public function testCreateRequestFromConsumerAndToken() { $cons = new \OAuth\Consumer('key', 'kd94hf93k423kf44'); $token = new \OAuth\Token('token', 'pfkkdhi9sl3r4s00'); $request = \OAuth\Request::fromConsumerAndToken($cons, $token, 'POST', 'http://example.com'); $this->assertEquals('POST', $request->getNormalizedHttpMethod()); $this->assertEquals('http://example.com', $request->getNormalizedHttpUrl()); $this->assertEquals('1.0', $request->getParameter('oauth_version')); $this->assertEquals($cons->getKey(), $request->getParameter('oauth_consumer_key')); $this->assertEquals($token->getKey(), $request->getParameter('oauth_token')); $this->assertEquals(time(), $request->getParameter('oauth_timestamp')); $this->assertRegExp('/[0-9a-f]{32}/', $request->getParameter('oauth_nonce')); // We don't know what the nonce will be, except it'll be md5 and hence 32 hexa digits $request = \OAuth\Request::fromConsumerAndToken($cons, $token, 'POST', 'http://example.com', array('oauth_nonce' => 'foo')); $this->assertEquals('foo', $request->getParameter('oauth_nonce')); $request = \OAuth\Request::fromConsumerAndToken($cons, NULL, 'POST', 'http://example.com', array('oauth_nonce' => 'foo')); $this->assertNull($request->getParameter('oauth_token')); // Test that parameters given in the $http_url instead of in the $parameters-parameter // will still be picked up $request = \OAuth\Request::fromConsumerAndToken($cons, $token, 'POST', 'http://example.com/?foo=bar'); $this->assertEquals('http://example.com/', $request->getNormalizedHttpUrl()); $this->assertEquals('bar', $request->getParameter('foo')); }
public function testRejectAccessTokenSignedAccessTokenRequest() { // We request a new Access Token, but the request is signed with an access token, so fail! $request = \OAuth\Request::fromConsumerAndToken($this->consumer, $this->access_token, 'POST', 'http://example.com'); $request->signRequest($this->plaintext, $this->consumer, $this->access_token); $this->setExpectedException('\\OAuth\\Exception'); $token = $this->server->fetchAccessToken($request); }
} else { if ($action == "authorize") { $callback_url = "{$base_url}/client.php?key={$key}&secret={$secret}&token={$token}&token_secret={$token_secret}&endpoint=" . urlencode($endpoint); $auth_url = $endpoint . "?oauth_token={$token}&oauth_callback=" . urlencode($callback_url); if ($dump_request) { header('Content-type: text/plain'); print "auth_url: " . $auth_url; exit; } header("Location: {$auth_url}"); } else { if ($action == "access_token") { $parsed = parse_url($endpoint); $params = array(); parse_str($parsed['query'], $params); $acc_req = \OAuth\Request::fromConsumerAndToken($test_consumer, $test_token, "GET", $endpoint, $params); $acc_req->signRequest($sig_method, $test_consumer, $test_token); if ($dump_request) { header('Content-type: text/plain'); print "request url: " . $acc_req->to_url() . "\n"; print_r($acc_req); exit; } header("Location: {$acc_req}"); } } } ?> <html> <head> <title>OAuth Test Client</title>
<?php require_once "common.inc.php"; $test_consumer = new \OAuth\Consumer("key", "secret", NULL); $req_token = new \OAuth\Consumer("requestkey", "requestsecret", 1); $acc_token = new \OAuth\Consumer("accesskey", "accesssecret", 1); $sig_method = $hmac_method; $user_sig_method = @$_GET['sig_method']; if ($user_sig_method) { $sig_method = $sig_methods[$user_sig_method]; } $req_req = \OAuth\Request::fromConsumerAndToken($test_consumer, NULL, "GET", $base_url . "/request_token.php"); $req_req->signRequest($sig_method, $test_consumer, NULL); $acc_req = \OAuth\Request::fromConsumerAndToken($test_consumer, $req_token, "GET", $base_url . "/access_token.php"); $acc_req->signRequest($sig_method, $test_consumer, $req_token); $echo_req = \OAuth\Request::fromConsumerAndToken($test_consumer, $acc_token, "GET", $base_url . "/echo_api.php", array("method" => "foo%20bar", "bar" => "baz")); $echo_req->signRequest($sig_method, $test_consumer, $acc_token); ?> <html> <head> <title>OAuth Test Server</title> </head> <body> <div><a href="index.php">server</a> | <a href="client.php">client</a></div> <h1>OAuth Test Server</h1> <h2>Instructions for Use</h2> <p>This is a test server with a predefined static set of keys and tokens, you can make your requests using them to test your code (and mine ;)).</p> <h3>Your Consumer Key / Secret</h3> <ul> <li>consumer key: <code><strong>key</strong></code></li> <li>consumer secret: <code><strong>secret</strong></code></li>