Additional security has been added by removing the private token from the actual request. To use the new authentication scheme, supply the following parameters:
- nonce: http://en.wikipedia.org/wiki/Cryptographic_nonce
- timestamp: the unix timestamp when the message was created
- access_token: the public access token matching the private token used to create the signature
- signature: a sha1 hash of the request parameters (excluding the signature) ordered as per http://oauth.net/core/1.0/#rfc.section.9.1.1, concatenated with the private key (in pseudo code:
signature = sha1(order_params(params) + private_key)))
TODO: - [x] make private key private by excluding it from the actual request - [ ] add nonce to the database to prevent replay attacks - [ ] add timestamp timeout - [ ] add two-tiered security scheme (i.e. unique public & private tokens per API client)
Thanks for the proposal! Sorry about no feedback earlier. - In the function you can use uksort() instead of sorting then array manip. - put the other code in a new private method - See also coding standard guide: http://piwik.org/participate/coding-standards/ - Maybe post a working example of a code that uses this auth method instead of token_auth, - and that shows to user (and us) how this feature solves a very nice problem (ie. token_auth kept secret)
It would be great to support OAuth like security, so I look forward to next update.
Ping us to reopen PR, or we will reopen if you commit again, cheers!