stackoom
  简体   繁体   中英

How to read the OAuth request parameters with PHP?

 原文  2011-07-05 11:57:06       php/ oauth/ header

Question

I'm trying to connect an iPhone app to a PHP API using 2-legged OAuth as the Authentication mechanism. I'm using the PHP and Objective-C 2.0 libraries from http://code.google.com/p/oauth/ . The problem is that when I'm trying to issue a GET request with Objective-C, it doesn't include the OAuth parameters in the request URI, like the PHP library does when issuing an OAuth GET request:

http://www.mysite.com/oauth/index.php?oauth_consumer_key=key&oauth_nonce=XXXXXXXX&oauth_signature=XXXXXXXXXXX%3D&oauth_signature_method=HMAC-SHA1&oauth_timestamp=1309863754&oauth_version=1.0

Instead it puts the OAuth parameters in an Authorization header:

Authorization: OAuth realm="", oauth_consumer_key="XXXXX", oauth_token="XXXX-XXXX",
oauth_signature_method="HMAC-SHA1", oauth_signature="XXXXXXXX", 
oauth_timestamp="1309863855", oauth_nonce="XXXX-XXX-XX-XX-XXXXXXX", oauth_version="1.0"

I suppose that both ways are equally valid for the OAuth specs, right?

What's the best way I can read the Authorization header with PHP?

1 answers

solution1
 8 ACCPTED  2011-07-05 12:34:55

I suppose that both ways are equally valid for the OAuth specs, right?

Yes, right.

What's the best way I can read the Authorization header with PHP?

Request headers in PHP are stored in the $_SERVER superglobal array, each header as an entry of it's own: $_SERVER['HTTP_AUTHORIZATION'] most probably in your case, just do 

var_dump($_SERVER);

and look for the info. Detailed information how PHP deals with the HTTP request .

Authorization header missing in PHP

Unfortunately the Authorization header is filtered by PHP(?), so it's not part of $_SERVER .

Workaround: apache_request_headers()

When using PHP as an Apache module, a workaround is to use the apache_request_headers() function to retrieve all request headers.

Workaround: mod_rewrite

For F/CGI a workaround is to set the Authorization header with Mod_Rewrite into a environment variable that mimics PHP's scheme converting HTTP request headers:

RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)$ [NC]
RewriteRule .* - [E=HTTP_AUTHORIZATION:%1]

The mod_rewrite solution should work for PHP running with mod_php as well. Hat tip Jon Nylander.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question How to make an Oauth request with PHP GET request with parameters in OAuth 1.0 Signature in cURL PHP How to read/understand parameters list in Php docs How to read @Multipart parameters using retrofit 2 in PHP? php soap client request with method parameters - how? Curl Catch Redirect Url parameters - Oauth 2.0 Authorisation PHP script for API request (VK for example) How to reproduce OAuth1.0 Request Headers in PHP CURL Making a php OAuth request to Discord oAuth in PHP to make 2 legged request Request parameters in PHP on HHVM
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM