I am trying to learn and play around with PHP's implementation of OAuth as defined here . I am not using a library of some sort, just the pure OAuth implementation, as I am trying to learn it. However, as basic as I am trying to make it, I can not seem to get the signatures to match.
On the consumer side I have:
<?php
$consumer_key = '1234';
$consumer_secret = '1234';
$url = 'http://localhost/oauth/provider/request';
try {
$oauth = new OAuth($consumer_key, $consumer_secret);
$signature = $oauth->generateSignature('POST', $url);
$request_token = $oauth->getRequestToken($url);
var_dump($signature);
print_r($request_token);
} catch (OAuthException $E) {
var_dump($E);
}
On the provider side I have:
<?php
function call(){
return OAUTH_OK;
}
$OAuthProvider = NULL;
try{
$OAuthProvider = new OAuthProvider();
$OAuthProvider->consumerHandler('call');
$OAuthProvider->timestampNonceHandler('call');
$OAuthProvider->tokenHandler('call');
$OAuthProvider->isRequestTokenEndpoint(true);
$OAuthProvider->checkOAuthRequest();
}
catch(Exception $ex){
echo $OAuthProvider->signature;
}
Pretty simple right? Then the error message from the caught exception I get is "Signatures_do_not_match". I have checked, and indeed, the signatures do not match. Here is an example of the output:
Consumer: 8cePFQFqJbL3hY6OjZe6kw63irc=
Provider: 2SPGA0GcC7GLLR1Jte53xz_bWOY
Any ideas?
Silly me, I did not read the spec on the callback functions properly. The implementation that works is:
Consumer:
<?php
$consumer_key = '1234';
$consumer_secret = '1234';
$url = 'http://localhost/oauth/provider/request';
try {
$oauth = new OAuth($consumer_key, $consumer_secret);
$signature = $oauth->generateSignature('POST', $url);
$request_token = $oauth->getRequestToken($url);
} catch (Exception $ex) {
var_dump($ex);
}
And the provider:
<?php
$OAuthProvider = NULL;
function consumerHandler(){
return OAUTH_OK;
}
function timestampNonceHandler(){
global $OAuthProvider;
/**
* Here is supposed to be a function to check if
* the consumer secret is legit, and is then used to check if the signatures match.
*/
$OAuthProvider->consumer_secret = '1234';
return OAUTH_OK;
}
try{
$OAuthProvider = new OAuthProvider();
$OAuthProvider->consumerHandler('consumerHandler');
$OAuthProvider->timestampNonceHandler('timestampNonceHandler');
$OAuthProvider->isRequestTokenEndpoint(true);
$OAuthProvider->checkOAuthRequest();
}
catch(Exception $ex){
var_dump($ex);
}
Hope this helps someone that wants to learn about OAuth like I did.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.