Remove broken sspmod_oauth_OuthSignatureMethodRSASHA1.

This class has been broken for several years, and we are not aware of any users of it. Delete that class and any code instantiating that class.

Remove broken sspmod_oauth_OuthSignatureMethodRSASHA1.
This class has been broken for several years, and we are not aware of any users of it. Delete that class and any code instantiating that class.
b51a731d · Olav Morken · c9559407 · c9559407 · c9559407 · c9559407
Commit b51a731d authored 9 years ago by Olav Morken
--- a/modules/oauth/lib/OAuthSignatureMethodRSASHA1.php
+++ b/modules/oauth/lib/OAuthSignatureMethodRSASHA1.php
-<?php
-require_once(dirname(dirname(__FILE__)) . '/libextinc/OAuth.php');
-class sspmod_oauth_OAuthSignatureMethodRSASHA1 extends OAuthSignatureMethod_RSA_SHA1 {
-	protected $_store;
-	public function __construct() {
-		$this->_store = new sspmod_core_Storage_SQLPermanentStorage('oauth');
-	}
-	/**
-	 * Returns the secret that was registered with a Consumer<br/>
-	 * In case of RSA_SHA1, the consumer secret is initialized with the certificate containing the public key
-	 * @param $request OAuthRequest instance of the request to be handled; must contain oauth_consumer_key parameter
-	 * @return string value containing the public key that was registered with the consumer identified by 
-	 * 			consumer_key from the request 
-	 */
-	protected function fetch_public_cert(&$request) {
-		$consumer_key = @$request->get_parameter('oauth_consumer_key');
-		$oConsumer = $this->_OAuthStore->lookup_consumer($consumer_key);
-		if (! $oConsumer) {
-			return NULL;
-		}
-		return $oConsumer->secret;
-	}
-}
--- a/modules/oauth/www/accessToken.php
+++ b/modules/oauth/www/accessToken.php
-<?php
-require_once(dirname(dirname(__FILE__)) . '/libextinc/OAuth.php');
-try {
-	$store = new sspmod_oauth_OAuthStore();
-	$server = new sspmod_oauth_OAuthServer($store);
-	$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
-	$plaintext_method = new OAuthSignatureMethod_PLAINTEXT();
-	$rsa_method = new sspmod_oauth_OAuthSignatureMethodRSASHA1();
-	$server->add_signature_method($hmac_method);
-	$server->add_signature_method($plaintext_method);
-	$server->add_signature_method($rsa_method);
-	$req = OAuthRequest::from_request();
-	$requestToken = $req->get_parameter('oauth_token');
-	$verifier = $req->get_parameter("oauth_verifier"); if ($verifier === null) $verifier = '';
-	if (!$store->isAuthorized($requestToken, $verifier)) {
-		throw new Exception('Your request was not authorized. Request token [' . $requestToken . '] not found.');
-	}
-	$accessToken = $server->fetch_access_token($req);
-	$data = $store->moveAuthorizedData($requestToken, $verifier, $accessToken->key);
-	echo $accessToken;
-} catch (Exception $e) {
-	header('Content-type: text/plain; utf-8', TRUE, 500);
-	header('OAuth-Error: ' . $e->getMessage());
-}
--- a/modules/oauth/www/authorize.php
+++ b/modules/oauth/www/authorize.php
-<?php
-require_once(dirname(dirname(__FILE__)) . '/libextinc/OAuth.php');
-try {
-	$oauthconfig = SimpleSAML_Configuration::getOptionalConfig('module_oauth.php');
-	if(!array_key_exists('oauth_token', $_REQUEST)) {
-		throw new Exception('Required URL parameter [oauth_token] is missing.');
-	}
-	$requestToken = $_REQUEST['oauth_token'];
-	$store = new sspmod_oauth_OAuthStore();
-	$server = new sspmod_oauth_OAuthServer($store);
-	$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
-	$plaintext_method = new OAuthSignatureMethod_PLAINTEXT();
-	$rsa_method = new sspmod_oauth_OAuthSignatureMethodRSASHA1();
-	$server->add_signature_method($hmac_method);
-	$server->add_signature_method($plaintext_method);
-	$server->add_signature_method($rsa_method);
-	$config = SimpleSAML_Configuration::getInstance();
-	$session = SimpleSAML_Session::getSessionFromRequest();
-	$as = $oauthconfig->getString('auth');
-	if (!$session->isValid($as)) {
-		SimpleSAML_Auth_Default::initLogin($as, \SimpleSAML\Utils\HTTP::getSelfURL());
-	}
-	if (!empty($_REQUEST['consent'])) {
-		$consumer = $store->lookup_consumer_by_requestToken($requestToken);
-		$t = new SimpleSAML_XHTML_Template($config, 'oauth:consent.php');
-		$t->data['header'] = '{status:header_saml20_sp}';
-		$t->data['consumer'] = $consumer;	// array containint {name, description, key, secret, owner} keys
-		$t->data['urlAgree'] = \SimpleSAML\Utils\HTTP::addURLParameters(\SimpleSAML\Utils\HTTP::getSelfURL(), array("consent" => "yes"));
-		$t->data['logouturl'] = \SimpleSAML\Utils\HTTP::getSelfURLNoQuery() . '?logout';
-		$t->show();
-		exit();	// and be done.
-	}
-	$attributes = $session->getAuthData($as, 'Attributes');
-	// Assume user consent at this point and proceed with authorizing the token
-	list($url, $verifier) = $store->authorize($requestToken, $attributes);
-	if ($url) {
-		// If authorize() returns a URL, take user there (oauth1.0a)
-		\SimpleSAML\Utils\HTTP::redirectTrustedURL($url);
-	} 
-	else if (isset($_REQUEST['oauth_callback'])) {
-		// If callback was provided in the request (oauth1.0)
-		\SimpleSAML\Utils\HTTP::redirectUntrustedURL($_REQUEST['oauth_callback']);
-	} else {
-		// No callback provided, display standard template
-		$t = new SimpleSAML_XHTML_Template($config, 'oauth:authorized.php');
-		$t->data['header'] = '{status:header_saml20_sp}';
-		$t->data['remaining'] = $session->getAuthData($as, "Expire") - time();
-		$t->data['attributes'] = $attributes;
-		$t->data['logouturl'] = \SimpleSAML\Utils\HTTP::getSelfURLNoQuery() . '?logout';
-		$t->data['oauth_verifier'] = $verifier;
-		$t->show();
-	}
-} catch (Exception $e) {
-	header('Content-type: text/plain; utf-8', TRUE, 500);
-	header('OAuth-Error: ' . $e->getMessage());
-}
--- a/modules/oauth/www/requestToken.php
+++ b/modules/oauth/www/requestToken.php
-<?php
-require_once(dirname(dirname(__FILE__)) . '/libextinc/OAuth.php');
-try {
-	$store = new sspmod_oauth_OAuthStore();
-	$server = new sspmod_oauth_OAuthServer($store);
-	$hmac_method = new OAuthSignatureMethod_HMAC_SHA1();
-	$plaintext_method = new OAuthSignatureMethod_PLAINTEXT();
-	$rsa_method = new sspmod_oauth_OAuthSignatureMethodRSASHA1();
-	$server->add_signature_method($hmac_method);
-	$server->add_signature_method($plaintext_method);
-	$server->add_signature_method($rsa_method);
-	$req = OAuthRequest::from_request();
-	$token = $server->fetch_request_token($req, null, $req->get_version());
-	// OAuth1.0-revA adds oauth_callback_confirmed to token
-	echo $token . "&oauth_callback_confirmed=true";
-} catch (Exception $e) {
-	header('Content-type: text/plain; utf-8', TRUE, 500);
-	header('OAuth-Error: ' . $e->getMessage());
-}