Search moodle.org's
Developer Documentation

See Release Notes

  • Bug fixes for general core bugs in 4.2.x will end 22 April 2024 (12 months).
  • Bug fixes for security issues in 4.2.x will end 7 October 2024 (18 months).
  • PHP version: minimum PHP 8.0.0 Note: minimum PHP version has increased since Moodle 4.1. PHP 8.1.x is supported too.

Differences Between: [Versions 310 and 402] [Versions 311 and 402] [Versions 39 and 402] [Versions 400 and 402] [Versions 401 and 402]

   1  <?php
   2  
   3  namespace IMSGlobal\LTI\OAuth;
   4  
   5  /**
   6   * Class to represent an %OAuth HMAC_SHA1 signature method
   7   *
   8   * @copyright  Andy Smith
   9   * @version 2008-08-04
  10   * @license https://opensource.org/licenses/MIT The MIT License
  11   */
  12  /**
  13   * The HMAC-SHA1 signature method uses the HMAC-SHA1 signature algorithm as defined in [RFC2104]
  14   * where the Signature Base String is the text and the key is the concatenated values (each first
  15   * encoded per Parameter Encoding) of the Consumer Secret and Token Secret, separated by an '&'
  16   * character (ASCII code 38) even if empty.
  17   *   - Chapter 9.2 ("HMAC-SHA1")
  18   */
  19  #[\AllowDynamicProperties]
  20  class OAuthSignatureMethod_HMAC_SHA1 extends OAuthSignatureMethod {
  21  
  22      function get_name() {
  23          return "HMAC-SHA1";
  24      }
  25  
  26      public function build_signature($request, $consumer, $token) {
  27  
  28          $base_string = $request->get_signature_base_string();
  29          $request->base_string = $base_string;
  30  
  31          $key_parts = array(
  32            $consumer->secret,
  33            ($token) ? $token->secret : ""
  34          );
  35  
  36          $key_parts = OAuthUtil::urlencode_rfc3986($key_parts);
  37          $key = implode('&', $key_parts);
  38  
  39          return base64_encode(hash_hmac('sha1', $base_string, $key, true));
  40  
  41      }
  42  
  43  }