | * @return void
|
---|
| 263 | */
|
---|
| 264 | public function setAdapter($adapter)
|
---|
| 265 | {
|
---|
| 266 | if ($adapter == null) {
|
---|
| 267 | $this->adapter = $adapter;
|
---|
| 268 | } else {
|
---|
| 269 | parent::setAdapter($adapter);
|
---|
| 270 | }
|
---|
| 271 | }
|
---|
| 272 |
|
---|
| 273 | /**
|
---|
| 274 | * Set the streamingRequest variable which controls whether we are
|
---|
| 275 | * sending the raw (already encoded) POST data from a stream source.
|
---|
| 276 | *
|
---|
| 277 | * @param boolean $value The value to set.
|
---|
| 278 | * @return void
|
---|
| 279 | */
|
---|
| 280 | public function setStreamingRequest($value)
|
---|
| 281 | {
|
---|
| 282 | $this->_streamingRequest = $value;
|
---|
| 283 | }
|
---|
| 284 |
|
---|
| 285 | /**
|
---|
| 286 | * Check whether the client is set to perform streaming requests.
|
---|
| 287 | *
|
---|
| 288 | * @return boolean True if yes, false otherwise.
|
---|
| 289 | */
|
---|
| 290 | public function getStreamingRequest()
|
---|
| 291 | {
|
---|
| 292 | if ($this->_streamingRequest()) {
|
---|
| 293 | return true;
|
---|
| 294 | } else {
|
---|
| 295 | return false;
|
---|
| 296 | }
|
---|
| 297 | }
|
---|
| 298 |
|
---|
| 299 | /**
|
---|
| 300 | * Prepare the request body (for POST and PUT requests)
|
---|
| 301 | *
|
---|
| 302 | * @return string
|
---|
| 303 | * @throws Zend_Http_Client_Exception
|
---|
| 304 | */
|
---|
| 305 | protected function _prepareBody()
|
---|
| 306 | {
|
---|
| 307 | if($this->_streamingRequest) {
|
---|
| 308 | $this->setHeaders(self::CONTENT_LENGTH,
|
---|
| 309 | $this->raw_post_data->getTotalSize());
|
---|
| 310 | return $this->raw_post_data;
|
---|
| 311 | }
|
---|
| 312 | else {
|
---|
| 313 | return parent::_prepareBody();
|
---|
| 314 | }
|
---|
| 315 | }
|
---|
| 316 |
|
---|
| 317 | /**
|
---|
| 318 | * Clear all custom parameters we set.
|
---|
| 319 | *
|
---|
| 320 | * @return Zend_Http_Client
|
---|
| 321 | */
|
---|
| 322 | public function resetParameters()
|
---|
| 323 | {
|
---|
| 324 | $this->_streamingRequest = false;
|
---|
| 325 |
|
---|
| 326 | return parent::resetParameters();
|
---|
| 327 | }
|
---|
| 328 |
|
---|
| 329 | /**
|
---|
| 330 | * Set the raw (already encoded) POST data from a stream source.
|
---|
| 331 | *
|
---|
| 332 | * This is used to support POSTing from open file handles without
|
---|
| 333 | * caching the entire body into memory. It is a wrapper around
|
---|
| 334 | * Zend_Http_Client::setRawData().
|
---|
| 335 | *
|
---|
| 336 | * @param string $data The request data
|
---|
| 337 | * @param string $enctype The encoding type
|
---|
| 338 | * @return Zend_Http_Client
|
---|
| 339 | */
|
---|
| 340 | public function setRawDataStream($data, $enctype = null)
|
---|
| 341 | {
|
---|
| 342 | $this->_streamingRequest = true;
|
---|
| 343 | return $this->setRawData($data, $enctype);
|
---|
| 344 | }
|
---|
| 345 |
|
---|
| 346 | }
|
---|