-
Notifications
You must be signed in to change notification settings - Fork 0
/
service.php
63 lines (35 loc) · 949 Bytes
/
service.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
<?php
// Parameters
$secret="Shh! This is secret!";
// Check for the HMAC header
$headers=getallheaders();
if(!$authorization=$headers['Authorization']) {
fail_authorization();
}
if(!check_authorization($secret, $authorization)) {
fail_authorization();
}
if(array_key_exists('resource', $_GET)) {
$resource=$_GET['resource'];
} else {
$resource="";
}
print "Called with resource=$resource";
print "Authorization: $authorization";
function check_authorization($secret, $authorization_header) {
// Disassemble the SHA
if(!preg_match('/^hmac (\d+):([^:]+):(.*)$/', $authorization_header, $matches)){
return false;
}
print("timestamp: ".$matches[1]."\n");
print("nonce: ".$matches[2]."\n");
print("digest: ".$matches[3]."\n");
exit();
return false;
}
function fail_authorization() {
header("HTTP:/1.0 401 Unauthorized");
print("You are not authorized to access this resource");
exit();
}
?>