stackoom
  简体   繁体   中英

PHP OAuth Signature Mismatch

 原文  2015-02-11 14:19:16       php/ oauth

Question

I am trying to learn and play around with PHP's implementation of OAuth as defined here . I am not using a library of some sort, just the pure OAuth implementation, as I am trying to learn it. However, as basic as I am trying to make it, I can not seem to get the signatures to match.

On the consumer side I have: 

<?php
$consumer_key = '1234';
$consumer_secret = '1234';
$url = 'http://localhost/oauth/provider/request';

try {
    $oauth = new OAuth($consumer_key, $consumer_secret);
    $signature = $oauth->generateSignature('POST', $url);
    $request_token = $oauth->getRequestToken($url);
    var_dump($signature);
    print_r($request_token);
} catch (OAuthException $E) {
    var_dump($E);
}

On the provider side I have: 

<?php

function call(){
    return OAUTH_OK;
}

$OAuthProvider = NULL;

try{
    $OAuthProvider = new OAuthProvider();
    $OAuthProvider->consumerHandler('call');
    $OAuthProvider->timestampNonceHandler('call');
    $OAuthProvider->tokenHandler('call');
    $OAuthProvider->isRequestTokenEndpoint(true);
    $OAuthProvider->checkOAuthRequest();
}
catch(Exception $ex){
    echo $OAuthProvider->signature;
}

Pretty simple right? Then the error message from the caught exception I get is "Signatures_do_not_match". I have checked, and indeed, the signatures do not match. Here is an example of the output: 

Consumer: 8cePFQFqJbL3hY6OjZe6kw63irc=
Provider: 2SPGA0GcC7GLLR1Jte53xz_bWOY

Any ideas?

1 answers

solution1
 0 ACCPTED  2015-02-12 15:14:29

Silly me, I did not read the spec on the callback functions properly. The implementation that works is:

Consumer: 

<?php

$consumer_key = '1234';
$consumer_secret = '1234';
$url = 'http://localhost/oauth/provider/request';

try {
    $oauth = new OAuth($consumer_key, $consumer_secret);
    $signature = $oauth->generateSignature('POST', $url);
    $request_token = $oauth->getRequestToken($url);
} catch (Exception $ex) {
    var_dump($ex);
}

And the provider: 

<?php
$OAuthProvider = NULL;

function consumerHandler(){
    return OAUTH_OK;
}

function timestampNonceHandler(){
    global $OAuthProvider;
    /**
     * Here is supposed to be a function to check if 
     * the consumer secret is legit, and is then used to check if the signatures match.
     */
    $OAuthProvider->consumer_secret = '1234';
    return OAUTH_OK;
}

try{
    $OAuthProvider = new OAuthProvider();
    $OAuthProvider->consumerHandler('consumerHandler');
    $OAuthProvider->timestampNonceHandler('timestampNonceHandler');
    $OAuthProvider->isRequestTokenEndpoint(true);
    $OAuthProvider->checkOAuthRequest();
}
catch(Exception $ex){
    var_dump($ex);
}

Hope this helps someone that wants to learn about OAuth like I did.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question OAuth signature generating (PHP) pecl/oauth vs pecl/oauthprovider signature mismatch Generating OAuth 1 Signature in PHP PHP Oauth building the signature key? OAuth 1.0 Signature Generation with PHP PHP Oauth Invalid signature issue PHP Oauth signature_invalid Google OAuth Signature Invalid response (PHP) PHP oAuth Signature Invalid - Apple DEP PHP PECL oauth error “Unknown signature method”
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM