PHP :: Request #59825 :: Support for OAUTH_SIG_METHOD

Support for OAUTH_SIG_METHOD_RSASHA1 in provider?

Submitted:

2011-06-21 16:50 UTC

Modified:

2011-07-12 05:18 UTC

Votes:	1
Avg. Score:	5.0 ± 0.0
Reproduced:	1 of 1 (100.0%)
Same Version:	1 (100.0%)
Same OS:	1 (100.0%)

From:

fkooman at tuxed dot net

Assigned:

Status:

Open

Package:

oauth (PECL)

PHP Version:

5.3.6

OS:

Linux

Private report:

CVE-ID:

None

View Add Comment Developer Edit

Welcome! If you don't have a Git account, you can't do anything here.
You can add a comment by following this link or if you reported this bug, you can edit this bug over here.

php.net Username: php.net Password:

	Block user comment
Status:		Assign to:
Package:
Bug Type:
Summary:
From:	fkooman at tuxed dot net
New email:
PHP Version:		OS:

New/Additional Comment:

[2011-06-21 16:50 UTC] fkooman at tuxed dot net

Description:
------------
As far as I know it is not possible to use OAUTH_SIG_METHOD_RSASHA1 in the provider.

This is needed in the case of iGoogle where gadgets.io.AuthorizationType.SIGNED is set when a request is made. The request is signed with Google's private RSA key. 

I guess it would be needed to have some way to assign a certificate instead of just a secret with ($provider->consumer_secret), but instead now a $provider->consumer_public_key) or something.

Am I missing something, is this already possible? It seems the OAuth consumer in PECL OAuth can do RSA requests...

Patches

Add a Patch

Pull Requests

Add a Pull Request

History

AllCommentsChangesGit/SVN commitsRelated reports

[2011-07-12 05:18 UTC] fkooman at tuxed dot net

Would it be as "easy" as looking at $provider->signature_method and comparing it with RSA-SHA1. If it matches, interpret the $provider->consumer_secret as a public key certificate?

That would then require validating (instead of signing and comparing values with HMAC-SHA1) I guess...

What would be the best approach to fix this? I was looking into the code, but not sure where to start...

	php.net \| support \| documentation \| report a bug \| advanced search \| search howto \| statistics \| random bug \| login
go to bug id or search bugs for


Copyright © 2001-2024 The PHP Group All rights reserved.	Last updated: Fri Apr 19 13:01:30 2024 UTC