sylvainraye/Authentication.php

## Authentication.php
<?php
/**
 * Diglin GmbH - Switzerland
 *
 * User: sylvainraye
 * Date: 22.03.14
 * Time: 17:11
 *
 * @category    orocrm
 * @package     Diglin_Oro
 * @copyright   Copyright (c) 2011-2014 Diglin (http://www.diglin.com)
 */

namespace Diglin\Oro\Wsse;

class Authentication
{
    protected $_username;

    protected $_apiKey;

    /**
     * @param $username
     * @param $apiUserKey
     */
    public function __construct ($username, $apiUserKey)
    {
        $this->_username = $username;
        $this->_apiKey = $apiUserKey;
    }

    /**
     * @param $raw
     * @param $salt
     * @return string
     */
    private function _encodePassword($raw, $salt)
    {
        $salted = $this->_mergePasswordAndSalt($raw, $salt);
        $digest = hash('sha1', $salted, true);

        return base64_encode($digest);
    }

    /**
     * @param string $password
     * @param string $salt
     * @return string
     * @throws \InvalidArgumentException
     */
    private function _mergePasswordAndSalt($password, $salt)
    {
        if (empty($salt)) {
            return $password;
        }

        if (false !== strrpos($salt, '{') || false !== strrpos($salt, '}')) {
            throw new \InvalidArgumentException('Cannot use { or } in salt.');
        }

        return $password.'{'.$salt.'}';
    }

    /**
     * @return array
     */
    public function getHeaders ()
    {
        $prefix = gethostname();
        $created = date('c');
        $nonce  = base64_encode(substr(md5(uniqid($prefix . '_', true), true), 0, 16));
        $salt = ''; // do not use real salt here, because API key already encrypted enough

        $passwordDigest = $this->_encodePassword(sprintf(
            '%s%s%s',
            base64_decode($nonce),
            $created,
            $this->_apiKey
            ),
            $salt
        );

        $wsseProfile = sprintf(
            'X-WSSE: UsernameToken Username="%s", PasswordDigest="%s", Nonce="%s", Created="%s"',
            $this->_username,
            $passwordDigest,
            $nonce,
            $created
        );

        return array(
            'Authorization: WSSE profile="UsernameToken"',
            $wsseProfile
        );
    }
}
	<?php
	/**
	* Diglin GmbH - Switzerland
	*
	* User: sylvainraye
	* Date: 22.03.14
	* Time: 17:11
	*
	* @category orocrm
	* @package Diglin_Oro
	* @copyright Copyright (c) 2011-2014 Diglin (http://www.diglin.com)
	*/

	namespace Diglin\Oro\Wsse;

	class Authentication
	{
	protected $_username;

	protected $_apiKey;

	/**
	* @param $username
	* @param $apiUserKey
	*/
	public function __construct ($username, $apiUserKey)
	{
	$this->_username = $username;
	$this->_apiKey = $apiUserKey;
	}

	/**
	* @param $raw
	* @param $salt
	* @return string
	*/
	private function _encodePassword($raw, $salt)
	{
	$salted = $this->_mergePasswordAndSalt($raw, $salt);
	$digest = hash('sha1', $salted, true);

	return base64_encode($digest);
	}

	/**
	* @param string $password
	* @param string $salt
	* @return string
	* @throws \InvalidArgumentException
	*/
	private function _mergePasswordAndSalt($password, $salt)
	{
	if (empty($salt)) {
	return $password;
	}

	if (false !== strrpos($salt, '{') \|\| false !== strrpos($salt, '}')) {
	throw new \InvalidArgumentException('Cannot use { or } in salt.');
	}

	return $password.'{'.$salt.'}';
	}

	/**
	* @return array
	*/
	public function getHeaders ()
	{
	$prefix = gethostname();
	$created = date('c');
	$nonce = base64_encode(substr(md5(uniqid($prefix . '_', true), true), 0, 16));
	$salt = ''; // do not use real salt here, because API key already encrypted enough

	$passwordDigest = $this->_encodePassword(sprintf(
	'%s%s%s',
	base64_decode($nonce),
	$created,
	$this->_apiKey
	),
	$salt
	);

	$wsseProfile = sprintf(
	'X-WSSE: UsernameToken Username="%s", PasswordDigest="%s", Nonce="%s", Created="%s"',
	$this->_username,
	$passwordDigest,
	$nonce,
	$created
	);

	return array(
	'Authorization: WSSE profile="UsernameToken"',
	$wsseProfile
	);
	}
	}