| » Metadata |
» Status |
|
|
|
| » Description |
HTTP_OAuth is an implementation of the current OAuth spec (http://oauth.googlecode.com/svn/spec/core/1.0a/drafts/3/oauth-core-1_0a.html). It allows a developer to use this package for both consumer and provider implementations. HTTP_OAuth depends on HTTP_Request2. I optionally can use Log and pecl_http.
The following examples should explain how this package could be used as an consumer and provider. The provider package leaves a lot up to the developer, which can be seen with the sample function names. There are also consumer examples in /examples of the package and up at http://jeffhodsdon.com/HTTP_OAuth/examples/index.php
Here is an example it's usage as a consumer:
// Logging
HTTP_OAuth::attachLog(Log::singleton('display'));
<?php
$consumer = new HTTP_OAuth_Consumer('key', 'secret');
$consumer->getRequestToken('http://example.com/oauth/request_token, $callback);
// Store tokens
$_SESSION['token'] = $consumer->getToken();
$_SESSION['token_secret'] = $consumer->getTokenSecret();
$url = $consumer->getAuthorizeUrl('http://example.com/oauth/authorize');
http_redirect($url); // function from pecl_http
// When they come back via the $callback url
$consumer = new HTTP_OAuth_Consumer('key', 'secret', $_SESSION['token'],
$_SESSION['token_secret']);
$consumer->getAccessToken('http://example.com/oauth/access_token', $_GET['oauth_verifier']);
// Store tokens
$_SESSION['token'] = $consumer->getToken();
$_SESSION['token_secret'] = $consumer->getTokenSecret();
// $response is an instance of HTTP_OAuth_Consumer_Response
$response = $consumer->sendRequest('http://example.com/oauth/protected_resource');
?>
Here is an example it's usage as a provider:
$request = new HTTP_OAuth_Provider_Request;
// Your code lookup
$consumerData = lookupByConsumerKey($request->oauth_consumer_key);
$response = new HTTP_OAuth_Provider_Response;
// Check signature from consumer secret
if (!$request->isValidSignature($consumerData['consumer_secret'])) {
$response->setStatus(HTTP_OAuth_Provider_Response::STATUS_INVALID_SIGNATURE);
$response->send();
die(0);
}
// Return request_token
$response->oauth_token = assignRequestToken($consumerData);
$response->oauth_token_secret = assignRequestTokenSecret($consumerData);
$response->send();
// User is redirected to a page on your site to authorize that request_token
// When they request an access token
$request = new HTTP_OAuth_Provider_Request;
// Your code lookup
$consumerData = lookupByConsumerKey($request->oauth_consumer_key);
$response = new HTTP_OAuth_Provider_Response;
// Check signature from consumer secret
if (!$request->isValidSignature($consumerData['consumer_secret']), $consumer['token_secret']) {
$response->setStatus(HTTP_OAuth_Provider_Response::STATUS_INVALID_SIGNATURE);
$response->send();
die(0);
}
if (!isAuthorizedRequestToken($consumerData)) {
$response->setStatus(HTTP_OAuth_Provider_Response::STATUS_INVALID_TOKEN);
$response->send();
die(0);
}
$response->oauth_token = assignAccessToken($consumerData);
$response->oauth_token_secret = assignAccessTokenSecret($consumerData);
$response->send();
// When receiving oauth request check the signature
$request = new HTTP_OAuth_Provider_Request;
// Your code lookup
$consumerData = lookupByConsumerKey($request->oauth_consumer_key);
$response = new HTTP_OAuth_Provider_Response;
// Check signature from consumer secret
if (!$request->isValidSignature($consumerData['consumer_secret']), $consumer['token_secret']) {
$response->setStatus(HTTP_OAuth_Provider_Response::STATUS_INVALID_SIGNATURE);
$response->send();
die(0);
}
|
| » Dependencies |
» Links |
|
|
|
| » Timeline |
» Changelog |
-
First Draft: 2009-07-28
- Proposal: 2009-07-29
- Call for Votes: 2009-08-20
|
Jeff Hodsdon
[2009-07-29 01:56 UTC] Switched example URLJeff Hodsdon
[2009-08-03 23:55 UTC] Corrected typo calling HTTP_OAuth_Consumer::getAuthorizeUrl()Jeff Hodsdon
[2009-08-20 19:08 UTC] I removed the pecl_http dependency and add support for attaching PEAR Log classes to help debug.Jeff Hodsdon
[2009-08-20 19:33 UTC] Fixed typo in example
|
