/** * Refresh an access token using an expired request token * @param string $consumer_key obtained when you registered your app * @param string $consumer_secret obtained when you registered your app * @param string $old_access_token obtained previously * @param string $old_token_secret obtained previously * @param string $oauth_session_handle obtained previously * @param bool $usePost use HTTP POST instead of GET (default false) * @param bool $useHmacSha1Sig use HMAC-SHA1 signature (default false) * @return response string with token or empty array on error */ function refresh_access_token($consumer_key, $consumer_secret, $old_access_token, $old_token_secret, $oauth_session_handle, $usePost = false, $useHmacSha1Sig = true, $passOAuthInHeader = true) { $retarr = array(); // return value $response = array(); $url = 'https://api.login.yahoo.com/oauth/v2/get_token'; $params['oauth_version'] = '1.0'; $params['oauth_nonce'] = mt_rand(); $params['oauth_timestamp'] = time(); $params['oauth_consumer_key'] = $consumer_key; $params['oauth_token'] = $old_access_token; $params['oauth_session_handle'] = $oauth_session_handle; // compute signature and add it to the params list if ($useHmacSha1Sig) { $params['oauth_signature_method'] = 'HMAC-SHA1'; $params['oauth_signature'] = oauth_compute_hmac_sig($usePost ? 'POST' : 'GET', $url, $params, $consumer_secret, $old_token_secret); } else { $params['oauth_signature_method'] = 'PLAINTEXT'; $params['oauth_signature'] = oauth_compute_plaintext_sig($consumer_secret, $old_token_secret); } // Pass OAuth credentials in a separate header or in the query string if ($passOAuthInHeader) { $query_parameter_string = oauth_http_build_query($params, true); $header = build_oauth_header($params, "yahooapis.com"); $headers[] = $header; } else { $query_parameter_string = oauth_http_build_query($params); } // POST or GET the request if ($usePost) { $request_url = $url; logit("refacctok:INFO:request_url:{$request_url}"); logit("refacctok:INFO:post_body:{$query_parameter_string}"); $headers[] = 'Content-Type: application/x-www-form-urlencoded'; $response = do_post($request_url, $query_parameter_string, 443, $headers); } else { $request_url = $url . ($query_parameter_string ? '?' . $query_parameter_string : ''); logit("refacctok:INFO:request_url:{$request_url}"); $response = do_get($request_url, 443, $headers); } // extract successful response if (!empty($response)) { list($info, $header, $body) = $response; $body_parsed = oauth_parse_str($body); if (!empty($body_parsed)) { logit("getacctok:INFO:response_body_parsed:"); print_r($body_parsed); } $retarr = $response; $retarr[] = $body_parsed; } return $retarr; }
function get_request_token($callback = 'oob', $usePost = false, $useHmacSha1Sig = true, $passOAuthInHeader = false) { $retarr = array(); // return value $response = array(); $params['oauth_version'] = '1.0'; $params['oauth_nonce'] = mt_rand(); $params['oauth_timestamp'] = time(); $params['oauth_consumer_key'] = $this->consumer_key; $params['oauth_callback'] = $callback; $headers = array(); // compute signature and add it to the params list if ($useHmacSha1Sig) { $params['oauth_signature_method'] = 'HMAC-SHA1'; $params['oauth_signature'] = oauth_compute_hmac_sig($usePost ? 'POST' : 'GET', $this->reqUrl, $params, $this->consumer_secret, null); } else { $params['oauth_signature_method'] = 'PLAINTEXT'; $params['oauth_signature'] = oauth_compute_plaintext_sig($this->consumer_secret, null); } // Pass OAuth credentials in a separate header or in the query string if ($passOAuthInHeader) { $query_parameter_string = oauth_http_build_query($params, true); $header = build_oauth_header($params, "Twitter API"); $headers[] = $header; } else { $query_parameter_string = oauth_http_build_query($params); } // POST or GET the request if ($usePost) { $request_url = $this->reqUrl; logit("getreqtok:INFO:request_url:{$request_url}"); logit("getreqtok:INFO:post_body:{$query_parameter_string}"); $headers[] = 'Content-Type: application/x-www-form-urlencoded'; $response = do_post($request_url, $query_parameter_string, 80, $headers); } else { $request_url = $this->reqUrl . ($query_parameter_string ? '?' . $query_parameter_string : ''); logit("getreqtok:INFO:request_url:{$request_url}"); $response = do_get($request_url, 80, $headers); } // extract successful response if (!empty($response)) { list($info, $header, $body) = $response; $body_parsed = oauth_parse_str($body); if (!empty($body_parsed)) { logit("getreqtok:INFO:response_body_parsed:"); } $retarr = $response; $retarr[] = $body_parsed; } return $retarr; }
public function accessToken($oauth_verifier = '') { $params['oauth_verifier'] = $oauth_verifier; $tokens = $this->apiCall('http://api.twitter.com/oauth/access_token', $params); if ($tokens != FALSE) { $tokens = oauth_parse_str($tokens); // Store these. $this->oauth_token = $tokens['oauth_token']; $this->oauth_token_secret = $tokens['oauth_token_secret']; $this->screen_name = $tokens['screen_name']; return $tokens; } return FALSE; }
/** * Returns the normalized signature base string of this request * @param string $http_method * @param string $url * @param array $params * The base string is defined as the method, the url and the * parameters (normalized), each urlencoded and the concated with &. * @see http://oauth.net/core/1.0/#rfc.section.A.5.1 */ function signature_base_string($http_method, $url, $params) { // Decompose and pull query params out of the url $query_str = parse_url($url, PHP_URL_QUERY); if ($query_str) { $parsed_query = oauth_parse_str($query_str); // merge params from the url with params array from caller $params = array_merge($params, $parsed_query); } // Remove oauth_signature from params array if present if (isset($params['oauth_signature'])) { unset($params['oauth_signature']); } // Create the signature base string. Yes, the $params are double encoded. $base_string = rfc3986_encode(strtoupper($http_method)) . '&' . rfc3986_encode(normalize_url($url)) . '&' . rfc3986_encode(oauth_http_build_query($params)); logit("signature_base_string:INFO:normalized_base_string:{$base_string}"); return $base_string; }