Generates a cURL handle with all of the required authentication bits set.
Access
public
Returns
Type |
Description |
|---|---|
|
A cURL handle ready for executing. |
Source
Method defined in authentication/signature_v2query.class.php | Toggle source view (113 lines) | View on GitHub
public function authenticate()
{
// Determine signing values
$current_time = time();
$date = gmdate(CFUtilities::DATE_FORMAT_RFC2616, $current_time);
$timestamp = gmdate(CFUtilities::DATE_FORMAT_ISO8601, $current_time);
$query = array();
// Do we have an authentication token?
if ($this->auth_token)
{
$headers['X-Amz-Security-Token'] = $this->auth_token;
$query['SecurityToken'] = $this->auth_token;
}
// Only add it if it exists.
if ($this->api_version)
{
$query['Version'] = $this->api_version;
}
$query['Action'] = $this->operation;
$query['AWSAccessKeyId'] = $this->key;
$query['SignatureMethod'] = 'HmacSHA256';
$query['SignatureVersion'] = 2;
$query['Timestamp'] = $timestamp;
// Merge in any options that were passed in
if (is_array($this->payload))
{
$query = array_merge($query, $this->payload);
}
// Do a case-sensitive, natural order sort on the array keys.
uksort($query, 'strcmp');
// Create the string that needs to be hashed.
$canonical_query_string = $this->util->to_signable_string($query);
// Remove the default scheme from the domain.
$domain = str_replace(array('http://', 'https://'), '', $this->endpoint);
// Parse our request.
$parsed_url = parse_url('http://' . $domain);
// Set the proper host header.
if (isset($parsed_url['port']) && (integer) $parsed_url['port'] !== 80 && (integer) $parsed_url['port'] !== 443)
{
$host_header = strtolower($parsed_url['host']) . ':' . $parsed_url['port'];
}
else
{
$host_header = strtolower($parsed_url['host']);
}
// Set the proper request URI.
$request_uri = isset($parsed_url['path']) ? $parsed_url['path'] : '/';
// Prepare the string to sign
$this->string_to_sign = "POST\n$host_header\n$request_uri\n$canonical_query_string";
// Hash the AWS secret key and generate a signature for the request.
$query['Signature'] = base64_encode(hash_hmac('sha256', $this->string_to_sign, $this->secret_key, true));
// Generate the querystring from $query
$this->querystring = $this->util->to_query_string($query);
// Gather information to pass along to other classes.
$helpers = array(
'utilities' => $this->utilities_class,
'request' => $this->request_class,
'response' => $this->response_class,
);
// Compose the request.
$request_url = ($this->use_ssl ? 'https://' : 'http://') . $domain;
$request_url .= !isset($parsed_url['path']) ? '/' : '';
// Instantiate the request class
$request = new $this->request_class($request_url, $this->proxy, $helpers, $this->credentials);
$request->set_method('POST');
$request->set_body($this->querystring);
$headers['Content-Type'] = 'application/x-www-form-urlencoded; charset=utf-8';
// Pass along registered stream callbacks
if ($this->registered_streaming_read_callback)
{
$request->register_streaming_read_callback($this->registered_streaming_read_callback);
}
if ($this->registered_streaming_write_callback)
{
$request->register_streaming_write_callback($this->registered_streaming_write_callback);
}
// Sort headers
uksort($headers, 'strnatcasecmp');
// Add headers to request and compute the string to sign
foreach ($headers as $header_key => $header_value)
{
// Strip linebreaks from header values as they're illegal and can allow for security issues
$header_value = str_replace(array("\r", "\n"), '', $header_value);
// Add the header if it has a value
if ($header_value !== '')
{
$request->add_header($header_key, $header_value);
}
}
return $request;
}

