PHP OAuth Request Examples

Example #1

File: client.php Project: nicokaiser/php-oauth

} else {
    if ($action == "authorize") {
        $callback_url = "{$base_url}/client.php?key={$key}&secret={$secret}&token={$token}&token_secret={$token_secret}&endpoint=" . urlencode($endpoint);
        $auth_url = $endpoint . "?oauth_token={$token}&oauth_callback=" . urlencode($callback_url);
        if ($dump_request) {
            header('Content-type: text/plain');
            print "auth_url: " . $auth_url;
            exit;
        }
        header("Location: {$auth_url}");
    } else {
        if ($action == "access_token") {
            $parsed = parse_url($endpoint);
            $params = array();
            parse_str($parsed['query'], $params);
            $acc_req = \OAuth\Request::fromConsumerAndToken($test_consumer, $test_token, "GET", $endpoint, $params);
            $acc_req->signRequest($sig_method, $test_consumer, $test_token);
            if ($dump_request) {
                header('Content-type: text/plain');
                print "request url: " . $acc_req->to_url() . "\n";
                print_r($acc_req);
                exit;
            }
            header("Location: {$acc_req}");
        }
    }
}
?>
<html>
<head>
<title>OAuth Test Client</title>

Example #2

File: RequestTest.php Project: nicokaiser/php-oauth

 public function testSign()
 {
     $params = 'file=vacation.jpg&size=original&oauth_version=1.0&oauth_consumer_key=dpf43f3p2l4k3l03';
     $params .= '&oauth_token=nnch734d00sl2jdk&oauth_timestamp=1191242096&oauth_nonce=kllo9940pd9333jh';
     $params .= '&oauth_signature=__ignored__&oauth_signature_method=HMAC-SHA1';
     \OAuth\Tests\TestUtils::buildRequest('GET', 'http://photos.example.net/photos?' . $params);
     $r = \OAuth\Request::fromRequest();
     $cons = new \OAuth\Consumer('key', 'kd94hf93k423kf44');
     $token = new \OAuth\Token('token', 'pfkkdhi9sl3r4s00');
     $hmac = new \OAuth\SignatureMethod\HmacSha1();
     $plaintext = new \OAuth\SignatureMethod\Plaintext();
     // We need to test both what the parameter is, and how the serialized request is..
     $r->signRequest($hmac, $cons, $token);
     $this->assertEquals('HMAC-SHA1', $r->getParameter('oauth_signature_method'));
     $this->assertEquals('tR3+Ty81lMeYAr/Fid0kMTYa/WM=', $r->getParameter('oauth_signature'));
     $expectedPostdata = 'file=vacation.jpg&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_nonce=kllo9940pd9333jh&' . 'oauth_signature=tR3%2BTy81lMeYAr%2FFid0kMTYa%2FWM%3D&oauth_signature_method=HMAC-SHA1&' . 'oauth_timestamp=1191242096&oauth_token=nnch734d00sl2jdk&oauth_version=1.0&size=original';
     $this->assertEquals($expectedPostdata, $r->toPostdata());
     $r->signRequest($plaintext, $cons, $token);
     $this->assertEquals('PLAINTEXT', $r->getParameter('oauth_signature_method'));
     $this->assertEquals('kd94hf93k423kf44&pfkkdhi9sl3r4s00', $r->getParameter('oauth_signature'));
     $expectedPostdata = 'file=vacation.jpg&oauth_consumer_key=dpf43f3p2l4k3l03&oauth_nonce=kllo9940pd9333jh&' . 'oauth_signature=kd94hf93k423kf44%26pfkkdhi9sl3r4s00&oauth_signature_method=PLAINTEXT&' . 'oauth_timestamp=1191242096&oauth_token=nnch734d00sl2jdk&oauth_version=1.0&size=original';
     $this->assertEquals($expectedPostdata, $r->toPostdata());
 }

Example #3

File: ServerTest.php Project: nicokaiser/php-oauth

 public function testRejectAccessTokenSignedAccessTokenRequest()
 {
     // We request a new Access Token, but the request is signed with an access token, so fail!
     $request = \OAuth\Request::fromConsumerAndToken($this->consumer, $this->access_token, 'POST', 'http://example.com');
     $request->signRequest($this->plaintext, $this->consumer, $this->access_token);
     $this->setExpectedException('\\OAuth\\Exception');
     $token = $this->server->fetchAccessToken($request);
 }

Example #4

File: echo_api.php Project: nicokaiser/php-oauth

<?php

require_once "common.inc.php";
try {
    $req = \OAuth\Request::fromRequest();
    list($consumer, $token) = $test_server->verifyRequest($req);
    // lsit back the non-OAuth params
    $total = array();
    foreach ($req->getParameters() as $k => $v) {
        if (substr($k, 0, 5) == "oauth") {
            continue;
        }
        $total[] = urlencode($k) . "=" . urlencode($v);
    }
    print implode("&", $total);
} catch (\OAuth\Exception $e) {
    print $e->getMessage() . "\n<hr />\n";
    print_r($req);
    die;
}

Example #5

File: Server.php Project: nicokaiser/php-oauth

 /**
  * All-in-one function to check the signature on a request
  * should guess the signature method appropriately
  *
  * @param \OAuth\Request $request
  * @param \OAuth\Consumer $consumer
  * @param \OAuth\Token $token
  * @throws \OAuth\Exception
  */
 private function checkSignature($request, $consumer, $token)
 {
     // this should probably be in a different method
     $timestamp = $request instanceof Request ? $request->getParameter('oauth_timestamp') : null;
     $nonce = $request instanceof Request ? $request->getParameter('oauth_nonce') : null;
     $this->checkTimestamp($timestamp);
     $this->checkNonce($consumer, $token, $nonce, $timestamp);
     $signatureMethod = $this->getSignatureMethod($request);
     $signature = $request->getParameter('oauth_signature');
     $validSig = $signatureMethod->checkSignature($request, $consumer, $token, $signature);
     if (!$validSig) {
         throw new Exception('Invalid signature');
     }
 }

Example #6

File: client.php Project: huglester/fuel-simplegeo

 private function SendRequest($method = 'GET', $endpoint, $data = array())
 {
     /*
     		$this->Revert(self::BASE_URL . $endpoint);
     		$this->SetMethod($method);
     		if (is_array($data)) $this->AddVars($data);
     		else if (is_string($data)) $this->SetBody($data);
     		$this->IncludeAuthHeader();
     		return $this->Get();
     */
     // Convert the signature name into an object
     $this->signature = \OAuth\Signature::factory('HMAC-SHA1');
     $request = \OAuth\Request::factory('resource', $method, static::BASE_URL . $endpoint, array_merge(array('oauth_consumer_key' => $this->token, 'oauth_consumer_secret' => $this->secret, 'oauth_token' => '', 'oauth_secret' => '')));
     // Sign the request using the consumer and token
     $request->sign($this->signature, $this->consumer);
     return json_decode($request->execute());
 }

Example #7

File: index.php Project: nicokaiser/php-oauth

<?php

require_once "common.inc.php";
$test_consumer = new \OAuth\Consumer("key", "secret", NULL);
$req_token = new \OAuth\Consumer("requestkey", "requestsecret", 1);
$acc_token = new \OAuth\Consumer("accesskey", "accesssecret", 1);
$sig_method = $hmac_method;
$user_sig_method = @$_GET['sig_method'];
if ($user_sig_method) {
    $sig_method = $sig_methods[$user_sig_method];
}
$req_req = \OAuth\Request::fromConsumerAndToken($test_consumer, NULL, "GET", $base_url . "/request_token.php");
$req_req->signRequest($sig_method, $test_consumer, NULL);
$acc_req = \OAuth\Request::fromConsumerAndToken($test_consumer, $req_token, "GET", $base_url . "/access_token.php");
$acc_req->signRequest($sig_method, $test_consumer, $req_token);
$echo_req = \OAuth\Request::fromConsumerAndToken($test_consumer, $acc_token, "GET", $base_url . "/echo_api.php", array("method" => "foo%20bar", "bar" => "baz"));
$echo_req->signRequest($sig_method, $test_consumer, $acc_token);
?>
<html>
<head>
<title>OAuth Test Server</title>
</head>
<body>
<div><a href="index.php">server</a> | <a href="client.php">client</a></div>
<h1>OAuth Test Server</h1>
<h2>Instructions for Use</h2>
<p>This is a test server with a predefined static set of keys and tokens, you can make your requests using them to test your code (and mine ;)).</p>
<h3>Your Consumer Key / Secret</h3>
<ul>
<li>consumer key: <code><strong>key</strong></code></li>
<li>consumer secret: <code><strong>secret</strong></code></li>