<?php
include 'common.inc.php';
try {
$provider = new OAuthProvider($params);
/* the endpoint which issues a request token is special, it doesn't take an oauth_token and hence there's no call to the tokenHandler() */
$provider->isRequestTokenEndpoint(true);
/* OAuthProvider will call this callback with the $provider object as an argument, you can throw errors from that handler and set the $provider->consumer_key if all is good */
$provider->consumerHandler('lookupConsumer');
/* similar to consumerHandler, throw errors related to the timestamp/nonce in this callback */
$provider->timestampNonceHandler('timestampNonceChecker');
/* this is the meat of request authorization, the first argument is the URL of this endpoint as the outside world sees it
* the optional second argument is the HTTP method, GET, POST, etc ... the provider will try to detect this via $_SERVER["REQUEST_METHOD"] (usually reliable) when it's not set */
$provider->checkOAuthRequest("http://localhost/request_token.php", PHP_SAPI == "cli" ? OAUTH_HTTP_METHOD_GET : NULL);
} catch (OAuthException $E) {
/* when you catch OAuthException and echo OAuthProvider::reportProblem with it, you'll get the problem reporting extension described here:
* http://wiki.oauth.net/ProblemReporting for free, it also sets the most appropriate HTTP response code */
echo OAuthProvider::reportProblem($E);
}
