自动获取签名的请求令牌

Question

From my understanding of OAuth, the flow is:

1. Get unsigned request token
2. Get signed request token by getting user authorization
3. Get access token

I would like to use php curl to get the signed request token automatically. Once I have the unsigned request token, I'd like a function to go to authorization url, sign in and return the authorized request token. Basically mimicking basic authorization with username and password. Is this possible?

I understand it can't be a general solution since the curl postdata will have to be specific to the site.

Thanks

Here's some code and I hope it helps to show you what I'm trying to do.

function login($username, $password) {
    $url = 'https://www.scoop.it/oauth/authorize?' . http_build_query(array('oauth_token' => $requestToken['oauth_token'], 'oauth_callback' => $callbackurl));

    $postdata = "email=".$username."&password=".$password; 

    $ch = curl_init();
    curl_setopt ($ch, CURLOPT_URL, $url);
    curl_setopt ($ch, CURLOPT_POSTFIELDS, $postdata);   
    curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);


    $response = curl_exec($ch)
    curl_close ($ch);
}

Answer 1

Your script needs to:

1. fetch an unauthorized request token
2. redirect the user to authorization URL with the token and callback URL

You already completed step 1; fetching the access token. Now you must tell the user's browser to redirect to authorization URL.

header('HTTP/1.1 301 Moved Permanently');
header('Location: '.$AUTHORIZE_URL_WITH_TOKEN);

And remember, you have to send out all headers before the first print() or echo() that ever happens.