AC-1344: Update Integrations

Author: ogorkun

app/code/Magento/Integration/Test/Unit/Oauth/OauthTest.php

@@ -187,7 +187,7 @@ protected function _getRequestTokenParams($amendments = [])
             ),
             'oauth_nonce' => '',
             'oauth_timestamp' => time(),
-            'oauth_signature_method' => OauthInterface::SIGNATURE_SHA1,
+            'oauth_signature_method' => OauthInterface::SIGNATURE_SHA256,
             'oauth_signature' => 'invalid_signature',
         ];
 
@@ -871,7 +871,7 @@ protected function _getAccessTokenRequiredParams($amendments = [])
                 Oauth::LENGTH_CONSUMER_KEY
             ),
             'oauth_signature' => '',
-            'oauth_signature_method' => OauthInterface::SIGNATURE_SHA1,
+            'oauth_signature_method' => OauthInterface::SIGNATURE_SHA256,
             'oauth_nonce' => '',
             'oauth_timestamp' => (string)time(),
             'oauth_token' => $this->_generateRandomString(Oauth::LENGTH_TOKEN),

lib/internal/Magento/Framework/Oauth/Oauth.php

@@ -56,11 +56,11 @@ public function __construct(
     /**
      * Retrieve array of supported signature methods.
      *
-     * @return string[] - Supported HMAC-SHA1 and HMAC-SHA256 signature methods.
+     * @return string[]
      */
     public static function getSupportedSignatureMethods()
     {
-        return [self::SIGNATURE_SHA1, self::SIGNATURE_SHA256];
+        return [self::SIGNATURE_SHA256];
     }
 
     /**
@@ -141,7 +141,7 @@ public function validateAccessToken($accessToken)
     public function buildAuthorizationHeader(
         $params,
         $requestUrl,
-        $signatureMethod = self::SIGNATURE_SHA1,
+        $signatureMethod = self::SIGNATURE_SHA256,
         $httpMethod = 'POST'
     ) {
         $required = ["oauth_consumer_key", "oauth_consumer_secret", "oauth_token", "oauth_token_secret"];

lib/internal/Magento/Framework/Oauth/OauthInterface.php

@@ -59,6 +59,10 @@ interface OauthInterface
     /**#@+
      * Signature Methods
      */
+    /**
+     * @deprecated SHA1 is deprecated
+     * @see SIGNATURE_SHA256
+     */
     const SIGNATURE_SHA1 = 'HMAC-SHA1';
 
     const SIGNATURE_SHA256 = 'HMAC-SHA256';
@@ -167,20 +171,15 @@ public function validateAccessToken($accessToken);
      *   );
      * </pre>
      * @param string $requestUrl e.g 'http://www.example.com/endpoint'
-     * @param string $signatureMethod (default: 'HMAC-SHA1')
+     * @param string $signatureMethod (default: 'HMAC-SHA256')
      * @param string $httpMethod (default: 'POST')
      * @return string
-     * <pre>
-     * OAuth oauth_version="1.0", oauth_signature_method="HMAC-SHA1", oauth_nonce="5X1aWR2qzf2uFm1",
-     * oauth_timestamp="1381930661", oauth_consumer_key="34edf957ef88492f0a32eb7e1731e85d",
-     * oauth_token="7c0709f789e1f38a17aa4b9a28e1b06c", oauth_signature="agVxK0epXOOeQK4%2Bc7UAqUXoAok%3D"
-     * <pre>
      * @throws \Magento\Framework\Oauth\Exception
      */
     public function buildAuthorizationHeader(
         $params,
         $requestUrl,
-        $signatureMethod = self::SIGNATURE_SHA1,
+        $signatureMethod = self::SIGNATURE_SHA256,
         $httpMethod = 'POST'
     );
 }