Author: chabotc
Date: Tue Jun 3 06:27:33 2008
New Revision: 662786
URL: http://svn.apache.org/viewvc?rev=662786&view=rev
Log:
SHINDIG-328 extract key by reformatting it instead of doing a system exec..
much cleaner solution.
Modified:
incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
Modified: incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php?rev=662786&r1=662785&r2=662786&view=diff
==============================================================================
--- incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php
(original)
+++ incubator/shindig/trunk/php/src/gadgets/http/SigningFetcherFactory.php Tue
Jun 3 06:27:33 2008
@@ -57,23 +57,15 @@
if (! $rsa_private_key =
@file_get_contents($keyFile)) {
throw new Exception("Could not
read keyfile ($keyFile), check the file name and permission");
}
- // TODO: sending NULL as a second param
to openssl_pkey_get_private works?
$phrase =
Config::get('private_key_phrase') != '' ? (Config::get('private_key_phrase')) :
null;
- if (($privateKey =
@openssl_pkey_get_private($rsa_private_key, $phrase)) == false) {
- //TODO: double check if can
input keyfile -inform PEM
- if (! $in =
@tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
- throw new
Exception("Could not create temporary file");
- }
- if (! @file_put_contents($in,
base64_decode($rsa_private_key))) {
- throw new
Exception("Could not write to temporary file");
- }
- if (! $out =
@tempnam(sys_get_temp_dir(), "RSA_PRIVATE_KEY_")) {
- throw new
Exception("Could not create temporary file");
- }
- exec("openssl pkcs8 -inform DER
-outform PEM -out " . $out . " -nocrypt -in " . $in);
- if (! $rsa_private_key =
@file_get_contents($out)) {
- throw new
Exception("Could not read temporary file");
- }
+ $privateKey .= "-----BEGIN PRIVATE
KEY-----\n";
+ $chunks = str_split($rsa_private_key,
64);
+ foreach ($chunks as $chunk) {
+ $privateKey .= $chunk . "\n";
+ }
+ $privateKey .= "-----END PRIVATE
KEY-----";
+ if (! $rsa_private_key =
@openssl_pkey_get_private($privateKey, $phrase)) {
+ throw new Exception("Could not
create the key");
}
$cache->set(md5("RSA_PRIVATE_KEY_" .
$this->keyName), $rsa_private_key);
}
Modified:
incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
URL:
http://svn.apache.org/viewvc/incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php?rev=662786&r1=662785&r2=662786&view=diff
==============================================================================
---
incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
(original)
+++
incubator/shindig/trunk/php/src/gadgets/oauth/BasicGadgetOAuthTokenStore.php
Tue Jun 3 06:27:33 2008
@@ -18,92 +18,91 @@
* under the License.
*/
-class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
-
- /** default location for consumer keys and secrets */
- private $OAUTH_CONFIG = "../config/oauth.json";
- private $CONSUMER_SECRET_KEY = "consumer_secret";
- private $CONSUMER_KEY_KEY = "consumer_key";
- private $KEY_TYPE_KEY = "key_type";
-
- public function __construct($store)
- {
- parent::__construct($store);
- }
-
- public function initFromConfigFile($fetcher)
- {
+class BasicGadgetOAuthTokenStore extends GadgetOAuthTokenStore {
+
+ /** default location for consumer keys and secrets */
+ private $OAUTH_CONFIG = "../config/oauth.json";
+ private $CONSUMER_SECRET_KEY = "consumer_secret";
+ private $CONSUMER_KEY_KEY = "consumer_key";
+ private $KEY_TYPE_KEY = "key_type";
+
+ public function __construct($store)
+ {
+ parent::__construct($store);
+ }
+
+ public function initFromConfigFile($fetcher)
+ {
// Read our consumer keys and secrets from config/oauth.js
// This actually involves fetching gadget specs
- try {
- $oauthConfigStr =
file_get_contents($this->OAUTH_CONFIG);
-
+ try {
+ $oauthConfigStr =
file_get_contents($this->OAUTH_CONFIG);
+
// remove all comments because this confuses the json
parser
// note: the json parser also crashes on trailing ,'s
in records so please don't use them
- $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@',
'', $oauthConfigStr);
- $oauthConfig = json_decode($contents, true);
- foreach ($oauthConfig as $gadgetUri => $value) {
- $this->storeProviderInfos($fetcher, $gadgetUri);
- $this->storeConsumerInfos($gadgetUri, $value);
- }
- } catch (Exception $e) {
- throw new GadgetException($e);
- }
- }
-
- private function storeProviderInfos($fetcher, $gadgetUri)
- {
- $cache = Config::get('data_cache');
- $cache = new $cache();
+ $contents = preg_replace('@/\\*(?:.|[\\n\\r])*?\\*/@',
'', $oauthConfigStr);
+ $oauthConfig = json_decode($contents, true);
+ foreach ($oauthConfig as $gadgetUri => $value) {
+ $this->storeProviderInfos($fetcher, $gadgetUri);
+ $this->storeConsumerInfos($gadgetUri, $value);
+ }
+ } catch (Exception $e) {
+ throw new GadgetException($e);
+ }
+ }
+
+ private function storeProviderInfos($fetcher, $gadgetUri)
+ {
+ $cache = Config::get('data_cache');
+ $cache = new $cache();
// determine which requests we can load from cache, and which
we have to actually fetch
- if (($gadget =
$cache->get(md5('storeProviderInfos'.$gadgetUri))) === false) {
- $remoteContentRequest = new
RemoteContentRequest($gadgetUri);
- $remoteContentRequest->getRequest($gadgetUri, false);
- $response =
$fetcher->fetchRequest($remoteContentRequest);
- $context = new ProxyGadgetContext($gadgetUri);
- $spec = new GadgetSpecParser();
- $gadget = $spec->parse($response->getResponseContent(),
$context);
- $cache->set(md5('storeProviderInfos'.$gadgetUri),
$gadget);
- }
- parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
- }
-
- private function storeConsumerInfos($gadgetUri, $oauthConfig)
- {
- foreach ($oauthConfig as $key => $value) {
- $serviceName = $key;
- $consumerInfo = $value;
- $this->storeConsumerInfo($gadgetUri, $serviceName,
$consumerInfo);
- }
- }
-
- private function storeConsumerInfo($gadgetUri, $serviceName,
$consumerInfo)
- {
- $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
- $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
- $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
- $keyType = 'HMAC_SYMMETRIC';
-
- if ($keyTypeStr == "RSA_PRIVATE") {
- $keyType = 'RSA_PRIVATE';
- // check if the converted from PKCS8 key is in cache,
if not, convert it
- $cache = Config::get('data_cache');
- $cache = new $cache();
-
- if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
$serviceName))) !== false) {
- $consumerSecret = $cachedRequest;
- } else {
- $in = tempnam(sys_get_temp_dir(), "RSA_KEY");
- file_put_contents($in,
base64_decode($consumerInfo[$this->CONSUMER_SECRET_KEY]));
- $out = tempnam(sys_get_temp_dir(), "RSA_KEY");
- exec("openssl pkcs8 -inform DER -outform PEM
-out " . $out . " -nocrypt -in " . $in);
- $consumerSecret = file_get_contents($out);
- $cache->set(md5("RSA_KEY_" . $serviceName),
$consumerSecret);
- }
- }
-
- $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
$keyType);
- $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName,
$kas);
- }
-
+ if (($gadget = $cache->get(md5('storeProviderInfos' .
$gadgetUri))) === false) {
+ $remoteContentRequest = new
RemoteContentRequest($gadgetUri);
+ $remoteContentRequest->getRequest($gadgetUri, false);
+ $response =
$fetcher->fetchRequest($remoteContentRequest);
+ $context = new ProxyGadgetContext($gadgetUri);
+ $spec = new GadgetSpecParser();
+ $gadget = $spec->parse($response->getResponseContent(),
$context);
+ $cache->set(md5('storeProviderInfos' . $gadgetUri),
$gadget);
+ }
+ parent::storeServiceInfoFromGadgetSpec($gadgetUri, $gadget);
+ }
+
+ private function storeConsumerInfos($gadgetUri, $oauthConfig)
+ {
+ foreach ($oauthConfig as $key => $value) {
+ $serviceName = $key;
+ $consumerInfo = $value;
+ $this->storeConsumerInfo($gadgetUri, $serviceName,
$consumerInfo);
+ }
+ }
+
+ private function storeConsumerInfo($gadgetUri, $serviceName,
$consumerInfo)
+ {
+ $consumerSecret = $consumerInfo[$this->CONSUMER_SECRET_KEY];
+ $consumerKey = $consumerInfo[$this->CONSUMER_KEY_KEY];
+ $keyTypeStr = $consumerInfo[$this->KEY_TYPE_KEY];
+ $keyType = 'HMAC_SYMMETRIC';
+
+ if ($keyTypeStr == "RSA_PRIVATE") {
+ $keyType = 'RSA_PRIVATE';
+ $cache = Config::get('data_cache');
+ $cache = new $cache();
+ if (($cachedRequest = $cache->get(md5("RSA_KEY_" .
$serviceName))) !== false) {
+ $consumerSecret = $cachedRequest;
+ } else {
+ $consumerSecret = "-----BEGIN PRIVATE
KEY-----\n";
+ $chunks =
str_split($consumerInfo[$this->CONSUMER_SECRET_KEY], 64);
+ foreach ($chunks as $chunk) {
+ $consumerSecret .= $chunk . "\n";
+ }
+ $consumerSecret .= "-----END PRIVATE KEY-----";
+ $cache->set(md5("RSA_KEY_" . $serviceName),
$consumerSecret);
+ }
+ }
+
+ $kas = new ConsumerKeyAndSecret($consumerKey, $consumerSecret,
$keyType);
+ $this->storeConsumerKeyAndSecret($gadgetUri, $serviceName,
$kas);
+ }
+
}
