closes gentlero#5

vimishor · vimishor · commit 0a441b35038a · 2013-06-09T15:00:45.000+03:00
diff --git a/docs/authentication.md b/docs/authentication.md
@@ -27,5 +27,44 @@ $auth->setPassword('password');
 
 ----
 
-### OAuth authentication
-Soon
+### OAuth authorization
+To use OAuth, you will need to instantiate `OAuth` class from `Bitbucket\API\Authentication` namespace and pass it to `setCredentials()` method, before making first request.
+`OAuth` accepts a string or array as constructor. Those parameters are actually OAuth parameters, that have been previously signed.
+
+**NOTE:** `OAuth` class will _NOT_ sign the request. It will just build the authorization header from previously signed OAuth parameters.
+
+```php
+// use 3rd party OAuth library to sign the request and pass already signed parameters to `OAuth` class.
+
+$auth = new Bitbucket\API\Authentication\OAuth(array(
+    'oauth_version'             => '1.0',
+    'oauth_nonce'               => 'aaaaaaaaaaaaaaa',
+    'oauth_timestamp'           => '1370771799',
+    'oauth_consumer_key'        => 'xxxxxxxxxxxxxxx',
+    'oauth_signature_method'    => 'HMAC-SHA1',
+    'oauth_signature'           => 'yyyyyyyyyyyyyyy'
+));
+
+$user = new Bitbucket\API\User();
+$user->setCredentials($auth);
+```
+
+You can also send the parameters as string, instead of array:
+```php
+// use 3rd party OAuth library to sign the request and pass already signed parameters to `OAuth` class.
+
+$auth = new Bitbucket\API\Authentication\OAuth('oauth_version="1.0",oauth_nonce="aaaaaaaaaaaaaaa",oauth_timestamp="1370771799",oauth_consumer_key="xxxxxxxxxxxxxxx",oauth_signature_method="HMAC-SHA1",oauth_signature="yyyyyyyyyyyyyyy"');
+
+// rest of the code
+```
+
+**NOTES:**
+
+* `OAuth` class will prepend `Authorization: OAuth` to those parameters and will add the result to current request header.
+* When choosing an OAuth library, take into consideration the fact that [Bitbucket](https://bitbucket.org) uses OAuth 1.0a ( _3-Legged and 2-Legged_ )
+
+----
+
+#### Related:
+  * [Authentication @ BB Wiki](https://confluence.atlassian.com/display/BITBUCKET/Use+the+Bitbucket+REST+APIs#UsetheBitbucketRESTAPIs-Authentication)
+  * [OAuth on Bitbucket @ BB Wiki](https://confluence.atlassian.com/display/BITBUCKET/OAuth+on+Bitbucket)
diff --git a/lib/Bitbucket/API/Authentication/OAuth.php b/lib/Bitbucket/API/Authentication/OAuth.php
@@ -0,0 +1,107 @@
+<?php
+
+/*
+ * This file is part of the bitbucket_api package.
+ *
+ * (c) Alexandru G. <alex@gentle.ro>
+ *
+ * For the full copyright and license information, please view the LICENSE
+ * file that was distributed with this source code.
+ */
+
+namespace Bitbucket\API\Authentication;
+
+use Buzz\Message\RequestInterface;
+
+/**
+ * OAuth class
+ *
+ * Build authorization header from previously signed OAuth parameters
+ * and pass it to current request.
+ *
+ * @author  Alexandru G.    <alex@gentle.ro>
+ */
+class OAuth implements AuthenticationInterface
+{
+    /**
+     * @var string
+     */
+    protected $authHeader;
+
+    /**
+     * @param string|array $params OAuth signed parameters
+     */
+    public function __construct($params)
+    {
+        $this->setAuthHeader($params);
+    }
+
+    /**
+     * Get authorization header parameters
+     *
+     * @access public
+     * @return string
+     */
+    public function getAuthHeader()
+    {
+        return $this->authHeader;
+    }
+
+    /**
+     * Set authorization header parameters
+     *
+     * @access public
+     * @param  string|array $params OAuth signed parameters
+     * @return void
+     */
+    public function setAuthHeader($params)
+    {
+        if (is_array($params)) {
+            $this->authHeader = $this->toHeader($params);
+        } else {
+
+            if (strpos($params, 'Authorization: ') !== false) {
+                $params = str_replace('Authorization: ', '', $params);
+            }
+
+            $this->authHeader = $params;
+        }
+    }
+
+    /**
+     * Build authorization header from array
+     *
+     * @access public
+     * @param  array  $params
+     * @return string
+     */
+    protected function toHeader(array $params)
+    {
+        $out    = '';
+        $last   = end($params);
+
+        foreach ($params as $k => $v) {
+            $out .= $k.'="'.$v.'"';
+
+            if ($v != $last) {
+                $out .= ',';
+            }
+        }
+
+        return $out;
+    }
+
+    /**
+     * {@inheritdoc}
+     */
+    public function authenticate(RequestInterface $request)
+    {
+        if (strpos($this->authHeader, 'OAuth') === false) {
+            $this->authHeader = 'OAuth '.$this->authHeader;
+        }
+
+        $request->addHeader('Authorization: '.$this->authHeader);
+
+        return $request;
+    }
+}
diff --git a/test/Bitbucket/Tests/API/Authentication/OAuthTest.php b/test/Bitbucket/Tests/API/Authentication/OAuthTest.php
@@ -0,0 +1,70 @@
+<?php
+
+namespace Bitbucket\Tests\API\Authentication;
+
+use Bitbucket\Tests\API as Tests;
+use Bitbucket\API\Authentication;
+use Buzz\Message\Request;
+
+class OAuthTest extends Tests\TestCase
+{
+    public function testGetSetAuthHeader()
+    {
+        // from string
+        $auth = new Authentication\OAuth('Authorization: dummy');
+        $this->assertEquals('dummy', $auth->getAuthHeader());
+
+        // from array
+        $auth->setAuthHeader($this->getArrayParams());
+        $this->assertEquals($this->getStringParams(), $auth->getAuthHeader());
+    }
+
+    public function testAuthenticateFromArraySuccess()
+    {
+        $params     = $this->getArrayParams();
+        $auth       = new Authentication\OAuth($params);
+        $request    = new Request();
+
+        $auth->authenticate($request);
+
+        // check if header is set
+        $header = $request->getHeader('Authorization');
+        $this->assertNotEmpty($header);
+
+        // check if header was built correctly
+        $this->assertEquals('OAuth '.$this->getStringParams(), $header);
+    }
+
+    public function testAuthenticateFromStringSuccess()
+    {
+        $params     = $this->getStringParams();
+        $auth       = new Authentication\OAuth($params);
+        $request    = new Request();
+
+        $auth->authenticate($request);
+
+        // check if header is set
+        $header = $request->getHeader('Authorization');
+        $this->assertNotEmpty($header);
+
+        // check if header was built correctly
+        $this->assertEquals('OAuth '.$params, $header);
+    }
+
+    private function getArrayParams()
+    {
+        return array(
+            'oauth_version'             => '1.0',
+            'oauth_nonce'               => 'aaaaaaaaaaaaaaa',
+            'oauth_timestamp'           => '1370771799',
+            'oauth_consumer_key'        => 'xxxxxxxxxxxxxxx',
+            'oauth_signature_method'    => 'HMAC-SHA1',
+            'oauth_signature'           => 'yyyyyyyyyyyyyyy'
+        );
+    }
+
+    private function getStringParams()
+    {
+        return 'oauth_version="1.0",oauth_nonce="aaaaaaaaaaaaaaa",oauth_timestamp="1370771799",oauth_consumer_key="xxxxxxxxxxxxxxx",oauth_signature_method="HMAC-SHA1",oauth_signature="yyyyyyyyyyyyyyy"';
+    }
+}
