function getOauthHeaderREST() { $json_data = new stdClass(); $consumerKey = 'php_key'; $consumerSecret = 'php_secret'; $timestamp = time(); $oauthNonce = getOauthNonce(); $signatureMethod = 'HMAC-SHA1'; $OauthVersion = '1.0'; //request Request token from the backend $requestToken = json_decode(getRequestToken()); if ($requestToken == false) { //Server not responding return 'Authorization: FAILED'; } else { $result = authorizeRequestToken($requestToken->oauth_token, $_POST["username"], $_POST["password"]); $signature_string = "oauth_consumer_key=" . $consumerKey; $signature_string .= "&oauth_nonce=" . $oauthNonce; $signature_string .= "&oauth_request_key=" . $requestToken->oauth_token; $signature_string .= "&oauth_signature_method=" . $signatureMethod; $signature_string .= "&oauth_timestamp=" . $timestamp; $signature_string .= "&oauth_version=" . $OauthVersion; $secret = $consumerSecret . "+" . $requestToken->oauth_token_secret; $oauthSignature = hash_hmac("sha1", $signature_string, $secret); $json_data->oauth_consumer_key = $consumerKey; $json_data->oauth_nonce = $oauthNonce; $json_data->oauth_signature_method = $signatureMethod; $json_data->oauth_timestamp = $timestamp; $json_data->oauth_version = $OauthVersion; $json_data->oauth_signature = $oauthSignature; $json_data->oauth_request_key = $_COOKIE['onenumberauth']['token']; $json_string = json_encode($json_data); return 'Authorization: ' . $json_string; } }
$consumer_key = $developer_key; # from config.php $oauth_callback = urlencode($callback_url); # from config.php $server = $api_host; # from config.php # Production code should pull these from https://api.familysearch.org/identity/v2/properties $requestUrl = "/identity/v2/request_token"; $authorizeUrl = "/identity/v2/authorize"; $accessUrl = "/identity/v2/access_token"; $content = NULL; /*----------------------------------------------------------------------------------- If this is the first time to this page get a request token and save secret to file ------------------------------------------------------------------------------------*/ if ($_GET["oauth_verifier"] == NULL) { $response = getRequestToken($server, $requestUrl, $oauth_callback, $consumer_key); // print_r($response); $_SESSION['oauth_token_secret'] = $response['oauth_token_secret']; $content = '<span>You need to authenticate with FamilySearch to continue.<br/><br/><a href="' . $server . $authorizeUrl . '?oauth_token=' . $response['oauth_token'] . '"><button id="authlink" >Sign In to FamilySearch</button></a></span>'; } /*----------------------------------------- Exchange oauth_verifier for access_token ------------------------------------------*/ if ($_GET["oauth_verifier"] != NULL) { $response = getAccessToken($server, $accessUrl, $consumer_key, $_GET["oauth_verifier"], $_GET["oauth_token"]); # Save the sessionId for all future FamilySearch API calls $sessionId = $response['oauth_token']; setcookie("fssessionid", $sessionId); $content = "<br />Authentication to FamilySearch successful.<br />"; $content .= "<br/><a href='index.html'><button>Continue back to your application</button></a>"; $debuginfo = "Your user info is:<br/>sessionId: " . $sessionId . "<br/>";