From b8c971ef8d22c5e538aa50e222a2fada6b180397 Mon Sep 17 00:00:00 2001 From: Jeremy Kendall Date: Thu, 6 Feb 2014 19:04:47 -0600 Subject: [PATCH 01/31] Updates copyright --- src/QueryAuth/Client.php | 2 +- src/QueryAuth/Exception/QueryAuthException.php | 2 +- src/QueryAuth/Exception/SignatureMissingException.php | 2 +- src/QueryAuth/Exception/TimeOutOfBoundsException.php | 2 +- src/QueryAuth/Factory.php | 2 +- src/QueryAuth/KeyGenerator.php | 2 +- src/QueryAuth/ParameterCollection.php | 2 +- src/QueryAuth/Server.php | 2 +- src/QueryAuth/Signer.php | 2 +- src/QueryAuth/Signer/SignatureSigner.php | 2 +- src/QueryAuth/Storage/SignatureStorage.php | 2 +- 11 files changed, 11 insertions(+), 11 deletions(-) diff --git a/src/QueryAuth/Client.php b/src/QueryAuth/Client.php index 3524cdf..eebb5b8 100644 --- a/src/QueryAuth/Client.php +++ b/src/QueryAuth/Client.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/Exception/QueryAuthException.php b/src/QueryAuth/Exception/QueryAuthException.php index a8cd430..d08a841 100644 --- a/src/QueryAuth/Exception/QueryAuthException.php +++ b/src/QueryAuth/Exception/QueryAuthException.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/Exception/SignatureMissingException.php b/src/QueryAuth/Exception/SignatureMissingException.php index 119cacc..1a020a9 100644 --- a/src/QueryAuth/Exception/SignatureMissingException.php +++ b/src/QueryAuth/Exception/SignatureMissingException.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/Exception/TimeOutOfBoundsException.php b/src/QueryAuth/Exception/TimeOutOfBoundsException.php index 3ed7e9a..63606d0 100644 --- a/src/QueryAuth/Exception/TimeOutOfBoundsException.php +++ b/src/QueryAuth/Exception/TimeOutOfBoundsException.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/Factory.php b/src/QueryAuth/Factory.php index 17865c8..5d2659c 100644 --- a/src/QueryAuth/Factory.php +++ b/src/QueryAuth/Factory.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/KeyGenerator.php b/src/QueryAuth/KeyGenerator.php index a970f5c..465a3af 100644 --- a/src/QueryAuth/KeyGenerator.php +++ b/src/QueryAuth/KeyGenerator.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/ParameterCollection.php b/src/QueryAuth/ParameterCollection.php index 0df0384..b4353e1 100644 --- a/src/QueryAuth/ParameterCollection.php +++ b/src/QueryAuth/ParameterCollection.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/Server.php b/src/QueryAuth/Server.php index 3b3e2b4..ad1e0da 100644 --- a/src/QueryAuth/Server.php +++ b/src/QueryAuth/Server.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/Signer.php b/src/QueryAuth/Signer.php index b882ee0..2c475cf 100644 --- a/src/QueryAuth/Signer.php +++ b/src/QueryAuth/Signer.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/Signer/SignatureSigner.php b/src/QueryAuth/Signer/SignatureSigner.php index f49138f..f3cef6b 100644 --- a/src/QueryAuth/Signer/SignatureSigner.php +++ b/src/QueryAuth/Signer/SignatureSigner.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ diff --git a/src/QueryAuth/Storage/SignatureStorage.php b/src/QueryAuth/Storage/SignatureStorage.php index 9f2ca45..80b210b 100644 --- a/src/QueryAuth/Storage/SignatureStorage.php +++ b/src/QueryAuth/Storage/SignatureStorage.php @@ -2,7 +2,7 @@ /** * Query Auth: Signature generation and validation for REST API query authentication * - * @copyright 2013 Jeremy Kendall + * @copyright 2013-2014 Jeremy Kendall * @license https://github.com/jeremykendall/query-auth/blob/master/LICENSE MIT * @link https://github.com/jeremykendall/query-auth */ From c9fc0c558ead18acff5d7de4c2b3483644ac7d4b Mon Sep 17 00:00:00 2001 From: Jeremy Kendall Date: Thu, 6 Feb 2014 19:09:49 -0600 Subject: [PATCH 02/31] Updates to short array syntax --- src/QueryAuth/Client.php | 2 +- src/QueryAuth/ParameterCollection.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/QueryAuth/Client.php b/src/QueryAuth/Client.php index eebb5b8..b78a6ba 100644 --- a/src/QueryAuth/Client.php +++ b/src/QueryAuth/Client.php @@ -54,7 +54,7 @@ public function __construct(SignatureSigner $signer, KeyGenerator $keyGenerator) * @param array $params OPTIONAL Request params (query or POST fields), only needed if required by endpoint * @return array Request params provided PLUS key, timestamp, and signature */ - public function getSignedRequestParams($key, $secret, $method, $host, $path, array $params = array()) + public function getSignedRequestParams($key, $secret, $method, $host, $path, array $params = []) { $params['key'] = $key; $params['timestamp'] = $this->getTimestamp(); diff --git a/src/QueryAuth/ParameterCollection.php b/src/QueryAuth/ParameterCollection.php index b4353e1..7b767b9 100644 --- a/src/QueryAuth/ParameterCollection.php +++ b/src/QueryAuth/ParameterCollection.php @@ -24,7 +24,7 @@ class ParameterCollection implements \IteratorAggregate, \ArrayAccess, \Countabl * * @param array $data Data to hold in collection */ - public function __construct(array $data = array()) + public function __construct(array $data = []) { $this->container = $data; } From 933320d4d5b6f27d89d11eade2bbca1095897105 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Fri, 19 Sep 2014 08:14:33 -0500 Subject: [PATCH 03/31] Adds credentials class and interface --- src/QueryAuth/Credentials/Credentials.php | 54 +++++++++++++++++++ .../Credentials/CredentialsInterface.php | 30 +++++++++++ .../Tests/Credentials/CredentialsTest.php | 23 ++++++++ 3 files changed, 107 insertions(+) create mode 100644 src/QueryAuth/Credentials/Credentials.php create mode 100644 src/QueryAuth/Credentials/CredentialsInterface.php create mode 100644 tests/QueryAuth/Tests/Credentials/CredentialsTest.php diff --git a/src/QueryAuth/Credentials/Credentials.php b/src/QueryAuth/Credentials/Credentials.php new file mode 100644 index 0000000..6c7f70d --- /dev/null +++ b/src/QueryAuth/Credentials/Credentials.php @@ -0,0 +1,54 @@ +key = $key; + $this->secret = $secret; + } + + /** + * {@inheritDoc} + */ + public function getKey() + { + return $this->key; + } + + /** + * {@inheritDoc} + */ + public function getSecret() + { + return $this->secret; + } +} diff --git a/src/QueryAuth/Credentials/CredentialsInterface.php b/src/QueryAuth/Credentials/CredentialsInterface.php new file mode 100644 index 0000000..1d8b2e5 --- /dev/null +++ b/src/QueryAuth/Credentials/CredentialsInterface.php @@ -0,0 +1,30 @@ +assertInstanceOf( + 'QueryAuth\Credentials\CredentialsInterface', + $credentials + ); + $this->assertEquals($key, $credentials->getKey()); + $this->assertEquals($secret, $credentials->getSecret()); + } +} From 8e0047be2e8f92b729d71a5f85f60e9d5e9538a1 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Fri, 19 Sep 2014 08:16:41 -0500 Subject: [PATCH 04/31] Updates phpunit version --- composer.json | 10 +- composer.lock | 538 +++++++++++++++++++++++++++++++++++++++++++------- 2 files changed, 470 insertions(+), 78 deletions(-) diff --git a/composer.json b/composer.json index d88e889..acd4957 100644 --- a/composer.json +++ b/composer.json @@ -9,13 +9,19 @@ "role": "Developer" } ], - "keywords": ["REST", "authentication", "query authentication", "signature", "API"], + "keywords": [ + "REST", + "authentication", + "query authentication", + "signature", + "API" + ], "require": { "php": ">=5.4", "ircmaxell/random-lib": "v1.0.0" }, "require-dev": { - "phpunit/phpunit": "3.7.*" + "phpunit/phpunit": "4.*" }, "autoload": { "psr-0": { diff --git a/composer.lock b/composer.lock index e4e6491..9bf9512 100644 --- a/composer.lock +++ b/composer.lock @@ -1,9 +1,10 @@ { "_readme": [ "This file locks the dependencies of your project to a known state", - "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file" + "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", + "This file is @generated automatically" ], - "hash": "2dbbcfe9e4b04a70ad77de66bdf00ef1", + "hash": "a3a2ad700689f5a0b14e805c2fed32e4", "packages": [ { "name": "ircmaxell/random-lib", @@ -101,42 +102,159 @@ } ], "packages-dev": [ + { + "name": "ocramius/instantiator", + "version": "1.1.3", + "source": { + "type": "git", + "url": "https://github.com/Ocramius/Instantiator.git", + "reference": "e24a12178906ff2e7471b8aaf3a0eb789b59f881" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Ocramius/Instantiator/zipball/e24a12178906ff2e7471b8aaf3a0eb789b59f881", + "reference": "e24a12178906ff2e7471b8aaf3a0eb789b59f881", + "shasum": "" + }, + "require": { + "ocramius/lazy-map": "1.0.*", + "php": "~5.3" + }, + "require-dev": { + "athletic/athletic": "~0.1.8", + "ext-pdo": "*", + "ext-phar": "*", + "phpunit/phpunit": "~4.0", + "squizlabs/php_codesniffer": "2.0.*@ALPHA" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.0.x-dev" + } + }, + "autoload": { + "psr-0": { + "Instantiator\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Marco Pivetta", + "email": "ocramius@gmail.com", + "homepage": "http://ocramius.github.com/" + } + ], + "description": "A small, lightweight utility to instantiate objects in PHP without invoking their constructors", + "homepage": "https://github.com/Ocramius/Instantiator", + "keywords": [ + "constructor", + "instantiate" + ], + "time": "2014-08-25 14:48:16" + }, + { + "name": "ocramius/lazy-map", + "version": "1.0.0", + "source": { + "type": "git", + "url": "https://github.com/Ocramius/LazyMap.git", + "reference": "7fe3d347f5e618bcea7d39345ff83f3651d8b752" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/Ocramius/LazyMap/zipball/7fe3d347f5e618bcea7d39345ff83f3651d8b752", + "reference": "7fe3d347f5e618bcea7d39345ff83f3651d8b752", + "shasum": "" + }, + "require": { + "php": ">=5.3.3" + }, + "require-dev": { + "athletic/athletic": "~0.1.6", + "phpmd/phpmd": "1.5.*", + "phpunit/phpunit": ">=3.7", + "satooshi/php-coveralls": "~0.6", + "squizlabs/php_codesniffer": "1.4.*" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "psr-0": { + "LazyMap\\": "src" + } + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "MIT" + ], + "authors": [ + { + "name": "Marco Pivetta", + "email": "ocramius@gmail.com", + "homepage": "http://ocramius.github.com/", + "role": "Developer" + } + ], + "description": "A library that provides lazy instantiation logic for a map of objects", + "homepage": "https://github.com/Ocramius/LazyMap", + "keywords": [ + "lazy", + "lazy instantiation", + "lazy loading", + "map", + "service location" + ], + "time": "2013-11-09 22:30:54" + }, { "name": "phpunit/php-code-coverage", - "version": "1.2.15", + "version": "2.0.11", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-code-coverage.git", - "reference": "6ba4ed2895d538a039d5d5866edc4ec0424c7852" + "reference": "53603b3c995f5aab6b59c8e08c3a663d2cc810b7" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/6ba4ed2895d538a039d5d5866edc4ec0424c7852", - "reference": "6ba4ed2895d538a039d5d5866edc4ec0424c7852", + "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/53603b3c995f5aab6b59c8e08c3a663d2cc810b7", + "reference": "53603b3c995f5aab6b59c8e08c3a663d2cc810b7", "shasum": "" }, "require": { "php": ">=5.3.3", - "phpunit/php-file-iterator": ">=1.3.0@stable", - "phpunit/php-text-template": ">=1.2.0@stable", - "phpunit/php-token-stream": ">=1.1.3@stable" + "phpunit/php-file-iterator": "~1.3", + "phpunit/php-text-template": "~1.2", + "phpunit/php-token-stream": "~1.3", + "sebastian/environment": "~1.0", + "sebastian/version": "~1.0" }, "require-dev": { - "phpunit/phpunit": "3.7.*@dev" + "ext-xdebug": ">=2.1.4", + "phpunit/phpunit": "~4.1" }, "suggest": { "ext-dom": "*", - "ext-xdebug": ">=2.0.5" + "ext-xdebug": ">=2.2.1", + "ext-xmlwriter": "*" }, "type": "library", "extra": { "branch-alias": { - "dev-master": "1.2.x-dev" + "dev-master": "2.0.x-dev" } }, "autoload": { "classmap": [ - "PHP/" + "src/" ] }, "notification-url": "https://packagist.org/downloads/", @@ -160,7 +278,7 @@ "testing", "xunit" ], - "time": "2014-02-03 07:44:47" + "time": "2014-08-31 06:33:04" }, { "name": "phpunit/php-file-iterator", @@ -297,45 +415,44 @@ }, { "name": "phpunit/php-token-stream", - "version": "1.2.1", + "version": "1.3.0", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/php-token-stream.git", - "reference": "5220af2a7929aa35cf663d97c89ad3d50cf5fa3e" + "reference": "f8d5d08c56de5cfd592b3340424a81733259a876" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-token-stream/zipball/5220af2a7929aa35cf663d97c89ad3d50cf5fa3e", - "reference": "5220af2a7929aa35cf663d97c89ad3d50cf5fa3e", + "url": "https://api.github.com/repos/sebastianbergmann/php-token-stream/zipball/f8d5d08c56de5cfd592b3340424a81733259a876", + "reference": "f8d5d08c56de5cfd592b3340424a81733259a876", "shasum": "" }, "require": { "ext-tokenizer": "*", "php": ">=5.3.3" }, + "require-dev": { + "phpunit/phpunit": "~4.2" + }, "type": "library", "extra": { "branch-alias": { - "dev-master": "1.2-dev" + "dev-master": "1.3-dev" } }, "autoload": { "classmap": [ - "PHP/" + "src/" ] }, "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], "license": [ "BSD-3-Clause" ], "authors": [ { "name": "Sebastian Bergmann", - "email": "sb@sebastian-bergmann.de", - "role": "lead" + "email": "sebastian@phpunit.de" } ], "description": "Wrapper around PHP's tokenizer extension.", @@ -343,56 +460,56 @@ "keywords": [ "tokenizer" ], - "time": "2013-09-13 04:58:23" + "time": "2014-08-31 06:12:13" }, { "name": "phpunit/phpunit", - "version": "3.7.30", + "version": "4.2.6", "source": { "type": "git", "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "2f33258fa5a0c330515b7deba2bc040fa5c3953b" + "reference": "c28a790620fe30b049bb693be1ef9cd4e0fe906c" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/2f33258fa5a0c330515b7deba2bc040fa5c3953b", - "reference": "2f33258fa5a0c330515b7deba2bc040fa5c3953b", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/c28a790620fe30b049bb693be1ef9cd4e0fe906c", + "reference": "c28a790620fe30b049bb693be1ef9cd4e0fe906c", "shasum": "" }, "require": { "ext-dom": "*", + "ext-json": "*", "ext-pcre": "*", "ext-reflection": "*", "ext-spl": "*", "php": ">=5.3.3", - "phpunit/php-code-coverage": "~1.2.1", - "phpunit/php-file-iterator": ">=1.3.1", - "phpunit/php-text-template": ">=1.1.1", - "phpunit/php-timer": ">=1.0.4", - "phpunit/phpunit-mock-objects": "~1.2.0", + "phpunit/php-code-coverage": "~2.0", + "phpunit/php-file-iterator": "~1.3.1", + "phpunit/php-text-template": "~1.2", + "phpunit/php-timer": "~1.0.2", + "phpunit/phpunit-mock-objects": "~2.2", + "sebastian/comparator": "~1.0", + "sebastian/diff": "~1.1", + "sebastian/environment": "~1.0", + "sebastian/exporter": "~1.0", + "sebastian/version": "~1.0", "symfony/yaml": "~2.0" }, - "require-dev": { - "pear-pear/pear": "1.9.4" - }, "suggest": { - "ext-json": "*", - "ext-simplexml": "*", - "ext-tokenizer": "*", - "phpunit/php-invoker": ">=1.1.0,<1.2.0" + "phpunit/php-invoker": "~1.1" }, "bin": [ - "composer/bin/phpunit" + "phpunit" ], "type": "library", "extra": { "branch-alias": { - "dev-master": "3.7.x-dev" + "dev-master": "4.2.x-dev" } }, "autoload": { "classmap": [ - "PHPUnit/" + "src/" ] }, "notification-url": "https://packagist.org/downloads/", @@ -417,39 +534,45 @@ "testing", "xunit" ], - "time": "2014-01-31 08:54:33" + "time": "2014-09-14 09:31:24" }, { "name": "phpunit/phpunit-mock-objects", - "version": "1.2.3", + "version": "2.2.1", "source": { "type": "git", - "url": "git://github.com/sebastianbergmann/phpunit-mock-objects.git", - "reference": "1.2.3" + "url": "https://github.com/sebastianbergmann/phpunit-mock-objects.git", + "reference": "b241b18d87a47093f20fae8b0ba40379b00bd53a" }, "dist": { "type": "zip", - "url": "https://github.com/sebastianbergmann/phpunit-mock-objects/archive/1.2.3.zip", - "reference": "1.2.3", + "url": "https://api.github.com/repos/sebastianbergmann/phpunit-mock-objects/zipball/b241b18d87a47093f20fae8b0ba40379b00bd53a", + "reference": "b241b18d87a47093f20fae8b0ba40379b00bd53a", "shasum": "" }, "require": { + "ocramius/instantiator": "~1.0", "php": ">=5.3.3", - "phpunit/php-text-template": ">=1.1.1@stable" + "phpunit/php-text-template": "~1.2" + }, + "require-dev": { + "phpunit/phpunit": "~4.2" }, "suggest": { "ext-soap": "*" }, "type": "library", + "extra": { + "branch-alias": { + "dev-master": "2.2.x-dev" + } + }, "autoload": { "classmap": [ - "PHPUnit/" + "src/" ] }, "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], "license": [ "BSD-3-Clause" ], @@ -466,21 +589,289 @@ "mock", "xunit" ], - "time": "2013-01-13 10:24:48" + "time": "2014-09-06 17:32:37" + }, + { + "name": "sebastian/comparator", + "version": "1.0.0", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/comparator.git", + "reference": "f7069ee51fa9fb6c038e16a9d0e3439f5449dcf2" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/f7069ee51fa9fb6c038e16a9d0e3439f5449dcf2", + "reference": "f7069ee51fa9fb6c038e16a9d0e3439f5449dcf2", + "shasum": "" + }, + "require": { + "php": ">=5.3.3", + "sebastian/diff": "~1.1", + "sebastian/exporter": "~1.0" + }, + "require-dev": { + "phpunit/phpunit": "~4.1" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + }, + { + "name": "Jeff Welch", + "email": "whatthejeff@gmail.com" + }, + { + "name": "Volker Dusch", + "email": "github@wallbash.com" + }, + { + "name": "Bernhard Schussek", + "email": "bschussek@2bepublished.at" + } + ], + "description": "Provides the functionality to compare PHP values for equality", + "homepage": "http://www.github.com/sebastianbergmann/comparator", + "keywords": [ + "comparator", + "compare", + "equality" + ], + "time": "2014-05-02 07:05:58" + }, + { + "name": "sebastian/diff", + "version": "1.1.0", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/diff.git", + "reference": "1e091702a5a38e6b4c1ba9ca816e3dd343df2e2d" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/1e091702a5a38e6b4c1ba9ca816e3dd343df2e2d", + "reference": "1e091702a5a38e6b4c1ba9ca816e3dd343df2e2d", + "shasum": "" + }, + "require": { + "php": ">=5.3.3" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.1-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + }, + { + "name": "Kore Nordmann", + "email": "mail@kore-nordmann.de" + } + ], + "description": "Diff implementation", + "homepage": "http://www.github.com/sebastianbergmann/diff", + "keywords": [ + "diff" + ], + "time": "2013-08-03 16:46:33" + }, + { + "name": "sebastian/environment", + "version": "1.0.0", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/environment.git", + "reference": "79517609ec01139cd7e9fded0dd7ce08c952ef6a" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/79517609ec01139cd7e9fded0dd7ce08c952ef6a", + "reference": "79517609ec01139cd7e9fded0dd7ce08c952ef6a", + "shasum": "" + }, + "require": { + "php": ">=5.3.3" + }, + "require-dev": { + "phpunit/phpunit": "4.0.*@dev" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Provides functionality to handle HHVM/PHP environments", + "homepage": "http://www.github.com/sebastianbergmann/environment", + "keywords": [ + "Xdebug", + "environment", + "hhvm" + ], + "time": "2014-02-18 16:17:19" + }, + { + "name": "sebastian/exporter", + "version": "1.0.1", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/exporter.git", + "reference": "1f9a98e6f5dfe0524cb8c6166f7c82f3e9ae1529" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/1f9a98e6f5dfe0524cb8c6166f7c82f3e9ae1529", + "reference": "1f9a98e6f5dfe0524cb8c6166f7c82f3e9ae1529", + "shasum": "" + }, + "require": { + "php": ">=5.3.3" + }, + "require-dev": { + "phpunit/phpunit": "4.0.*@dev" + }, + "type": "library", + "extra": { + "branch-alias": { + "dev-master": "1.0.x-dev" + } + }, + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + }, + { + "name": "Jeff Welch", + "email": "whatthejeff@gmail.com" + }, + { + "name": "Volker Dusch", + "email": "github@wallbash.com" + }, + { + "name": "Adam Harvey", + "email": "aharvey@php.net", + "role": "Lead" + }, + { + "name": "Bernhard Schussek", + "email": "bschussek@2bepublished.at" + } + ], + "description": "Provides the functionality to export PHP variables for visualization", + "homepage": "http://www.github.com/sebastianbergmann/exporter", + "keywords": [ + "export", + "exporter" + ], + "time": "2014-02-16 08:26:31" + }, + { + "name": "sebastian/version", + "version": "1.0.3", + "source": { + "type": "git", + "url": "https://github.com/sebastianbergmann/version.git", + "reference": "b6e1f0cf6b9e1ec409a0d3e2f2a5fb0998e36b43" + }, + "dist": { + "type": "zip", + "url": "https://api.github.com/repos/sebastianbergmann/version/zipball/b6e1f0cf6b9e1ec409a0d3e2f2a5fb0998e36b43", + "reference": "b6e1f0cf6b9e1ec409a0d3e2f2a5fb0998e36b43", + "shasum": "" + }, + "type": "library", + "autoload": { + "classmap": [ + "src/" + ] + }, + "notification-url": "https://packagist.org/downloads/", + "license": [ + "BSD-3-Clause" + ], + "authors": [ + { + "name": "Sebastian Bergmann", + "email": "sebastian@phpunit.de", + "role": "lead" + } + ], + "description": "Library that helps with managing the version number of Git-hosted PHP projects", + "homepage": "https://github.com/sebastianbergmann/version", + "time": "2014-03-07 15:35:33" }, { "name": "symfony/yaml", - "version": "v2.4.1", + "version": "v2.5.4", "target-dir": "Symfony/Component/Yaml", "source": { "type": "git", "url": "https://github.com/symfony/Yaml.git", - "reference": "4e1a237fc48145fae114b96458d799746ad89aa0" + "reference": "01a7695bcfb013d0a15c6757e15aae120342986f" }, "dist": { "type": "zip", - "url": "https://api.github.com/repos/symfony/Yaml/zipball/4e1a237fc48145fae114b96458d799746ad89aa0", - "reference": "4e1a237fc48145fae114b96458d799746ad89aa0", + "url": "https://api.github.com/repos/symfony/Yaml/zipball/01a7695bcfb013d0a15c6757e15aae120342986f", + "reference": "01a7695bcfb013d0a15c6757e15aae120342986f", "shasum": "" }, "require": { @@ -489,7 +880,7 @@ "type": "library", "extra": { "branch-alias": { - "dev-master": "2.4-dev" + "dev-master": "2.5-dev" } }, "autoload": { @@ -502,31 +893,26 @@ "MIT" ], "authors": [ - { - "name": "Fabien Potencier", - "email": "fabien@symfony.com" - }, { "name": "Symfony Community", "homepage": "http://symfony.com/contributors" + }, + { + "name": "Fabien Potencier", + "email": "fabien@symfony.com" } ], "description": "Symfony Yaml Component", "homepage": "http://symfony.com", - "time": "2013-12-28 08:12:03" + "time": "2014-08-31 03:22:04" } ], - "aliases": [ - - ], + "aliases": [], "minimum-stability": "stable", - "stability-flags": [ - - ], + "stability-flags": [], + "prefer-stable": false, "platform": { "php": ">=5.4" }, - "platform-dev": [ - - ] + "platform-dev": [] } From bd6ce22d9449e4460a923cb5ba765b94ee73fcea Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Fri, 19 Sep 2014 08:25:45 -0500 Subject: [PATCH 05/31] Moves tests out of their own namespace --- phpunit.xml.dist | 4 ++-- tests/QueryAuth/{Tests => }/ClientTest.php | 7 +------ .../QueryAuth/{Tests => }/Credentials/CredentialsTest.php | 6 ++---- .../{Tests => }/Exception/QueryAuthExceptionTest.php | 6 +----- tests/QueryAuth/{Tests => }/FactoryTest.php | 2 +- tests/QueryAuth/{Tests => }/KeyGeneratorTest.php | 8 ++------ tests/QueryAuth/{Tests => }/ParameterCollectionTest.php | 6 ++---- tests/QueryAuth/{Tests => }/ServerTest.php | 7 +------ tests/QueryAuth/{Tests => }/SignerTest.php | 5 +---- 9 files changed, 13 insertions(+), 38 deletions(-) rename tests/QueryAuth/{Tests => }/ClientTest.php (96%) rename tests/QueryAuth/{Tests => }/Credentials/CredentialsTest.php (76%) rename tests/QueryAuth/{Tests => }/Exception/QueryAuthExceptionTest.php (78%) rename tests/QueryAuth/{Tests => }/FactoryTest.php (98%) rename tests/QueryAuth/{Tests => }/KeyGeneratorTest.php (86%) rename tests/QueryAuth/{Tests => }/ParameterCollectionTest.php (98%) rename tests/QueryAuth/{Tests => }/ServerTest.php (96%) rename tests/QueryAuth/{Tests => }/SignerTest.php (96%) diff --git a/phpunit.xml.dist b/phpunit.xml.dist index 32fa0be..27845b8 100644 --- a/phpunit.xml.dist +++ b/phpunit.xml.dist @@ -2,12 +2,12 @@ - tests/QueryAuth/Tests + tests/QueryAuth - ./src + ./src/QueryAuth diff --git a/tests/QueryAuth/Tests/ClientTest.php b/tests/QueryAuth/ClientTest.php similarity index 96% rename from tests/QueryAuth/Tests/ClientTest.php rename to tests/QueryAuth/ClientTest.php index 131aa91..f804342 100644 --- a/tests/QueryAuth/Tests/ClientTest.php +++ b/tests/QueryAuth/ClientTest.php @@ -1,12 +1,7 @@ assertInstanceOf( - 'QueryAuth\Credentials\CredentialsInterface', + 'QueryAuth\Credentials\CredentialsInterface', $credentials ); $this->assertEquals($key, $credentials->getKey()); diff --git a/tests/QueryAuth/Tests/Exception/QueryAuthExceptionTest.php b/tests/QueryAuth/Exception/QueryAuthExceptionTest.php similarity index 78% rename from tests/QueryAuth/Tests/Exception/QueryAuthExceptionTest.php rename to tests/QueryAuth/Exception/QueryAuthExceptionTest.php index 87e28f4..bedcea9 100644 --- a/tests/QueryAuth/Tests/Exception/QueryAuthExceptionTest.php +++ b/tests/QueryAuth/Exception/QueryAuthExceptionTest.php @@ -1,10 +1,6 @@ keyGenerator->generateSecret(); $this->assertRegexp('/^[0-9A-Za-z\/\.]{60}$/', $secret); } - + public function testGenerateNonce() { $secret = $this->keyGenerator->generateNonce(); diff --git a/tests/QueryAuth/Tests/ParameterCollectionTest.php b/tests/QueryAuth/ParameterCollectionTest.php similarity index 98% rename from tests/QueryAuth/Tests/ParameterCollectionTest.php rename to tests/QueryAuth/ParameterCollectionTest.php index df34aa3..c5c3cb8 100644 --- a/tests/QueryAuth/Tests/ParameterCollectionTest.php +++ b/tests/QueryAuth/ParameterCollectionTest.php @@ -1,8 +1,6 @@ assertEquals($expected, $actual); } - + public function testNormalizeMultiValues() { $collection = new ParameterCollection( diff --git a/tests/QueryAuth/Tests/ServerTest.php b/tests/QueryAuth/ServerTest.php similarity index 96% rename from tests/QueryAuth/Tests/ServerTest.php rename to tests/QueryAuth/ServerTest.php index ec6ff4d..148c03e 100644 --- a/tests/QueryAuth/Tests/ServerTest.php +++ b/tests/QueryAuth/ServerTest.php @@ -1,12 +1,7 @@ Date: Sun, 21 Sep 2014 17:01:52 -0500 Subject: [PATCH 06/31] Removes ParameterCollection --- src/QueryAuth/Factory.php | 3 +- src/QueryAuth/ParameterCollection.php | 153 -------------------- src/QueryAuth/Signer.php | 46 +++--- tests/QueryAuth/ParameterCollectionTest.php | 117 --------------- tests/QueryAuth/SignerTest.php | 2 +- 5 files changed, 29 insertions(+), 292 deletions(-) delete mode 100644 src/QueryAuth/ParameterCollection.php delete mode 100644 tests/QueryAuth/ParameterCollectionTest.php diff --git a/src/QueryAuth/Factory.php b/src/QueryAuth/Factory.php index 5d2659c..274a4df 100644 --- a/src/QueryAuth/Factory.php +++ b/src/QueryAuth/Factory.php @@ -10,7 +10,6 @@ namespace QueryAuth; use QueryAuth\Client; -use QueryAuth\ParameterCollection; use QueryAuth\Server; use QueryAuth\Signer; use RandomLib\Factory as RandomFactory; @@ -62,7 +61,7 @@ public function newKeyGenerator() */ protected function newSigner() { - return new Signer(new ParameterCollection()); + return new Signer(); } /** diff --git a/src/QueryAuth/ParameterCollection.php b/src/QueryAuth/ParameterCollection.php deleted file mode 100644 index 7b767b9..0000000 --- a/src/QueryAuth/ParameterCollection.php +++ /dev/null @@ -1,153 +0,0 @@ -container = $data; - } - - /** - * Dumps collection to normalized parameter string - * - * @return string Normalized, rawurlencoded parameter string - */ - public function normalize() - { - uksort($this->container, 'strcmp'); - - if ($signature = $this->offsetGet('signature')) { - // Do not encode signature - $this->offsetUnset('signature'); - } - - $query = http_build_query($this->container, null, '&', PHP_QUERY_RFC3986); - - if ($signature) { - // Replace signature - $this->offsetSet('signature', $signature); - } - - return $query; - } - - /** - * Sets a value - * - * @param mixed $key Key - * @param mixed $value Value - */ - public function set($key, $value) - { - $this->container[$key] = $value; - } - - /** - * Sets collection data from array - * - * @param array $data Array of data - */ - public function setFromArray(array $data) - { - $this->container = $data; - } - - /** - * Dumps collection contents to array - * - * @return array Collection data - */ - public function toArray() - { - return $this->container; - } - - /** - * Gets iterator - * - * @return ArrayIterator iterator - */ - public function getIterator() - { - return new \ArrayIterator($this); - } - - /** - * Sets offset - * - * @param mixed $offset offset - * @param mixed $value value - */ - public function offsetSet($offset, $value) - { - if (is_null($offset)) { - $this->container[] = $value; - } else { - $this->container[$offset] = $value; - } - } - - /** - * Checks to see if offset exists - * - * @param mixed $offset Offset - */ - public function offsetExists($offset) - { - return isset($this->container[$offset]); - } - - /** - * Unsets offset - * - * @param mixed $offset Offset - */ - public function offsetUnset($offset) - { - unset($this->container[$offset]); - } - - /** - * Gets offset - * - * @param mixed $offset Offset - */ - public function offsetGet($offset) - { - if (isset($this->container[$offset])) { - return $this->container[$offset]; - } - } - - /** - * Counts elements in collection - * - * @return int Number of elements in collection - */ - public function count() - { - return count($this->container); - } -} diff --git a/src/QueryAuth/Signer.php b/src/QueryAuth/Signer.php index 2c475cf..f657296 100644 --- a/src/QueryAuth/Signer.php +++ b/src/QueryAuth/Signer.php @@ -9,7 +9,6 @@ namespace QueryAuth; -use QueryAuth\ParameterCollection; use QueryAuth\Signer\SignatureSigner; /** @@ -17,21 +16,6 @@ */ class Signer implements SignatureSigner { - /** - * @var ParameterCollection Request parameter collection - */ - private $collection; - - /** - * Public constructor - * - * @param ParameterCollection $collection Parameter collection - */ - public function __construct(ParameterCollection $collection) - { - $this->collection = $collection; - } - /** * Creates signature * @@ -44,13 +28,37 @@ public function __construct(ParameterCollection $collection) */ public function createSignature($method, $host, $path, $secret, array $params) { - $this->collection->setFromArray($params); - $data = $method . "\n" . $host . "\n" . $path . "\n" - . $this->collection->normalize(); + . $this->normalize($params); return \base64_encode(\hash_hmac('sha256', $data, $secret, true)); } + + /** + * Normalizes request parameters + * + * @return string Normalized, rawurlencoded parameter string + */ + public function normalize(array $params) + { + uksort($params, 'strcmp'); + + $signature = null; + + // Do not encode signature + if (isset($params['signature'])) { + $signature = $params['signature']; + unset($params['signature']); + } + + $query = http_build_query($params, null, '&', PHP_QUERY_RFC3986); + + if ($signature !== null) { + $params['signature'] = $signature; + } + + return $query; + } } diff --git a/tests/QueryAuth/ParameterCollectionTest.php b/tests/QueryAuth/ParameterCollectionTest.php deleted file mode 100644 index c5c3cb8..0000000 --- a/tests/QueryAuth/ParameterCollectionTest.php +++ /dev/null @@ -1,117 +0,0 @@ - 'sam@example.com', - 'name' => 'Sam Jones', - 'comment' => "Y'all rock!" - ) - ); - - $expected = 'comment=Y%27all%20rock%21&email=sam%40example.com&name=Sam%20Jones'; - $actual = $collection->normalize(); - - $this->assertEquals($expected, $actual); - } - - public function testNormalizeMultiValues() - { - $collection = new ParameterCollection( - array( - 'tags' => array('rock', 'sam'), - 'posts' => array( - array('id' => 1, 'title' => "Single post title!"), - array('id' => 2, 'title' => 'Another post') - ) - ) - ); - - $expected = 'posts%5B0%5D%5Bid%5D=1&posts%5B0%5D%5Btitle%5D=Single%20post%20title%21&posts%5B1%5D%5Bid%5D=2&posts%5B1%5D%5Btitle%5D=Another%20post&tags%5B0%5D=rock&tags%5B1%5D=sam'; - $actual = $collection->normalize(); - - $this->assertEquals($expected, $actual); - } - - public function testNormalizeDoesNotEncodeSignature() - { - $collection = new ParameterCollection( - array( - 'signature' => 'sig', - 'email' => 'sam@example.com', - 'name' => 'Sam Jones', - 'comment' => "Y'all rock!" - ) - ); - - $expected = 'comment=Y%27all%20rock%21&email=sam%40example.com&name=Sam%20Jones'; - $actual = $collection->normalize(); - - $this->assertEquals($expected, $actual); - // Also ensure 'signature' did not get unset, only skipped - $this->assertEquals('sig', $collection['signature']); - } - - public function testImplementsCount() - { - $collection = new ParameterCollection(array('one', 'two', 'three')); - $this->assertInstanceOf('\Countable', $collection); - $this->assertEquals(3, count($collection)); - } - - public function testSet() - { - $collection = new ParameterCollection(); - $collection->set('one', 'uno'); - $collection->set('two', 'dos'); - - $this->assertEquals(2, count($collection)); - $this->assertEquals('uno', $collection['one']); - $this->assertEquals('dos', $collection['two']); - } - - public function testSetFromArray() - { - $data = array('Zaphod' => 'Beeblebrox', 'Arthur' => 'Dent'); - $collection = new ParameterCollection(); - $collection->setFromArray($data); - $this->assertEquals($data, $collection->toArray()); - } - - public function testToArray() - { - $data = array('Zaphod' => 'Beeblebrox', 'Arthur' => 'Dent'); - $collection = new ParameterCollection($data); - $this->assertEquals($data, $collection->toArray()); - } - - public function testImplementsIteratorAggregate() - { - $collection = new ParameterCollection(); - $this->assertInstanceOf('\IteratorAggregate', $collection); - $this->assertInstanceOf('\ArrayIterator', $collection->getIterator()); - } - - public function testImplementsArrayAccess() - { - $collection = new ParameterCollection(); - $this->assertInstanceOf('\ArrayAccess', $collection); - - $collection->offsetSet('test', 'first'); - $this->assertTrue($collection->offsetExists('test')); - $this->assertEquals('first', $collection->offsetGet('test')); - - $collection->offsetUnset('test'); - $this->assertFalse($collection->offsetExists('test')); - - $this->assertNull($collection->offsetGet('does-not-exist')); - - $collection->offsetSet(null, 'numeric'); - $this->assertEquals('numeric', $collection->offsetGet(0)); - } -} diff --git a/tests/QueryAuth/SignerTest.php b/tests/QueryAuth/SignerTest.php index 509fcc2..c01dab7 100644 --- a/tests/QueryAuth/SignerTest.php +++ b/tests/QueryAuth/SignerTest.php @@ -36,7 +36,7 @@ class SignerTest extends \PHPUnit_Framework_TestCase protected function setUp() { - $this->signer = new Signer(new ParameterCollection()); + $this->signer = new Signer(); $this->secret = base64_encode(time() . 'secret'); $this->host = 'www.example.com'; $this->path = '/resources'; From a61269ea624c94b43f6e7283e7307c2d6050a696 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 18:36:22 -0500 Subject: [PATCH 07/31] Renames classes to better convey functionality --- .../{TimeOutOfBoundsException.php => DriftExceededException.php} | 0 src/QueryAuth/{Client.php => RequestSigner.php} | 0 src/QueryAuth/{Server.php => RequestValidator.php} | 0 src/QueryAuth/{Signer.php => Signature.php} | 0 .../{Signer/SignatureSigner.php => SignatureInterface.php} | 0 tests/QueryAuth/{ClientTest.php => RequestSignerTest.php} | 0 tests/QueryAuth/{ServerTest.php => RequestValidatorTest.php} | 0 tests/QueryAuth/{SignerTest.php => SignatureTest.php} | 0 8 files changed, 0 insertions(+), 0 deletions(-) rename src/QueryAuth/Exception/{TimeOutOfBoundsException.php => DriftExceededException.php} (100%) rename src/QueryAuth/{Client.php => RequestSigner.php} (100%) rename src/QueryAuth/{Server.php => RequestValidator.php} (100%) rename src/QueryAuth/{Signer.php => Signature.php} (100%) rename src/QueryAuth/{Signer/SignatureSigner.php => SignatureInterface.php} (100%) rename tests/QueryAuth/{ClientTest.php => RequestSignerTest.php} (100%) rename tests/QueryAuth/{ServerTest.php => RequestValidatorTest.php} (100%) rename tests/QueryAuth/{SignerTest.php => SignatureTest.php} (100%) diff --git a/src/QueryAuth/Exception/TimeOutOfBoundsException.php b/src/QueryAuth/Exception/DriftExceededException.php similarity index 100% rename from src/QueryAuth/Exception/TimeOutOfBoundsException.php rename to src/QueryAuth/Exception/DriftExceededException.php diff --git a/src/QueryAuth/Client.php b/src/QueryAuth/RequestSigner.php similarity index 100% rename from src/QueryAuth/Client.php rename to src/QueryAuth/RequestSigner.php diff --git a/src/QueryAuth/Server.php b/src/QueryAuth/RequestValidator.php similarity index 100% rename from src/QueryAuth/Server.php rename to src/QueryAuth/RequestValidator.php diff --git a/src/QueryAuth/Signer.php b/src/QueryAuth/Signature.php similarity index 100% rename from src/QueryAuth/Signer.php rename to src/QueryAuth/Signature.php diff --git a/src/QueryAuth/Signer/SignatureSigner.php b/src/QueryAuth/SignatureInterface.php similarity index 100% rename from src/QueryAuth/Signer/SignatureSigner.php rename to src/QueryAuth/SignatureInterface.php diff --git a/tests/QueryAuth/ClientTest.php b/tests/QueryAuth/RequestSignerTest.php similarity index 100% rename from tests/QueryAuth/ClientTest.php rename to tests/QueryAuth/RequestSignerTest.php diff --git a/tests/QueryAuth/ServerTest.php b/tests/QueryAuth/RequestValidatorTest.php similarity index 100% rename from tests/QueryAuth/ServerTest.php rename to tests/QueryAuth/RequestValidatorTest.php diff --git a/tests/QueryAuth/SignerTest.php b/tests/QueryAuth/SignatureTest.php similarity index 100% rename from tests/QueryAuth/SignerTest.php rename to tests/QueryAuth/SignatureTest.php From f35f4d997d89c25a15a8392d90ae5fd10260e9a8 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 18:37:14 -0500 Subject: [PATCH 08/31] Updates Credentials class and interface --- src/QueryAuth/Credentials/Credentials.php | 2 +- src/QueryAuth/Credentials/CredentialsInterface.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/QueryAuth/Credentials/Credentials.php b/src/QueryAuth/Credentials/Credentials.php index 6c7f70d..df60ea3 100644 --- a/src/QueryAuth/Credentials/Credentials.php +++ b/src/QueryAuth/Credentials/Credentials.php @@ -10,7 +10,7 @@ namespace QueryAuth\Credentials; /** - * Stores request key and secret + * Stores key and secret */ class Credentials implements CredentialsInterface { diff --git a/src/QueryAuth/Credentials/CredentialsInterface.php b/src/QueryAuth/Credentials/CredentialsInterface.php index 1d8b2e5..5942839 100644 --- a/src/QueryAuth/Credentials/CredentialsInterface.php +++ b/src/QueryAuth/Credentials/CredentialsInterface.php @@ -10,7 +10,7 @@ namespace QueryAuth\Credentials; /** - * Defines methods that must be present on a Credentials object + * Stores key and secret */ interface CredentialsInterface { From 8993509cffef1c5d2537983ae10425a6239fd5e0 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 18:37:35 -0500 Subject: [PATCH 09/31] Adds new dev dependencies --- composer.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/composer.json b/composer.json index acd4957..dfa11d3 100644 --- a/composer.json +++ b/composer.json @@ -21,7 +21,9 @@ "ircmaxell/random-lib": "v1.0.0" }, "require-dev": { - "phpunit/phpunit": "4.*" + "guzzle/guzzle": ">=3.7.0,<=3.9.9", + "phpunit/phpunit": "4.*", + "slim/slim": "2.*" }, "autoload": { "psr-0": { From 30af3c9e7ee0350fe161589ff7f0f6d17506d9c7 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 18:38:35 -0500 Subject: [PATCH 10/31] New exception --- src/QueryAuth/Exception/DriftExceededException.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/QueryAuth/Exception/DriftExceededException.php b/src/QueryAuth/Exception/DriftExceededException.php index 63606d0..a4dca18 100644 --- a/src/QueryAuth/Exception/DriftExceededException.php +++ b/src/QueryAuth/Exception/DriftExceededException.php @@ -12,6 +12,6 @@ /** * Thrown when request timestamp is beyond allowable clock drift */ -class TimeOutOfBoundsException extends \OutOfBoundsException implements QueryAuthException +class DriftExceededException extends \OutOfBoundsException implements QueryAuthException { } From f93b296db65a6e2b695c30442a63a2efa3b63d88 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 18:38:48 -0500 Subject: [PATCH 11/31] New exception --- .../Exception/TimestampMissingException.php | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) create mode 100644 src/QueryAuth/Exception/TimestampMissingException.php diff --git a/src/QueryAuth/Exception/TimestampMissingException.php b/src/QueryAuth/Exception/TimestampMissingException.php new file mode 100644 index 0000000..941fbb5 --- /dev/null +++ b/src/QueryAuth/Exception/TimestampMissingException.php @@ -0,0 +1,17 @@ + Date: Wed, 24 Sep 2014 18:39:03 -0500 Subject: [PATCH 12/31] New request adapters (will be broken out later) --- .../Request/Adapter/GuzzleRequestAdapter.php | 84 ++++++++ .../Request/Adapter/SlimRequestAdapter.php | 78 ++++++++ .../Adapter/GuzzleRequestAdapterTest.php | 186 ++++++++++++++++++ .../Adapter/SlimRequestAdapterTest.php | 105 ++++++++++ 4 files changed, 453 insertions(+) create mode 100644 src/QueryAuth/Request/Adapter/GuzzleRequestAdapter.php create mode 100644 src/QueryAuth/Request/Adapter/SlimRequestAdapter.php create mode 100644 tests/QueryAuth/Request/Adapter/GuzzleRequestAdapterTest.php create mode 100644 tests/QueryAuth/Request/Adapter/SlimRequestAdapterTest.php diff --git a/src/QueryAuth/Request/Adapter/GuzzleRequestAdapter.php b/src/QueryAuth/Request/Adapter/GuzzleRequestAdapter.php new file mode 100644 index 0000000..d4ca7ff --- /dev/null +++ b/src/QueryAuth/Request/Adapter/GuzzleRequestAdapter.php @@ -0,0 +1,84 @@ +request = $request; + } + + /** + * {@inheritDoc} + */ + public function getMethod() + { + return $this->request->getMethod(); + } + + /** + * {@inheritDoc} + */ + public function getHost() + { + return $this->request->getHost(); + } + + /** + * {@inheritDoc} + */ + public function getPath() + { + return $this->request->getPath(); + } + + /** + * {@inheritDoc} + */ + public function getParams() + { + if ($this->getMethod() === 'POST') { + return $this->request->getPostFields()->toArray(); + } + + return $this->request->getQuery()->toArray(); + } + + /** + * {@inheritDoc} + */ + public function addParam($key, $value) + { + if ($this->getMethod() == 'POST') { + $this->request->setPostField($key, $value); + } else { + $this->request->getQuery()->set($key, $value); + } + } + + /** + * {@inheritDoc} + */ + public function replaceParams(array $params) + { + if ($this->getMethod() === 'POST') { + $this->request->getPostFields()->replace($params); + } else { + $this->request->getQuery()->replace($params); + } + } +} diff --git a/src/QueryAuth/Request/Adapter/SlimRequestAdapter.php b/src/QueryAuth/Request/Adapter/SlimRequestAdapter.php new file mode 100644 index 0000000..e7966ca --- /dev/null +++ b/src/QueryAuth/Request/Adapter/SlimRequestAdapter.php @@ -0,0 +1,78 @@ +request = $request; + } + + /** + * {@inheritDoc} + */ + public function getMethod() + { + return $this->request->getMethod(); + } + + /** + * {@inheritDoc} + */ + public function getHost() + { + return $this->request->getHost(); + } + + /** + * {@inheritDoc} + */ + public function getPath() + { + return $this->request->getPath(); + } + + /** + * {@inheritDoc} + */ + public function getParams() + { + if ($this->getMethod() === SlimRequest::METHOD_GET) { + return $this->request->get(); + } + + return $this->request->post(); + } + + /** + * {@inheritDoc} + */ + public function addParam($key, $value) + { + // Not implemented for SlimRequest + return null; + } + + /** + * {@inheritDoc} + */ + public function replaceParams(array $params) + { + // Not implemented for SlimRequest + return null; + } +} diff --git a/tests/QueryAuth/Request/Adapter/GuzzleRequestAdapterTest.php b/tests/QueryAuth/Request/Adapter/GuzzleRequestAdapterTest.php new file mode 100644 index 0000000..a5b10e4 --- /dev/null +++ b/tests/QueryAuth/Request/Adapter/GuzzleRequestAdapterTest.php @@ -0,0 +1,186 @@ +adaptee = $this->getMockBuilder('Guzzle\Http\Message\RequestInterface') + ->getMock(); + + $this->queryString = $this->getMockBuilder('Guzzle\Http\QueryString') + ->disableOriginalConstructor() + ->getMock(); + + $this->adapter = new GuzzleRequestAdapter($this->adaptee); + } + + protected function tearDown() + { + $this->adapter = null; + + parent::tearDown(); + } + + public function testGetMethod() + { + $this->adaptee->method('getMethod') + ->willReturn('GET'); + + $actual = $this->adapter->getMethod(); + + $this->assertEquals('GET', $actual); + } + + public function testGetHost() + { + $this->adaptee->method('getHost') + ->willReturn('www.example.com'); + + $actual = $this->adapter->getHost(); + + $this->assertEquals('www.example.com', $actual); + } + + public function testGetPath() + { + $this->adaptee->method('getPath') + ->willReturn('/index.php'); + + $actual = $this->adapter->getPath(); + + $this->assertEquals('/index.php', $actual); + } + + public function testGetParamsPost() + { + $expected = ['one' => 'two']; + + $adaptee = $this->getMockBuilder('Guzzle\Http\Message\EntityEnclosingRequestInterface') + ->getMock(); + + $adapter = new GuzzleRequestAdapter($adaptee); + + $adaptee->method('getMethod') + ->willReturn('POST'); + + $adaptee->method('getPostFields') + ->willReturn($this->queryString); + + $this->queryString->method('toArray') + ->willReturn($expected); + + $params = $adapter->getParams(); + + $this->assertEquals($expected, $params); + } + + public function testGetParamsNotPost() + { + $expected = ['one' => 'two']; + + $this->adaptee->method('getMethod') + ->willReturn('GET'); + + $this->adaptee->method('getQuery') + ->willReturn($this->queryString); + + $this->queryString->method('toArray') + ->willReturn($expected); + + $params = $this->adapter->getParams(); + + $this->assertEquals($expected, $params); + } + + public function testReplaceParamsPost() + { + $signed = ['signature' => 'fjkdlsjfkdsljfdkls']; + + $adaptee = $this->getMockBuilder('Guzzle\Http\Message\EntityEnclosingRequestInterface') + ->getMock(); + + $adapter = new GuzzleRequestAdapter($adaptee); + + $adaptee->expects($this->once()) + ->method('getMethod') + ->willReturn('POST'); + + $adaptee->expects($this->once()) + ->method('getPostFields') + ->willReturn($this->queryString); + + $this->queryString->expects($this->once()) + ->method('replace') + ->with($signed); + + $adapter->replaceParams($signed); + } + + public function testReplaceParamsNotPost() + { + $signed = ['signature' => 'fjkdlsjfkdsljfdkls']; + + $this->adaptee->expects($this->once()) + ->method('getMethod') + ->willReturn('DELETE'); + + $this->adaptee->expects($this->once()) + ->method('getQuery') + ->willReturn($this->queryString); + + $this->queryString->expects($this->once()) + ->method('replace') + ->with($signed); + + $this->adapter->replaceParams($signed); + } + + public function testAddParamPost() + { + $signature = 'jfkdlsjfldjfksljdlsjdls'; + + $adaptee = $this->getMockBuilder('Guzzle\Http\Message\EntityEnclosingRequestInterface') + ->getMock(); + + $adapter = new GuzzleRequestAdapter($adaptee); + + $adaptee->expects($this->once()) + ->method('getMethod') + ->willReturn('POST'); + + $adaptee->expects($this->once()) + ->method('setPostField') + ->with('signature', $signature); + + $adapter->addParam('signature', $signature); + } + + public function testAddParamNotPost() + { + $signature = 'jfkdlsjfldjfksljdlsjdls'; + + $this->adaptee->expects($this->once()) + ->method('getMethod') + ->willReturn('DELETE'); + + $this->adaptee->expects($this->once()) + ->method('getQuery') + ->willReturn($this->queryString); + + $this->queryString->expects($this->once()) + ->method('set') + ->with('signature', $signature); + + $this->adapter->addParam('signature', $signature); + } +} diff --git a/tests/QueryAuth/Request/Adapter/SlimRequestAdapterTest.php b/tests/QueryAuth/Request/Adapter/SlimRequestAdapterTest.php new file mode 100644 index 0000000..b463e99 --- /dev/null +++ b/tests/QueryAuth/Request/Adapter/SlimRequestAdapterTest.php @@ -0,0 +1,105 @@ +adaptee = $this->getMockBuilder('Slim\Http\Request') + ->disableOriginalConstructor() + ->getMock(); + + $this->adapter = new SlimRequestAdapter($this->adaptee); + } + + protected function tearDown() + { + $this->adapter = null; + + parent::tearDown(); + } + + public function testGetMethod() + { + $this->adaptee->method('getMethod') + ->willReturn('GET'); + + $actual = $this->adapter->getMethod(); + + $this->assertEquals('GET', $actual); + } + + public function testGetHost() + { + $this->adaptee->method('getHost') + ->willReturn('www.example.com'); + + $actual = $this->adapter->getHost(); + + $this->assertEquals('www.example.com', $actual); + } + + public function testGetPath() + { + $this->adaptee->method('getPath') + ->willReturn('/index.php'); + + $actual = $this->adapter->getPath(); + + $this->assertEquals('/index.php', $actual); + } + + public function testGetParamsPost() + { + $expected = ['one' => 'two']; + + $adaptee = $this->getMockBuilder('Slim\Http\Request') + ->disableOriginalConstructor() + ->getMock(); + + $adapter = new SlimRequestAdapter($adaptee); + + $adaptee->method('getMethod') + ->willReturn('POST'); + + $adaptee->method('post') + ->willReturn($expected); + + $params = $adapter->getParams(); + + $this->assertEquals($expected, $params); + } + + public function testGetParamsNotPost() + { + $expected = ['one' => 'two']; + + $this->adaptee->method('getMethod') + ->willReturn('GET'); + + $this->adaptee->method('get') + ->willReturn($expected); + + $params = $this->adapter->getParams(); + + $this->assertEquals($expected, $params); + } + + public function testAddParam() + { + // Not implemented for SlimRequest + $this->assertNull($this->adapter->addParam('key', 'value')); + } + + public function testReplaceParams() + { + // Not implemented for SlimRequest + $this->assertNull($this->adapter->replaceParams([])); + } +} From 1ee1830e9dc30a871c758ae7e645171db5d8b39b Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 18:39:30 -0500 Subject: [PATCH 13/31] Updates to the renamed classes --- src/QueryAuth/RequestSigner.php | 65 ++++---- src/QueryAuth/RequestValidator.php | 102 ++++++------ src/QueryAuth/Signature.php | 46 +++--- src/QueryAuth/SignatureInterface.php | 17 +- tests/QueryAuth/RequestSignerTest.php | 152 ++++++----------- tests/QueryAuth/RequestValidatorTest.php | 199 +++++++++++++---------- tests/QueryAuth/SignatureTest.php | 131 +++++++++++---- 7 files changed, 374 insertions(+), 338 deletions(-) diff --git a/src/QueryAuth/RequestSigner.php b/src/QueryAuth/RequestSigner.php index b78a6ba..3c0d780 100644 --- a/src/QueryAuth/RequestSigner.php +++ b/src/QueryAuth/RequestSigner.php @@ -9,18 +9,17 @@ namespace QueryAuth; -use QueryAuth\KeyGenerator; -use QueryAuth\Signer\SignatureSigner; +use QueryAuth\Credentials\CredentialsInterface; /** * Signs requests */ -class Client +class RequestSigner { /** - * @var Signer Instance of SignatureSigner + * @var Signature Instance of SignatureInterface */ - private $signer; + private $signature; /** * @var KeyGenerator Instance of KeyGenerator @@ -35,56 +34,54 @@ class Client /** * Public constructor * - * @param Signer $signer Instance of singature creation class + * @param SignatureInterface $signature SingatureInterface + * @param KeyGenerator $keyGenerator Key generator */ - public function __construct(SignatureSigner $signer, KeyGenerator $keyGenerator) + public function __construct(SignatureInterface $signature, KeyGenerator $keyGenerator) { - $this->signer = $signer; + $this->signature = $signature; $this->keyGenerator = $keyGenerator; } /** - * Sign request params + * Sign request * - * @param string $key API key - * @param string $secret API secret - * @param string $method Request method (GET, POST, PUT, HEAD, etc) - * @param string $host Host portion of API resource URL (including subdomain, excluding scheme) - * @param string $path Path portion of API resource URL (excluding query and fragment) - * @param array $params OPTIONAL Request params (query or POST fields), only needed if required by endpoint - * @return array Request params provided PLUS key, timestamp, and signature + * @param RequestInterface $request Request + * @param CredentialsInterface $credentials Credentials + * @return void */ - public function getSignedRequestParams($key, $secret, $method, $host, $path, array $params = []) + public function signRequest( + RequestInterface $request, + CredentialsInterface $credentials + ) { - $params['key'] = $key; - $params['timestamp'] = $this->getTimestamp(); - $params['cnonce'] = $this->keyGenerator->generateNonce(); - // Ensure path is absolute - $path = '/' . ltrim($path, '/'); - $signature = $this->signer->createSignature($method, $host, $path, $secret, $params); - $params['signature'] = $signature; - - return $params; + $request->addParam('key', $credentials->getKey()); + $request->addParam('timestamp', $this->getTimestamp()); + $request->addParam('cnonce', $this->keyGenerator->generateNonce()); + + $signature = $this->signature->createSignature($request, $credentials); + + $request->addParam('signature', $signature); } /** - * Get Signer + * Get Signature * - * @return Signer Instance of the signature creation class + * @return Signature Instance of the signature creation class */ - public function getSigner() + public function getSignature() { - return $this->signer; + return $this->signature; } /** - * Set Signer + * Set Signature * - * @param Signer $signer Instance of the signature creation class + * @param Signature $signature Instance of the signature creation class */ - public function setSigner(SignatureSigner $signer) + public function setSignature(SignatureInterface $signature) { - $this->signer = $signer; + $this->signature = $signature; } /** diff --git a/src/QueryAuth/RequestValidator.php b/src/QueryAuth/RequestValidator.php index ad1e0da..5a4ee8b 100644 --- a/src/QueryAuth/RequestValidator.php +++ b/src/QueryAuth/RequestValidator.php @@ -9,14 +9,15 @@ namespace QueryAuth; -use QueryAuth\Exception\TimeOutOfBoundsException; +use QueryAuth\Credentials\CredentialsInterface; +use QueryAuth\Exception\DriftExceededException; use QueryAuth\Exception\SignatureMissingException; -use QueryAuth\Signer\SignatureSigner; +use QueryAuth\Exception\TimestampMissingException; /** - * Validates signatures + * Validates requests */ -class Server +class RequestValidator { /** * @var int Permissible drift, in seconds @@ -24,56 +25,42 @@ class Server private $drift = 15; /** - * @var Signer Instance of the signature creation class + * @var Signature Instance of the signature creation class */ - private $signer; + private $signature; /** * Public constructor * - * @param Signer $signer Instance of the signature creation class + * @param Signature $signature Instance of the signature creation interface */ - public function __construct(SignatureSigner $signer) + public function __construct(SignatureInterface $signature) { - $this->signer = $signer; + $this->signature = $signature; } /** * Is signature valid? * - * @param string $secret API secret - * @param string $method Request method (GET, POST, PUT, HEAD, etc) - * @param string $host Host portion of API resource URL (including subdomain, excluding scheme) - * @param string $path Path portion of API resource URL (excluding query and fragment) - * @param array $params Request params - * @throws TimeOutOfBoundsException If timestamp greater than or less than allowable drift + * @param RequestInterface $request Request + * @param CredentialsInterface $credentials Credentials + * @throws DriftExceededException If timestamp greater than or less than allowable drift * @throws SignatureMissingException If signature is missing from request + * @throws TimestampMissingException If timestamp is missing from request * @return boolean */ - public function validateSignature($secret, $method, $host, $path, array $params) + public function validateSignature( + RequestInterface $request, + CredentialsInterface $credentials + ) { - if (!isset($params['signature'])) { - throw new SignatureMissingException('Request must contain a signature.'); - } + $params = $request->getParams(); - $currentTimestamp = (int) gmdate('U'); + $this->isSignaturePresent($params); + $this->isTimestampPresent($params); + $this->isDriftExceeded($params); - if ($this->timeOutOfBounds($currentTimestamp, $params['timestamp'])) { - throw new TimeOutOfBoundsException( - sprintf('Timestamp is beyond the +-%d second difference allowed.', $this->getDrift()) - ); - } - - $validSignature = $this->signer->createSignature( - $method, - $host, - $path, - $secret, - $params - ); - - // By @RobertGonzalez from PR #5 - return $params['signature'] === $validSignature; + return $params['signature'] === $this->signature->createSignature($request, $credentials); } /** @@ -83,13 +70,32 @@ public function validateSignature($secret, $method, $host, $path, array $params) * @param int $timestamp GMT timestamp from request * @return boolean */ - protected function timeOutOfBounds($now, $timestamp) + protected function isDriftExceeded(array $params) { - if (abs($timestamp - $now) > $this->drift) { - return true; + $now = (int) gmdate('U'); + + if (abs($params['timestamp'] - $now) > $this->drift) { + throw new DriftExceededException( + sprintf( + 'Timestamp is beyond the +-%d second difference allowed.', + $this->getDrift() + ) + ); } + } - return false; + protected function isSignaturePresent(array $params) + { + if (!isset($params['signature'])) { + throw new SignatureMissingException('Request must contain a signature.'); + } + } + + protected function isTimestampPresent(array $params) + { + if (!isset($params['timestamp'])) { + throw new TimestampMissingException('Request must contain a timestamp.'); + } } /** @@ -113,22 +119,22 @@ public function setDrift($drift) } /** - * Get Signer + * Get Signature * - * @return Signer Instance of the signature creation class + * @return Signature Instance of the signature creation class */ - public function getSigner() + public function getSignature() { - return $this->signer; + return $this->signature; } /** - * Set Signer + * Set Signature * - * @param Signer $signer Instance of the signature creation class + * @param Signature $signature Instance of the signature creation class */ - public function setSigner(SignatureSigner $signer) + public function setSignature(SignatureInterface $signature) { - $this->signer = $signer; + $this->signature = $signature; } } diff --git a/src/QueryAuth/Signature.php b/src/QueryAuth/Signature.php index f657296..a5942df 100644 --- a/src/QueryAuth/Signature.php +++ b/src/QueryAuth/Signature.php @@ -9,56 +9,50 @@ namespace QueryAuth; -use QueryAuth\Signer\SignatureSigner; +use QueryAuth\Credentials\CredentialsInterface; /** * Creates signature */ -class Signer implements SignatureSigner +class Signature implements SignatureInterface { /** * Creates signature * - * @param string $method HTTP method - * @param string $host Host where request is being sent - * @param string $path Request path - * @param string $secret API secret - * @param array $params Request params (querystring, post body, etc) - * @return string Base64 encoded signature + * {@inheritDoc} */ - public function createSignature($method, $host, $path, $secret, array $params) + public function createSignature(RequestInterface $request, CredentialsInterface $credentials) { - $data = $method . "\n" - . $host . "\n" - . $path . "\n" - . $this->normalize($params); - - return \base64_encode(\hash_hmac('sha256', $data, $secret, true)); + $data = $request->getMethod() . "\n" + . $request->getHost() . "\n" + . $this->getAbsolutePath($request->getPath()) . "\n" + . $this->normalizeParameters($request->getParams()); + + return \base64_encode( + \hash_hmac('sha256', $data, $credentials->getSecret(), true) + ); } /** * Normalizes request parameters * + * @params array $params Request parameters * @return string Normalized, rawurlencoded parameter string */ - public function normalize(array $params) + protected function normalizeParameters(array $params) { - uksort($params, 'strcmp'); - - $signature = null; - // Do not encode signature if (isset($params['signature'])) { - $signature = $params['signature']; unset($params['signature']); } - $query = http_build_query($params, null, '&', PHP_QUERY_RFC3986); + uksort($params, 'strcmp'); - if ($signature !== null) { - $params['signature'] = $signature; - } + return http_build_query($params, null, '&', PHP_QUERY_RFC3986); + } - return $query; + protected function getAbsolutePath($path) + { + return '/' . ltrim($path, '/'); } } diff --git a/src/QueryAuth/SignatureInterface.php b/src/QueryAuth/SignatureInterface.php index f3cef6b..9464b37 100644 --- a/src/QueryAuth/SignatureInterface.php +++ b/src/QueryAuth/SignatureInterface.php @@ -7,23 +7,22 @@ * @link https://github.com/jeremykendall/query-auth */ -namespace QueryAuth\Signer; +namespace QueryAuth; + +use QueryAuth\Credentials\CredentialsInterface; /** * Interface for dealing with signature creation * */ -interface SignatureSigner +interface SignatureInterface { /** * Creates signature * - * @param string $method HTTP method - * @param string $host Host where request is being sent - * @param string $path Request path - * @param string $secret API secret - * @param array $params Request params (querystring, post body, etc) - * @return string Base64 encoded signature + * @param RequestInterface $request Request + * @param CredentialsInterface $credentials Credentials + * @return string Base64 encoded signature */ - public function createSignature($method, $host, $path, $secret, array $params); + public function createSignature(RequestInterface $request, CredentialsInterface $credentials); } diff --git a/tests/QueryAuth/RequestSignerTest.php b/tests/QueryAuth/RequestSignerTest.php index f804342..638ae12 100644 --- a/tests/QueryAuth/RequestSignerTest.php +++ b/tests/QueryAuth/RequestSignerTest.php @@ -2,134 +2,86 @@ namespace QueryAuth; -use QueryAuth\Signer\SignatureSigner; +use QueryAuth\Credentials\Credentials; use RandomLib\Factory as RandomFactory; -class ClientTest extends \PHPUnit_Framework_TestCase +class RequestSignerTest extends \PHPUnit_Framework_TestCase { - /** - * @var Client - */ - private $client; - - /** - * @var string - */ - private $key; - - /** - * @var string - */ - private $secret; - - /** - * @var string - */ - private $host; - - /** - * @var string - */ - private $path; - protected function setUp() { - $factory = new Factory(); - $this->client = $factory->newClient(); - $this->key = md5(time()); - $this->secret = base64_encode(time() . 'secret'); - $this->host = 'www.example.com'; - $this->path = '/resources'; + $key = md5(time()); + $secret = base64_encode(time() . 'secret'); + + $this->credentials = new Credentials($key, $secret); + $this->request = $this->getMockBuilder('QueryAuth\RequestInterface') + ->disableOriginalConstructor() + ->getMock(); + $this->signature = $this->getMockBuilder('QueryAuth\SignatureInterface') + ->disableOriginalConstructor() + ->getMock(); + $this->keyGenerator = $this->getMockBuilder('QueryAuth\KeyGenerator') + ->disableOriginalConstructor() + ->getMock(); + + $this->requestSigner = new RequestSigner($this->signature, $this->keyGenerator); } protected function tearDown() { - $this->client = null; - } - - public function testGetSignedRequestParamsForGetRequestWithoutParams() - { - $result = $this->client->getSignedRequestParams( - $this->key, $this->secret, 'GET', $this->host, $this->path, $params = array() - ); - - $this->assertInternalType('array', $result); - $this->assertNotEmpty($result); - $this->assertArrayHasKey('timestamp', $result); - $this->assertArrayHasKey('cnonce', $result); - $this->assertArrayHasKey('key', $result); - $this->assertArrayHasKey('signature', $result); - $this->assertEquals(4, count($result)); - } - - public function testGetSignedRequestParamsForPostRequestWithParams() - { - $result = $this->client->getSignedRequestParams( - $this->key, - $this->secret, - 'POST', - $this->host, - $this->path, - $params = array('foo' => 'bar', 'baz' => 'bat') - ); - - $this->assertInternalType('array', $result); - $this->assertNotEmpty($result); - $this->assertArrayHasKey('foo', $result); - $this->assertArrayHasKey('baz', $result); - $this->assertEquals(6, count($result)); + $this->requestSigner = null; } - public function testSignaturesWithSameDataAndTimestampAreUnique() + public function testSignRequest() { - $this->client->setTimestamp(gmdate('U')); - - $result1 = $this->client->getSignedRequestParams( - $this->key, - $this->secret, - 'POST', - $this->host, - $this->path, - $params = array('foo' => 'bar', 'baz' => 'bat') - ); - - $result2 = $this->client->getSignedRequestParams( - $this->key, - $this->secret, - 'POST', - $this->host, - $this->path, - $params = array('foo' => 'bar', 'baz' => 'bat') - ); - - $this->assertNotEquals($result1, $result2); + $signature = 'fjkdlajflkdjkasdljflasd'; + $cnonce = 'ahssgajsgajgusibanriuuei'; + + $this->keyGenerator->expects($this->once()) + ->method('generateNonce') + ->willReturn($cnonce); + + $this->signature->expects($this->once()) + ->method('createSignature') + ->with($this->request, $this->credentials) + ->willReturn($signature); + + $this->request->expects($this->exactly(4)) + ->method('addParam') + ->withConsecutive( + ['key', $this->credentials->getKey()], + ['timestamp', $this->requestSigner->getTimestamp()], + ['cnonce', $cnonce], + ['signature', $signature] + ); + + $this->requestSigner->signRequest($this->request, $this->credentials); } - public function testGetSetSigner() + public function testGetSetSignature() { - $this->assertInstanceOf('QueryAuth\Signer\SignatureSigner', $this->client->getSigner()); - $signature = new Signer(new ParameterCollection()); - $this->client->setSigner($signature); - $this->assertSame($signature, $this->client->getSigner()); + $this->assertInstanceOf('QueryAuth\SignatureInterface', $this->requestSigner->getSignature()); + $signature = new Signature(new ParameterCollection()); + $this->requestSigner->setSignature($signature); + $this->assertSame($signature, $this->requestSigner->getSignature()); } public function testGetSetKeyGenerator() { - $this->assertInstanceOf('QueryAuth\KeyGenerator', $this->client->getKeyGenerator()); + $this->assertInstanceOf('QueryAuth\KeyGenerator', $this->requestSigner->getKeyGenerator()); $randomFactory = new RandomFactory(); $keyGenerator = new KeyGenerator($randomFactory->getMediumStrengthGenerator()); - $this->client->setKeyGenerator($keyGenerator); - $this->assertSame($keyGenerator, $this->client->getKeyGenerator()); + $this->requestSigner->setKeyGenerator($keyGenerator); + $this->assertSame($keyGenerator, $this->requestSigner->getKeyGenerator()); } public function testGetSetTimestamp() { - $default = $this->client->getTimestamp(); + $default = $this->requestSigner->getTimestamp(); $this->assertLessThanOrEqual(gmdate('U'), $default); $this->assertNotNull($default); $this->assertInternalType('int', $default); $new = gmdate('U'); - $this->client->setTimestamp($new); - $this->assertEquals($new, $this->client->getTimestamp()); + $this->requestSigner->setTimestamp($new); + $this->assertEquals($new, $this->requestSigner->getTimestamp()); } } diff --git a/tests/QueryAuth/RequestValidatorTest.php b/tests/QueryAuth/RequestValidatorTest.php index 148c03e..93c91ea 100644 --- a/tests/QueryAuth/RequestValidatorTest.php +++ b/tests/QueryAuth/RequestValidatorTest.php @@ -2,78 +2,67 @@ namespace QueryAuth; -use QueryAuth\Signer\SignatureSigner; +use QueryAuth\Credentials\Credentials; -class ServerTest extends \PHPUnit_Framework_TestCase +class RequestValidatorTest extends \PHPUnit_Framework_TestCase { /** - * @var Server + * @var RequestValidator */ - private $server; + private $requestValidator; /** - * @var Client + * @var CredentialsInterface */ - private $client; + private $credentials; /** - * @var string + * @var RequestInterface */ - private $key; + private $request; /** - * @var string + * @var SignatureInterface */ - private $secret; - - /** - * @var string - */ - private $host; - - /** - * @var string - */ - private $path; + private $signature; protected function setUp() { - $factory = new Factory(); - $this->server = $factory->newServer(); - $this->client = $factory->newClient(); - $this->key = md5(time()); - $this->secret = base64_encode(time() . 'secret'); - $this->host = 'www.example.com'; - $this->path = '/resources'; + $key = md5(time()); + $secret = base64_encode(time() . 'secret'); + + $this->credentials = new Credentials($key, $secret); + $this->request = $this->getMockBuilder('QueryAuth\RequestInterface') + ->disableOriginalConstructor() + ->getMock(); + $this->signature = $this->getMockBuilder('QueryAuth\SignatureInterface') + ->disableOriginalConstructor() + ->getMock(); + + $this->requestValidator = new RequestValidator($this->signature); } protected function tearDown() { - $this->server = null; - $this->client = null; + $this->requestValidator = null; } - public function testValidateSignatureGetRequest() + public function testValidateSignature() { - $signedParams = $this->client->getSignedRequestParams( - $this->key, $this->secret, 'GET', $this->host, $this->path, $params = array() - ); - - $result = $this->server->validateSignature( - $this->secret, 'GET', $this->host, $this->path, $signedParams - ); - - $this->assertTrue($result); - } - - public function testValidateSignaturePostRequest() - { - $signedParams = $this->client->getSignedRequestParams( - $this->key, $this->secret, 'POST', $this->host, $this->path, $params = array('foo' => 'bar', 'baz' => 'bat') - ); - - $result = $this->server->validateSignature( - $this->secret, 'POST', $this->host, $this->path, $signedParams + $this->request->expects($this->once()) + ->method('getParams') + ->willReturn([ + 'signature' => 12345, + 'timestamp' => (int) gmdate('U'), + ]); + + $this->signature->expects($this->once()) + ->method('createSignature') + ->with($this->request, $this->credentials) + ->willReturn(12345); + + $result = $this->requestValidator->validateSignature( + $this->request, $this->credentials ); $this->assertTrue($result); @@ -81,14 +70,20 @@ public function testValidateSignaturePostRequest() public function testValidateSignatureReturnsFalseForInvalidSignature() { - $signedParams = $this->client->getSignedRequestParams( - $this->key, $this->secret, 'GET', $this->host, $this->path, $params = array() - ); - - $signedParams['signature'] = 'WAT'; - - $result = $this->server->validateSignature( - $this->secret, 'GET', $this->host, $this->path, $signedParams + $this->request->expects($this->once()) + ->method('getParams') + ->willReturn([ + 'signature' => 12345, + 'timestamp' => (int) gmdate('U'), + ]); + + $this->signature->expects($this->once()) + ->method('createSignature') + ->with($this->request, $this->credentials) + ->willReturn(54321); + + $result = $this->requestValidator->validateSignature( + $this->request, $this->credentials ); $this->assertFalse($result); @@ -97,42 +92,54 @@ public function testValidateSignatureReturnsFalseForInvalidSignature() public function testExceedsMaximumDriftThrowsException() { $this->setExpectedException( - 'QueryAuth\Exception\TimeOutOfBoundsException', + 'QueryAuth\Exception\DriftExceededException', sprintf( 'Timestamp is beyond the +-%d second difference allowed.', - $this->server->getDrift() + $this->requestValidator->getDrift() ) ); - $signedParams = $this->client->getSignedRequestParams( - $this->key, $this->secret, 'GET', $this->host, $this->path, $params = array() - ); + $badTimestamp = $this->requestValidator->getDrift() + 10; + + $this->request->expects($this->once()) + ->method('getParams') + ->willReturn([ + 'signature' => 12345, + 'timestamp' => (int) gmdate('U') + $badTimestamp, + ]); - $signedParams['timestamp'] = $signedParams['timestamp'] + ($this->server->getDrift() + 10); + $this->signature->expects($this->never()) + ->method('createSignature'); - $this->server->validateSignature( - $this->secret, 'GET', $this->host, $this->path, $signedParams + $this->requestValidator->validateSignature( + $this->request, $this->credentials ); } public function testExceedsMinimumDriftThrowsException() { $this->setExpectedException( - 'QueryAuth\Exception\TimeOutOfBoundsException', + 'QueryAuth\Exception\DriftExceededException', sprintf( 'Timestamp is beyond the +-%d second difference allowed.', - $this->server->getDrift() + $this->requestValidator->getDrift() ) ); - $signedParams = $this->client->getSignedRequestParams( - $this->key, $this->secret, 'GET', $this->host, $this->path, $params = array() - ); + $badTimestamp = $this->requestValidator->getDrift() + 10; + + $this->request->expects($this->once()) + ->method('getParams') + ->willReturn([ + 'signature' => 12345, + 'timestamp' => (int) gmdate('U') - $badTimestamp, + ]); - $signedParams['timestamp'] = $signedParams['timestamp'] - ($this->server->getDrift() + 10); + $this->signature->expects($this->never()) + ->method('createSignature'); - $this->server->validateSignature( - $this->secret, 'GET', $this->host, $this->path, $signedParams + $this->requestValidator->validateSignature( + $this->request, $this->credentials ); } @@ -143,31 +150,49 @@ public function testMissingSignatureThrowsException() 'Request must contain a signature.' ); - $signedParams = $this->client->getSignedRequestParams( - $this->key, $this->secret, 'GET', $this->host, $this->path, $params = array() + $this->request->expects($this->once()) + ->method('getParams') + ->willReturn([ + 'timestamp' => (int) gmdate('U'), + ]); + + $this->requestValidator->validateSignature( + $this->request, $this->credentials ); + } - unset($signedParams['signature']); + public function testMissingTimestampThrowsException() + { + $this->setExpectedException( + 'QueryAuth\Exception\TimestampMissingException', + 'Request must contain a timestamp.' + ); + + $this->request->expects($this->once()) + ->method('getParams') + ->willReturn([ + 'signature' => 12345, + ]); - $this->server->validateSignature( - $this->secret, 'GET', $this->host, $this->path, $signedParams + $this->requestValidator->validateSignature( + $this->request, $this->credentials ); } - + public function testGetSetDrift() { // Test default value - $this->assertEquals(15, $this->server->getDrift()); + $this->assertEquals(15, $this->requestValidator->getDrift()); - $this->server->setDrift(30); - $this->assertEquals(30, $this->server->getDrift()); + $this->requestValidator->setDrift(30); + $this->assertEquals(30, $this->requestValidator->getDrift()); } - public function testGetSetSigner() + public function testGetSetSignature() { - $this->assertInstanceOf('QueryAuth\Signer\SignatureSigner', $this->server->getSigner()); - $signature = new Signer(new ParameterCollection()); - $this->server->setSigner($signature); - $this->assertSame($signature, $this->server->getSigner()); + $this->assertInstanceOf('QueryAuth\SignatureInterface', $this->requestValidator->getSignature()); + $signature = new Signature(); + $this->requestValidator->setSignature($signature); + $this->assertSame($signature, $this->requestValidator->getSignature()); } } diff --git a/tests/QueryAuth/SignatureTest.php b/tests/QueryAuth/SignatureTest.php index c01dab7..b06febf 100644 --- a/tests/QueryAuth/SignatureTest.php +++ b/tests/QueryAuth/SignatureTest.php @@ -2,12 +2,12 @@ namespace QueryAuth; -class SignerTest extends \PHPUnit_Framework_TestCase +class SignatureTest extends \PHPUnit_Framework_TestCase { /** - * @var Signer + * @var Signature */ - private $signer; + private $signature; /** * @var string @@ -34,9 +34,21 @@ class SignerTest extends \PHPUnit_Framework_TestCase */ private $base64Pattern; + private $request; + + private $credentials; + protected function setUp() { - $this->signer = new Signer(); + $this->request = $this->getMockBuilder('QueryAuth\RequestInterface') + ->disableOriginalConstructor() + ->getMock(); + + $this->credentials = $this->getMockBuilder('QueryAuth\Credentials\CredentialsInterface') + ->disableOriginalConstructor() + ->getMock(); + + $this->signature = new Signature(); $this->secret = base64_encode(time() . 'secret'); $this->host = 'www.example.com'; $this->path = '/resources'; @@ -47,18 +59,27 @@ protected function setUp() protected function tearDown() { - $this->signer = null; + $this->signature = null; } public function testCreateSignatureForGET() { - $signature = $this->signer->createSignature( - 'GET', - $this->host, - $this->path, - $this->secret, - $this->params - ); + $this->request->method('getMethod') + ->willReturn('GET'); + + $this->request->method('getHost') + ->willReturn($this->host); + + $this->request->method('getPath') + ->willReturn($this->path); + + $this->request->method('getParams') + ->willReturn($this->params); + + $this->credentials->method('getSecret') + ->willReturn($this->secret); + + $signature = $this->signature->createSignature($this->request, $this->credentials); $this->assertNotNull($signature); $this->assertRegexp($this->base64Pattern, $signature); @@ -67,13 +88,23 @@ public function testCreateSignatureForGET() public function testCreateSignatureForPOST() { $this->params['user'] = 'arthur.dent@example.net'; - $signature = $this->signer->createSignature( - 'POST', - $this->host, - $this->path, - $this->secret, - $this->params - ); + + $this->request->method('getMethod') + ->willReturn('POST'); + + $this->request->method('getHost') + ->willReturn($this->host); + + $this->request->method('getPath') + ->willReturn($this->path); + + $this->request->method('getParams') + ->willReturn($this->params); + + $this->credentials->method('getSecret') + ->willReturn($this->secret); + + $signature = $this->signature->createSignature($this->request, $this->credentials); $this->assertNotNull($signature); $this->assertRegexp($this->base64Pattern, $signature); @@ -83,21 +114,53 @@ public function testSignaturesCreatedWithSameArgumentsShouldMatch() { $this->params['user'] = 'zaphod.beeblebrox@example.net'; - $signature1 = $this->signer->createSignature( - 'POST', - $this->host, - $this->path, - $this->secret, - $this->params - ); - - $signature2 = $this->signer->createSignature( - 'POST', - $this->host, - $this->path, - $this->secret, - $this->params - ); + $this->request->method('getMethod') + ->willReturn('POST'); + + $this->request->method('getHost') + ->willReturn($this->host); + + $this->request->method('getPath') + ->willReturn($this->path); + + $this->request->method('getParams') + ->willReturn($this->params); + + $this->credentials->method('getSecret') + ->willReturn($this->secret); + + $signature1 = $this->signature->createSignature($this->request, $this->credentials); + $signature2 = $this->signature->createSignature($this->request, $this->credentials); + + $this->assertEquals($signature1, $signature2); + } + + public function testSignaturesUnsetIfPresentAndSignaturesMatch() + { + $this->params['user'] = 'zaphod.beeblebrox@example.net'; + + $this->request->method('getMethod') + ->willReturn('POST'); + + $this->request->method('getHost') + ->willReturn($this->host); + + $this->request->method('getPath') + ->willReturn($this->path); + + $this->request->expects($this->at(3)) + ->method('getParams') + ->willReturn($this->params); + + $this->request->expects($this->at(7)) + ->method('getParams') + ->willReturn(array_merge($this->params, ['signature' => 'fjdklsjflkd'])); + + $this->credentials->method('getSecret') + ->willReturn($this->secret); + + $signature1 = $this->signature->createSignature($this->request, $this->credentials); + $signature2 = $this->signature->createSignature($this->request, $this->credentials); $this->assertEquals($signature1, $signature2); } From a791bb523c2c9bedc5a2f4c2a40797c0b24b108c Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 18:39:39 -0500 Subject: [PATCH 14/31] New RequestInterface --- src/QueryAuth/RequestInterface.php | 49 ++++++++++++++++++++++++++++++ 1 file changed, 49 insertions(+) create mode 100644 src/QueryAuth/RequestInterface.php diff --git a/src/QueryAuth/RequestInterface.php b/src/QueryAuth/RequestInterface.php new file mode 100644 index 0000000..e5ac061 --- /dev/null +++ b/src/QueryAuth/RequestInterface.php @@ -0,0 +1,49 @@ + Date: Wed, 24 Sep 2014 18:39:51 -0500 Subject: [PATCH 15/31] Updates existing classes and tests --- src/QueryAuth/Factory.php | 28 +++++++++---------- .../Exception/QueryAuthExceptionTest.php | 13 +++++++-- tests/QueryAuth/FactoryTest.php | 8 +++--- 3 files changed, 28 insertions(+), 21 deletions(-) diff --git a/src/QueryAuth/Factory.php b/src/QueryAuth/Factory.php index 274a4df..bc4e559 100644 --- a/src/QueryAuth/Factory.php +++ b/src/QueryAuth/Factory.php @@ -9,9 +9,9 @@ namespace QueryAuth; -use QueryAuth\Client; -use QueryAuth\Server; -use QueryAuth\Signer; +use QueryAuth\RequestSigner; +use QueryAuth\RequestValidator; +use QueryAuth\Signature; use RandomLib\Factory as RandomFactory; /** @@ -27,21 +27,21 @@ class Factory /** * Creates a client instance * - * @return Client Client instance + * @return RequestSigner RequestSigner instance */ - public function newClient() + public function newRequestSigner() { - return new Client($this->newSigner(), $this->newKeyGenerator()); + return new RequestSigner($this->newSignature(), $this->newKeyGenerator()); } /** - * Creates a server instance + * Creates a RequestValidator * - * @return Server Server instance + * @return RequestValidator RequestValidator instance */ - public function newServer() + public function newRequestValidator() { - return new Server($this->newSigner()); + return new RequestValidator($this->newSignature()); } /** @@ -55,13 +55,13 @@ public function newKeyGenerator() } /** - * Creates a signer for either server or client + * Creates a Signature instance * - * @return Signer Signer instance + * @return Signature Signature instance */ - protected function newSigner() + protected function newSignature() { - return new Signer(); + return new Signature(); } /** diff --git a/tests/QueryAuth/Exception/QueryAuthExceptionTest.php b/tests/QueryAuth/Exception/QueryAuthExceptionTest.php index bedcea9..5d45c93 100644 --- a/tests/QueryAuth/Exception/QueryAuthExceptionTest.php +++ b/tests/QueryAuth/Exception/QueryAuthExceptionTest.php @@ -4,6 +4,13 @@ class QueryAuthExceptionTest extends \PHPUnit_Framework_TestCase { + public function testDriftExceededException() + { + $e = new DriftExceededException(); + $this->assertInstanceOf('QueryAuth\Exception\DriftExceededException', $e); + $this->assertInstanceOf('QueryAuth\Exception\QueryAuthException', $e); + } + public function testSignatureMissingException() { $e = new SignatureMissingException(); @@ -11,10 +18,10 @@ public function testSignatureMissingException() $this->assertInstanceOf('QueryAuth\Exception\QueryAuthException', $e); } - public function testTimeOutOfBoundsException() + public function testTimestampMissingException() { - $e = new TimeOutOfBoundsException(); - $this->assertInstanceOf('QueryAuth\Exception\TimeOutOfBoundsException', $e); + $e = new TimestampMissingException(); + $this->assertInstanceOf('QueryAuth\Exception\TimestampMissingException', $e); $this->assertInstanceOf('QueryAuth\Exception\QueryAuthException', $e); } } diff --git a/tests/QueryAuth/FactoryTest.php b/tests/QueryAuth/FactoryTest.php index 7ef1f05..a3e76f4 100644 --- a/tests/QueryAuth/FactoryTest.php +++ b/tests/QueryAuth/FactoryTest.php @@ -21,14 +21,14 @@ protected function tearDown() parent::tearDown(); } - public function testFactoryServer() + public function testFactoryRequestValidator() { - $this->assertInstanceOf('QueryAuth\Server', $this->factory->newServer()); + $this->assertInstanceOf('QueryAuth\RequestValidator', $this->factory->newRequestValidator()); } - public function testFactoryClient() + public function testFactoryRequestSigner() { - $this->assertInstanceOf('QueryAuth\Client', $this->factory->newClient()); + $this->assertInstanceOf('QueryAuth\RequestSigner', $this->factory->newRequestSigner()); } public function testGetSetRandomFactory() From bcf0cc16969e9ef3fff0c02240af3e9c744af27e Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 18:40:44 -0500 Subject: [PATCH 16/31] Removes, ignores composer.lock --- .gitignore | 1 + composer.lock | 918 -------------------------------------------------- 2 files changed, 1 insertion(+), 918 deletions(-) delete mode 100644 composer.lock diff --git a/.gitignore b/.gitignore index 411a5b8..05ab16b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ build vendor +composer.lock diff --git a/composer.lock b/composer.lock deleted file mode 100644 index 9bf9512..0000000 --- a/composer.lock +++ /dev/null @@ -1,918 +0,0 @@ -{ - "_readme": [ - "This file locks the dependencies of your project to a known state", - "Read more about it at http://getcomposer.org/doc/01-basic-usage.md#composer-lock-the-lock-file", - "This file is @generated automatically" - ], - "hash": "a3a2ad700689f5a0b14e805c2fed32e4", - "packages": [ - { - "name": "ircmaxell/random-lib", - "version": "v1.0.0", - "source": { - "type": "git", - "url": "https://github.com/ircmaxell/RandomLib.git", - "reference": "v1.0.0" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/ircmaxell/RandomLib/zipball/v1.0.0", - "reference": "v1.0.0", - "shasum": "" - }, - "require": { - "ircmaxell/security-lib": "1.0.*@dev", - "php": ">=5.3.2" - }, - "require-dev": { - "mikey179/vfsstream": "1.1.*" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "autoload": { - "psr-0": { - "RandomLib": "lib" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Anthony Ferrara", - "email": "ircmaxell@ircmaxell.com", - "homepage": "http://blog.ircmaxell.com" - } - ], - "description": "A Library For Generating Secure Random Numbers", - "homepage": "https://github.com/ircmaxell/PHP-RandomLib", - "keywords": [ - "cryptography", - "random", - "random-numbers", - "random-strings" - ], - "time": "2013-07-30 17:40:57" - }, - { - "name": "ircmaxell/security-lib", - "version": "1.0.0", - "source": { - "type": "git", - "url": "https://github.com/ircmaxell/SecurityLib.git", - "reference": "v1.0.0" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/ircmaxell/SecurityLib/zipball/v1.0.0", - "reference": "v1.0.0", - "shasum": "" - }, - "require": { - "php": ">=5.3.2" - }, - "require-dev": { - "mikey179/vfsstream": "1.1.*" - }, - "type": "library", - "autoload": { - "psr-0": { - "SecurityLib": "lib" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Anthony Ferrara", - "email": "ircmaxell@ircmaxell.com", - "homepage": "http://blog.ircmaxell.com" - } - ], - "description": "A Base Security Library", - "homepage": "https://github.com/ircmaxell/PHP-SecurityLib", - "time": "2013-04-30 18:00:34" - } - ], - "packages-dev": [ - { - "name": "ocramius/instantiator", - "version": "1.1.3", - "source": { - "type": "git", - "url": "https://github.com/Ocramius/Instantiator.git", - "reference": "e24a12178906ff2e7471b8aaf3a0eb789b59f881" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/Ocramius/Instantiator/zipball/e24a12178906ff2e7471b8aaf3a0eb789b59f881", - "reference": "e24a12178906ff2e7471b8aaf3a0eb789b59f881", - "shasum": "" - }, - "require": { - "ocramius/lazy-map": "1.0.*", - "php": "~5.3" - }, - "require-dev": { - "athletic/athletic": "~0.1.8", - "ext-pdo": "*", - "ext-phar": "*", - "phpunit/phpunit": "~4.0", - "squizlabs/php_codesniffer": "2.0.*@ALPHA" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "2.0.x-dev" - } - }, - "autoload": { - "psr-0": { - "Instantiator\\": "src" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Marco Pivetta", - "email": "ocramius@gmail.com", - "homepage": "http://ocramius.github.com/" - } - ], - "description": "A small, lightweight utility to instantiate objects in PHP without invoking their constructors", - "homepage": "https://github.com/Ocramius/Instantiator", - "keywords": [ - "constructor", - "instantiate" - ], - "time": "2014-08-25 14:48:16" - }, - { - "name": "ocramius/lazy-map", - "version": "1.0.0", - "source": { - "type": "git", - "url": "https://github.com/Ocramius/LazyMap.git", - "reference": "7fe3d347f5e618bcea7d39345ff83f3651d8b752" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/Ocramius/LazyMap/zipball/7fe3d347f5e618bcea7d39345ff83f3651d8b752", - "reference": "7fe3d347f5e618bcea7d39345ff83f3651d8b752", - "shasum": "" - }, - "require": { - "php": ">=5.3.3" - }, - "require-dev": { - "athletic/athletic": "~0.1.6", - "phpmd/phpmd": "1.5.*", - "phpunit/phpunit": ">=3.7", - "satooshi/php-coveralls": "~0.6", - "squizlabs/php_codesniffer": "1.4.*" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "autoload": { - "psr-0": { - "LazyMap\\": "src" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Marco Pivetta", - "email": "ocramius@gmail.com", - "homepage": "http://ocramius.github.com/", - "role": "Developer" - } - ], - "description": "A library that provides lazy instantiation logic for a map of objects", - "homepage": "https://github.com/Ocramius/LazyMap", - "keywords": [ - "lazy", - "lazy instantiation", - "lazy loading", - "map", - "service location" - ], - "time": "2013-11-09 22:30:54" - }, - { - "name": "phpunit/php-code-coverage", - "version": "2.0.11", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/php-code-coverage.git", - "reference": "53603b3c995f5aab6b59c8e08c3a663d2cc810b7" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-code-coverage/zipball/53603b3c995f5aab6b59c8e08c3a663d2cc810b7", - "reference": "53603b3c995f5aab6b59c8e08c3a663d2cc810b7", - "shasum": "" - }, - "require": { - "php": ">=5.3.3", - "phpunit/php-file-iterator": "~1.3", - "phpunit/php-text-template": "~1.2", - "phpunit/php-token-stream": "~1.3", - "sebastian/environment": "~1.0", - "sebastian/version": "~1.0" - }, - "require-dev": { - "ext-xdebug": ">=2.1.4", - "phpunit/phpunit": "~4.1" - }, - "suggest": { - "ext-dom": "*", - "ext-xdebug": ">=2.2.1", - "ext-xmlwriter": "*" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "2.0.x-dev" - } - }, - "autoload": { - "classmap": [ - "src/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sb@sebastian-bergmann.de", - "role": "lead" - } - ], - "description": "Library that provides collection, processing, and rendering functionality for PHP code coverage information.", - "homepage": "https://github.com/sebastianbergmann/php-code-coverage", - "keywords": [ - "coverage", - "testing", - "xunit" - ], - "time": "2014-08-31 06:33:04" - }, - { - "name": "phpunit/php-file-iterator", - "version": "1.3.4", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/php-file-iterator.git", - "reference": "acd690379117b042d1c8af1fafd61bde001bf6bb" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-file-iterator/zipball/acd690379117b042d1c8af1fafd61bde001bf6bb", - "reference": "acd690379117b042d1c8af1fafd61bde001bf6bb", - "shasum": "" - }, - "require": { - "php": ">=5.3.3" - }, - "type": "library", - "autoload": { - "classmap": [ - "File/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sb@sebastian-bergmann.de", - "role": "lead" - } - ], - "description": "FilterIterator implementation that filters files based on a list of suffixes.", - "homepage": "https://github.com/sebastianbergmann/php-file-iterator/", - "keywords": [ - "filesystem", - "iterator" - ], - "time": "2013-10-10 15:34:57" - }, - { - "name": "phpunit/php-text-template", - "version": "1.2.0", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/php-text-template.git", - "reference": "206dfefc0ffe9cebf65c413e3d0e809c82fbf00a" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-text-template/zipball/206dfefc0ffe9cebf65c413e3d0e809c82fbf00a", - "reference": "206dfefc0ffe9cebf65c413e3d0e809c82fbf00a", - "shasum": "" - }, - "require": { - "php": ">=5.3.3" - }, - "type": "library", - "autoload": { - "classmap": [ - "Text/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sb@sebastian-bergmann.de", - "role": "lead" - } - ], - "description": "Simple template engine.", - "homepage": "https://github.com/sebastianbergmann/php-text-template/", - "keywords": [ - "template" - ], - "time": "2014-01-30 17:20:04" - }, - { - "name": "phpunit/php-timer", - "version": "1.0.5", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/php-timer.git", - "reference": "1.0.5" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-timer/zipball/1.0.5", - "reference": "1.0.5", - "shasum": "" - }, - "require": { - "php": ">=5.3.3" - }, - "type": "library", - "autoload": { - "classmap": [ - "PHP/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "" - ], - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sb@sebastian-bergmann.de", - "role": "lead" - } - ], - "description": "Utility class for timing", - "homepage": "https://github.com/sebastianbergmann/php-timer/", - "keywords": [ - "timer" - ], - "time": "2013-08-02 07:42:54" - }, - { - "name": "phpunit/php-token-stream", - "version": "1.3.0", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/php-token-stream.git", - "reference": "f8d5d08c56de5cfd592b3340424a81733259a876" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/php-token-stream/zipball/f8d5d08c56de5cfd592b3340424a81733259a876", - "reference": "f8d5d08c56de5cfd592b3340424a81733259a876", - "shasum": "" - }, - "require": { - "ext-tokenizer": "*", - "php": ">=5.3.3" - }, - "require-dev": { - "phpunit/phpunit": "~4.2" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.3-dev" - } - }, - "autoload": { - "classmap": [ - "src/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sebastian@phpunit.de" - } - ], - "description": "Wrapper around PHP's tokenizer extension.", - "homepage": "https://github.com/sebastianbergmann/php-token-stream/", - "keywords": [ - "tokenizer" - ], - "time": "2014-08-31 06:12:13" - }, - { - "name": "phpunit/phpunit", - "version": "4.2.6", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/phpunit.git", - "reference": "c28a790620fe30b049bb693be1ef9cd4e0fe906c" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit/zipball/c28a790620fe30b049bb693be1ef9cd4e0fe906c", - "reference": "c28a790620fe30b049bb693be1ef9cd4e0fe906c", - "shasum": "" - }, - "require": { - "ext-dom": "*", - "ext-json": "*", - "ext-pcre": "*", - "ext-reflection": "*", - "ext-spl": "*", - "php": ">=5.3.3", - "phpunit/php-code-coverage": "~2.0", - "phpunit/php-file-iterator": "~1.3.1", - "phpunit/php-text-template": "~1.2", - "phpunit/php-timer": "~1.0.2", - "phpunit/phpunit-mock-objects": "~2.2", - "sebastian/comparator": "~1.0", - "sebastian/diff": "~1.1", - "sebastian/environment": "~1.0", - "sebastian/exporter": "~1.0", - "sebastian/version": "~1.0", - "symfony/yaml": "~2.0" - }, - "suggest": { - "phpunit/php-invoker": "~1.1" - }, - "bin": [ - "phpunit" - ], - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "4.2.x-dev" - } - }, - "autoload": { - "classmap": [ - "src/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "include-path": [ - "", - "../../symfony/yaml/" - ], - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sebastian@phpunit.de", - "role": "lead" - } - ], - "description": "The PHP Unit Testing framework.", - "homepage": "http://www.phpunit.de/", - "keywords": [ - "phpunit", - "testing", - "xunit" - ], - "time": "2014-09-14 09:31:24" - }, - { - "name": "phpunit/phpunit-mock-objects", - "version": "2.2.1", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/phpunit-mock-objects.git", - "reference": "b241b18d87a47093f20fae8b0ba40379b00bd53a" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/phpunit-mock-objects/zipball/b241b18d87a47093f20fae8b0ba40379b00bd53a", - "reference": "b241b18d87a47093f20fae8b0ba40379b00bd53a", - "shasum": "" - }, - "require": { - "ocramius/instantiator": "~1.0", - "php": ">=5.3.3", - "phpunit/php-text-template": "~1.2" - }, - "require-dev": { - "phpunit/phpunit": "~4.2" - }, - "suggest": { - "ext-soap": "*" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "2.2.x-dev" - } - }, - "autoload": { - "classmap": [ - "src/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sb@sebastian-bergmann.de", - "role": "lead" - } - ], - "description": "Mock Object library for PHPUnit", - "homepage": "https://github.com/sebastianbergmann/phpunit-mock-objects/", - "keywords": [ - "mock", - "xunit" - ], - "time": "2014-09-06 17:32:37" - }, - { - "name": "sebastian/comparator", - "version": "1.0.0", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/comparator.git", - "reference": "f7069ee51fa9fb6c038e16a9d0e3439f5449dcf2" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/comparator/zipball/f7069ee51fa9fb6c038e16a9d0e3439f5449dcf2", - "reference": "f7069ee51fa9fb6c038e16a9d0e3439f5449dcf2", - "shasum": "" - }, - "require": { - "php": ">=5.3.3", - "sebastian/diff": "~1.1", - "sebastian/exporter": "~1.0" - }, - "require-dev": { - "phpunit/phpunit": "~4.1" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "autoload": { - "classmap": [ - "src/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sebastian@phpunit.de", - "role": "lead" - }, - { - "name": "Jeff Welch", - "email": "whatthejeff@gmail.com" - }, - { - "name": "Volker Dusch", - "email": "github@wallbash.com" - }, - { - "name": "Bernhard Schussek", - "email": "bschussek@2bepublished.at" - } - ], - "description": "Provides the functionality to compare PHP values for equality", - "homepage": "http://www.github.com/sebastianbergmann/comparator", - "keywords": [ - "comparator", - "compare", - "equality" - ], - "time": "2014-05-02 07:05:58" - }, - { - "name": "sebastian/diff", - "version": "1.1.0", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/diff.git", - "reference": "1e091702a5a38e6b4c1ba9ca816e3dd343df2e2d" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/diff/zipball/1e091702a5a38e6b4c1ba9ca816e3dd343df2e2d", - "reference": "1e091702a5a38e6b4c1ba9ca816e3dd343df2e2d", - "shasum": "" - }, - "require": { - "php": ">=5.3.3" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.1-dev" - } - }, - "autoload": { - "classmap": [ - "src/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sebastian@phpunit.de", - "role": "lead" - }, - { - "name": "Kore Nordmann", - "email": "mail@kore-nordmann.de" - } - ], - "description": "Diff implementation", - "homepage": "http://www.github.com/sebastianbergmann/diff", - "keywords": [ - "diff" - ], - "time": "2013-08-03 16:46:33" - }, - { - "name": "sebastian/environment", - "version": "1.0.0", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/environment.git", - "reference": "79517609ec01139cd7e9fded0dd7ce08c952ef6a" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/environment/zipball/79517609ec01139cd7e9fded0dd7ce08c952ef6a", - "reference": "79517609ec01139cd7e9fded0dd7ce08c952ef6a", - "shasum": "" - }, - "require": { - "php": ">=5.3.3" - }, - "require-dev": { - "phpunit/phpunit": "4.0.*@dev" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "autoload": { - "classmap": [ - "src/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sebastian@phpunit.de", - "role": "lead" - } - ], - "description": "Provides functionality to handle HHVM/PHP environments", - "homepage": "http://www.github.com/sebastianbergmann/environment", - "keywords": [ - "Xdebug", - "environment", - "hhvm" - ], - "time": "2014-02-18 16:17:19" - }, - { - "name": "sebastian/exporter", - "version": "1.0.1", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/exporter.git", - "reference": "1f9a98e6f5dfe0524cb8c6166f7c82f3e9ae1529" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/exporter/zipball/1f9a98e6f5dfe0524cb8c6166f7c82f3e9ae1529", - "reference": "1f9a98e6f5dfe0524cb8c6166f7c82f3e9ae1529", - "shasum": "" - }, - "require": { - "php": ">=5.3.3" - }, - "require-dev": { - "phpunit/phpunit": "4.0.*@dev" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "1.0.x-dev" - } - }, - "autoload": { - "classmap": [ - "src/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sebastian@phpunit.de", - "role": "lead" - }, - { - "name": "Jeff Welch", - "email": "whatthejeff@gmail.com" - }, - { - "name": "Volker Dusch", - "email": "github@wallbash.com" - }, - { - "name": "Adam Harvey", - "email": "aharvey@php.net", - "role": "Lead" - }, - { - "name": "Bernhard Schussek", - "email": "bschussek@2bepublished.at" - } - ], - "description": "Provides the functionality to export PHP variables for visualization", - "homepage": "http://www.github.com/sebastianbergmann/exporter", - "keywords": [ - "export", - "exporter" - ], - "time": "2014-02-16 08:26:31" - }, - { - "name": "sebastian/version", - "version": "1.0.3", - "source": { - "type": "git", - "url": "https://github.com/sebastianbergmann/version.git", - "reference": "b6e1f0cf6b9e1ec409a0d3e2f2a5fb0998e36b43" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/sebastianbergmann/version/zipball/b6e1f0cf6b9e1ec409a0d3e2f2a5fb0998e36b43", - "reference": "b6e1f0cf6b9e1ec409a0d3e2f2a5fb0998e36b43", - "shasum": "" - }, - "type": "library", - "autoload": { - "classmap": [ - "src/" - ] - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "BSD-3-Clause" - ], - "authors": [ - { - "name": "Sebastian Bergmann", - "email": "sebastian@phpunit.de", - "role": "lead" - } - ], - "description": "Library that helps with managing the version number of Git-hosted PHP projects", - "homepage": "https://github.com/sebastianbergmann/version", - "time": "2014-03-07 15:35:33" - }, - { - "name": "symfony/yaml", - "version": "v2.5.4", - "target-dir": "Symfony/Component/Yaml", - "source": { - "type": "git", - "url": "https://github.com/symfony/Yaml.git", - "reference": "01a7695bcfb013d0a15c6757e15aae120342986f" - }, - "dist": { - "type": "zip", - "url": "https://api.github.com/repos/symfony/Yaml/zipball/01a7695bcfb013d0a15c6757e15aae120342986f", - "reference": "01a7695bcfb013d0a15c6757e15aae120342986f", - "shasum": "" - }, - "require": { - "php": ">=5.3.3" - }, - "type": "library", - "extra": { - "branch-alias": { - "dev-master": "2.5-dev" - } - }, - "autoload": { - "psr-0": { - "Symfony\\Component\\Yaml\\": "" - } - }, - "notification-url": "https://packagist.org/downloads/", - "license": [ - "MIT" - ], - "authors": [ - { - "name": "Symfony Community", - "homepage": "http://symfony.com/contributors" - }, - { - "name": "Fabien Potencier", - "email": "fabien@symfony.com" - } - ], - "description": "Symfony Yaml Component", - "homepage": "http://symfony.com", - "time": "2014-08-31 03:22:04" - } - ], - "aliases": [], - "minimum-stability": "stable", - "stability-flags": [], - "prefer-stable": false, - "platform": { - "php": ">=5.4" - }, - "platform-dev": [] -} From 468e0f4a100f6a1b1ec83a2e919dcab78e899810 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 21:29:10 -0500 Subject: [PATCH 17/31] Adds PHP 5.6 to .travis.yml --- .travis.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.travis.yml b/.travis.yml index 6378eac..0593a0d 100644 --- a/.travis.yml +++ b/.travis.yml @@ -3,6 +3,7 @@ language: php php: - 5.4 - 5.5 + - 5.6 script: phpunit From cc84fbfacb16ee83e7dae395ddb010b30da24d3b Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Wed, 24 Sep 2014 21:29:25 -0500 Subject: [PATCH 18/31] Changes validateSignature to isValid --- src/QueryAuth/RequestValidator.php | 2 +- tests/QueryAuth/RequestValidatorTest.php | 16 ++++++++-------- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/QueryAuth/RequestValidator.php b/src/QueryAuth/RequestValidator.php index 5a4ee8b..2010430 100644 --- a/src/QueryAuth/RequestValidator.php +++ b/src/QueryAuth/RequestValidator.php @@ -49,7 +49,7 @@ public function __construct(SignatureInterface $signature) * @throws TimestampMissingException If timestamp is missing from request * @return boolean */ - public function validateSignature( + public function isValid( RequestInterface $request, CredentialsInterface $credentials ) diff --git a/tests/QueryAuth/RequestValidatorTest.php b/tests/QueryAuth/RequestValidatorTest.php index 93c91ea..4109210 100644 --- a/tests/QueryAuth/RequestValidatorTest.php +++ b/tests/QueryAuth/RequestValidatorTest.php @@ -47,7 +47,7 @@ protected function tearDown() $this->requestValidator = null; } - public function testValidateSignature() + public function testIsValid() { $this->request->expects($this->once()) ->method('getParams') @@ -61,14 +61,14 @@ public function testValidateSignature() ->with($this->request, $this->credentials) ->willReturn(12345); - $result = $this->requestValidator->validateSignature( + $result = $this->requestValidator->isValid( $this->request, $this->credentials ); $this->assertTrue($result); } - public function testValidateSignatureReturnsFalseForInvalidSignature() + public function testIsValidReturnsFalseForInvalidSignature() { $this->request->expects($this->once()) ->method('getParams') @@ -82,7 +82,7 @@ public function testValidateSignatureReturnsFalseForInvalidSignature() ->with($this->request, $this->credentials) ->willReturn(54321); - $result = $this->requestValidator->validateSignature( + $result = $this->requestValidator->isValid( $this->request, $this->credentials ); @@ -111,7 +111,7 @@ public function testExceedsMaximumDriftThrowsException() $this->signature->expects($this->never()) ->method('createSignature'); - $this->requestValidator->validateSignature( + $this->requestValidator->isValid( $this->request, $this->credentials ); } @@ -138,7 +138,7 @@ public function testExceedsMinimumDriftThrowsException() $this->signature->expects($this->never()) ->method('createSignature'); - $this->requestValidator->validateSignature( + $this->requestValidator->isValid( $this->request, $this->credentials ); } @@ -156,7 +156,7 @@ public function testMissingSignatureThrowsException() 'timestamp' => (int) gmdate('U'), ]); - $this->requestValidator->validateSignature( + $this->requestValidator->isValid( $this->request, $this->credentials ); } @@ -174,7 +174,7 @@ public function testMissingTimestampThrowsException() 'signature' => 12345, ]); - $this->requestValidator->validateSignature( + $this->requestValidator->isValid( $this->request, $this->credentials ); } From fb63465f31f61feeb10d1145efb91c39e2b35953 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Thu, 25 Sep 2014 05:42:09 -0500 Subject: [PATCH 19/31] Shuffles lib organization, adds interfaces --- composer.json | 1 + src/QueryAuth/Factory.php | 4 +-- .../{ => Incoming}/SlimRequestAdapter.php | 25 +++------------ .../{ => Outgoing}/GuzzleRequestAdapter.php | 7 ++-- .../Request/IncomingRequestInterface.php | 7 ++++ .../Request/OutgoingRequestInterface.php | 21 ++++++++++++ .../{ => Request}/RequestInterface.php | 17 +--------- src/QueryAuth/{ => Request}/RequestSigner.php | 7 ++-- .../{ => Request}/RequestValidator.php | 4 ++- src/QueryAuth/Signature.php | 1 + src/QueryAuth/SignatureInterface.php | 1 + tests/QueryAuth/FactoryTest.php | 4 +-- .../{ => Incoming}/SlimRequestAdapterTest.php | 14 +------- .../GuzzleRequestAdapterTest.php | 2 +- .../{ => Request}/RequestSignerTest.php | 32 ++++++++++++------- .../{ => Request}/RequestValidatorTest.php | 5 +-- tests/QueryAuth/SignatureTest.php | 2 +- 17 files changed, 78 insertions(+), 76 deletions(-) rename src/QueryAuth/Request/Adapter/{ => Incoming}/SlimRequestAdapter.php (67%) rename src/QueryAuth/Request/Adapter/{ => Outgoing}/GuzzleRequestAdapter.php (87%) create mode 100644 src/QueryAuth/Request/IncomingRequestInterface.php create mode 100644 src/QueryAuth/Request/OutgoingRequestInterface.php rename src/QueryAuth/{ => Request}/RequestInterface.php (59%) rename src/QueryAuth/{ => Request}/RequestSigner.php (94%) rename src/QueryAuth/{ => Request}/RequestValidator.php (97%) rename tests/QueryAuth/Request/Adapter/{ => Incoming}/SlimRequestAdapterTest.php (85%) rename tests/QueryAuth/Request/Adapter/{ => Outgoing}/GuzzleRequestAdapterTest.php (99%) rename tests/QueryAuth/{ => Request}/RequestSignerTest.php (78%) rename tests/QueryAuth/{ => Request}/RequestValidatorTest.php (98%) diff --git a/composer.json b/composer.json index dfa11d3..748fcfa 100644 --- a/composer.json +++ b/composer.json @@ -22,6 +22,7 @@ }, "require-dev": { "guzzle/guzzle": ">=3.7.0,<=3.9.9", + "mockery/mockery": "0.9.2", "phpunit/phpunit": "4.*", "slim/slim": "2.*" }, diff --git a/src/QueryAuth/Factory.php b/src/QueryAuth/Factory.php index bc4e559..9898305 100644 --- a/src/QueryAuth/Factory.php +++ b/src/QueryAuth/Factory.php @@ -9,8 +9,8 @@ namespace QueryAuth; -use QueryAuth\RequestSigner; -use QueryAuth\RequestValidator; +use QueryAuth\Request\RequestSigner; +use QueryAuth\Request\RequestValidator; use QueryAuth\Signature; use RandomLib\Factory as RandomFactory; diff --git a/src/QueryAuth/Request/Adapter/SlimRequestAdapter.php b/src/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapter.php similarity index 67% rename from src/QueryAuth/Request/Adapter/SlimRequestAdapter.php rename to src/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapter.php index e7966ca..631ce33 100644 --- a/src/QueryAuth/Request/Adapter/SlimRequestAdapter.php +++ b/src/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapter.php @@ -1,11 +1,12 @@ request->post(); } - - /** - * {@inheritDoc} - */ - public function addParam($key, $value) - { - // Not implemented for SlimRequest - return null; - } - - /** - * {@inheritDoc} - */ - public function replaceParams(array $params) - { - // Not implemented for SlimRequest - return null; - } } diff --git a/src/QueryAuth/Request/Adapter/GuzzleRequestAdapter.php b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php similarity index 87% rename from src/QueryAuth/Request/Adapter/GuzzleRequestAdapter.php rename to src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php index d4ca7ff..d64201b 100644 --- a/src/QueryAuth/Request/Adapter/GuzzleRequestAdapter.php +++ b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php @@ -1,11 +1,12 @@ assertInstanceOf('QueryAuth\RequestValidator', $this->factory->newRequestValidator()); + $this->assertInstanceOf('QueryAuth\Request\RequestValidator', $this->factory->newRequestValidator()); } public function testFactoryRequestSigner() { - $this->assertInstanceOf('QueryAuth\RequestSigner', $this->factory->newRequestSigner()); + $this->assertInstanceOf('QueryAuth\Request\RequestSigner', $this->factory->newRequestSigner()); } public function testGetSetRandomFactory() diff --git a/tests/QueryAuth/Request/Adapter/SlimRequestAdapterTest.php b/tests/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapterTest.php similarity index 85% rename from tests/QueryAuth/Request/Adapter/SlimRequestAdapterTest.php rename to tests/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapterTest.php index b463e99..a86ee7a 100644 --- a/tests/QueryAuth/Request/Adapter/SlimRequestAdapterTest.php +++ b/tests/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapterTest.php @@ -1,6 +1,6 @@ assertEquals($expected, $params); } - - public function testAddParam() - { - // Not implemented for SlimRequest - $this->assertNull($this->adapter->addParam('key', 'value')); - } - - public function testReplaceParams() - { - // Not implemented for SlimRequest - $this->assertNull($this->adapter->replaceParams([])); - } } diff --git a/tests/QueryAuth/Request/Adapter/GuzzleRequestAdapterTest.php b/tests/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapterTest.php similarity index 99% rename from tests/QueryAuth/Request/Adapter/GuzzleRequestAdapterTest.php rename to tests/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapterTest.php index a5b10e4..834e148 100644 --- a/tests/QueryAuth/Request/Adapter/GuzzleRequestAdapterTest.php +++ b/tests/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapterTest.php @@ -1,6 +1,6 @@ credentials = new Credentials($key, $secret); - $this->request = $this->getMockBuilder('QueryAuth\RequestInterface') - ->disableOriginalConstructor() - ->getMock(); + $this->request = m::mock( + 'QueryAuth\Request\RequestInterface', + 'QueryAuth\Request\OutgoingRequestInterface' + ); $this->signature = $this->getMockBuilder('QueryAuth\SignatureInterface') ->disableOriginalConstructor() ->getMock(); @@ -29,6 +33,7 @@ protected function setUp() protected function tearDown() { $this->requestSigner = null; + m::close(); } public function testSignRequest() @@ -45,14 +50,17 @@ public function testSignRequest() ->with($this->request, $this->credentials) ->willReturn($signature); - $this->request->expects($this->exactly(4)) - ->method('addParam') - ->withConsecutive( - ['key', $this->credentials->getKey()], - ['timestamp', $this->requestSigner->getTimestamp()], - ['cnonce', $cnonce], - ['signature', $signature] - ); + $this->request->shouldReceive('addParam') + ->withArgs(['key', $this->credentials->getKey()]); + + $this->request->shouldReceive('addParam') + ->withArgs(['timestamp', $this->requestSigner->getTimestamp()]); + + $this->request->shouldReceive('addParam') + ->withArgs(['cnonce', $cnonce]); + + $this->request->shouldReceive('addParam') + ->withArgs(['signature', $signature]); $this->requestSigner->signRequest($this->request, $this->credentials); } diff --git a/tests/QueryAuth/RequestValidatorTest.php b/tests/QueryAuth/Request/RequestValidatorTest.php similarity index 98% rename from tests/QueryAuth/RequestValidatorTest.php rename to tests/QueryAuth/Request/RequestValidatorTest.php index 4109210..ba62247 100644 --- a/tests/QueryAuth/RequestValidatorTest.php +++ b/tests/QueryAuth/Request/RequestValidatorTest.php @@ -1,8 +1,9 @@ credentials = new Credentials($key, $secret); - $this->request = $this->getMockBuilder('QueryAuth\RequestInterface') + $this->request = $this->getMockBuilder('QueryAuth\Request\RequestInterface') ->disableOriginalConstructor() ->getMock(); $this->signature = $this->getMockBuilder('QueryAuth\SignatureInterface') diff --git a/tests/QueryAuth/SignatureTest.php b/tests/QueryAuth/SignatureTest.php index b06febf..c193ba9 100644 --- a/tests/QueryAuth/SignatureTest.php +++ b/tests/QueryAuth/SignatureTest.php @@ -40,7 +40,7 @@ class SignatureTest extends \PHPUnit_Framework_TestCase protected function setUp() { - $this->request = $this->getMockBuilder('QueryAuth\RequestInterface') + $this->request = $this->getMockBuilder('QueryAuth\Request\RequestInterface') ->disableOriginalConstructor() ->getMock(); From 2188cd86eb9c9823936dbe7c6fb99222ac9d87d7 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Thu, 25 Sep 2014 06:26:45 -0500 Subject: [PATCH 20/31] Adds guzzlehttp as dev requirement --- composer.json | 1 + 1 file changed, 1 insertion(+) diff --git a/composer.json b/composer.json index 748fcfa..13b95d9 100644 --- a/composer.json +++ b/composer.json @@ -22,6 +22,7 @@ }, "require-dev": { "guzzle/guzzle": ">=3.7.0,<=3.9.9", + "guzzlehttp/guzzle": "~4", "mockery/mockery": "0.9.2", "phpunit/phpunit": "4.*", "slim/slim": "2.*" From de361c07237b5d50fa237e08af88c99ba7799eea Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Thu, 25 Sep 2014 06:27:01 -0500 Subject: [PATCH 21/31] Adds doc blocks --- .../Request/Adapter/Outgoing/GuzzleRequestAdapter.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php index d64201b..8ccbafc 100644 --- a/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php +++ b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php @@ -1,4 +1,11 @@ Date: Thu, 25 Sep 2014 06:27:08 -0500 Subject: [PATCH 22/31] Adds guzzlehttp outgoing request adapter --- .../Outgoing/GuzzleHttpRequestAdapter.php | 95 +++++++++ .../Outgoing/GuzzleHttpRequestAdapterTest.php | 182 ++++++++++++++++++ 2 files changed, 277 insertions(+) create mode 100644 src/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapter.php create mode 100644 tests/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapterTest.php diff --git a/src/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapter.php b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapter.php new file mode 100644 index 0000000..ae2b89b --- /dev/null +++ b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapter.php @@ -0,0 +1,95 @@ +request = $request; + } + + /** + * {@inheritDoc} + */ + public function getMethod() + { + return $this->request->getMethod(); + } + + /** + * {@inheritDoc} + */ + public function getHost() + { + return $this->request->getHost(); + } + + /** + * {@inheritDoc} + */ + public function getPath() + { + return $this->request->getPath(); + } + + /** + * {@inheritDoc} + */ + public function getParams() + { + if ($this->getMethod() === 'POST') { + return $this->request->getBody()->getFields(); + } + + return $this->request->getQuery()->toArray(); + } + + /** + * {@inheritDoc} + */ + public function addParam($key, $value) + { + if ($this->getMethod() == 'POST') { + $this->request->getBody()->setField($key, $value); + } else { + $this->request->getQuery()->set($key, $value); + } + } + + /** + * {@inheritDoc} + */ + public function replaceParams(array $params) + { + if ($this->getMethod() === 'POST') { + $this->request->getBody()->replaceFields($params); + } else { + $this->request->getQuery()->replace($params); + } + } +} diff --git a/tests/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapterTest.php b/tests/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapterTest.php new file mode 100644 index 0000000..7ab56f4 --- /dev/null +++ b/tests/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapterTest.php @@ -0,0 +1,182 @@ +adaptee = $this->getMockBuilder('GuzzleHttp\Message\RequestInterface') + ->getMock(); + + $this->query = $this->getMockBuilder('GuzzleHttp\Query') + ->disableOriginalConstructor() + ->getMock(); + + $this->adapter = new GuzzleHttpRequestAdapter($this->adaptee); + } + + protected function tearDown() + { + $this->adapter = null; + + parent::tearDown(); + } + + public function testGetMethod() + { + $this->adaptee->method('getMethod') + ->willReturn('GET'); + + $actual = $this->adapter->getMethod(); + + $this->assertEquals('GET', $actual); + } + + public function testGetHost() + { + $this->adaptee->method('getHost') + ->willReturn('www.example.com'); + + $actual = $this->adapter->getHost(); + + $this->assertEquals('www.example.com', $actual); + } + + public function testGetPath() + { + $this->adaptee->method('getPath') + ->willReturn('/index.php'); + + $actual = $this->adapter->getPath(); + + $this->assertEquals('/index.php', $actual); + } + + public function testGetParamsPost() + { + $expected = ['one' => 'two']; + + $postBody = $this->getMockBuilder('GuzzleHttp\Post\PostBodyInterface') + ->getMock(); + + $this->adaptee->method('getMethod') + ->willReturn('POST'); + + $this->adaptee->method('getBody') + ->willReturn($postBody); + + $postBody->method('getFields') + ->willReturn($expected); + + $params = $this->adapter->getParams(); + + $this->assertEquals($expected, $params); + } + + public function testGetParamsNotPost() + { + $expected = ['one' => 'two']; + + $this->adaptee->method('getMethod') + ->willReturn('GET'); + + $this->adaptee->method('getQuery') + ->willReturn($this->query); + + $this->query->method('toArray') + ->willReturn($expected); + + $params = $this->adapter->getParams(); + + $this->assertEquals($expected, $params); + } + + public function testReplaceParamsPost() + { + $signed = ['signature' => 'fjkdlsjfkdsljfdkls']; + + $postBody = $this->getMockBuilder('GuzzleHttp\Post\PostBodyInterface') + ->getMock(); + + $this->adaptee->expects($this->once()) + ->method('getMethod') + ->willReturn('POST'); + + $this->adaptee->expects($this->once()) + ->method('getBody') + ->willReturn($postBody); + + $postBody->expects($this->once()) + ->method('replaceFields') + ->with($signed); + + $this->adapter->replaceParams($signed); + } + + public function testReplaceParamsNotPost() + { + $signed = ['signature' => 'fjkdlsjfkdsljfdkls']; + + $this->adaptee->expects($this->once()) + ->method('getMethod') + ->willReturn('DELETE'); + + $this->adaptee->expects($this->once()) + ->method('getQuery') + ->willReturn($this->query); + + $this->query->expects($this->once()) + ->method('replace') + ->with($signed); + + $this->adapter->replaceParams($signed); + } + + public function testAddParamPost() + { + $signature = 'jfkdlsjfldjfksljdlsjdls'; + + $postBody = $this->getMockBuilder('GuzzleHttp\Post\PostBodyInterface') + ->getMock(); + + $this->adaptee->expects($this->once()) + ->method('getMethod') + ->willReturn('POST'); + + $this->adaptee->expects($this->once()) + ->method('getBody') + ->willReturn($postBody); + + $postBody->expects($this->once()) + ->method('setField') + ->with('signature', $signature); + + $this->adapter->addParam('signature', $signature); + } + + public function testAddParamNotPost() + { + $signature = 'jfkdlsjfldjfksljdlsjdls'; + + $this->adaptee->expects($this->once()) + ->method('getMethod') + ->willReturn('DELETE'); + + $this->adaptee->expects($this->once()) + ->method('getQuery') + ->willReturn($this->query); + + $this->query->expects($this->once()) + ->method('set') + ->with('signature', $signature); + + $this->adapter->addParam('signature', $signature); + } +} From 46ca2d78a8175c6804bd554b5ad66e3a6f851730 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Thu, 25 Sep 2014 07:08:34 -0500 Subject: [PATCH 23/31] Adds package suggestions related to request adapters --- composer.json | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/composer.json b/composer.json index 13b95d9..da4aebb 100644 --- a/composer.json +++ b/composer.json @@ -31,5 +31,10 @@ "psr-0": { "QueryAuth\\": "src/" } + }, + "suggest": { + "guzzle/guzzle": "To use the Guzzle v3 outgoing request adapter", + "guzzlehttp/guzzle": "To use the Guzzle v4 outgoing request adapter", + "slim/slim": "To use the Slim v2 incoming request adapter" } } From 054727448ded5369e409d7410c290e1cfbab1aa9 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Thu, 25 Sep 2014 07:47:00 -0500 Subject: [PATCH 24/31] Updates README --- README.md | 133 ++++++++++++++++++++++++++++---------------------- composer.json | 1 - 2 files changed, 76 insertions(+), 58 deletions(-) diff --git a/README.md b/README.md index d306de3..9b15f34 100644 --- a/README.md +++ b/README.md @@ -14,74 +14,95 @@ have to whip up both server-side signature validation and a client-side signature creation strategy. This library endeavors to handle both of those tasks; signature creation and signature validation. -## Philosophy +## Sample Implementation -Query Auth is intended to be -- and is written as -- a bare bones library. Many of -niceties and abstractions you'd find in a fully featured API library or SDK are -absent here. The point of the library is to provide you with the ability to -focus on writing your API in any way you see fit, without adding any additional -dependencies to the mix, while allowing you to hand off the query authentication -to this library. +A [sample implementation of the Query Auth library](https://github.com/jeremykendall/query-auth-impl) is available in order to better demonstrate how one might employ the library. +## Usage -## Sample Implementation +There are three components to this library: -I've provided a [sample implementation of the Query Auth library](https://github.com/jeremykendall/query-auth-impl) -in order to better demonstrate how one might employ the library, from both the -API consumer and API creator perspectives. +* Request signing +* Request validation +* API key and secret generation -## Usage +Request signing and validation are made possible by the use of request adapters. + +### Request Adapters + +Query Auth request adapters wrap outgoing and incoming requests and adapt them to the +request interface that Query Auth expects. + +#### Outgoing + +Outgoing request adapters are used to facilitate request signing. There are +currently two available in the `QueryAuth\Request\Adapter\Outgoing` namespace: + +* `GuzzleRequestAdapter` for use with Guzzle v3 +* `GuzzleHttpRequestAdapter` for use with Guzzle v4 + +#### Incoming + +Incoming request adapters are used to facilitate request validation. There is +currently one available in the `QueryAuth\Request\Adapter\Incoming` namespace: -There are three components to this library: Request signing for API consumers -and creators, request signature validation for API creators, and API key and -API secret generation. +* `SlimRequestAdapter` for use with Slim PHP v2 + +#### Custom + +If you would prefer to use an HTTP library other than Guzzle, or if you prefer +to use an application framework other than Slim, you will need to write your own +request adapter(s). Please refer to the existing request adapters for examples. ### Request Signing ``` php -$factory = new QueryAuth\Factory(); -$client = $factory->newClient(); +use GuzzleHttp\Client as GuzzleHttpClient; +use QueryAuth\Credentials\Credentials; +use QueryAuth\Factory; +use QueryAuth\Request\Adapter\Outgoing\GuzzleHttpRequestAdapter; -$key = 'API_KEY'; -$secret = 'API_SECRET'; -$method = 'GET'; -$host = 'api.example.com'; -$path = '/resources'; -$params = array('type' => 'vehicles'); +$factory = new Factory(); +$requestSigner = $factory->newRequestSigner(); +$credentials = new Credentials('key', 'secret'); -$signedParameters = $client->getSignedRequestParams($key, $secret, $method, $host, $path, $params); -``` +// Create a GET request and set an endpoint +$guzzle = new GuzzleHttpClient(['base_url' => 'http://api.example.com']); +$request = $guzzle->createRequest('GET', '/endpoint'); + +// Sign the request +$requestSigner->signRequest(new GuzzleHttpRequestAdapter($request), $credentials); -`Client::getSignedRequestParams()` returns an array of parameters to send via -the querystring (for `GET` requests) or the request body. The parameters are -those provided to the method (if any), plus `timestamp`, `key`, and `signature`. +// Send signed request +$response = $guzzle->send($request); +``` -### Signature Validation +### Request Validation ``` php -$factory = new QueryAuth\Factory(); -$server = $factory->newServer(); - -$secret = 'API_SECRET_FROM_PERSISTENCE_LAYER'; -$method = 'GET'; -$host = 'api.example.com'; -$path = '/resources'; -// querystring params or request body as an array, -// which includes timestamp, key, and signature params from the client's -// getSignedRequestParams method -$params = 'PARAMS_FROM_REQUEST'; - -$isValid = $server->validateSignature($secret, $method, $host, $path, $params); +use QueryAuth\Credentials\Credentials; +use QueryAuth\Factory; +use QueryAuth\Request\Adapter\Incoming\SlimRequestAdapter; + +$factory = new Factory(); +$requestValidator = $factory->newRequestValidator(); +$credentials = new Credentials('key', 'secret'); + +// Get the Slim request (in the context of a Slim route, hook, or middleware) +$request = $app->request; + +// $isValid is a boolean +$isValid = $requestValidator->isValid(new SlimRequestAdapter($request), $credentials); ``` -`Server::validateSignature()` will return either true or false. It might also +`RequestValidator::isValid()` will return either true or false. It might also throw one of three exceptions: -* `MaximumDriftExceededException`: If timestamp is too far in the future -* `MinimumDriftExceededException`: It timestamp is too far in the past +* `DriftExceededException`: It timestamp is beyond +- `RequestValidator::$drift` * `SignatureMissingException`: If signature is missing from request params +* `TimestampMissingException`: If timestamp is missing from request params Drift defaults to 15 seconds, meaning there is a 30 second window during which the -request is valid. The default value can be modified using `Server::setDrift()`. +request is valid. The default value can be modified using `RequestValidator::setDrift()`. ### Replay Attack Prevention @@ -147,18 +168,18 @@ random string generator. Package installation is handled by Composer. * If you haven't already, please [install Composer](http://getcomposer.org/doc/00-intro.md#installation-nix) -* Create `composer.json` in the root of your project: +* Create `composer.json` in the root of your project and add query-auth as a dependency: ``` json { "require": { - "jeremykendall/query-auth": "dev-develop" + "jeremykendall/query-auth": "*" } } ``` * Run `composer install` -* Require Composer's `vendor/autoload` script in your bootstrap/init script +* Require Composer's `vendor/autoload.php` script in your bootstrap/init script ## Feedback and Contributions @@ -169,14 +190,12 @@ Package installation is handled by Composer. ## Credits -* The Client, Signer, and ParameterCollection code are my own implementation of -the [Signature Version 2 -implementation](https://github.com/aws/aws-sdk-php/blob/master/src/Aws/Common/Signature/SignatureV2.php) -from the [AWS SDK for PHP -2](https://github.com/aws/aws-sdk-php/blob/master/src/Aws/Common/Signature/SignatureV2.php). -As such, a version of the Apache License Version 2.0 is included with this -distribution, and the applicable portion of the AWS SDK for PHP 2 NOTICE file -is included. +* Query Auth is my own implementation of the [Signature Version 2 + implementation](https://github.com/aws/aws-sdk-php/blob/master/src/Aws/Common/Signature/SignatureV2.php) + from the [AWS SDK for PHP 2](https://github.com/aws/aws-sdk-php/blob/master/src/Aws/Common/Signature/SignatureV2.php). + As such, a version of the Apache License Version 2.0 is included with this + distribution, and the applicable portion of the AWS SDK for PHP 2 NOTICE file + is included. * API key and API secret generation is handled by Anthony Ferrara's [RandomLib](https://github.com/ircmaxell/RandomLib) random string generator. diff --git a/composer.json b/composer.json index da4aebb..67a4525 100644 --- a/composer.json +++ b/composer.json @@ -13,7 +13,6 @@ "REST", "authentication", "query authentication", - "signature", "API" ], "require": { From d61a6d4b518e1968dc36a7df0d84b57463a2eb3d Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Sat, 4 Oct 2014 15:04:47 -0500 Subject: [PATCH 25/31] Updates license year --- LICENSE | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/LICENSE b/LICENSE index 3833562..f9e3497 100644 --- a/LICENSE +++ b/LICENSE @@ -1,6 +1,6 @@ The MIT License (MIT) -Copyright (c) 2013 Jeremy Kendall +Copyright (c) 2014 Jeremy Kendall Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in From 701bb751b026130e5134fb07e612b532b18ec6ab Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Sat, 4 Oct 2014 15:05:10 -0500 Subject: [PATCH 26/31] Minor grammar and formatting updates --- README.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/README.md b/README.md index 9b15f34..5fa9df9 100644 --- a/README.md +++ b/README.md @@ -6,17 +6,18 @@ Signature generation and validation for REST API query authentication ## API Query Authentication -Most APIs require some sort of query authentication: a method of signing API -requests with an API key and signature. The signature is usually generated +Most APIs require some sort of query authentication, frequently a method of signing API +requests with an API key and signature. The signature is usually generated using a shared secret. When you're consuming an API, there are (hopefully) easy to follow steps to create signatures. When you're writing your own API, you -have to whip up both server-side signature validation and a client-side +have to whip up both a server-side signature validation strategy and a client-side signature creation strategy. This library endeavors to handle both of those -tasks; signature creation and signature validation. +tasks for you. ## Sample Implementation -A [sample implementation of the Query Auth library](https://github.com/jeremykendall/query-auth-impl) is available in order to better demonstrate how one might employ the library. +A [sample implementation of the Query Auth library](https://github.com/jeremykendall/query-auth-impl) +is available in order to better demonstrate how one might employ the library. ## Usage From e306c386c1a85da2b4895014b8ed954debbcbdad Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Sat, 4 Oct 2014 15:07:03 -0500 Subject: [PATCH 27/31] Updates, adds, and corrects phpDocumentor doc blocks --- src/QueryAuth/Exception/QueryAuthException.php | 3 +++ src/QueryAuth/KeyGenerator.php | 2 +- .../Request/Adapter/Incoming/SlimRequestAdapter.php | 12 +++++++++++- src/QueryAuth/Request/IncomingRequestInterface.php | 12 ++++++++++++ src/QueryAuth/Request/OutgoingRequestInterface.php | 12 ++++++++++++ src/QueryAuth/Request/RequestInterface.php | 10 ++++++++++ 6 files changed, 49 insertions(+), 2 deletions(-) diff --git a/src/QueryAuth/Exception/QueryAuthException.php b/src/QueryAuth/Exception/QueryAuthException.php index d08a841..f60af3d 100644 --- a/src/QueryAuth/Exception/QueryAuthException.php +++ b/src/QueryAuth/Exception/QueryAuthException.php @@ -9,4 +9,7 @@ namespace QueryAuth\Exception; +/** + * Interface for all Query Auth Exception classes + */ interface QueryAuthException {} diff --git a/src/QueryAuth/KeyGenerator.php b/src/QueryAuth/KeyGenerator.php index 465a3af..6badd54 100644 --- a/src/QueryAuth/KeyGenerator.php +++ b/src/QueryAuth/KeyGenerator.php @@ -24,7 +24,7 @@ class KeyGenerator /** * Public constructor * - * @var Generator $generator RandomLib factory + * @param Generator $generator RandomLib generator */ public function __construct(Generator $generator) { diff --git a/src/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapter.php b/src/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapter.php index 631ce33..137f538 100644 --- a/src/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapter.php +++ b/src/QueryAuth/Request/Adapter/Incoming/SlimRequestAdapter.php @@ -1,4 +1,11 @@ Date: Sat, 4 Oct 2014 15:07:35 -0500 Subject: [PATCH 28/31] Extends more specific exception class --- src/QueryAuth/Exception/SignatureMissingException.php | 2 +- src/QueryAuth/Exception/TimestampMissingException.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/QueryAuth/Exception/SignatureMissingException.php b/src/QueryAuth/Exception/SignatureMissingException.php index 1a020a9..1a2e918 100644 --- a/src/QueryAuth/Exception/SignatureMissingException.php +++ b/src/QueryAuth/Exception/SignatureMissingException.php @@ -12,6 +12,6 @@ /** * Exception thrown when Signature is missing */ -class SignatureMissingException extends \Exception implements QueryAuthException +class SignatureMissingException extends \BadMethodCallException implements QueryAuthException { } diff --git a/src/QueryAuth/Exception/TimestampMissingException.php b/src/QueryAuth/Exception/TimestampMissingException.php index 941fbb5..d15e3c4 100644 --- a/src/QueryAuth/Exception/TimestampMissingException.php +++ b/src/QueryAuth/Exception/TimestampMissingException.php @@ -12,6 +12,6 @@ /** * Exception thrown when timestamp param is missing from request */ -class TimestampMissingException extends \Exception implements QueryAuthException +class TimestampMissingException extends \BadMethodCallException implements QueryAuthException { } From 2aaa7b1013fc5a15682e81eef090b73f0c08e574 Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Sat, 4 Oct 2014 15:07:50 -0500 Subject: [PATCH 29/31] Refactors to remove 'else'. Updates docs. --- .../Outgoing/GuzzleHttpRequestAdapter.php | 22 ++++++++++++------- .../Adapter/Outgoing/GuzzleRequestAdapter.php | 18 +++++++++------ 2 files changed, 25 insertions(+), 15 deletions(-) diff --git a/src/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapter.php b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapter.php index ae2b89b..32c5516 100644 --- a/src/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapter.php +++ b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleHttpRequestAdapter.php @@ -14,12 +14,12 @@ use QueryAuth\Request\RequestInterface; /** - * Outgoing Request Adapter for Guzzle v4 + * Outgoing request adapter for Guzzle v4 */ class GuzzleHttpRequestAdapter implements OutgoingRequestInterface, RequestInterface { /** - * @var GuzzleHttpRequestInterface + * @var GuzzleHttpRequestInterface Guzzle request interface */ protected $request; @@ -58,6 +58,8 @@ public function getPath() } /** + * Gets params + * * {@inheritDoc} */ public function getParams() @@ -70,26 +72,30 @@ public function getParams() } /** + * Adds parameter to request + * * {@inheritDoc} */ public function addParam($key, $value) { if ($this->getMethod() == 'POST') { - $this->request->getBody()->setField($key, $value); - } else { - $this->request->getQuery()->set($key, $value); + return $this->request->getBody()->setField($key, $value); } + + $this->request->getQuery()->set($key, $value); } /** + * Replaces request params + * * {@inheritDoc} */ public function replaceParams(array $params) { if ($this->getMethod() === 'POST') { - $this->request->getBody()->replaceFields($params); - } else { - $this->request->getQuery()->replace($params); + return $this->request->getBody()->replaceFields($params); } + + $this->request->getQuery()->replace($params); } } diff --git a/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php index 8ccbafc..79572c7 100644 --- a/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php +++ b/src/QueryAuth/Request/Adapter/Outgoing/GuzzleRequestAdapter.php @@ -19,7 +19,7 @@ class GuzzleRequestAdapter implements OutgoingRequestInterface, RequestInterface { /** - * @var GuzzleRequestInterface + * @var GuzzleRequestInterface Guzzle request interface */ protected $request; @@ -70,26 +70,30 @@ public function getParams() } /** + * Adds parameter to request + * * {@inheritDoc} */ public function addParam($key, $value) { if ($this->getMethod() == 'POST') { - $this->request->setPostField($key, $value); - } else { - $this->request->getQuery()->set($key, $value); + return $this->request->setPostField($key, $value); } + + $this->request->getQuery()->set($key, $value); } /** + * Replaces request params + * * {@inheritDoc} */ public function replaceParams(array $params) { if ($this->getMethod() === 'POST') { - $this->request->getPostFields()->replace($params); - } else { - $this->request->getQuery()->replace($params); + return $this->request->getPostFields()->replace($params); } + + $this->request->getQuery()->replace($params); } } From e7dd3162c13fe72e149e3c09a04c094b53d0172a Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Sat, 4 Oct 2014 15:08:20 -0500 Subject: [PATCH 30/31] Updates and fixes phpDocumentor doc blocks --- src/QueryAuth/Request/RequestSigner.php | 2 +- src/QueryAuth/Request/RequestValidator.php | 16 +++++++++++++--- src/QueryAuth/Signature.php | 8 +++++++- 3 files changed, 21 insertions(+), 5 deletions(-) diff --git a/src/QueryAuth/Request/RequestSigner.php b/src/QueryAuth/Request/RequestSigner.php index 19d08d8..a4413b7 100644 --- a/src/QueryAuth/Request/RequestSigner.php +++ b/src/QueryAuth/Request/RequestSigner.php @@ -100,7 +100,7 @@ public function getKeyGenerator() /** * Sets instance of KeyGenerator * - * @param KeyGenerator Instance of KeyGenerator + * @param KeyGenerator $keyGenerator Instance of KeyGenerator */ public function setKeyGenerator(KeyGenerator $keyGenerator) { diff --git a/src/QueryAuth/Request/RequestValidator.php b/src/QueryAuth/Request/RequestValidator.php index 78c8f0d..8f445b2 100644 --- a/src/QueryAuth/Request/RequestValidator.php +++ b/src/QueryAuth/Request/RequestValidator.php @@ -13,7 +13,6 @@ use QueryAuth\Exception\DriftExceededException; use QueryAuth\Exception\SignatureMissingException; use QueryAuth\Exception\TimestampMissingException; -use QueryAuth\Request\RequestInterface; use QueryAuth\SignatureInterface; /** @@ -68,8 +67,7 @@ public function isValid( /** * Is $timestamp greater than or less than $drift seconds? * - * @param int $now GMT server timestamp - * @param int $timestamp GMT timestamp from request + * @param array $params Request params * @return boolean */ protected function isDriftExceeded(array $params) @@ -86,6 +84,12 @@ protected function isDriftExceeded(array $params) } } + /** + * Throws exception if signature is not present in request + * + * @param array $params Request params + * @throws SignatureMissingException + */ protected function isSignaturePresent(array $params) { if (!isset($params['signature'])) { @@ -93,6 +97,12 @@ protected function isSignaturePresent(array $params) } } + /** + * Throws exception if timestamp is not present in request + * + * @param array $params Request params + * @throws TimestampMissingException + */ protected function isTimestampPresent(array $params) { if (!isset($params['timestamp'])) { diff --git a/src/QueryAuth/Signature.php b/src/QueryAuth/Signature.php index 879a537..abf7058 100644 --- a/src/QueryAuth/Signature.php +++ b/src/QueryAuth/Signature.php @@ -37,7 +37,7 @@ public function createSignature(RequestInterface $request, CredentialsInterface /** * Normalizes request parameters * - * @params array $params Request parameters + * @param array $params Request parameters * @return string Normalized, rawurlencoded parameter string */ protected function normalizeParameters(array $params) @@ -52,6 +52,12 @@ protected function normalizeParameters(array $params) return http_build_query($params, null, '&', PHP_QUERY_RFC3986); } + /** + * Ensures that path is absolute + * + * @param string $path Request path + * @return string Absolute request path + */ protected function getAbsolutePath($path) { return '/' . ltrim($path, '/'); From 137da889ce2d97a731fa0b00cc8fbb62d8db8aea Mon Sep 17 00:00:00 2001 From: jeremykendall Date: Sat, 4 Oct 2014 15:08:37 -0500 Subject: [PATCH 31/31] Adds phing and pdepend files --- build.properties | 2 + build.xml | 133 +++++++++++++++++++++++++++++++++++++++++++++++ pdepend.xml | 5 ++ 3 files changed, 140 insertions(+) create mode 100644 build.properties create mode 100644 build.xml create mode 100644 pdepend.xml diff --git a/build.properties b/build.properties new file mode 100644 index 0000000..16caf0e --- /dev/null +++ b/build.properties @@ -0,0 +1,2 @@ +project.basedir = . +passthru = true diff --git a/build.xml b/build.xml new file mode 100644 index 0000000..ed6dac5 --- /dev/null +++ b/build.xml @@ -0,0 +1,133 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/pdepend.xml b/pdepend.xml new file mode 100644 index 0000000..27ea287 --- /dev/null +++ b/pdepend.xml @@ -0,0 +1,5 @@ + +